PayPal describes a "Honor Period" that lasts for 3 days after you authorize or reauthorize a payment, up until 29 days after the first authorization. The docs don't really go into very much detail about this honor period though, just that you should capture within it and that you can restart an expired honor period by reauthorizing.
I have 3 main questions:
When does the honor period start/end exactly? Is it an exact 72 hour window, to the second, from when you auth/reauth? Does it roll over at midnight or something instead? If so, what timezone?
What is the preferred/recommended way to determine if the honor period for an authorization has expired or else determine the expiration time in the first place? Authorizations have a expiration_time field which marks the end of the 29 day window that an authorization is valid for. Is there a similar explicit time field for the honor period? Is it simply based on the update_time field on the latest auth/reauth?
Is there a way to reauthorize before the previous authorization expires? Or more specifically, is there some way to ensure that the payment is always in an honor period, and that there is zero risk of some issue occurring because their funds weren't being held for a short amount of time before we reauthorized them?
The honor period begins the moment a transaction is created and generally lasts 3 days. During this time, captures will generally succeed. During this time, the amount is generally reserved on the customer's funding source, which may be a credit or debit card, meaning they cannot spend it on other things. The exact behavior may vary depending on the funding source and the country due to different implementations and local regulations. The exact time at which an unused authorization "clears" from the customer's funding source and is no longer visible on their statement can also vary, and might take 10 days to no longer show up in some cases.
The rest of the PayPal authorization valid period -- a "post-honor" period, for lack of a better term -- begins on about day 4 and lasts until the end of day 29. During this time a capture attempt can still be made, and will succeed if money is available from the funding instrument. Such a later capture is roughly equivalent to the buyer themselves attempting a new transaction that is of type immediate capture, in the sense that they will succeed or fail for the same reasons.
Reauthorizations to get a new 3 day honor period (but which do NOT restart the 29-day authorization valid period) are almost always pointless. From day 4 to 29 just do a capture when you are ready, and forget you ever heard of the concept of reauthorization.
Related
I would like to implement this API throttling:
A user can only execute the operation once per minute (once executed, following requests will be rejected for 1 minute)
The expected total number of requests from all users is around 2 per second.
I am using PostgreSQL 14.5.
I guess I will need a table for exclusive processing. What kind of SQL/algorithm should I use?
You could store the latest accepted timestamp in a column. Every time a request is processed, the code could check if the interval between the current timestamp and the last accepted timestamp is less than a minute and reject if so.
The documentation says:
The claims payload of the token must include:
The issued at (iat) registered claim key, whose value indicates
the time at which the token was generated, in terms of the number of
seconds since Epoch, in UTC
To ensure security, APNs requires new tokens to be generated periodically. A new token has an
updated issued at claim key, whose value indicates the time the token was generated. If the timestamp for token issue is not within the last hour, APNs rejects subsequent push
messages, returning an ExpiredProviderToken (403) error.
Source: https://developer.apple.com/library/archive/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/CommunicatingwithAPNs.html
At another section:
iat | The “issued at” time, whose value indicates the time at which this JSON token was generated. Specify the value as the number of seconds since Epoch, in UTC. The value must be no more than one hour from the current time.
Those rules are so fragmented and repetitive at the same time, so please correct me if I'm wrong:
iat must be a numeric date between 1h ago and 1h from now. Let's say it's 8:30 now, and I set iat to 8 o'clock: does it mean my token is gonna be valid for another half hour, since that's what iat is telling APNS, or doest it start counting by the time APNS receive my push request? What if I set iat to 1h from now... does it mean my token is gonna be valid for 2h?
Another question. Given that:
Refresh Your Token Regularly
For security, APNs requires you to refresh your token regularly. Refresh your token no more than once every 20 minutes and no less than once every 60 minutes. APNs rejects any request whose token contains a timestamp that is more than one hour old. Similarly, APNs reports an error if you recreate your tokens more than once every 20 minutes.
Source: https://developer.apple.com/documentation/usernotifications/setting_up_a_remote_notification_server/establishing_a_token-based_connection_to_apns
Everytime I sign a token (using a Node module for JWT), it generates a different string, even though I use the same iat. Does it counts as a "recreation", causing a TooManyProviderTokenUpdate error if I use it before that 20 minute threshold?
I have a problem with "quick" assets transferring through several accounts. For example, I have 3 accounts: A, B(no assets), C.
I transfer some amount of asset from A to B account, then look for "A->B" transaction (/transactions/info/{id}).
If the transaction was found I transfer the same amount from B to C account. In most cases everything is fine, but sometimes I get an error:
StateCheckFailedException: State check failed. Reason: Attempt to
transfer unavailable funds: Transaction application leads to negative
asset 'IssuedAsset(...)' balance to (at least) temporary negative
state, the current balance is 0 ...
If I will wait for 10 seconds, for example, "B->C" transfer will be succeeded. So, it seems that I should wait for some synchronization of the account's balances in the node.
Is there any guaranteed way in my case to make "B->C" transfer without waiting for an undetermined time? "A->B" transaction's presence in a blockchain doesn't work sometimes.
I use my own node for the broadcasting transactions. Node's configuration is the default. Version 1.1.7
This is due the fact from microblocks. Microblocks did transfer the funds, but didn't confirmed them yet permanently and therefore aren't yet fully in the blockchain.
If you want to be fully sure, I would say, wait 1 block (or 60 seconds). But even then it might not always be confirmed, since even waveschain has some moments it's being overloaded with thousands of tx's for a few minutes.
It's the same with other actions like creating assets etc.
I want to use Google Measurement Protocol to record offline events, i.e. take data from an EPOS system and track them in Google Analytics. This would be a batch process once a day. How do I tell Google what the date of the event is? If the console app went offline for a few days I wouldn't want three days worth of events to be associated with one day.
Your best best currently is to use the Queue Time Measurement Protocol Parameter.
v=1&tid=UA-123456-1&cid=5555&t=pageview&dp=%2FpageA&qt=343
Queue Time is used to collect offline / latent hits. The value represents the time delta (in milliseconds) between when the hit being reported occurred and the time the hit was sent. The value must be greater than or equal to 0. Values greater than four hours may lead to hits not being processed.
I am accessing an API hosted by Mashery with the following rate limit:
5 calls per second
10,000 calls per day
Does that imply that I can make 10,000 requests at 6:00PM, and then make another 10,000 requests at midnight? Or, does it mean I can only make 10,000 requests within any 24-hour period?
For example, does it mean that if I make 10,000 requests between 6:00PM one day, and 6:00PM the next, that I have to wait until 6:00:01PM before I can make another request. And then, at most I can make requests at the same rate I made the day prior (as the 24-hour period continuously shifts)?
I apologize if this is off-topic. I have a support request in for clarification, but I don't think they'll get back to me any time soon, and I figured that someone here would be familiar with the limits.
The limit is set per Calendar date and resets every midnight GMT time.
So for example if you made 10,000 calls at 6pm pacific (which is 2am GMT) you would have to wait 22 hours until 4pm pacific (which is midnight GMT) until you can start using your next batch of 10,000 daily calls.
Hope that answers your question.
Thanks,
Shai Simchi
Mashery Customer Support