douchuo1963 2012-06-03 10:10
浏览 25
已采纳

google checkout html api - 没有HTTPS获得付款状态?

When I log into my merchant account, in the Settings tab I can set the callback URL.

The problem is that, without HTTPS, the only option is to send back a serial number to the callback URL.

Callback contents:
[x] Notification Serial Number
e.g. serial-number=123-456-7
[ ] Notification as XML (Requires an HTTPS URL)
e.g. 123...
[ ] Notification as HTML (name/value pairs) (Requires an HTTPS URL)
e.g. google-order-number=123&...

So from this serial number, is it possible for my server-side script to get the status of the order?

I need to get the payment status of the order (paid or not, amount paid) & the order number sent back to my (custom) cart so that I can update my database.

(I can't get HTTPS at the moment because the person whose website it is doesn't want to get it)

  • 写回答

1条回答 默认 最新

  • duangu1033 2012-06-04 13:20
    关注

    I would caution you regarding your accepted answer.

    1. continue_url is not an "auto-redirect". You are fully dependent on the user actually clicking that link instead of any other link in the page - notably, Google's own link to go the user's Wallet page where he/she has access to all his/her orders.

      You are therefore risking your operations by possibly not having all the orders in your own system.

    2. All Google Checkout orders have order statuses that you should really be aware of. You are already making an assumption in #1 that the user will actually click your continue_url link - additionally, you have also opened yourself up to the possibility that you are tracking orders that may not actually be approved by Google, or fails some monetary/risk authorization or check.

      If a user does in fact click the link you provide, but Google has issues with the order, your system has "money" where it shouldn't.

    3. The only reliable method of implementing Google Checkout API and integrating it with your systems is to follow documentation/instructions - in this case you must implement Notification API.

    4. Yes, you can obtain all order data without installing/purchasing SSL cert for your server using serial number notification - which is what you describe.

      • XML/name-value notification is a "push" model - Google will "push" data to you. You will authenticate Google's basic auth request (which is why SSL is required).
      • serial number notification is "pull" model - you will "pull" data from Google (given a serial number - and that is why SSL is not required on your end - you will authenticate your pull request and send your request with SSL). Google isn't sending you any data, just a serial number. You will use this serial number to obtain data associated with it and provide authentication to Google - your request will use SSL.

    5. You will use serial number notification with Notification History API to obtain data.

    The links above should lead you to complete documentation/reference. If you have questions, comment here, or post it at Google Checkout Product Forums.

    Hth....

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 安装 opencv4nodejs 报错
  • ¥15 adb push异常 adb: error: 1409-byte write failed: Invalid argument
  • ¥15 nginx反向代理获取ip,java获取真实ip
  • ¥15 eda:门禁系统设计
  • ¥50 如何使用js去调用vscode-js-debugger的方法去调试网页
  • ¥15 376.1电表主站通信协议下发指令全被否认问题
  • ¥15 物体双站RCS和其组成阵列后的双站RCS关系验证
  • ¥15 复杂网络,变滞后传递熵,FDA
  • ¥20 csv格式数据集预处理及模型选择
  • ¥15 部分网页页面无法显示!