Handling arguments to return_url view

17 views
Skip to first unread message

Russell Keith-Magee

unread,
Oct 14, 2009, 4:47:51 AM10/14/09
to django-paypal
Hi all,

I've been using django-paypal to set up subscriptions for a project
I'm working on. So far, it's been really slick, and almost completely
painless - many thanks to all responsible.

For the moment, I'm using IPN, unencrypted, and without PDT. I've been
able to walk through the entire purchasing process, I'm getting the
IPN callbacks, the signals are being fired as expected, and the user
is returned to the return_url I specified in the PaymentForm.

However, I have absolutely no idea what I'm supposed to do with the
GET arguments that are provided to the return_url. When the user
presses the "Return to Merchant" button, they are redirected to:

/signup/finished/?merchantRet.x=Return+to
+Merchant&auth=0ANUrUaOlqJjOfcthvF-
zNuCl6lWcE4go4GAgmXOhCjqReG8ExohzGFhQ4Frvu-
afQTYODoLgVEO5_6c&form_charset=UTF-8

I haven't been able to find any documentation of these arguments on
PayPal's site - in particular the "auth" argument. The actual auth
token changes with every transaction, but it's always 80 characters,
and doesn't seem to bear any similarity to the transaction,
verification code, or any other piece of PayPal provided data that I
can see.

My guess is that this argument can be used somehow to validate that
the return has actually come from PayPal, but I haven't been able to
work out how. I can't find any general-purpose paypal token
authentication function that seems appropriate.

The only examples I've been able to find for the use of django-paypal
seem to use a 'direct_to_template' view for the return_url, and ignore
all the GET arguments, including auth. However, this doesn't seem
quite right - if it's being sent, surely it's meant to be used...

Can anyone shed any light on the purpose of the auth argument? Am I on
the right track? Is there a better way to authenticate that the
return_url response is legitimate?

Yours
Russ Magee %-)
Reply all
Reply to author
Forward
0 new messages