PostFinance fires the callback page twice if the user clicks the "abort" or "ok" button. You need to implement a custom HttpRequestVerifierBuilder like here to disable the token invalidation!
- In the Global Security Parameters tab, choose "each parameter followed by the passphrase."
- The Hash algorithm needs to be SHA-512
- Make sure to provide an SHA-IN pass phrase in "data and origin verification" tab
- Check "I would like to receive transaction feedback parameters on the redirection URLs and supply a SHA-OUT pass phrase." in "Transaction feedback"
You may want to enable the server-to-server functionality:
Go to "Transaction feedback" and set "Direct HTTP server-to-server request" to "Always deferred (not immediately after the payment)." for example.
In both URL fields you need to add http://your-domain.com/payment/notify/<PARAMVAR>. Note the <PARAMVAR> var. It gets replaced by postFinance.
Important: Set "Request method" to "GET" since the notifyAction only listens to the request query.
If you have enabled "Authorisation" in "Global transaction parameters -> Default Operation Code", you need to enable the request for status changes: Go to "Transaction feedback -> HTTP request for status changes" and set "Timing of the request" to "For each offline status change (payment, cancellation, etc.)." In the URL field add the same url as in section "HTTP server-to-server request".
The LANGUAGE Parameter cannot be set in the ConvertPaymentAction since there is no general language getter available in Payum.
To add this field you need to add a custom Extension (Check this file to get the Idea).
These Fields are required:
environment(default 'Test')shaInPassphraseshaOutPassphrasepspid
You can pass optional parameters to the optionalParameters config node.
You'll find all available fields here.
- Handle deprecated tokens?
Copyright: DACHCOM.DIGITAL For licensing details please visit LICENSE.md
- Bump dependencies, code improvements