I use gocardless gateway to process payments. I used to rely on web hooks when I use any kind of payment gateway. But I feel myself exposed using gocardless and here is the cause: as I see there is no way to connect payment with the application entity. Lets see next flow:
- User presses "pay with gocardless" button on my site
- User fills the form on gocardless site
- User confirms the payment but does not visit redirect_url (I can insert my parameters in the redirect_url params and fetch related entity. So lets think it is lost)
- Gocardless sends me webhook
All the steps seems to be just perfect. You will say "he can obtain entity-payment relation from a webhook" but I can not. Here is webhook data:
{
"payload" =>
{
"bills" => [
{
"id" => "0DZGWZ2VF6",
"status"=>"pending",
"uri"=>"https://sandbox.gocardless.com/api/v1/bills/0DZGFV2VF6",
"amount"=>"90.0",
"amount_minus_fees"=>"89.1",
"source_type"=>"subscription",
"source_id"=>"0DZGY8VW5E"
}
],
"resource_type"=>"bill",
"action"=>"created",
"signature"=>"92072347ad478b...db84b80f0b9"
}
}
No data is related to the database entity except price. Thus I can not process the data. I can not embed the information about the buyer or about the product. Is there another way to obtain buyer-payload-product relations?
After some hours of checking full system workflow I realized that it might be another way of purchase confirmation on the gocardless gateway. If I am not mistaken I can rely on redirect_url action because my application has to confirm the payment. In the other case the payment will not be applied, no money will be sent and the record will be removed from gocardless in short period of time. Could you confirm my thoughts or propose another way of payment processing please?
If the user doesn't visit your redirect URL, the payment will not be taken. From that redirect URL, you "confirm the resource" which makes the payment live.