I had to take over an old ASP.Net MVC 5 application and modify it so that it works with a new Payment Service Provider (PSP). This PSP offers a hosted page where payments are made, so I need to POST a form with a bunch of fields. One of the fields contains the URL where the PSP will post back the response. The response will contain details about the result of the payment request. I have created an appropriate controller that will handle the POST back. I had to mark it as allowing anonymous calls, as the postback would not be authenticated. For that I used the "AllowAnonymous" attribute. This is how my controller is declared:
[HttpPost]
[AllowAnonymous]
public virtual ActionResult Webhook(PspResponse pspResponse)
{
// do something with the response
I am facing a couple of problems now. In this controller I do not have access to any Cookies information and the current principal on the active thread is of a different type (cannot cast it to my expected custom principal). The page from where the transfer to the PSP Hosted Page was initiated had some breadcrumbs. Those are lost as well as I return control to my new controller to which the PSP HP is posting back.
Is there a pattern to address these issues? Some ways of restoring the old context, prior to the transfer to the PSP? Any suggestion would be greatly appreciated.
Thanks, Ed
