This payment request must be authorized by the sender - Paypal - php

Ok, here is what I did:
Created a PayRequest
SetPaymentOptions - https://developer.paypal.com/webapps/developer/docs/classic/api/adaptive-payments/SetPaymentOptions_API_Operation/
ExecutePayment - "This payment request must be authorized by the sender". I have ran out of idea on why am I not able to execute the payment. From what I understand, once I execute the payment successfully, I will be given a payKey which I shall use this to redirect user to paypal. https://developer.paypal.com/webapps/developer/docs/classic/api/adaptive-payments/ExecutePayment_API_Operation/
Attached are the source codes that I used. The values are all hardcoded. I have tried my best to look through at similar questions, and it makes no sense to me as it contradicts what I understand. Some answers were pointing out that the buyer needs to approve the payment first before you executePayment.
I just want to see the details of all items when I reach the paypal login page.
//1. Obtain endpoint. For live, no need sandbox?
$endPoint = "https://svcs.sandbox.paypal.com/AdaptivePayments/Pay";
//2. Format the HTTP headers needed to make the call.
$appID = "xxx"; //Sandbox test AppID:
$username = "xxx;
$password = "xxx";
$signature = "xxx";
$paypalHeaders = array(
"X-PAYPAL-SECURITY-USERID :" . $username,
"X-PAYPAL-SECURITY-PASSWORD :" . $password,
"X-PAYPAL-SECURITY-SIGNATURE :" . $signature,
"X-PAYPAL-APPLICATION-ID :" . $appID,
"X-PAYPAL-REQUEST-DATA-FORMAT : JSON",
"X-PAYPAL-RESPONSE-DATA-FORMAT : JSON"
);
$data = array();
$data['actionType'] = "CREATE"; //PAY
$data['currencyCode'] = "SGD";
$receiver['amount'] = $orderTotal;
$receiver['email'] = $receiverEmail;
$data['receiverList'] = array();
$data['receiverList']['receiver'][] = $receiver;
$data['returnUrl'] = $returnURL;
$data['cancelUrl'] = $cancleURL;
$requestEnvelope = array();
$requestEnvelope['errorLanguage'] = "en_US";
$data['requestEnvelope'] = $requestEnvelope;
//I omitted the POST call
//print_r($returnedData);
$payKey = $returnedData->payKey;
$paymentStatus = $returnedData->paymentExecStatus;
/*
* Set payment options
*/
$endPoint = "https://svcs.sandbox.paypal.com/AdaptivePayments/SetPaymentOptions";
//paymentDetailsData
$paymentDetailsData = array();
//set payKey
echo "payKey: " . $payKey;
$paymentDetailsData['payKey'] = $payKey;
//displayOptions
$displayOptions['businessName'] = "My Business";
$paymentDetailsData['displayOptions'] = $displayOptions;
//senderOptions
$senderOptions = array();
$senderOptions['requireShippingAddressSelection'] = true; //set to true if courier is chosen
$senderOptions['shippingAddress']['addresseeName'] = "Ny Name";
$senderOptions['shippingAddress']['street1'] = "Address 1Avenue 3";
$senderOptions['shippingAddress']['street2'] = "#xx-112";
$senderOptions['shippingAddress']['city'] = "Singapore";
$senderOptions['shippingAddress']['state'] = "Singapore";
$senderOptions['shippingAddress']['zip'] = "123456";
$senderOptions['shippingAddress']['country'] = "Singapore";
$paymentDetailsData['senderOptions'] = $senderOptions;
//item
$item = array();
$item['name'] = "Korea";
$item['itemPrice'] = 11;
//there is still price, and itemcount
//invoiceData
$invoiceData = array();
$invoiceData['item'] = $item;
//receiverOptions
$receiverOptions = array();
$receiverOptions['description'] = "Product description.";
$receiverOptions['invoiceData'] = $invoiceData;
$paypalEmail = "test#test.com"; //I may need to change this
$receiver['email'] = $paypalEmail;
$receiverOptions['receiver'] = $receiver;
$paymentDetailsData['receiverOptions'] = $receiverOptions;
//requestEnvelope. I have set the request envelope above. It is the same. Can still be used.
$paymentDetailsData['requestEnvelope'] = $requestEnvelope;
makePaypalCall($endPoint, $paypalHeaders, $paymentDetailsData);
/*
* Get payment options. I can see the result of get payment options correctly,
*/
echo "GETTING PAYMENT OPTIONS";
$endPoint = "https://svcs.sandbox.paypal.com/AdaptivePayments/GetPaymentOptions";
$getPaymentData['payKey'] = $payKey;
$getPaymentData['requestEnvelope'] = $requestEnvelope;
makePaypalCall($endPoint, $paypalHeaders, $getPaymentData);
$endPoint = "https://svcs.sandbox.paypal.com/AdaptivePayments/ExecutePayment";
/*
* ExecutePayment. Ok, I get the error here. This payment request must be authorized by the sender
*/
$executePaymentData = array();
echo "paykey: " . $payKey;
$executePaymentData['payKey'] = $payKey;
//$executePaymentData['actionType'] = "PAY";
$executePaymentData['requestEnvelope'] = $requestEnvelope;


