Custom Payment Gateway

OpenLearning supports a mechanism for hosting your own payment gateway, or course enrolment process.

You will need:

  • Your own web application which can receive POST requests from the user's browser
  • A method for decoding and validating JWTs (JSON Web Tokens) using RS256.
  • A course administrator account with a valid API Key

The steps are:

  1. Configure your OpenLearning Course, and receive a public key
  2. Set the price and currency for your OpenLearning Class
  3. Host a web application which will:
    • Receive a POST request containing a JWT, from each learner requesting to join a class
    • Verify the authenticity of the JWT using the provided public key
    • Direct the learner to your payment gateway
    • Upon completion of payment, make an API request to OpenLearning to enrol the learner in the required class
    • Redirect the learner back to the OpenLearning course

Configuring an OpenLearning Course

1. Under your course's "Course Setup" > "Advanced" panel, the two relevant settings are labelled as:

  • External Enrolment URL: A text field in which to enter the full endpoint URL of your web application.
  • External payment gateway: Check this box to enable external payment gateway support for your course. This will reveal a text area which contains the public key for validating a RS256 JWT.

 

2. Next, a class needs to be configured to use your service as the external payment gateway.

Under your course's "Course Setup" > "General" panel, scroll to "Classes in your Course" and click the "Edit" action next to the relevant class.

Under "Enrolment cost" select the External Payment Gateway option.

  

This lets you specify the currency and price that will be sent to your web application. 

Upon saving this setting, the OpenLearning end is now set up.

 

3. Building the Integration Layer

 

A learner visiting the course landing page and clicking any of the "Join now" buttons will perform a POST request to your web application.

This POST request will send a form parameter named "jwt" containing the JSON Web Token.

i.e. the user pressing this button is the equivalent of submitting the form:

<form method="POST" action="{your External Enrolment URL}">
  <input type="hidden" name="jwt" value="{the value of the JWT}"/>
</form>

 

Upon your web application receiving the JWT it will need to verify the authenticity of the JWT using the public key provided in step 1. using the RS256 algorithm.

e.g.

# Python
import jwt
token_data = jwt.decode(token, public_key, algorithm="RS256")

# NodeJS
var jwt = require('jsonwebtoken');
var tokenData = jwt.verify(token, publicKey, algorithms=["RS256"])

 

The JWT will provide the following claims:

{
  "jti": a unique ID (UUID) for this token (for checking each token is only used once),
  "exp": the expiry time for this token - typically 10 minutes after being issued,
  "sub": the OpenLearning user ID of the learner requesting to join a course,
  "aud": your OpenLearning institution portal identifier,
  "title": the OpenLearning course title,
  "course": the OpenLearning course ID for the course the learner wishes to join,
  "class": the OpenLearning class ID for the class the learner wishes to join,
  "currency": the ISO 4217 currency code for the class,
  "price": the specified price for the class,
  "redirect_url": the OpenLearning course URL redirect to perform after completion of payment
}

 

Your web application can now process the payment using your own payment gateway, and once payment has been processed the learner can be enrolled into the relevant class using a server-side request to the OpenLearning API e.g.

POST "https://api.openlearning.com/v2.1/enrolments/?api_key={api_key}"
Headers:
  Accept: application/json
  Content-Type: application/x-www-form-urlencoded
Body:
class={class_id}&user={user_id}

Where:

  • {api_key} is replaced with the API Key from your course administrator's OpenLearning account
  • {class_id} is replaced with the value of the "class" JWT claim, and
  • {user_id} is replaced with the value of the "sub" JWT claim

 

Upon successfully enrolling the learner into the required class, redirect the user to the URL provided in the "redirect_url" JWT claim. The learner will now have access to the course content.

Reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
Like Follow
  • 2 mths agoLast active
  • 44Views
  • 5 Following