Submit PayPal data encrypted from the code
I'm working with Ruby On Rails 3, and I would like to do the following, but from the code behind:
<% form_tag "https://www.sandbox.paypal.com/cgi-bin/webscr" do %>
<%= hidden_field_tag :cmd, "_s-xclick" %>
<%= hidden_field_tag :encrypted, @cart.paypal_encrypted(products_url, payment_notifications_url) %>
<p><%= submit_tag "Checkout" %></p>
<% end %>
I've tried this in my Cart model, but it's not redirecting anywhere, and I don't know what to do:
PAYPAL_CERT_PEM = File.read("#{Rails.root}/certs/paypal_cert.pem")
APP_CERT_PEM = File.read("#{Rails.root}/certs/app_cert.pem")
APP_KEY_PEM = File.read("#{Rails.root}/certs/app_key.pem")
PANEL = 'sandbox.paypal.com'
PATH = '/cgi-bin/webscr'
USERAGENT = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1'
def paypal_u开发者_Go百科rl(order_id, return_url, notify_url)
http = Net::HTTP.new(PANEL, 443)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
# GET request -> so the host can set cookies
resp, data = http.get2(PATH, {'User-Agent' => USERAGENT})
cookie = resp.response['set-cookie'].split('; ')[0]
values = {
:cmd => '_s-xclick',
:encrypted => paypal_encrypted(order_id, return_url, notify_url)
}
@headers = {
'Cookie' => cookie,
'Referer' => 'https://'+PANEL+PATH,
'Content-Type' => 'application/x-www-form-urlencoded',
'User-Agent' => USERAGENT
}
resp, data = http.post2(PATH, values.to_query, @headers)
end
def paypal_encrypted(order_id, return_url, notify_url)
values = {
:business => 'seller_1234111143_biz@asciicasts.com',
:cmd => '_cart',
:upload => 1,
:return => return_url,
:invoice => order_id.to_s,
:notify_url => notify_url,
:currency_code => "USD"
}
items.each_with_index do |item, index|
values.merge!({
"amount_#{index + 1}" => item.unit_price,
"item_name_#{index + 1}" => item.product.title,
"item_number_#{index + 1}" => item.product.id + Time.now.to_i,
"quantity_#{index + 1}" => item.quantity.to_i
})
end
encrypt_for_paypal(values)
end
def encrypt_for_paypal(values)
signed = OpenSSL::PKCS7::sign(OpenSSL::X509::Certificate.new(APP_CERT_PEM), OpenSSL::PKey::RSA.new(APP_KEY_PEM, ''), values.map { |k, v| "#{k}=#{v}" }.join("\n"), [], OpenSSL::PKCS7::BINARY)
OpenSSL::PKCS7::encrypt([OpenSSL::X509::Certificate.new(PAYPAL_CERT_PEM)], signed.to_der, OpenSSL::Cipher::Cipher::new("DES3"), OpenSSL::PKCS7::BINARY).to_s.gsub("\n", "")
end
If you're wondering why I can't just use the html form, that's because I let users choose between more than one payment option, using radio fields, and once they have selected one, they will click on the "Submit Order" button, generating the respective movements in my database, before redirecting to the payment method.
加载中,请稍侯......
精彩评论