CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-11 16:13:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Do not hard fail on Unauthorized PayPal Userinfo-calls (Fixes PRETIXEU-XQ)

Browse Source
This commit is contained in:
Martin Gross
2020-05-29 13:48:37 +02:00
parent 3b003d0baa
commit 7895729c38
1 changed files with 29 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/pretix/plugins/paypal/payment.py
View File

@@ -13,7 +13,7 @@ from django.template.loader import get_template
from django.urls import reverse from django.urls import reverse
from django.utils.translation import gettext as __, gettext_lazy as _ from django.utils.translation import gettext as __, gettext_lazy as _
from i18nfield.strings import LazyI18nString from i18nfield.strings import LazyI18nString
from paypalrestsdk.exceptions import BadRequest from paypalrestsdk.exceptions import BadRequest, UnauthorizedAccess
from paypalrestsdk.openid_connect import Tokeninfo from paypalrestsdk.openid_connect import Tokeninfo
from pretix.base.decimal import round_decimal from pretix.base.decimal import round_decimal
@@ -198,7 +198,7 @@ class Paypal(BasePaymentProvider):
if request.event.settings.payment_paypal_connect_user_id: if request.event.settings.payment_paypal_connect_user_id:
try: try:
userinfo = Tokeninfo.create_with_refresh_token(request.event.settings.payment_paypal_connect_refresh_token).userinfo() tokeninfo = Tokeninfo.create_with_refresh_token(request.event.settings.payment_paypal_connect_refresh_token)
except BadRequest as ex: except BadRequest as ex:
ex = json.loads(ex.content) ex = json.loads(ex.content)
messages.error(request, '{}: {} ({})'.format( messages.error(request, '{}: {} ({})'.format(
@@ -208,7 +208,14 @@ class Paypal(BasePaymentProvider):
) )
return return
request.event.settings.payment_paypal_connect_user_id = userinfo.email # Even if the token has been refreshed, calling userinfo() can fail. In this case we just don't
# get the userinfo again and use the payment_paypal_connect_user_id that we already have on file
try:
userinfo = tokeninfo.userinfo()
request.event.settings.payment_paypal_connect_user_id = userinfo.email
except UnauthorizedAccess:
pass
payee = { payee = {
"email": request.event.settings.payment_paypal_connect_user_id, "email": request.event.settings.payment_paypal_connect_user_id,
# If PayPal ever offers a good way to get the MerchantID via the Identifity API, # If PayPal ever offers a good way to get the MerchantID via the Identifity API,
@@ -500,8 +507,25 @@ class Paypal(BasePaymentProvider):
self.init_api() self.init_api()
if request.event.settings.payment_paypal_connect_user_id: if request.event.settings.payment_paypal_connect_user_id:
userinfo = Tokeninfo.create_with_refresh_token(request.event.settings.payment_paypal_connect_refresh_token).userinfo() try:
request.event.settings.payment_paypal_connect_user_id = userinfo.email tokeninfo = Tokeninfo.create_with_refresh_token(request.event.settings.payment_paypal_connect_refresh_token)
except BadRequest as ex:
ex = json.loads(ex.content)
messages.error(request, '{}: {} ({})'.format(
_('We had trouble communicating with PayPal'),
ex['error_description'],
ex['correlation_id'])
)
return
# Even if the token has been refreshed, calling userinfo() can fail. In this case we just don't
# get the userinfo again and use the payment_paypal_connect_user_id that we already have on file
try:
userinfo = tokeninfo.userinfo()
request.event.settings.payment_paypal_connect_user_id = userinfo.email
except UnauthorizedAccess:
pass
payee = { payee = {
"email": request.event.settings.payment_paypal_connect_user_id, "email": request.event.settings.payment_paypal_connect_user_id,
# If PayPal ever offers a good way to get the MerchantID via the Identifity API, # If PayPal ever offers a good way to get the MerchantID via the Identifity API,