I hope I understand you correctly.
To me it seems like you are skipping the step where the user needs to authorize the payment. When you do a Pay (Create) operation you should see get a RedirectURL in the response from PayPal. You need to redirect the user to this URL for them to authorize the payment on PayPal.
Once they have approved the payment, then you'll be able to execute the payment.
Your steps need to change to:
Create PayRequest
Set PaymentOptions
Redirect to PayPal (RedirectURL from the PayRequest response) for user authorization
If authorized, ExecutePayment
PayPal hints at this on the Pay API operation page
URL to redirect the sender's browser to after the sender has logged into PayPal and approved a payment; it is always required but only used if a payment requires explicit approval
After the step 3, the user will be returned to the URL your provided in $data['returnUrl'] = $returnURL;


I am using Delayed Chained Payment and often i end up with this error "This payment request must be authorized by the sender". Actually it was due to a small mistake in the logic.
wrong procedure (# step 3)
generate a payKey successfully
save it to database
refresh the page for some reason which results in generating new payKey (this new payKey doesn't update to database)
payRequest = pay();
.....
if(empty(db_record)) {
.....
db_record->payKey = payRequest->payKey;
db_record->save();
}
paid with new payKey ( ie. payment approved by sender)
trying to execute payment with payKey from database (which is indeed old one. That payKey was not used to make payment)
Solution
update database with last payKey which used for making payment by getting approval of sender
step 3 should be like
if(empty(db_record) || is_expired(db_record->payKey)) {
payRequest = pay();
.....
.....
db_record->payKey = payRequest->payKey;
db_record->save();
}

Related

Laravel returns status ::35 - SSL Connect Error

I deal with a payment gateway provider and I have been facing a problem for days and I cannot solve it, the problem is simply that the customer pays after completing the order, arriving to the payment page (online banking) and the user may close the page of the bank after completing the payment process and do not click on the return button to the merchant page Here comes the job of the return url ( Enable Instant Payment Notification (IPN)) that the provider asked me to set up and I did, but the link sometimes works and often it does not work, when I asked the provider they said the error is:
kindly be informed that we received message status ::35 - SSL Connect Error in most of the transaction.
In this case, please assist to have a check at your end for the mentioned error and client URL (cURL).
I don't know where to go to check the curl as you see in my code there is no curl!! and Im using forge laravel so I'm not able to check the server log and even in laravel logs I can't see the error mentioned by provider
here my post url
public function getStatus()
{
$vkey = config('services.payment.secret');// secret key
$tranID = $_POST['tranID'];
$orderid = $_POST['orderid'];
$status = $_POST['status'];
$domain = $_POST['domain'];
$amount = $_POST['amount'];
$currency = $_POST['currency'];
$appcode = $_POST['appcode'];
$paydate = $_POST['paydate'];
$skey = $_POST['skey'];
$key0 = md5( $tranID.$orderid.$status.$domain.$amount.$currency );
$key1 = md5( $paydate.$domain.$key0.$appcode.$vkey );
if( $skey != $key1 ) $status= -1; // Invalid transaction
if ( $status == "00" ) {
SavingPaymentAction::SendEmailAfterCharge($orderid);
}
else {
SavingPaymentAction::SendErrorEmail($orderid);
}
}

Stripe issue when creating subscription: "Could not determine which URL to request"

I've setup stripe multiple times and never had this issue before. I'm processing the "customer created" web hook and using the payload to attach stripe id to my user and setup a new subscription.
I'm getting the following error:
Stripe\Exception\UnexpectedValueException: Could not determine which URL to request: Stripe\Subscription instance has invalid ID: in file /Users/mick/repos/askit/vendor/stripe/stripe-php/lib/ApiResource.php on line 107
This only happens when I try to create the new subscription. Here is my full controller:
public function handleCustomerCreated(Request $request)
{
$payload = json_decode($request->getContent(), true);
$user_id = $payload->data->object->subscriptions->data[0]->metadata->user_id;
$subscription_id = $payload->data->object->subscriptions->data[0]->id;
$stripe_customer_id = $payload->data->object->id;
$current_period_start = $payload->data->object->subscriptions->data[0]->current_period_start;
$current_period_end = $payload->data->object->subscriptions->data[0]->current_period_end;
$stripe_plan = $payload->data->object->subscriptions->data[0]->items->data[0]->plan->id;
$name = $payload->data->object->subscriptions->data[0]->items->data[0]->plan->nickname;
$stripe_status = $payload->data->object->subscriptions->data[0]->status;
$interval = $payload->data->object->subscriptions->data[0]->items->data[0]->plan->interval_count;
$user = User::query()->find($user_id);
$user->stripe_id = $stripe_customer_id;
$user->save();
$subscription = new Subscription();
$subscription->user_id = $user_id;
$subscription->name = $name;
$subscription->stripe_id = $stripe_customer_id;
$subscription->stripe_status = $stripe_status;
$subscription->stripe_plan = $stripe_plan;
$subscription->interval = $interval;
$subscription->current_period_start = $current_period_start;
$subscription->current_period_end = $current_period_end;
$subscription->subscription_id = $subscription_id;
$subscription->save();
}
If I remove the new Subscription stuff it works fine, the stripe is getting attached to my user model just fine. The error only happens on this part:
$subscription = new Subscription();
$subscription->user_id = $user_id;
$subscription->name = $name;
$subscription->stripe_id = $stripe_customer_id;
$subscription->stripe_status = $stripe_status;
$subscription->stripe_plan = $stripe_plan;
$subscription->interval = $interval;
$subscription->current_period_start = $current_period_start;
$subscription->current_period_end = $current_period_end;
$subscription->subscription_id = $subscription_id;
$subscription->save();
Any ideas? The table was created automagically by Laravel Cashier.

Try using \Stripe\Subscription::create() as shown in the Stripe API Docs, instead of manually creating and modifying a new Subscription(). You're current code is trying to update a Subscription that doesn't yet exist in the API, so it can't find its id.

Paypal - payment issue while trying to implement recurring payment

paypalrecurring.php
private $test = false;
private $liveServer = 'https://api-3t.paypal.com/nvp'; # https://api.paypal.com/nvp
private $testServer = 'https://api-3t.sandbox.paypal.com/nvp'; # https://api.sandbox.paypal.com/nvp
private $methodName = 'CreateRecurringPaymentsProfile';
public function sendRequest()
{
$nvpreq = '';
foreach ($this->request as $fldname => $val)
if($val != '') $nvpreq .= strtoupper($fldname) . "=" . urlencode($val) . "&";
$url = ($this->test) ? $this->testServer : $this->liveServer;
$post = "METHOD=" . $this->methodName . "&" . $nvpreq . "&VERSION=56.0";
$retstr = $this->sendAPIRequest($url . "?" . $post);
$retarrtmp = explode("&",$retstr);
$retarr = array();
for($i=0;$i<count($retarrtmp);$i++)
{
$sparr = explode("=",$retarrtmp[$i]);
$txt = urldecode($sparr[0]);
$val = urldecode($sparr[1]);
$retarr[$txt] = $val;
}
return $retarr;
}
/**
* True for test server. False for production.
* #param bool $isTest
*/
public function setIsTest($isTest)
{
$this->test = $isTest;
}
private function sendAPIRequest($url)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
if(curl_errno($ch))
$response = curl_error($ch);
curl_close($ch);
return $response;
}
}
Usageexample.php
<?php
require_once 'PaypalRecurring.php';
$pp = new PayPalRecurring();
$pp->setIsTest(true); // PayPal test sandbox or live server
// Your PayPal account credentials go here
$pp->request['user'] = 'xxx';
$pp->request['pwd'] = 'xxx';
$pp->request['signature'] = 'xxx';
// End PayPal account credentials
// User info
$pp->request['firstname'] = 'The users first name';
$pp->request['lastname'] = 'The users last name';
$pp->request['email'] = 'The users email address';
$pp->request['creditcardtype'] = 'Visa'; // Visa, Mastercard, Discover, Amex
$pp->request['acct'] = ''; // Credit card number
$pp->request['expdate'] = str_pad('8',2,'0', STR_PAD_LEFT) .'2020'; // Expiration month and full year. Pad the month with 0. Month should be 1-12. This example is 8/2020.
// End user info
// Product info
$pp->request['countrycode'] = 'US';
$pp->request['billingperiod'] = 'Month'; // Bill per month
$pp->request['billingfrequency'] = 1; // How many times to bill per billing period.. This example is once per month
$pp->request['currencycode'] = 'USD';
$pp->request['amt'] = 9.95; // Amount to bill every month
$pp->request['initamt'] = 0.00; // Setup fee.. One time on account creation
$pp->request['taxamt'] = $pp->request['amt'] * .07; // Replace .07 with your tax percentage. 0 for no tax.
$pp->request['desc'] = 'Super Deluxe Package'; // The description of your product for reporting in your account
$pp->request['profilestartdate'] = gmdate('Y-m-d\TH:i:s\Z');
$pp->request['totalbillingcycles'] = '3'; // How many billing cycles. 0 for no expiration. This example is for 3 total months of billing.
$pp->request['payerstatus'] = 'verified';
// End product info
$ppResponse = $pp->sendRequest();
if(isset($ppResponse['L_ERRORCODE0']))
echo "Error: {$ppResponse['L_LONGMESSAGE0']}";
else if(isset($ppResponse['ACK']) && $ppResponse['ACK'] == ('Success' || 'SuccessWithWarning'))
echo "Success: {$ppResponse['ACK']}";
else
print_r($ppResponse);
whenever i am trying to implement recurring payment in paypal always got error
security header is not valid
Above example is from github
i need to integrate recurring payment in ecommerce site
I have two files paypalrecurring.php & usageExample.php
When i executed usageExample.php i got error security header is not valid
can anybody help me

This is because your API credentials in below codes is not correct.
$pp->request['user'] = 'xxx';
$pp->request['pwd'] = 'xxx';
$pp->request['signature'] = 'xxx';
You can follow up the steps below to find your API credentials:
For sandbox account:
Access https://developer.paypal.com/ and login, then access below URL:
https://developer.paypal.com/developer/accounts
Click the business account being used for your test, then click the "Profile" link under the account.
Then click the "API Credentials" tab, you will find the API credentials.
For live account:
Login to www.paypal.com, go to Profile->Selling tools->API Access, click "Request API credentials" link,
then select "Request API signature" and click "Agree and Submit".
Then you can find your API username, API password and API signature in the final page.

