The PCIv3.1 DSS (PDF) mandates (p.46) that TLSv1.0 be retired from service by June 30, 2016. All organizations that handle credit card information are required to comply with this standard. As part of this obligation, PayPal is updating it's services to require TLSv1.2 for all HTTPS connections. Click here for more information
A new
mode
has been created to test if your server/machine handles TLSv1.2 connections. Please usetls
mode instead ofsandbox
to verify. You can return back tosandbox
mode once you have verified.
- PHP 5.3 and above
- curl extension with support for OpenSSL
- PHPUnit 3.5 for running test suite (Optional)
- Composer
- Redirect your buyer to
PPOpenIdSession::getAuthorizationUrl($redirectUri, array('openid', 'address'));
to obtain authorization. The second argument is the list of access privileges that you want from the buyer. - Capture the authorization code that is available as a query parameter (
code
) in the redirect url - Exchange the authorization code for a access token, refresh token, id token combo
$token = PPOpenIdTokeninfo::createFromAuthorizationCode(
array(
'code' => $authCode
)
);
- The access token is valid for a predefined duration and can be used for seamless XO or for retrieving user information
$user = PPOpenIdUserinfo::getUserinfo(
array(
'access_token' => $token->getAccessToken()
)
);
- If the access token has expired, you can obtain a new access token using the refresh token from the 3'rd step.
$token->createFromRefreshToken(array('openid', 'address'));
- Redirect your buyer to
PPOpenIdSession::getLogoutUrl($redirectUri, $idToken);
to log him out of paypal.