Merge branch 'release/3.869.0'

Author: vc-ci

Directory.Build.props

@@ -2,7 +2,7 @@
 <Project>
   <!-- These properties will be shared for all projects -->
   <PropertyGroup>
-    <VersionPrefix>3.868.0</VersionPrefix>
+    <VersionPrefix>3.869.0</VersionPrefix>
     <VersionSuffix>
     </VersionSuffix>
     <VersionSuffix Condition=" '$(VersionSuffix)' != '' AND '$(BuildNumber)' != '' ">$(VersionSuffix)-$(BuildNumber)</VersionSuffix>

src/VirtoCommerce.OrdersModule.Core/ModuleConstants.cs

@@ -29,6 +29,7 @@ public static class Permissions
                 public const string CapturePayment = "order:capture_payment";
                 public const string RefundPayment = "order:refund";
                 public const string ViewDashboardStatistics = "order:dashboardstatistics:view";
+                public const string PaymentExecuteCallback = "order:payment:execute_callback";
 
                 public static string[] AllPermissions { get; } = {
                     Read,
@@ -41,6 +42,7 @@ public static class Permissions
                     CapturePayment,
                     RefundPayment,
                     ViewDashboardStatistics,
+                    PaymentExecuteCallback,
                 };
             }
         }

src/VirtoCommerce.OrdersModule.Web/Controllers/Api/OrderModuleController.cs

@@ -553,6 +553,7 @@ public async Task<ActionResult<DashboardStatisticsResult>> GetDashboardStatistic
         /// <param name="callback">payment callback parameters</param>
         [HttpPost]
         [Route("~/api/paymentcallback")]
+        [Authorize(ModuleConstants.Security.Permissions.PaymentExecuteCallback)]
         public async Task<ActionResult<PostProcessPaymentRequestResult>> PostProcessPayment([FromBody] PaymentCallbackParameters callback)
         {
             var parameters = paymentRequestConverter.GetPaymentParameters(callback);
@@ -570,6 +571,7 @@ public async Task<ActionResult<PostProcessPaymentRequestResult>> PostProcessPaym
         /// </summary>
         [HttpPost]
         [Route("~/api/paymentcallback-raw")]
+        [Authorize(ModuleConstants.Security.Permissions.PaymentExecuteCallback)]
         public async Task<ActionResult<PostProcessPaymentRequestResult>> PostProcessPaymentRaw()
         {
             var parameters = paymentRequestConverter.GetPaymentParameters(await GetRequestBody(), Request.QueryString.Value);
@@ -582,6 +584,27 @@ public async Task<ActionResult<PostProcessPaymentRequestResult>> PostProcessPaym
                 : BadRequest(response);
         }
 
+        /// <summary>
+        /// Payment callback operation used by external payment services to inform post process payment in our system
+        /// </summary>
+        [HttpPost]
+        [Route("~/api/paymentcallback-form")]
+        [Authorize(ModuleConstants.Security.Permissions.PaymentExecuteCallback)]
+        public async Task<ActionResult<PostProcessPaymentRequestResult>> PostProcessPaymentForm([FromForm] IFormCollection form)
+        {
+            var callbackParameters = new PaymentCallbackParameters()
+            {
+                Parameters = form.Select(kvp => new KeyValuePair()
+                    {
+                        Key = kvp.Key,
+                        Value = kvp.Value.FirstOrDefault() ?? string.Empty,
+                    })
+                    .ToArray(),
+            };
+
+            return await PostProcessPayment(callbackParameters);
+        }
+
         private async Task<string> GetRequestBody()
         {
             using var reader = new StreamReader(Request.Body, Encoding.UTF8, detectEncodingFromByteOrderMarks: true, 1024, leaveOpen: true);

src/VirtoCommerce.OrdersModule.Web/module.manifest

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <module>
   <id>VirtoCommerce.Orders</id>
-  <version>3.868.0</version>
+  <version>3.869.0</version>
   <version-tag />
 
   <platformVersion>3.917.0</platformVersion>