0

I recently added SSL certificates to my site and now my PayPal IPN listener no longer works. It had been working for better than a year without issue. 

            // Postback to either Sandbox or Live.
            string strPayPal = "https://www.paypal.com/cgi-bin/webscr";
            BasicCrudToolkit.LogMessage("PayPal Webrequest created", "PayPal Listener");
            HttpWebRequest req = (HttpWebRequest)WebRequest.Create(strSandbox);

            // Set values for request back.
            req.Method = "POST";
            req.ContentType = "application/x-www-form-urlencoded";
            Byte[] param = Request.BinaryRead(HttpContext.Current.Request.ContentLength);
            string strRequest = Encoding.ASCII.GetString(param);
            BasicCrudToolkit.LogMessage("Request parameters: " + strRequest, "PayPal Listener");

            strRequest += "&cmd=_notify-validate";
            req.ContentLength = strRequest.Length;

            // Send request to PayPal and get request.
            StreamWriter streamOut = new StreamWriter(req.GetRequestStream(), Encoding.ASCII);
            streamOut.Write(strRequest);
            streamOut.Close();
            StreamReader streamIn = new StreamReader(req.GetResponse().GetResponseStream());
            string strResponse = streamIn.ReadToEnd();
            streamIn.Close();

When I check my IPN History on PayPal I get NOTHING showing up in the HTTP Response Code and the IPN shows in perpetual retry. However when I check my traffic on Azure I see that the site is returning a 302.

As you can see I have a log file that makes entries as the IPN executes. I don't get any entries in the log file. It is almost like Azure is rejecting the IPN request from PayPal before the Listener can even run. Is there some setting on Azure I'm missing here after I got the SSL cert running?

I'm somewhat at the end of my technical expertise and I'd like some advice on where to go debug next.

stamm528
  • 113
  • 2
  • 17
  • What happens if you POST to your URL yourself (aka "mock")? Can you inspect it? What is the 302 location - do you recognize it? – EdSF Jul 27 '15 at 03:40
  • I used the Chrome add-in Postman and sent some mock data to my localhost and it processed it as I would expect, and wrote to my log file as shown in the code above. It returned 200. No issues. I then tried it on the live site URL with same content. It too gave me the same 200 response and the log file entries. The big difference is in the Body of the Postman message, it was blank with the data when I test on the live site. – stamm528 Jul 27 '15 at 09:19

3 Answers3

0

The 302 is a redirect, so it sounds like you must have the site configured to redirect http:// traffic to https://. You should be able to update your IPN URL to use https:// instead of http:// in order to resolve it.

Drew Angell
  • 25,968
  • 5
  • 32
  • 51
  • I'll confirm all of the URL are using http:// and ensure any forwarding is back to http:// and try it again. Thanks. – stamm528 Jul 26 '15 at 20:02
  • Well, if you're using an SSL on your site then I would use https:// for IPN URLs. – Drew Angell Jul 26 '15 at 20:57
  • I have moved everything to http:// in PayPal and removed the certificate from Azure. https:// calls to the site now fail (good). I can directly access the IPN, but transactions are still getting 302 when PayPal calls the IPN. I'm out of ideas. – stamm528 Jul 26 '15 at 23:02
  • Are you sure you don't have a redirect happening in the IPN script itself? – Drew Angell Jul 27 '15 at 03:56
  • There is not a redirect in the script as shown by the first few lines of the code above. I'm not even getting those log file messages written. Is there something higher level at the Azure level that would drive this redirect? I have a 301 redirect from GoDaddy to Azure for my custom domain, but I don't think that is what is affecting this. Anyone? – stamm528 Jul 27 '15 at 18:20
  • We took a chance and called PayPal today. They said it isn't us, it is them. They are having issues now that they are breaking from Google and are going stand-alone. The promised us a solution in 48hrs. We shall see. This may be impacting many others. I'll update the thread when I get a solution. – stamm528 Jul 28 '15 at 14:19
  • Can someone suggest tools that can be used to help in debugging this problem? I've checked my DNS settings on GoDaddy and they appear to be fine. I thought deleting the A-record would help, but at this point I'm flailing. Any further suggestions? – stamm528 Aug 26 '15 at 09:33
0

I finally resolved this issue. The issue ended up being the web.config file and the settings for cookies. I found the solution here: How to remove AspxAutoDetectCookieSupport=1

The 302 redirect was happening due to having the form set to AutoDetect for cookies. Once I set it to UseCookies the 302 went away.

Community
  • 1
  • 1
stamm528
  • 113
  • 2
  • 17
0

I had this problem, every POST returned 302. My problem was to send the request in json format. Paypal needs an application/x-www-form-urlencoded format. I transformed the content of the body in the application/x-www-form-urlencoded format and it worked. the JAVA code look like this:

    // add all params into a list
    List<NameValuePair> nvps = new ArrayList<NameValuePair>();
    nvps.add(new BasicNameValuePair("cmd", "_notify-validate"));
    
    // map variable is all paypal variables received
    map.keySet().forEach((key) -> {
        nvps.add(new BasicNameValuePair(key, map.get(key).toString()));
    });
    
    // create the post request
    HttpPost req = new HttpPost(IPN);
    req.addHeader(USER_AGENT_HEADER, USER_AGENT_CONTENT);
    req.addHeader("Content-Type", "application/x-www-form-urlencoded");
    //add all params into POST body 
    req.setEntity(new UrlEncodedFormEntity(nvps, "UTF-8"));

    // send req
    HttpResponse response = httpClientBuilder.create().build().execute(req);
Anderson Bergamini de Neira
  • 3
  • 1