nopCommerce ERP FSD WeService

General description

The Web service will be implemented by using Web API.

For safe operation with a web service an asymmetric encoding will be used. The NopCommerce plug-in and web service will have two pairs of public and private keys for encoding of outgoing and decoding of incoming requests.

For security reasons, the encrypted token will be sent as one of the parameters. The nopCommerce plugin or a web service will decrypt a token and compare it with a standard one and if they are the same, it will decrypt other parameters.

The user will be able to set up a public key 1, a private key 2, a token and a web service url for a plugin on a plugin configuration page in the admin area of NopCommerce.

Also a developer will be able to set up a private key 1, a public key 2 and a token for a web service in a web.config file.

All web service actions will take parameters in a json format from a Request.Content { byte[] Data, byte[] token }. The response will be sent in the same format.

Data will be represented by an object serialized in json and encrypted by the public key.

Token will be a string that has been encrypted by the public key.

Encryption / decryption will be performed using the RSACryptoServiceProvider.

To generate a key pair the developer can use

using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider()) 
{ 
publicKey = rsa.ToXmlString(false); 
privateKey = rsa.ToXmlString(true); 
} 

The developer can work with JSON using the JavaScriptSerializer

An algorithm of generating data to be send:

Create an object

public class MyClass 
{ 
public int ProductId; 
public int Quantity; 
} 
MyClass dataObj = new MyClass {ProductId = 10, Quantity = 100}; 

2) Serialize an object using the JavaScriptSerializer

var serializer = new JavaScriptSerializer(); 
string message = serializer.Serialize(dataObj); 

3) Encode a data and a token and create an object for sending

using (var rsa = new RSACryptoServiceProvider()) 
{ 
rsa.FromXmlString(publicKey); 
encryptedData = rsa.Encrypt(Encoding.UTF8.GetBytes(message), true); 
encryptedToken = rsa.Encrypt(Encoding.UTF8.GetBytes(token), true); 
} 
public class MyParam 
{ 
public byte[] Data; 
public byte[] Token; 
} 
MyParam param = new MyParam { Data = encryptedData, Token = encryptedToken}; 

4) Serialize the object using JavaScriptSerializer

string result = Serializer.Serialize(param); 

5) Send the result.

An algorithm for receiving data:

1) Get the data from the request content

string contentResult = string.Empty; 
Request.Content.ReadAsStringAsync().ContinueWith((task) => 
{ 
contentResult = task.Result; 
}); 

2) Deserialize a json string to object

var serializer = new JavaScriptSerializer(); 
MyParam encryptedData = serializer.Deserialize<MyParam>(contentResult); 

3) Decrypt the token

using (var rsa = new RSACryptoServiceProvider()) 
{ 
rsa.FromXmlString(privateKey); 
var token = Encoding.UTF8.GetString(rsa.Decrypt(encryptedData.Token, true)); 
} 

4) Compare the resulting token to the original. If they do not match, then send an error message. If they match, go further.

5) Decrypting data

string dataStr = string.Empty; 
using (var rsa = new RSACryptoServiceProvider()) 
{ 
rsa.FromXmlString(privateKey); 
dataStr = Encoding.UTF8.GetString(rsa.Decrypt(encryptedData.Data, true)); 
} 

6) Deserialize the final json to an object

MyClass dataObj = serializer.Deserialize<MyClass>(dataStr); 

Actions

Bellow you will find actions which the nopCommerce plugin will call. For convenience, the parameters are taken in an open format, but we must understand that it will be encrypted JSON.

When the user adds a product to a cart, the plugin sends a request to a web-service. For example, the plugin calls a remote method AddUpdateProductToCart.

AddUpdateProductToCart

Input parameters:

· Product ID – a NopCommerce product identifier.

· Quantity –product quantity.

Output parameters:

· Status – true, if necessary quantity of products is available, false – if not available.

· Product ID – null.

· Stock quantity – null.

If Status is equal to value false, then the following should be added to output parameters

o Product ID – a NopCommerce product identifier;

o Stock quantity – a product quantity which is available.

Description:

The method verifies the value Stock quantity for the specified product ID and compares this value to the quantity parameter.

If the quantity in Stock is less than the user wants to add to his cart, then the operation is canceled and the user is shown an error message indicating the maximum amount of products that can be added. If the answer is yes, then the item is added to the basket.

When the user changes the quantity of the products in the basket, the plugin sends a request to the web service, causing AddUpdateProductToCart.

If the quantity in Stock is bigger than the user wants to add to his cart, then the product quantity in the basket will be changed. If the Status is false, then the product quantity in the basket will remain the same, with indication of the maximum amount that can be added.

When a user makes a purchase and clicks Checkout, the plugin sends a request to a web service to the remote method CheckoutCart.

ChecoutCart

Input parameters:

· List<Product ID, Quantity> - a list of NopCommerce product identifiers and quantities.

Output parameters:

· Status – false, if the request can't be satisfied (at least one of the product has lower amount of quantity in stock), true – if all products are available.

· List<Product ID, Stock quantity> - null.

If Status has a value false, then the following should be added to output parameters

o List<Product ID, Stock quantity> - a list of products and quantities that are available.

Description:

Checks values ​​Stock quantity for each product from the list and compares them with the values ​​of quantity.

When a user submits a request and clicks Confirm, the plugin sends a request to a web server to the remote method ConfirmOrder.

BeforeConfirmOrder

Input parameters:

· List<Product ID, Quantity> - a list of products identifiers and their quantities.

Output parameters:

· Status – false, if the request can't be satisfied at least on one point, true – if all products are available.

· List<Product ID, Stock quantity> - null.

· ERP Order ID – a ERP order identifier.

If Status has a value false, then the following should be added to output parameters

o List<Product ID, Stock quantity> - a list of products and their quantities that are available.

Description:

Checks values Stock quantity for each product from the list and compares them with the values of quantity. If all of the products are available, the service fills an order for a specified list of products and it reserves products.

AfterConfirmOrder

Input parameters:

· ERP Order ID - a ERP order identifier.

· NC Order ID – a NopCommerce order identifier.

· NC Order status – a NopCommerce order status (Pending, Processing, Complete, Cancelled)

Output parameters:

· Status – true, if a data is successfully received.

Description:

It adds a NopCommerce order identifier and status to a ERP order.

ChangeOrderStatus

Input parameters:

· NC Order ID – a NopCommerce order identifier.

· NC Order Status – a NopCommerce order status (Pending, Processing, Complete, Cancelled)

Output parameters:

· Status – true, if the order is sent to a customer.

Description:

It changes the order status.

To periodically synchronize the items in the plugin the Scheluled Task will work. This task will call a remote method SyncProducts.

SyncProducts

Input parameters:

· List<Product ID> - a list of products identifiers.

Output parameters:

· List<Product ID, Stock quantity> - a list of products and their quantities that are available.

Description:

Receives a value Stock quantity for each NopCommerce Product ID from ERP, generates a list of products and their quantities and sends back.

nopcommerce

Leave your comment