Created
March 26, 2020 19:26
-
-
Save thlinux1107/402edf3bdb5ddbb967b5acdf3353de48 to your computer and use it in GitHub Desktop.
Paya Gateway (formerly Sage Exchange/Sage Payments) - ACH Vault Request
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/*---------------------------------------------- | |
Author: SDK Support Group | |
Company: Paya | |
Contact: sdksupport@paya.com | |
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | |
!!! Samples intended for educational use only!!! | |
!!! Not intended for production !!! | |
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | |
-----------------------------------------------*/ | |
// your developer credentials | |
// client_id may be referred to as "Consumer Key". | |
// client_key may be referred to as "Consumer Secret". | |
$client_id = "W8yvKQ5XbvAn7dUDJeAnaWCEwA4yXEgd"; | |
$client_key = "iLzODV5AUsCGWGkr"; | |
// you (or your client's) merchant credentials. | |
// grab a test account from us for development! | |
$merchant_id = "173859436515"; | |
$merchant_key = "P1J2V8P2Q3D8"; | |
// the nonce can be any unique identifier -- guids and timestamps work well | |
$nonce = uniqid(); | |
// a standard unix timestamp. a request must be received within 60s | |
// of its timestamp header. | |
$timestamp = (string)time(); | |
// setting up the request data itself | |
$verb = "POST"; | |
$url = "https://api-cert.sagepayments.com/token/v1/tokens"; | |
$requestData = [ | |
// this is a pretty minimalistic example... | |
// complete reference material is available on the dev portal. | |
"account" => [ | |
"type" => "checking", | |
"routingNumber" => "261271364", | |
"accountNumber" => "01234567890" | |
] | |
]; | |
// convert to json for transport | |
$payload = json_encode($requestData); | |
// the request is authorized via an HMAC header that we generate by | |
// concatenating certain info, and then hashing it using our client key | |
$toBeHashed = $verb . $url . $payload . $merchant_id . $nonce . $timestamp; | |
$hmac = hash_hmac( | |
"sha512", // use the SHA-512 algorithm... | |
$toBeHashed, // ... to hash the combined string... | |
$client_key, // .. using your private dev key to sign it. | |
true // (php returns hexits by default; override this) | |
); | |
// convert to base-64 for transport | |
$hmac_b64 = base64_encode($hmac); | |
// This function allows you to easily print data to the console | |
// for debugging. | |
// !!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT NOTE !!!!!!!!!!!!!!!!!!!!!!!!!!!!! | |
// Please make sure you are not printing PCI- | |
// sensitive data to the console when moving to production. | |
// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | |
function debug_to_console( $data ) { | |
$output = $data; | |
if ( is_array( $output ) ) | |
$output = implode( ',', $output); | |
echo "<script>console.log( 'Debug Objects: " . $output . "' );</script>"; | |
} | |
// ok, let's make the request! cURL is always an option, of course, | |
// but i find that file_get_contents is a bit more intuitive. | |
$config = [ | |
"http" => [ | |
"header" => [ | |
"clientId: " . $client_id, | |
"merchantId: " . $merchant_id, | |
"merchantKey: " . $merchant_key, | |
"nonce: " . $nonce, | |
"timestamp: " . $timestamp, | |
"authorization: " . $hmac_b64, | |
"content-type: application/json", | |
], | |
"method" => $verb, | |
"content" => $payload, | |
"ignore_errors" => true // exposes response body on 4XX errors | |
] | |
]; | |
// Process request and perform error checking. | |
try { | |
$context = stream_context_create($config); | |
$result = file_get_contents($url, false, $context); | |
$response = json_decode($result); | |
$httpcode = http_response_code(); | |
// file_get_contents will return a true or false based on the success or failure of the connection | |
if($result == FALSE) | |
{ | |
debug_to_console( "file_get_contents: False" ); | |
echo '<pre>'; | |
print_r('HTTP Code: ' . $httpcode); | |
echo '</pre>'; | |
echo '<pre>'; | |
echo 'Error: Failed to read page'; | |
echo '</pre>'; | |
exit(); | |
} | |
else | |
{ | |
// check to see if the results are empty | |
if (empty($result)){ | |
debug_to_console( "Error: Empty Result" ); | |
echo '<pre>'; | |
print_r('HTTP Code: ' . $httpcode); | |
echo '</pre>'; | |
echo '<pre>'; | |
echo 'Error Empty Result'; | |
echo '</pre>'; | |
print_r(json_encode($result)); | |
exit(); | |
} | |
else | |
{ | |
// If the "status" key is present then the transaction either approved or declined. Otherwise | |
// the result will contain a code with an error | |
if(array_key_exists('status', $response)) | |
{ | |
// Successful request | |
debug_to_console( "file_get_contents: True" ); | |
echo '<pre>'; | |
print_r('HTTP Code: ' . $httpcode); | |
echo '</pre>'; | |
echo '<pre>'; | |
echo 'Request Successfully Submitted'; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Status: '. $response->{'status'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Reference: '. $response->{'reference'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Message: '. $response->{'message'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Order Number: '. $response->{'orderNumber'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Vault Response Status: '. $response->{'vaultResponse'}->{'status'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Vault Response Message: '. $response->{'vaultResponse'}->{'message'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Vault Token: '. $response->{'vaultResponse'}->{'data'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print_r($response); | |
echo '</pre>'; | |
exit(); | |
} | |
else | |
{ | |
// failed request | |
debug_to_console( "Error response from server!" ); | |
echo '<pre>'; | |
print_r('HTTP Code: ' . $httpcode); | |
echo '</pre>'; | |
echo '<pre>'; | |
echo 'Error response from the server!'; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Error Code: '. $response->{'code'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Error Message: '. $response->{'message'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Error Information: '. $response->{'info'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print 'Error Details: '. $response->{'detail'}; | |
echo '</pre>'; | |
echo '<pre>'; | |
print_r($response); | |
echo '</pre>'; | |
exit(); | |
} | |
} | |
} | |
} | |
// Catch and print any exceptions | |
catch (Exception $ex) { | |
debug_to_console( $ex ); | |
print_r($ex); | |
exit(); | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment