Magento付款流程 [英] Magento Payment flow
问题描述
我正在为Magento实施新的付款模块,并希望了解此逻辑背后的核心概念.我知道我必须从Mage_Payment_Model_Method_Abstract或其任何子类扩展,但是我的问题是何时以及如何在模型中使用捕获和授权方法.
例如,如果我将整个过程分为以下步骤:
I am working on implementing a new payment module for Magento and want to understand the core concept behind this logic. I know I have to extend from Mage_Payment_Model_Method_Abstract or any of its children classes, but my problem is when to use and how to use capture and authorize methods in my model.
For example if I split the whole process in steps like this:
- 用户来到购物车,然后选择说一些付款方式即网关.
- 系统拦截请求,收集所有提交的数据,然后将用户发送到网关url.
- 用户在网关站点下订单(或取消订单),该站点将有关订单的信息发送到我的商店.
- 我的商店使用接收到的数据对订单进行了更多修改,并保存状态为已完成或已取消的订单.
在这些步骤中,我将在何处使用授权和捕获方法?如果有人可以向我解释授权和捕获的含义,我将不胜感激.
Where in these steps will I have to use authorize and capture methods ? I would appreciate if someone could explain to me what authorize and capture means?
推荐答案
这是我一直了解概念的方式,以及在Magento中实现付款模块所需了解的内容.您的特定发生位置"的答案在下面以粗体显示,尽管它并不像您期望的那么简单.
Here's the way I've always understood the concepts, and what you'll need to know to implement a payment module in Magento. Answers to your specific "where does this happen" are bolded below, although it's not quite as simple as you're hoping for.
预互联网,实体信用卡交易是两个阶段的过程.
Pre-internet, brick and mortar credit card transactions were a two stage process.
在销售时,商户将消费者的信用卡用于购买时,他们会通过销售点设备滑动该设备,该设备会打入信用卡的中央办公室并询问此卡是否已为此目的授权网络,并且该特定消费者的可用信用额度是否足够大以允许此次购买".
At the time of a sale, when the merchant took a consumer's credit card for a purchase they'd slide it through a point of sale device which would call into the credit card's central office and ask "is this card authorized for this network, and is this particular consumer's line of available credit large enough to allow this purchase".
如果购买被接受(而不是拒绝),则认为该费用是授权.消费者将购买他们的产品,而销售点系统/收银机将记录该交易已被授权.然后,在一天结束时或一周结束时,按照其他一些预定的常规时间表,或者当所有者决定停止饮酒时,商人将查看所有授权收据,并发送另一张强烈要求中心办公室从授权交易中获取资金.捕捉资金是将钱存入商人账户的原因.
If the purchase was accepted (as opposed to declined), the charge was said to be authorized. The consumer would take their product, and the point of sale system/cash-register would note that the transaction was authorized. Then, at the end of a the day, or the end of the week, at some other predetermined regular schedule, or when the owner decided to stop drinking, the merchant would go though all their authorized receipts and send another request to the central office to capture the funds from the authorized transaction. Capturing the funds is what puts money in the merchant's account.
这仍然是大多数网关使用的模型,也是Magento Inc.选择为其付款模块实施的域模型.
This is still the model in use by most gateways, and is the domain model that Magento Inc. chose to implement for their payment modules.
应该运行的方式是,当消费者在Magento之类的系统中达到最终结帐步骤时,Magento向网关的API发出授权请求.如果交易成功,则订单将被接受到系统中,并存储来自授权请求的唯一ID.接下来,当消费者的商品发货时,商店所有者使用Magento管理员创建发票.此发票的创建发出捕获请求(使用授权请求返回的商店ID). 这是在Magento中发出这些方法调用的地方.
The way things are supposed to run is, when a consumer reaches the final checkout steps in a system like Magento, Magento issues an authorization request to the gateway's API. If the transaction is successful, the order is accepted into the system, and a unique ID from the authorization request is stored. Next, when the consumer's goods ship, a store owner uses the Magento admin to create an invoice. The creation of this invoice issues a capture request (using a store id returned from the authorization request). This is where these method calls are issued in Magento.
