How we made friends with PayPal

Dear foreign guest with a surname too well known to be called, a PayPal citizen has just “stepped off the ship” to the domestic “berth”, but has already managed to become his own ball, where electronic payment systems of the Russian segment actively dance. We did not stand aside and hurried to make a useful acquaintance with such a respected comrade, adding, finally, his good name to our list of friends . From which side to approach, what to talk about and how to get his attention we read in a small story under the cut.

Friendship begins with a smile

The first timid step on the way to a great friendship is a presentation, that is, registration, where in the personal data it is necessary to provide information about the commercial activities of the company, which we did in good faith.







However, instead of easy and relaxed relations, which we managed to mentally rejoice, we were waited by an inhospitable message about the restriction of the account and please provide a number of additional documents to confirm our account. We did not have time to collect everything we needed, as, fortunately, in mid-September, PayPal significantly simplified the procedure for connecting legal entities. It was only necessary to fill out a special form for this on the PayPal side. But now it was too early to rejoice - the form simply did not work for the first few days. We honestly filled in all required and optional fields, but each time we received a data transmission error and, no matter how hard we tried, it repeated again and again. Without losing determination and having a lot of perseverance in store, a week later we repeated the “experiment” and, finally, received a long-awaited confirmation, and soon a cherished letter from PayPal.

')

A true friend is known in the API

Understanding all the intricacies of the protocol PayPal is not easy. Scattered across different parts of the site, pieces of documentation, the heavy legacy of SOAP, the general confusion of the protocol stack (NVP, SOAP, REST) ​​and the lack of examples did the trick. A typical example of confusion, an action implemented by one protocol cannot be performed by another, and vice versa.

But the journey of a thousand miles begins with the first step, throwing all doubts away, we will use the currently most popular REST API, and take their own PHP SDK as a wrapper for it. Some things, however, still have to think out themselves, exploring the code.



The general idea can be described in the following steps:

1. We register PayPal Application to get pairs of client_id and secret_key values ​​for live and sandbox mode:
   
   
   
   
   
   
2. We perform OAuth authentication:
   
   

   $apiContext = new ApiContext(new OAuthTokenCredential( $clientId, $clientSecret)); $apiContext->setConfig([ 'mode' => 'live']); 

   
   
   
3. Make a request to create a payment. If you plan to accept payment from the paypal account, as well as the card attached to it, do not forget to specify the payment method: paypal
   
   

    $payer = new Payer(); $payer->setPaymentMethod('paypal'); $amount = new Amount(); $amount->setCurrency('RUB'); $amount->setTotal('10'); $item1 = new Item(); $item1->setName(' /')->setCurrency('RUB')->setQuantity(1)->setPrice('10'); //  /    $item1->setSku('1000'); $itemList = new ItemList(); $itemList->setItems(array($item1)); $transaction = new Transaction(); $transaction->setAmount($amount); $transaction->setDescription('Payment to UnitPay'); $transaction->setItemList($itemList); $payment = new Payment(); $payment->setIntent('sale'); $payment->setPayer($payer); $payment->setTransactions(array($transaction)); $payment>setRedirectUrls(array( "return_url" => $resultUrl, "cancel_url" => $resultUrl )); $payment->create($apiContext); 

   
   
   
4. In response, we get the payment number in PayPal and the redirectURL form of payment, where we transfer the user:
   
   

    // ID ,         $payment->getId(); $links = $payment->getLinks(); foreach ($links as $link) { if ($link->getMethod() == 'REDIRECT') { header('location:'.$link->getHref()); return; } } 

   
   
   
5. Customer Account Confirmation:
   
   
   
   
   
   
6. Automatic client return with GET token, PayerID on $ resultUrl parameters (see step 3).
   
   
7. The money has been written off, but the payment has not yet been made. We say to PayPal, that yes, we confirm the payment:
   
   

    $apiContext = new ApiContext(new OAuthTokenCredential( $clientId, $clientSecret)); $apiContext->setConfig([ 'mode' => 'live']); $payment = Payment::get($payment->getExternalPaymentId(), $apiContext); $paymentExecution= new PaymentExecution(); $paymentExecution->setPayerId($payerId); $payment->execute($paymentExecution, $apiContext); 

   
   
   
8. Optionally, PayPal makes a notification of payments to the specified URL, this is called their IPN :
   
   
   
   
   
   Each such notification received must be validated by a response request in the direction of PayPal. You also need to verify the amount of payment, currency and email recipient. It remains only to wait for the coveted status of completed and the payment can be considered completed. If you do not want to contact an IPN, you can always simply poll PayPal about the status of required payments, for example, via cron, although the IPN is still more convenient:
   
   

    $ipn = new PPIPNMessage(null, array(['mode' => 'live'])); if (!$ipn->validate()) { throw new \Exception('      PayPal'); } // $_GET['txn_id']   PayPal // $_GET['mc_gross']   // $_GET['mc_currency']   // $_GET['payer_email'] mail  // $_GET['item_number1']    // $_GET['payment_status']   // $_GET['receiver_email'] Email  switch ($_GET['payment_status']) { //   ,   case 'completed': break; //    case 'failed': break; //    case 'denied': break; //     case 'refunded': break; } 

In our opinion, most of the steps of this scheme are redundant: you can remove repeated checks to PayPal at the payment notification stage simply by signing the data sent in advance. The same applies to superfluous actions with the confirmation of the user's payment already made. Also, in addition to storing the PayPal payment number, you will have to organize the storage of the token to uniquely identify the order and complete step 7. An alternative option is to create a return Url with a unique key.



At the moment, API PayPal is one of the most confusing and ambiguous among popular payment systems, but on the other hand, if you go along the trodden path, without turning, then everything will work out.

Do not have a hundred rubles, and have a hundred friends

In turn, we have simplified connection and work with PayPal and are ready to provide a number of payment instruments to choose from.



If you only thought about how to implement payment acceptance for your project and what payment methods will suit you besides PayPal, then we recommend the fastest and easiest way to connect - the universal payment method UnitPay . PayPal will be available among other payment methods.







For those who have already formed their list of payment systems and just want to expand it by connecting PayPal, we suggest using our API, a full description of which can be found on your project page.

And what for the CIS countries?

Unfortunately, while PayPal is not available for a number of countries closest to us. Many are experiencing a number of difficulties with this and offer quite different solutions . We think that soon this situation will change for the better.

Finally

PayPal in Russia is still very young, but it has a rich past and huge potential. We hope that quite a bit of time will pass, and it will take its rightful place in the list of safe and convenient payment systems in the domestic market.