How to pass payment details to Google Wallet for digital goods API .net callback ashx

Question

The sample library referenced in the tutorial uses an ashx file to process the callback.

To validate the payment the sample code compares various items sent to Wallet with results returned from Wallet.

Using the sandbox my code executes as expected and verifies provided I do not do the detailed comparisons. I do not know how to pass the details to the ashx file so that the comparisons can be performed. The callback url is specified in the merchant profile, and in my case is named callback.ashx.

    <script type="text/javascript">
    google.load('payments', '1.0', {
        'packages': ['sandbox_config']

    });

    function purchase(callback) {
        google.payments.inapp.buy({
            "parameters": {},
            "jwt": "<%=theJWT() %>",
            "success": function (result) {
                if (isFunction(callback)) {
                    callback(true, result);
                }
            },
            "failure": function (result) {
                if (isFunction(callback)) {
                    callback(false, result);
                }
            }
        }
    )
    };

    function isFunction(possibleFunction) {
        return (typeof (possibleFunction) === typeof (Function));
    }

    /*** S A M P L E   O N L Y ****
    *******************************
    !You should verify server side!
    *******************************                
    */
    var sampleParseResult = function (isgood, data) {
        var _console = (typeof window.console === "undefined");
        if (isgood) {
            var _str = "Verify Order No. " + data.response.orderId;
            _str += "\nDetails:\n";
            _str += data.request.name + " " + data.request.description + "\n";
            _str += data.request.price + "\n";
            alert(_str);
            if (!_console) {
                console.log(data);
            }
        } else {
            alert("failed");
            if (!_console) {
                console.log(data);
            }
        }
    };
</script>

It all works as it stands but I would like to pass the object containing the request details to the ashx file. Is it possible?

@SonerGönül the OP just posted the Javascript stuff, the ashx is in both VB and C#..... — EdSF, Oct 08 '13 at 01:43

EdSF · Accepted Answer · 2013-10-09T00:21:31.623

if you're referring to this .Net lib, I actually wrote it a few years back :) I think I even recognize the above :)

Can you clarify your question? Just in case I misunderstood -

The lib should already do all the checking/verification (except the order number validation), you just need to store the order number and details during postback - if I'm not mistaken, the ashx sample has a stub for sending an email...likely commented out and marked for debug purposes only. You can just change that part to write to a sql table if you want.

the data sent during this postback includes all the order details
Google will only send the postback on success

If the buyer confirms the purchase and Google verifies that the buyer can indeed pay for the cake, Google sends an HTTP POST message

Then in the success callback above, which happens on the client side, you should verify that the order number exists - re: match the data returned by Google in the success callback with what you stored in db (previously/during postback). If it exists, then you've verified all the data...

If I misunderstood, just comment and I'll update the answer...hth....

BTW, the lib hasn't been updated to support subscriptions...just fyi...

Update

Here's the "stub" I was referring to in the handler (ashx):

//Sample
private void parsePayload(InAppItemObject ClaimObj, JWTHeaderObject HeaderObj)
{
    //header JWTHeaderObject
    string foo = string.Format("JWT Headers{0}JWT Algo: {1}{0}JWT kid: {2}{0}JWT typ: {3}{0}{0}", Environment.NewLine, HeaderObj.alg, HeaderObj.kid, HeaderObj.typ);

    //payload InAppItemObject
    string bar = string.Format("JWT Payload{0}JWT aud: {1}{0}JWT iss: {2}{0}JWT orderid: {3}{0}JWT sellerdata: {4}{0}JWT iat: {5}{0}" +
            "JWT itemName: {6}{0}JWT itemPrice: {7:c}{0}JWT Item Description: {8}{0}JWT exp: {9}{0}JWT typ: {10}{0}{0}", Environment.NewLine, ClaimObj.aud, ClaimObj.iss, ClaimObj.response.orderId, ClaimObj.request.sellerData, ClaimObj.iat,
            ClaimObj.request.name, ClaimObj.request.price, ClaimObj.request.description, ClaimObj.exp, ClaimObj.typ);

    debug(foo, bar);
}

You can change the above into standard db insert - in the above ClaimObj would have your order details. So something along the lines (sample):

using (SqlConnection conn = new SqlConnection(connStr))
{
 .....
 using (SqlCommand cmd = new SqlCommand(cmdText, conn))
 {
  .....
  cmd.Parameters.AddWithValue("@OrderNumber",ClaimObj.response.orderId);
  cmd.Parameters.AddWithValue("@ProductOrdered",ClaimObj.request.name);
  ....

The ashx file handles the Google postback (I realize that maybe I should have named that file postback_handler_demo.ashx) which you get before the client side success callback. This allows you to store the (already server-side verified) data, prior to any client side callback.

You can then query this data for existence of the orderId (or any other data for that matter) if/when your success handler is triggered in the callback.

No problem on subscriptions, we sell digital images. My application requires .net 2.0 so I rewrote the library in c# and used json.net. Works fine. There is a lot of complicated logic to merge this with as this is not the only payment possibility we deal with. I would prefer to do all the verification on the server side. Is there a way to do it? — Kal, Oct 08 '13 at 19:17
@Kal that sounds cool - re: C#/JSON.Net, I would do same if I re-wrote it today. The lib as it is has no "external" dependency (all framework stuff). Anyway, yes, the lib does all JWT verification server side _during Google's `postback` (the HTTP POST)_. No verification is done client side. The script you posted above is the client side _callback_ so you can, for example, send the user to another page, with the `orderID` as some parameter (i.e. query string) and then verify, server-side, existence in db. Hth... — EdSF, Oct 08 '13 at 20:55
OK, thanks. I got that possibility as well. I just do not know a lot of Javascript and was hoping to find a way to pass data from say, an aspx page to a somewhat related ashx page. Somewhere along the way I did a straight translation of your code from VB to c# using INSTANT C#. It is available if you want it, but has some .net 4 items so I did not end up using it. — Kal, Oct 09 '13 at 02:09
@Kal - Just fyi, the lib has an [ASP.Net 2.0 version](https://code.google.com/p/google-in-app-payments-dotnet-sample/downloads/list) that you can reference (dll) in your project -_assuming_ that was the only reason you had to translate to C#..just like what I did for the samples - which come in both VB and C#. Thanks for the offer btw. Am unfamiliar with the tool you mention..and I already have plans of rewriting in C#. Thanks for your question too, it helps me understand needs of other developers! — EdSF, Oct 09 '13 at 02:35
@Kal on the Javascript stuff, it could be a simple as [this example](http://stackoverflow.com/a/506004/304683) or [via a lib like JQuery](http://stackoverflow.com/a/3745084/304683) for either GET or POST. Unfortunately, I haven't used MS AJAX in a long time, but that could be another option... — EdSF, Oct 09 '13 at 02:43

How to pass payment details to Google Wallet for digital goods API .net callback ashx

1 Answers1

Update