43 lines
1.7 KiB
Python
43 lines
1.7 KiB
Python
import json
|
|
import secrets
|
|
import requests
|
|
|
|
from odoo.http import route, request, Controller
|
|
|
|
class ApplePayFastCheckout(Controller):
|
|
|
|
@route('/applepay', type='http', auth='public', website=True, csrf=False)
|
|
def apple_pay_iframe(self, **kwargs):
|
|
nonce = secrets.token_urlsafe(16)
|
|
acquirer_id = request.env['payment.acquirer'].sudo().search([('provider', '=', 'applepay')], limit=1)
|
|
|
|
if acquirer_id.state == 'test':
|
|
url = "https://eu-test.oppwa.com"
|
|
else:
|
|
url = "https://eu-prod.oppwa.com"
|
|
|
|
integrity = requests.get(f'{url}/v1/fastcheckout/integrity').json().get('integrity', '')
|
|
|
|
response = request.render("applepay_fast_checkout.apple_pay_iframe", {
|
|
'hyperpay_src': f"{url}/v1/paymentWidgets.js",
|
|
'merchant_id': acquirer_id.applepay_entity_id,
|
|
'script_nonce': nonce,
|
|
'integrity': integrity
|
|
})
|
|
# response.headers['Content-Security-Policy'] = "script-src blob: 'self' 'unsafe-inline' 'unsafe-eval' https://*; worker-src blob: 'self' 'unsafe-inline' 'unsafe-eval' https://*;connect-src 'self' https://* wss://*;frame-src 'self' blob: https://*;"
|
|
|
|
return response
|
|
|
|
@route('/applepay/checkout', type='json', auth='public', website=True)
|
|
def apple_pay_create_checkout(self, **post):
|
|
data = json.loads(request.httprequest.data.decode('utf-8'))
|
|
processed_data = self._process_checkout_data(data)
|
|
checkout_id = self._get_checkout_id(processed_data)
|
|
return {'checkout_id': checkout_id}
|
|
|
|
def _process_checkout_data(self, data):
|
|
return data
|
|
|
|
def _get_checkout_id(self, vals):
|
|
return ''
|