Marketplace/InAppPayments: Difference between revisions
Jump to navigation
Jump to search
(Created page with "This page discusses some improvements to In-app Payments for the Marketplace. == Issues == * Developers have to manage the in-app keys. * Developers require a server to stor...") |
|||
| Line 14: | Line 14: | ||
* User clicks a Buy button. | * User clicks a Buy button. | ||
* App does a POST to /mozpay/product/shiny-pony/buy | * App does a POST to /mozpay/product/shiny-pony/buy | ||
** Server checks the domain of the request to ensure its coming from the app. How? | |||
** That initiates a transaction on the server. | |||
** Server contacts the marketplace to record start of the transaction. | |||
*** Is there an issue here with matching up Marketplace persona accounts? | |||
** Creates the JWT and returns it to the client | |||
** The client receives the JWT and passes it to mozPay. | |||
* App polls the server waiting for a completed purchase... | * App polls the server waiting for a completed purchase... | ||
* When completed a receipt is returned to the client | * When completed a receipt is returned to the client | ||
** Client installs the receipt (bug https://bugzilla.mozilla.org/show_bug.cgi?id=757226) | |||
* App verifies the receipt is correct for that app. | * App verifies the receipt is correct for that app. | ||
** App verifies the receipt against the receipt verification. | |||
* App grants access to product purchased. | * App grants access to product purchased. | ||
* User can revisit the marketplace and get a list of completed in-app payments. | * User can revisit the marketplace and get a list of completed in-app payments. | ||
** Users can click a button to get a receipt for an in-app payment. | |||
*** App should check the receipt is correct for that app. | |||
*** App verifies the receipt against the receipt verification. | |||
== Bugs == | == Bugs == | ||
To come. | To come. | ||
Revision as of 20:26, 22 November 2013
This page discusses some improvements to In-app Payments for the Marketplace.
Issues
- Developers have to manage the in-app keys.
- Developers require a server to store the in-app keys.
- Developers respond to payment notices for success or failure.
- Marketplace doesn't know anything about an in-app payment, meaning purchase history and refunds are empty.
Proposed solution
- App developer must give their app a domain. Already exists for hosted apps, would be added into the manifest for packaged apps.
- App developers enters in a product and price on the Mozilla Marketplace developer hub and gets a URL for example /mozpay/product/shiny-pony/buy.
- User clicks a Buy button.
- App does a POST to /mozpay/product/shiny-pony/buy
- Server checks the domain of the request to ensure its coming from the app. How?
- That initiates a transaction on the server.
- Server contacts the marketplace to record start of the transaction.
- Is there an issue here with matching up Marketplace persona accounts?
- Creates the JWT and returns it to the client
- The client receives the JWT and passes it to mozPay.
- App polls the server waiting for a completed purchase...
- When completed a receipt is returned to the client
- Client installs the receipt (bug https://bugzilla.mozilla.org/show_bug.cgi?id=757226)
- App verifies the receipt is correct for that app.
- App verifies the receipt against the receipt verification.
- App grants access to product purchased.
- User can revisit the marketplace and get a list of completed in-app payments.
- Users can click a button to get a receipt for an in-app payment.
- App should check the receipt is correct for that app.
- App verifies the receipt against the receipt verification.
- Users can click a button to get a receipt for an in-app payment.
Bugs
To come.