Manifest "url" element has no use?

Question

Manifest "url" element has no use?

Opened this issue 5 years ago · 2 comments

Although not documented in the guide, I thought the url in

{
  "default_applications": ["https://mobilepki.org/w3cpay/payment-manifest.json"],
  "related_applications": [{
    "platform": "play",
    "id": "org.webpki.mobile.android",
    "min_version": "1",
    "fingerprints": [{
      "type": "sha256_cert",
      "value": "85:0B:99:03:54:CE:71:6E:18:7C:43:1F:7F:C1:F1:5E:9B:81:84:1D:36:CE:F3:F6:E2:97:15:70:79:7F:B0:F7"
    }],
    "url": "https://play.google.com/store/apps/details?id=org.webpki.mobile.android"
  }],
  "supported_origins": "*"
}

would take the user to the Play store if the referenced method wasn't installed since this was the case in my previous implementation which used the intent:// protocol. But nothing happens so it appears the url property doesn't have any function.

One could imagine that if no installed native payment handler is found, there could be a choice to install, at least if only one method is requested.

Anyway, what is the currently recommended way to deal with uninstalled/missing native Android payment apps?

Answer 1 · 2019-08-22T13:51:44.000Z

Hi @cyberphone ,

You're right, Chrome currently does not use the "url" field for installing payment apps. What I have seen Google Pay do is the following:

Call canMakePayment() in the Payment Request API to determine whether the application is installed.
If canMakePayment() returns false, then render a button <button onclick="window.location.href='https://play.google.com/store/apps/details?id=org.webpki.mobile.android';">Install WebPKI</button>. This should intent into the Play Store app, where the user can install the app.
If canMakePayment() returns true, then render a button <button onclick="request.show();">Pay with WebPKI</button>.

Unfortunately, this has the disadvantage of requiring the user to come back to the webpage, which takes the user out of the payment flow. We need to figure out a good way to install the native app and stay in the payment flow.

Keep in mind that the webpage should create a new instance of PaymentRequest object and call canMakePayment() on it whenever the browser is back in focus, so that the user that has recently installed the app and came back to the webpage would see the correct Pay with WebPKI button.

Answer 2 · 2019-08-22T14:51:09.000Z

Hi @rsolomakhin That was good to know! I thought I had made an error.

Regarding install of native apps inside of a payment session it would not make sense except for system using existing cards for enroll like G-Pay. Saturn is a more elaborate system requiring login etc. to an issuer bank.