Purchase information storage

Fri, 03 Apr 2015 06:06:12 -0700 

tl;dr we need somewhere people can query to see if a purchase has been 
completed.

So as an example, Mozilla Concrete [1] is selling a pro subscription where you 
can get a virtual concrete block each month. A users goes to Mozilla Concrete 
and logs in with Firefox Accounts, she then clicks the buy button, we process 
the payment etc... and then know that she has purchased a shiny virtual red 
brick.

Behind the scenes we'll send a server to server notification, hopefully through 
FxA notification queue (more on that in later emails).

Mozilla Concrete will now need to query and find out if she has purchased a 
product. There are a few different ways of doing this:

1) payments stands up an API that can receive the appropriate bearer token for 
that user or 

2) we write into an storage space, like the profile server.

In the latter, Mozilla Concrete then will then have to query the profile server 
to find out if she has purchased the product. It makes it easier for Mozilla 
Concrete because they only have to query one service. A service they would 
already have to query anyway to get profile information.

GET /v1/purchases

{
  "purchases": [
    {
        "mozilla-concrete": {
            "products": ["product-a", "product-b"...],
            "end-date": ...
            ...
        }
    }
  ]
}

Of course, there needs to be appropriate access on such information and this 
are features I don't think FxA has. For example: users and services (like 
Mozilla Concrete) would be able to read from /v1/purchases. But the user 
wouldn’t have access beyond GET, so they couldn’t alter their purchases.

Payments would have a service token that would allow us to alter the profile 
when the status of a purchase changes.

The goal is not to do to much specific around payments in Firefox Accounts, but 
in the end there's nothing special about an end-point like purchases. Its just 
an end point in the profile server with particular ACLs around it.

Does that idea make sense?

[1] https://twitter.com/andymckay/status/583619994396725248
_______________________________________________
Dev-fxacct mailing list
[email protected]
https://mail.mozilla.org/listinfo/dev-fxacct

Reply via email to