Paypal IPN Upgrade (#12415)

* upgrade paypal ipn verification module * paypal ipn: allow sandbox when testing * improved error handling
2026-04-14 19:47:03 +00:00 · 2020-07-31 12:32:24 +02:00 · 2020-07-31 12:32:24 +02:00 · bd3e783274
commit bd3e783274
parent 9089b64af3
4 changed files with 17 additions and 11 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -10560,11 +10560,6 @@
        "through": "~2.3"
      }
    },
-    "paypal-ipn": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/paypal-ipn/-/paypal-ipn-3.0.0.tgz",
-      "integrity": "sha1-dJqK8PkUh8p72xkM0GVToTkqsIo="
-    },
    "paypal-rest-sdk": {
      "version": "1.8.1",
      "resolved": "https://registry.npmjs.org/paypal-rest-sdk/-/paypal-rest-sdk-1.8.1.tgz",
@ -10713,6 +10708,14 @@
      "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz",
      "integrity": "sha1-AerA/jta9xoqbAL+q7jB/vfgDqs="
    },
+    "pp-ipn": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/pp-ipn/-/pp-ipn-1.1.0.tgz",
+      "integrity": "sha512-F07pHo3Mrzfe6t4C1Tu7iBiC75xq8shhugv/uScfmFCEULy3EwEs5ToGosxhbB+pcz0kmji431IJ06pSd8dCIg==",
+      "requires": {
+        "underscore": "^1.8.3"
+      }
+    },
    "prebuild-install": {
      "version": "5.3.5",
      "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-5.3.5.tgz",
--- a/package.json
+++ b/package.json
@ -57,8 +57,8 @@
    "passport-facebook": "^3.0.0",
    "passport-google-oauth2": "^0.2.0",
    "passport-google-oauth20": "1.0.0",
-    "paypal-ipn": "3.0.0",
    "paypal-rest-sdk": "^1.8.1",
+    "pp-ipn": "^1.1.0",
    "ps-tree": "^1.0.0",
    "rate-limiter-flexible": "^2.1.7",
    "redis": "^3.0.2",
--- a/website/server/controllers/top-level/payments/paypal.js
+++ b/website/server/controllers/top-level/payments/paypal.js
@ -174,7 +174,7 @@ api.ipn = {

    paypalPayments
      .ipn(req.body)
-      .catch(err => logger.error(err));
+      .catch(err => logger.error(err, 'Error handling Paypal IPN message.'));
  },
 };

--- a/website/server/libs/payments/paypal.js
+++ b/website/server/libs/payments/paypal.js
@ -3,7 +3,7 @@ import nconf from 'nconf';
 import moment from 'moment';
 import util from 'util';
 import _ from 'lodash';
-import ipn from 'paypal-ipn';
+import paypalIpn from 'pp-ipn';
 import paypal from 'paypal-rest-sdk';
 import cc from 'coupon-code';
 import shared from '../../../common';
@ -21,6 +21,7 @@ import {
 } from '../errors';

 const BASE_URL = nconf.get('BASE_URL');
+const PAYPAL_MODE = nconf.get('PAYPAL_MODE');
 const { i18n } = shared;

 // This is the plan.id for paypal subscriptions.
@ -33,7 +34,7 @@ _.each(shared.content.subscriptionBlocks, block => {
 });

 paypal.configure({
-  mode: nconf.get('PAYPAL_MODE'), // sandbox or live
+  mode: PAYPAL_MODE, // sandbox or live
  client_id: nconf.get('PAYPAL_CLIENT_ID'),
  client_secret: nconf.get('PAYPAL_CLIENT_SECRET'),
 });
@ -72,7 +73,7 @@ api.paypalBillingAgreementGet = util
 api.paypalBillingAgreementCancel = util
  .promisify(paypal.billingAgreement.cancel.bind(paypal.billingAgreement));

-api.ipnVerifyAsync = util.promisify(ipn.verify.bind(ipn));
+api.ipnVerifyAsync = util.promisify(paypalIpn.verify.bind(paypalIpn));

 api.checkout = async function checkout (options = {}) {
  const { gift, user } = options;
@ -257,7 +258,9 @@ api.subscribeCancel = async function subscribeCancel (options = {}) {
 };

 api.ipn = async function ipnApi (options = {}) {
-  await this.ipnVerifyAsync(options);
+  await this.ipnVerifyAsync(options, {
+    allow_sandbox: PAYPAL_MODE === 'sandbox',
+  });

  const { txn_type, recurring_payment_id } = options;