Koha/opac/opac-account-pay.pl
Kyle M Hall 323b1553b0 Bug 19173: Make OPAC online payments pluggable
While PayPal is fairly universal, there is a plethora of online
payment system that are far more localized, servicing a single
country ( e.g. Bug 18968 ) or even a single  city! Instead of
adding support for each and every one of these payment options
directly into Koha, it makes more sense to add the ability to
create online payment plugins.

Test Plan:
1) Apply this patch
2) Download and install the Kitchen Sink plugin version 2.1.1 or later
   https://github.com/bywatersolutions/koha-plugin-kitchen-sink/releases
3) In the plugin options, enable the opac payments option
4) Create a patron with one or more fines
5) Log into the opac as that patron, note you now have the option
   to pay online via KitchenSink ImaginaryPay
6) Make an online payment
7) Note the payment was processed correctly

Sponsored-by: Washoe County Library System

Signed-off-by: Kyle M Hall <kyle@gmail.com>

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Awesome enhancement! I know we want to add at least one Norwegian
payment service at some point.
I followed the test plan and everything works as advertised. Turning
off the "opac payments option" makes the option dissappear cleanly
from the OPAC. I have *not* looked at the code or done any
considerations about security.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:52 -03:00

151 lines
4.9 KiB
Perl
Executable file

#!/usr/bin/perl
# Copyright ByWater Solutions 2015
#
# This file is part of Koha.
#
# Koha is free software; you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation; either version 3 of the License, or (at your option) any later
# version.
#
# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with Koha; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
use utf8;
use Modern::Perl;
use CGI;
use HTTP::Request::Common;
use LWP::UserAgent;
use URI;
use C4::Auth;
use C4::Output;
use C4::Context;
use Koha::Acquisition::Currencies;
use Koha::Database;
use Koha::Plugins::Handler;
my $cgi = new CGI;
my $payment_method = $cgi->param('payment_method');
my @accountlines = $cgi->multi_param('accountline');
my $use_plugin;
if ( $payment_method ne 'paypal' ) {
$use_plugin = Koha::Plugins::Handler->run(
{
class => $payment_method,
method => 'opac_online_payment',
cgi => $cgi,
}
);
}
unless ( C4::Context->preference('EnablePayPalOpacPayments') || $use_plugin ) {
print $cgi->redirect("/cgi-bin/koha/errors/404.pl");
exit;
}
my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
{
template_name => "opac-account-pay-error.tt",
query => $cgi,
type => "opac",
authnotrequired => 0,
debug => 1,
}
);
my $amount_to_pay =
Koha::Database->new()->schema()->resultset('Accountline')->search( { accountlines_id => { -in => \@accountlines } } )
->get_column('amountoutstanding')->sum();
$amount_to_pay = sprintf( "%.2f", $amount_to_pay );
my $active_currency = Koha::Acquisition::Currencies->get_active;
my $error = 0;
if ( $payment_method eq 'paypal' ) {
my $ua = LWP::UserAgent->new;
my $url =
C4::Context->preference('PayPalSandboxMode')
? 'https://api-3t.sandbox.paypal.com/nvp'
: 'https://api-3t.paypal.com/nvp';
my $opac_base_url = C4::Context->preference('OPACBaseURL');
my $return_url = URI->new( $opac_base_url . "/cgi-bin/koha/opac-account-pay-paypal-return.pl" );
$return_url->query_form( { amount => $amount_to_pay, accountlines => \@accountlines } );
my $cancel_url = URI->new( $opac_base_url . "/cgi-bin/koha/opac-account.pl" );
my $nvp_params = {
'USER' => C4::Context->preference('PayPalUser'),
'PWD' => C4::Context->preference('PayPalPwd'),
'SIGNATURE' => C4::Context->preference('PayPalSignature'),
# API Version and Operation
'METHOD' => 'SetExpressCheckout',
'VERSION' => '82.0',
# API specifics for SetExpressCheckout
'NOSHIPPING' => 1,
'REQCONFIRMSHIPPING' => 0,
'ALLOWNOTE' => 0,
'BRANDNAME' => C4::Context->preference('LibraryName'),
'CANCELURL' => $cancel_url->as_string(),
'RETURNURL' => $return_url->as_string(),
'PAYMENTREQUEST_0_CURRENCYCODE' => $active_currency->currency,
'PAYMENTREQUEST_0_AMT' => $amount_to_pay,
'PAYMENTREQUEST_0_PAYMENTACTION' => 'Sale',
'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly',
'PAYMENTREQUEST_0_DESC' => C4::Context->preference('PayPalChargeDescription'),
'SOLUTIONTYPE' => 'Sole',
};
my $response = $ua->request( POST $url, $nvp_params );
if ( $response->is_success ) {
my $urlencoded = $response->content;
my %params = URI->new( "?$urlencoded" )->query_form;
if ( $params{ACK} eq "Success" ) {
my $token = $params{TOKEN};
my $redirect_url =
C4::Context->preference('PayPalSandboxMode')
? "https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token="
: "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=";
print $cgi->redirect( $redirect_url . $token );
}
else {
$template->param( error => "PAYPAL_ERROR_PROCESSING" );
$error = 1;
}
}
else {
$template->param( error => "PAYPAL_UNABLE_TO_CONNECT" );
$error = 1;
}
output_html_with_http_headers( $cgi, $cookie, $template->output ) if $error;
}
else {
Koha::Plugins::Handler->run(
{
class => $payment_method,
method => 'opac_online_payment_begin',
cgi => $cgi,
}
);
}