Square Point of Sale - Mismatched client_id not throwing error - square

So I'm making a Square Point of Sale integration for a web app.
Square Point of Sale Web API for Android
I'm passing in the CLIENT_ID in the intent:#Intent declaration as described in the documentation linked above. This information is passed to the Square Point of Sale app that handles the transactions. The passed CLIENT_ID is supposed to match the APPLICATION_ID of the account used to sign into the Square POS app.
The problem I am having is that the transaction doesn't throw an error when those IDs are mismatched. This potentially creates a situation where the POS operator can log into their own Square POS account and divert our revenue to their personal account. Seems like a significant security hole.
The documentation linked above indicates that I should receive an UNAUTHORIZED_CLIENT_ID error.
I have literally passed in a CLIENT_ID of 'sausage' and it still failed to throw any error whatsoever.
Any insight whatsoever would be very much appreciated. Thanks in advance.

Related

How ShipStation is generating order shipment tracking URL using tracking_number and carrier?

ShipStation is showing only shipment tracking_number on UI it is not displaying tracking URL and not returning this tracking URL in API response as well.
This could be happening if you're omitting both tracking_carrier and shipping_method. If these are not included, there will be no tracking link.
A tracking link is always generated if either (not mutually exclusively) shipping_provider or tracking_carrier is supplied alongside a tracking number and as long as the value for either carrier code is valid according to our supported list.
It is recommended for you to reach out to Shipstation about this to verify if Shipstation is seeing unexpected results via the API. If that is happening, please let me know so I can provide the next steps to this. Thank you!

Including tip amount in an Order

I'm having trouble using the Square Connect API. I need to add the amount for tips but I don't see a place where I can do that in the Transaction Charge endpoint neither in the Order CreateOrder one.
The only place that tip is mentioned is in the Tender object, property tip_money, but we can't send a Tender when creating a Transaction or Order.
https://docs.connect.squareup.com/api/connect/v2#endpoint-charge
Have anyone ever implemented this using the Square Connect v2 API? We're developing an app using a completely customized UI so we can't use webviews from Square or anything.
Thanks a lot.
Currently you cannot add a tip through Square APIs. The only way to add a tip is when taking a payment through the Square POS application, if you have tipping enabled. When you do take such payments, they will show up in the Tender object (which is a part of a Transaction) as you found.
Square has now added the ability to add a tip through the payments API.
See: https://developer.squareup.com/reference/square/payments-api/create-payment#request__property-tip_money

How to test "Payment Gateway" without making real payments?

I want to perform rigrous testing on Payment Gateway(2checkout) and Pay Pal. For testing, I need to simulate a large number of successful, failed and halted transactions (transaction stopped due to system crash/reboot). But I don't want to make actual payments.
1. Is there any way I can make a test transaction on payment gateway, using fake card numbers or something else.
2. What are the possible advance testing scenarios for Payment Gateway testing?
For example:
Changing the amount, unmask CVV or card from Inspect
element.
List item
There are two options :
Using the PayPal Sandbox (Application Testing), or
Using Dependancy Injection (Unit Testing).
Both would work but I would suggest a Dependancy Injection approach. Assuming you have a separate object that only interacts with PayPal and then other objects that do your actual application logic (and error handling, etc) then you can just create a dummy version of the PayPal interaction object (that always returns true, or conditionally returns false, whatever) and then test your various application classes in detail.
I would suggest you only one solution, look at this Git PayPal-Android SDK and go through the README.md file. Last link tells you how to create a sandbox PayPal account to create dummy transactions across your sandboxed account developer account.
If you have doubts, you can refer Part 1 and Part 2 of AndroidHive tutorial for this.

PayPal Error: 13122 "This transaction cannot be completed because it violates the PayPal User Agreement."

One of our users is getting an error when they attempt to make a purchase and I'm trying to identify why this is occurring.
The message returned from PayPal is:
<Errors xmlns="urn:ebay:apis:eBLBaseComponents">
<ShortMessage>Transaction refused</ShortMessage>
<LongMessage>This transaction cannot be completed because it violates the PayPal User Agreement.</LongMessage>
<ErrorCode>13122</ErrorCode>
<SeverityCode>Error</SeverityCode>
</Errors>
This product is working for other users, just not him.
Obviously it's violating the User Agreement but I'd like to identify why.
UPDATE
The users that are affected by it seem to all have one or more of the following: a non-UK email address, a non-UK PayPal account or a non-UK payment source.
We've not had a resolution yet, but have directed several users to contact PayPal directly. The feedback we've had is as follows:
"I tried with another paypal account, that failed too, despite being able to use both PayPal accounts to pay for other services."
"PayPal are aware of the error message, but they simply cannot explain why it's happening. After an hour on the phone with them today, they seem incapable of tracing the reason for this error."
Needless to say we've got some very frustrated users.
I had similar problem... Title of our item we were selling was:
Inc. Special Offer: <<Famous author>> eBook for only 10.00$
When we changed the title to something more descriptive, everything was OK
Did you open a ticket with MTS or call the Business Support line? If you did open a ticket can you please give me the ticket number? I'll take a look at it.
It may be something that you need to address with Business Support though.
I had this same error coming back for one of our customers and I had the same issue as #knagode with my product name.
For some reason "Dark Havana" in the product name set this off and produced this error. If I ever hear back from Paypal on why this phrase is not acceptable, I will circle back and edit this response.
It turns out that the value in "PaymentDetailsItem - Name" was one part of the problem. We didn't have any special characters (or so I thought) in there, just "product name: person name". When I spoke to PayPal support their response is as follows:
"I have checked it, it's a combination of many things that we cannot disclose.
However removing the ":" before the name PAYMENTREQUEST_0_NAME should work.
Can you send PAYMENTREQUEST_0_NAME=xxxx USER NAME
Instead of PAYMENTREQUEST_0_NAME=xxxx : USER NAME"
Once I had removed the ":" from that field, it started working again...bizarre!
This error still gets triggered with non-UK PayPal accounts but happens less frequently now.
For any others investigating this issue please be aware that PayPal has filters in place that looks for globally specific geographic terms. If any terms used in the product description trigger the filters, the transaction could be refused. In our case, we are online rug retailer with many of our products ranging across the traditional rug spectrum. We found that any rug with the term "Persia" in the title were being refused due to economic sanctions against nation states associated with that term.
The filters are not geographic only and other controversial terms could also trigger the filters to refuse the transaction. In one instance, we had a rug with "Confederate" in the product description that also triggered the filters.

Clickbank - Create products for testing (in Sandbox)

I am new to Clickbank.
I want to try out the API for the same.
But I am stuck in between.
Can anyone guide me through the steps to successfully create a product.
I am getting some errors
You must make a test purchase before submiting this request.
A footer disclaimer is required for all Pitch and Thank You pages.
Also wanted to know, like how can I setup the sandbox account?
Please help me out.
Thanks in advance.
This question was asked a very long time ago but I just happened across it and know the answers.
First, however I think anyone starting on ClickBank, technical or otherwise, will benefit from the following: https://www.clickbank.com/launch-checklist/
Now, to answer the question(s):
Test Purchase:
• Can't do this without creating a product first
• To create a product you do the following:
Login to the account
Click: Vendor Settings -> My Products
On this page locate the list of ADD NEW buttons & Click Product
The product editor pretty well walks you through the process
AND now for the test purchase.
That process is described here: https://support.clickbank.com/hc/en-us/articles/360036958431-How-do-I-test-a-payment-link-
Footer/disclaimer:
This is what is known as the ClickBank Trust Badge currently, (not sure about 9years ago).
It's a little element that you copy and paste into your webpage, after configuring what you want it to look like & where you want it to be, from the available options.
To find and set it up:
Login to the account
Click Vendor Settings -> My Site
Scroll down to the section with the title "ClickBank Trust Badge - Injection Code"
If you like the default setup you can copy what's in the Javascript Snippet field
If you want to change where it's located and colors click the Configure Settings button (not going to describe everything here as it's pretty straight forward as well)
ClickBank APIs
Last, you mentioned wanting to use the ClickBank API, which I happen to know very well. However, the documentation for it is also actually pretty good so let me start off with that:
General ClickBank API documentation
Additionally each APIs primary endpoint is self documenting. Additionally this documentation tends to be the most relevant for a programmer
Example of self documenting endpoint: https://api.clickbank.com/rest/1.3/orders2
So, it's worth noting the following that are required to use the API:
You must have an HTTP header of "Authorization" and it must be set to both of the API keys for an account.
Both keys refers to the API- "Clerk Key" as well as the DEV- "Developer Key"
Enter them both, separated by a colon ":" as the value of the Authorization key with the DEV- key first (DEV-A23478C...:API-IA23456...)
You must also use the correct HTTP request type for the query you are wanting to make (the only two that are utilized are GET and POST)
Examples:(NOTE: ACCOUNT_NAME_HERE is the ClickBank "nickname" or account name)
Single transaction: https://api.clickbank.com/rest/1.3/orders2/RECEIPT_NUMBER_HERE
List transactions by date range and specific account: https://api.clickbank.com/rest/1.3/orders2/list?vendor=ACCOUNTNAME_HERE&startDate=2021-12-11&endDate=2021-12-14
Count of transactions by date range: https://api.clickbank.com/rest/1.3/orders2/count/?vendor=ACCOUNT_NAME_HERE&startDate=2022-01-01&endDate=2022-01-01
Monetary value of transactions by date range: https://api.clickbank.com/rest/1.3/quickstats/count/?account=ACCOUNT_NAME_HERE&startDate=2022-02-01&endDate=2022-02-10
Sending shipping data for physical products (POST): https://api.clickbank.com/rest/1.3/shipping2/shipnotice/4NVXUFNW?item=2&date=2018-08-14&carrier=UPS&tracking=1NH323452345WODFS&comments=Test%20again%20comment%20with%20spaces10%20receipt=4NVXUFNW