View Issue Details

IDProjectCategoryView StatusLast Update
0004950Talerwallet (browser-based)public2018-03-07 21:39
ReporterFlorian DoldAssigned ToFlorian Dold 
PrioritynormalSeveritytextReproducibilityhave not tried
Status assignedResolutionopen 
Product VersionSVN HEAD 
Target Version0.7Fixed in Version 
Summary0004950: spec and implement asynchronous payment api
DescriptionThere should be a payment API for JavaScript heavy applications, where the page can make a payment request and the user has to confirm inside the extension popup.

This has the benefit of being more resilient against click jacking.
TagsNo tags attached.

Activities

Florian Dold

2018-03-07 21:39

manager   ~0012879

Since we can now query the status of a payment (instead of having cookies set on /pay), it is pretty easy to do payments from a Single Page App without destroying state by opening the payment_redirect_url in a new tab/window.

We still might re-add a JS-based API for synchronous payments in the future, since:
* it might provide nicer user experience than opening a tab/window by using browser-specific APIs (such as W3C payment handler/requests)
* the developer experience might be nicer

However in order to implement the latter part, the backend might have to expose APIs to the browser that right now only the frontend server has access to, such as querying the status of a payment (paid, not paid, refunded) based on an order id.

It is probably not desirable to expose such an API to the public by default. Maybe the frontend can proxy these requests to the backend, but then we need to make sure we still have a nice API where we don't need to pass a slew of URLs around.

Issue History

Date Modified Username Field Change
2017-03-11 00:15 Florian Dold New Issue
2017-03-14 12:03 Christian Grothoff Severity minor => feature
2017-03-14 12:04 Christian Grothoff Status new => confirmed
2017-03-14 12:04 Christian Grothoff Category other => wallet (browser-based)
2017-03-14 12:04 Christian Grothoff Product Version => SVN HEAD
2017-10-23 10:44 Christian Grothoff Assigned To => Florian Dold
2017-10-23 10:44 Christian Grothoff Severity feature => text
2017-10-23 10:44 Christian Grothoff Status confirmed => assigned
2017-10-23 10:44 Christian Grothoff Target Version => 0.7
2018-03-07 21:39 Florian Dold Note Added: 0012879