PayPal REST API with PHP results ERROR

Im using PayPal REST API with PHP, I have created a rest app in sandbox and everything as in documentation.
but it returns error
Got Http response code 401 when accessing https://api.sandbox.paypal.com/v1/oauth2/token.
not sure where Im going wrong on this, tried many other sample codes using rest api but same error everywhere.
can some one help me on this?
code is here
define('CLIENT_ID', 'MY CLIENT ID'); //your PayPal client ID
define('CLIENT_SECRET', 'MY SECRET'); //PayPal Secret
define('RETURN_URL', 'http://domain.com/order_process.php'); //return URL where PayPal redirects user
define('CANCEL_URL', 'http://domain.com/payment_cancel.html'); //cancel URL
define('PP_CURRENCY', 'USD'); //Currency code
define('PP_CONFIG_PATH', ''); //PayPal config path (sdk_config.ini)
include_once "vendor/autoload.php"; //include PayPal SDK
include_once "functions.inc.php"; //our PayPal functions
$item_name = 'Test Product'; //get item code
$item_code = 'sku123'; //get item code
$item_price = '10'; //get item price
$item_qty = '1'; //get quantity
/*
Note: DO NOT rely on item_price you get from products page, in production mode get only "item code"
from the products page and then fetch its actual price from Database.
Example :
$results = $mysqli->query("SELECT item_name, item_price FROM products WHERE item_code= '$item_code'");
while($row = $results->fetch_object()) {
$item_name = $row->item_name;
$item_price = item_price ;
}
*/
//set array of items you are selling, single or multiple
$items = array(
array('name'=> $item_name, 'quantity'=> $item_qty, 'price'=> $item_price, 'sku'=> $item_code, 'currency'=>PP_CURRENCY)
);
//calculate total amount of all quantity.
$total_amount = ($item_qty * $item_price);
try{ // try a payment request
//if payment method is paypal
$result = create_paypal_payment($total_amount, PP_CURRENCY, '', $items, RETURN_URL, CANCEL_URL);
//if payment method was PayPal, we need to redirect user to PayPal approval URL
if($result->state == "created" && $result->payer->payment_method == "paypal"){
$_SESSION["payment_id"] = $result->id; //set payment id for later use, we need this to execute payment
header("location: ". $result->links[1]->href); //after success redirect user to approval URL
exit();
}
}catch(PPConnectionException $ex) {
echo parseApiError($ex->getData());
} catch (Exception $ex) {
echo $ex->getMessage();
}

How to re-initialize the Docusign PHP API with different credentials

We have a case where we need to check envelope status in two separate Docusign accounts. If we don't get status in the first, we want to check the second.
I'm having trouble getting the API to re-initialize with the credentials of our second account. I'm calling this snippet with the new variables:
require_once('docusign/SignatureApi.php');
$IntegratorsKey = "abcd";
$UserID = "dave#account.com";
$Password = "xxxxx";
$_apiEndpoint = $Endpoint;
$_apiWsdl = "docusign/api/APIService.wsdl";
$api_options = array('location'=>$_apiEndpoint,'trace'=>true,'features' => SOAP_SINGLE_ELEMENT_ARRAYS);
$api = new APIService($_apiWsdl, $api_options);
$api->setCredentials("[" . $IntegratorsKey . "]" . $UserID, $Password);
$res = RequestEnvelopStatuses($envelopes);
$envelopeStatuses = $res->RequestStatusesResult;
if(!count($envelopeStatuses->EnvelopeStatuses->EnvelopeStatus)){
// If we did not find envelopes, check other account
$IntegratorsKey = "wxyz";
$UserID = "fred#altaccount.com";
$Password = "xxxxx";
$api->setCredentials("[" . $IntegratorsKey . "]" . $UserID, $Password);
// retry request
$res = RequestEnvelopStatuses($envelopes);
$envelopeStatuses = $res->RequestStatusesResult;
}
It doesn't return an error, but won't return envelope status either. It seems to still use the first credentials (guessing). The second attempt always seems to return whatever the first attempt did.
Is there a better / preferred way to do this?

That does not look like the proper way to get the envelope status. Maybe that's why you are not finding them and trying to look again?
// Create a filter using account ID and today as a start time
$envStatusFilter = new EnvelopeStatusFilter();
$envStatusFilter->AccountId = $AccountID;
$beginDateTime = new EnvelopeStatusFilterBeginDateTime();
$beginDateTime->_ = todayXsdDate(); // note that this helper function
// is in CodeSnippets/include/utils.php
// in the PHP SDK
$envStatusFilter->BeginDateTime = $beginDateTime;
// Send
$requestStatusesparams = new RequestStatuses();
$requestStatusesparams->EnvelopeStatusFilter = $envStatusFilter;
$response = $api->RequestStatuses($requestStatusesparams);

Categories