The Payment Card Industry (PCI) Council has mandated that early versions of TLS be retired from service. All organizations that handle credit card information are required to comply with this standard. As part of this obligation, PayPal is updating its services to require TLS 1.2 for all HTTPS connections. At this time, PayPal will also require HTTP/1.1 for all connections. Click here for more information
A new
mode
has been created to test if your server/machine handles TLSv1.2 connections. Please usetls
mode instead ofsandbox
to verify. You can return back tosandbox
mode once you have verified. Please have a look at this Sample Configuration.
- Because of the Poodle vulnerability, PayPal has disabled SSLv3.
- To enable TLS encryption, the changes were made to PPHttpConfig.php in SDK Core to use a cipher list specific to TLS encryption.
/**
* Some default options for curl
* These are typically overridden by PPConnectionManager
*/
public static $DEFAULT_CURL_OPTS = array(
CURLOPT_SSLVERSION => 1,
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_TIMEOUT => 60, // maximum number of seconds to allow cURL functions to execute
CURLOPT_USERAGENT => 'PayPal-PHP-SDK',
CURLOPT_HTTPHEADER => array(),
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_SSL_VERIFYPEER => 1,
CURLOPT_SSL_CIPHER_LIST => 'TLSv1',
);
- There are two primary changes done to curl options:
All these changes are included in the recent release, along with many other bug fixes. We highly encourage you to update your versions, by either using composer
or running this command shown below:
curl -k -L https://raw.githubusercontent.com/paypal/permissions-sdk-php/stable-php5.3/samples/install.php | php
OR
wget https://raw.githubusercontent.com/paypal/permissions-sdk-php/stable-php5.3/samples/install.php
php install.php
Please contact PayPal Technical Support for any live or account issues.
PayPal's PHP Permissions SDK requires
- PHP 5.3 and above
- curl/openssl PHP extensions
To run the bundled sample, first copy the samples folder to your web server root. You will then need to install the SDK as a dependency using either composer (PHP V5.3+ only).
run composer update
from the samples folder.
To use the SDK,
- Create a composer.json file with the following contents.
{
"name": "me/shopping-cart-app",
"require": {
"paypal/permissions-sdk-php":"v3.*"
}
}
- Install the SDK as a dependency using composer or the install.php script.
- Require
vendor/autoload.php
ORPPBootStrap.php
in your application depending on whether you used composer or the custom installer. - Choose how you would like to configure the SDK - You can either
- Create a hashmap containing configuration parameters and pass it to the service object OR
- Create a
sdk_config.ini
file and set the PP_CONFIG_PATH constant to point to the directory where this file exists.
- Instantiate a service wrapper object and a request object as per your project's needs.
- Invoke the appropriate method on the service object.
For example,
// Sets config file path(if config file is used) and registers the classloader
require("PPBootStrap.php");
// Array containing credentials and confiuration parameters. (not required if config file is used)
$config = array(
'mode' => 'sandbox',
'acct1.UserName' => 'jb-us-seller_api1.paypal.com',
'acct1.Password' => 'WX4WTU3S8MY44S7F'
.....
);
$request = new RequestPermissionsRequest($scope, $returnURL);
$request->requestEnvelope = $requestEnvelope;
.......
$permissions = new PermissionsService($config);
$response = $permissions->RequestPermissions($request);
if($strtoupper($response->responseEnvelope->ack) == 'SUCCESS') {
// Success
}
The SDK provides multiple ways to authenticate your API call.
$permissions = new PermissionsService($config);
// Use the default account (the first account) configured in sdk_config.ini
$response = $permissions->RequestPermissions($request);
// Use a specific account configured in sdk_config.ini
$response = $permissions->RequestPermissions($request, 'jb-us-seller_api1.paypal.com');
// Pass in a dynamically created API credential object
$cred = new PPCertificateCredential("username", "password", "path-to-pem-file");
$cred->setThirdPartyAuthorization(new PPTokenAuthorization("accessToken", "tokenSecret"));
$response = $permissions->RequestPermissions($request, $cred);
The SDK allows you to configure the following parameters -
- Integration mode (sandbox / live)
- (Multiple) API account credentials.
- HTTP connection parameters
- Logging
Dynamic configuration values can be set by passing a map of credential and config values (if config map is passed the config file is ignored)
$config = array(
'mode' => 'sandbox',
'acct1.UserName' => 'jb-us-seller_api1.paypal.com',
'acct1.Password' => 'WX4WTU3S8MY44S7F'
.....
);
$service = new PermissionsService($config);
Alternatively, you can configure the SDK via the sdk_config.ini file.
define('PP_CONFIG_PATH', '/directory/that/contains/sdk_config.ini');
$service = new InvoiceService();
You can refer full list of configuration parameters in wiki page.
- API Reference - https://developer.paypal.com/webapps/developer/docs/classic/api/#permissions
- If you need help using the SDK, a new feature that you need or have a issue to report, please visit https://github.com/paypal/permissions-sdk-php/issues