但是,事情变得棘手,因为每个付款网关对这些概念的解释都有些不同,并且每个商人对在我们发货之前都不要捕获"责任的解释不同.除上述方案外,支付模块还具有称为支付操作的系统配置值.可以将其设置为仅授权,它将实现上述流程.也可以将其设置为 Authorize and Capture (授权和捕获),该命令将在下订单时授权和捕获付款. 更多令人困惑,因为尽管该方法称为Authorize and Capture,但当前版本的Magento仅在设置为此模式(至少对于Authorize.net)和Authorize.net时才发出捕获请求.在一天中的大部分时间里,都会在内部将捕获请求保留为已授权但未捕获的状态. Magento如何处理订单,付款和发票是代码库的一个区域,在不同版本之间变化很大.
However, things get tricky because every payment gateway interprets these concepts a little differently, and every merchant interprets their "don't capture until we've shipped" responsibilities differently. In addition to the scenario described above, payment modules have a system configuration value known as a Payment Action. This can be set to Authorize Only, which will implement the flow described above. It can also be set to Authorize and Capture, which will both authorize and capture a payment when the order is placed. It gets even more confusing because although the method is called Authorize and Capture, current versions of Magento will only issue the capture request when set in this mode (at least for Authorize.net), and Authorize.net will, internally, leave capture requests in an authorized but not captured state for most of the day. How Magento handles orders and payments and invoices is one area of the codebase that changes a lot from version to version.
因此,Magento支付模块系统背后的想法是使您免受正在编程支付网关逻辑的集群F-的攻击.在您的authorize方法中,实现对支付网关的授权API的调用(或执行您此时想要执行的任何检查和逻辑).此方法传递了付款对象和金额.如果您让request/perform-your-logic出于某种原因而确定它无效,则抛出
So, the idea behind the Magento payment module system is to shield you from the Cluster F--- that is programming payment Gateway logic. In your authorize method you implement a call to your payment gateway's authorize API (or perform whatever checks and logic you want to happen at this point). This method is passed a payment object and an amount. If you make you request/perform-your-logic and determine it's invalid for whatever reason, you throw an Exception with
Mage::throwException('...');
这告诉Magento授权失败,并且它将采取相应措施(显示错误消息等).否则,您可以在Payment对象上设置数据成员并发出
This tells Magento the authorization failed, and it will act accordingly (show an error message, etc.). Otherwise, you set data members on the Payment object and issue a
return $this;
数据成员是您以后捕获付款时需要的东西.这使我们进入了您的付款"模块的capture方法.还向该方法发送了付款对象和金额.使用这种方法,您可以发出捕获请求.付款对象将具有cc_trans_id数据成员
The data members are things you'll need later, when capturing the payment. Which brings us to the capture method of your Payment module. This method is also sent a payment object and an amount. In this method you issue your capture request. The payment object will have cc_trans_id data member
$payment->getCcTransId()
这将使您可以对网关发出捕获.这是您负责保存在authorize中的数据成员之一.同样,如果您的代码确定捕获失败,则会引发异常.否则,您return $this.
which will allow you to issue a capture against your gateway. This is one of the data members you're responsible for saving up in authorize. Again, if your code determines the capture has failed, you throw an exception. Otherwise, you return $this.
authorize.net付款模块提供了很好的示例.
The authorize.net payment module has good examples of how this is done.
app/code/core/Mage/Paygate/Model/Authorizenet.php
例如,考虑capture方法的这一部分
For example, consider this part of the capture method
public function capture(Varien_Object $payment, $amount)
{
if ($payment->getCcTransId()) {
$payment->setAnetTransType(self::REQUEST_TYPE_PRIOR_AUTH_CAPTURE);
} else {
$payment->setAnetTransType(self::REQUEST_TYPE_AUTH_CAPTURE);
}
$payment->setAmount($amount);
$request= $this->_buildRequest($payment);
$result = $this->_postRequest($request);
//...
在这里,捕获方法正在检查付款是否具有cc_trans_id.根据结果,它会将anet_trans_type设置为以下任一值:
Here the capture method is checking if the payment has a cc_trans_id. Depending on the result, it sets anet_trans_type to either:
self::REQUEST_TYPE_PRIOR_AUTH_CAPTURE
self::REQUEST_TYPE_AUTH_CAPTURE
然后,API请求对象使用此值为其中一个发送API调用
This value is then used by the API request object to send an API call for either
- 捕获预先授权的交易
- 立即捕获
希望有帮助,祝你好运!
Hope that helps, and good luck!
这篇关于Magento付款流程的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
