Example of payum with Slim3.
composer install
php -S 0.0.0.0:8888 -t public
To create a simple API endpoint for credit cards payment.
-
It should not persist anything.
-
All configurations should be passed to the API via POST.
-
Project is setup as skeleton so that it can easily convert to persist data.
-
Deploy anywhere: cpanel, docker, etc...
The plan is to demonstrate the five most common methods in Credit Card payment transaction:
-
Authorize - put a hold on the credit card with a certain amount.
-
Capture - this is called after authorize to charge the card.
-
Purchase - this is doing both Authorize then Capture at the same time. This is either by calling the two method manually, or call the Capture without first calling the Authorize method. The Payment Gateway/Factory must support Purchase for the second method.
-
Cancel/Void - to cancel or void the transaction. Usually done on the same day to prevent daily transaction reconsolication. This is also usually done after Authorize.
-
Refund - to issue a refund for the transaction.
- Payum and Omnipay requires ext-intl
-
For WAMP on Windows, just enable this via php.ini
-
On other Platforms: https://asdqwe.net/blog/enabling-installing-intl-package-php-from-terminal/
-- OSX additional instruction: https://github.com/phpbrew/phpbrew/wiki/TroubleShooting#configure-error-unable-to-detect-icu-prefix-or-no-failed-please-verify-icu-install-prefix-and-make-sure-icu-config-works
This project was created as a learning/tutorial for using Payum, Omnipay, and proof of concept for integrating with Slim. For questions relating to the various libraries used in this project, please refer to:
slim - https://github.com/slimphp/Slim
payum - https://github.com/payum/payum
omnipay - https://github.com/thephpleague/omnipay
-
Secure since we do not store anything?
-
Micro-service style/architecture.
-
Easy to add new payment gateways provided by Payum and Omnipay.
-
Add another layer of complexity? This code provide a good starting point/example. For better flexibility, developer can use it as example to implement payment directly into their own framework.
-
Anytime there is a new network layer, there is a possibility of man-in-the-middle attack. This kind of service should run behind SSL in Production. It's easy to obtain cheap or free SSL these day with service such as https://letsencrypt.org/
The MIT License (MIT)
Copyright (c) 2016 noogen
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.