POST [/instances/$INSTANCE]/orders/$ORDER_ID/paid

Prove that the client previously paid for an order by providing the merchant’s signature from the payment response. Typically used by the customer’s wallet if it receives a request for payment for an order that it already paid. This is more compact than re-transmitting the full payment details. Note that this request does include the usual h_contract argument to authenticate the wallet and to allow the merchant to verify the signature before checking with its own database.

Request:

The request must be a paid request.

Response:

200 Ok:

The merchant accepted the signature. The frontend should now fulfill the contract. Note that it is possible that refunds have been granted. Response is of type PaidRefundStatusResponse.

400 Bad request:

Either the client request is malformed or some specific processing error happened that may be the fault of the client as detailed in the JSON body of the response. Returned with TALER_EC_GENERIC_PARAMETER_MALFORMED.

403 Forbidden:

The signature was not valid. Returned with TALER_EC_MERCHANT_POST_ORDERS_ID_PAID_COIN_SIGNATURE_INVALID.

404 Not found:

The merchant backend could not find the order or the instance and thus cannot process the request. Returned with TALER_EC_MERCHANT_GENERIC_INSTANCE_UNKNOWN or TALER_EC_MERCHANT_GENERIC_ORDER_UNKNOWN.

413 Request entity too large:

The uploaded body is to long, it exceeds the size limit. Returned with an error code of TALER_EC_GENERIC_UPLOAD_EXCEEDS_LIMIT.

500 Internal Server Error:

The server experienced an internal failure. Returned with TALER_EC_GENERIC_DB_STORE_FAILED.

Details:

interface PaidRefundStatusResponse {

  // Text to be shown to the point-of-sale staff as a proof of
  // payment (present only if re-usable OTP algorithm is used).
  pos_confirmation?: string;

  // True if the order has been subjected to
  // refunds. False if it was simply paid.
  refunded: boolean;
}

interface PaidRequest {
  // Signature on TALER_PaymentResponsePS with the public
  // key of the merchant instance.
  sig: EddsaSignature;

  // Hash of the order's contract terms (this is used to authenticate the
  // wallet/customer and to enable signature verification without
  // database access).
  h_contract: HashCode;

  // Session id for which the payment is proven.
  session_id: string;
}