Skip to content

Instantly share code, notes, and snippets.

@thlinux1107

thlinux1107/index.php

Created March 26, 2020 19:26
Show Gist options
  • Save thlinux1107/402edf3bdb5ddbb967b5acdf3353de48 to your computer and use it in GitHub Desktop.
Save thlinux1107/402edf3bdb5ddbb967b5acdf3353de48 to your computer and use it in GitHub Desktop.
Download ZIP
Paya Gateway (formerly Sage Exchange/Sage Payments) - ACH Vault Request
Raw
index.php
<?php
/*----------------------------------------------
Author: SDK Support Group
Company: Paya
Contact: sdksupport@paya.com
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Samples intended for educational use only!!!
!!! Not intended for production !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-----------------------------------------------*/
// your developer credentials
// client_id may be referred to as "Consumer Key".
// client_key may be referred to as "Consumer Secret".
$client_id = "W8yvKQ5XbvAn7dUDJeAnaWCEwA4yXEgd";
$client_key = "iLzODV5AUsCGWGkr";
// you (or your client's) merchant credentials.
// grab a test account from us for development!
$merchant_id = "173859436515";
$merchant_key = "P1J2V8P2Q3D8";
// the nonce can be any unique identifier -- guids and timestamps work well
$nonce = uniqid();
// a standard unix timestamp. a request must be received within 60s
// of its timestamp header.
$timestamp = (string)time();
// setting up the request data itself
$verb = "POST";
$url = "https://api-cert.sagepayments.com/token/v1/tokens";
$requestData = [
// this is a pretty minimalistic example...
// complete reference material is available on the dev portal.
"account" => [
"type" => "checking",
"routingNumber" => "261271364",
"accountNumber" => "01234567890"
]
];
// convert to json for transport
$payload = json_encode($requestData);
// the request is authorized via an HMAC header that we generate by
// concatenating certain info, and then hashing it using our client key
$toBeHashed = $verb . $url . $payload . $merchant_id . $nonce . $timestamp;
$hmac = hash_hmac(
"sha512", // use the SHA-512 algorithm...
$toBeHashed, // ... to hash the combined string...
$client_key, // .. using your private dev key to sign it.
true // (php returns hexits by default; override this)
);
// convert to base-64 for transport
$hmac_b64 = base64_encode($hmac);
// This function allows you to easily print data to the console
// for debugging.
// !!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT NOTE !!!!!!!!!!!!!!!!!!!!!!!!!!!!!
// Please make sure you are not printing PCI-
// sensitive data to the console when moving to production.
// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
function debug_to_console( $data ) {
$output = $data;
if ( is_array( $output ) )
$output = implode( ',', $output);
echo "<script>console.log( 'Debug Objects: " . $output . "' );</script>";
}
// ok, let's make the request! cURL is always an option, of course,
// but i find that file_get_contents is a bit more intuitive.
$config = [
"http" => [
"header" => [
"clientId: " . $client_id,
"merchantId: " . $merchant_id,
"merchantKey: " . $merchant_key,
"nonce: " . $nonce,
"timestamp: " . $timestamp,
"authorization: " . $hmac_b64,
"content-type: application/json",
],
"method" => $verb,
"content" => $payload,
"ignore_errors" => true // exposes response body on 4XX errors
]
];
// Process request and perform error checking.
try {
$context = stream_context_create($config);
$result = file_get_contents($url, false, $context);
$response = json_decode($result);
$httpcode = http_response_code();
// file_get_contents will return a true or false based on the success or failure of the connection
if($result == FALSE)
{
debug_to_console( "file_get_contents: False" );
echo '<pre>';
print_r('HTTP Code: ' . $httpcode);
echo '</pre>';
echo '<pre>';
echo 'Error: Failed to read page';
echo '</pre>';
exit();
}
else
{
// check to see if the results are empty
if (empty($result)){
debug_to_console( "Error: Empty Result" );
echo '<pre>';
print_r('HTTP Code: ' . $httpcode);
echo '</pre>';
echo '<pre>';
echo 'Error Empty Result';
echo '</pre>';
print_r(json_encode($result));
exit();
}
else
{
// If the "status" key is present then the transaction either approved or declined. Otherwise
// the result will contain a code with an error
if(array_key_exists('status', $response))
{
// Successful request
debug_to_console( "file_get_contents: True" );
echo '<pre>';
print_r('HTTP Code: ' . $httpcode);
echo '</pre>';
echo '<pre>';
echo 'Request Successfully Submitted';
echo '</pre>';
echo '<pre>';
print 'Status: '. $response->{'status'};
echo '</pre>';
echo '<pre>';
print 'Reference: '. $response->{'reference'};
echo '</pre>';
echo '<pre>';
print 'Message: '. $response->{'message'};
echo '</pre>';
echo '<pre>';
print 'Order Number: '. $response->{'orderNumber'};
echo '</pre>';
echo '<pre>';
print 'Vault Response Status: '. $response->{'vaultResponse'}->{'status'};
echo '</pre>';
echo '<pre>';
print 'Vault Response Message: '. $response->{'vaultResponse'}->{'message'};
echo '</pre>';
echo '<pre>';
print 'Vault Token: '. $response->{'vaultResponse'}->{'data'};
echo '</pre>';
echo '<pre>';
print_r($response);
echo '</pre>';
exit();
}
else
{
// failed request
debug_to_console( "Error response from server!" );
echo '<pre>';
print_r('HTTP Code: ' . $httpcode);
echo '</pre>';
echo '<pre>';
echo 'Error response from the server!';
echo '</pre>';
echo '<pre>';
print 'Error Code: '. $response->{'code'};
echo '</pre>';
echo '<pre>';
print 'Error Message: '. $response->{'message'};
echo '</pre>';
echo '<pre>';
print 'Error Information: '. $response->{'info'};
echo '</pre>';
echo '<pre>';
print 'Error Details: '. $response->{'detail'};
echo '</pre>';
echo '<pre>';
print_r($response);
echo '</pre>';
exit();
}
}
}
}
// Catch and print any exceptions
catch (Exception $ex) {
debug_to_console( $ex );
print_r($ex);
exit();
}
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment