Validating user's API credentials - Rails, ActiveMerchant, and PayPal Express Gateway
https://stackoverflow.com/questions/509021
-
21-08-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm building a marketplace application that uses PayPal Express. I've got a form for sellers to input their PayPal API credentials, but I need a way to validate them by making some sort of call to PayPal.
I'm using the PaypalExpressGateway in ActiveMerchant, and I don't see anything other than the standard purchase controls. Is there any sort of null-operation that can be used?
Any help would be greatly appreciated!
Solution
For security reasons there isn't a way to check if the email is a valid paypal account. You can always make a small transaction and then void it if account validity is really required.
OTHER TIPS
I am using the TransactionSearch operation for this purpose. By specifying STARTDATE=2100-01-01 00:00:00 it basically results in a no-op.
It will validate the credentials for you, without requiring any additional input from the seller.
I don't have the answer personally. But I know Ryan Bates of Railscasts.com has recently devoted six (!) episodes to ActiveMerchant and Paypal in particular. Check out episodes #141 through #146 at railscasts.com.
Ok, after 4 hours...
module ActiveMerchant #:nodoc:
module Billing #:nodoc:
class PaypalExpressGateway < Gateway
def get_balance(options = {})
commit 'GetBalance', build_get_balance_request(options)
end
private
def build_get_balance_request(options)
xml = Builder::XmlMarkup.new :indent => 2
xml.tag! 'GetBalanceReq', 'xmlns' => PAYPAL_NAMESPACE do
xml.tag! 'GetBalanceRequest', 'xmlns:n2' => EBAY_NAMESPACE do
xml.tag! 'n2:Version', API_VERSION
xml.tag! 'n2:ReturnAllCurrencies', '1'
end
end
xml.target!
end
end
end
end
class SellerMerchantValidator < ActiveModel::Validator
def validate(record)
paypal_attrs = ['paypal_api_username', 'paypal_api_password', 'paypal_api_signature']
if record.paypal_merchant? && (record.changed - paypal_attrs).size < record.changed.size # one of paypal_attrs changed
response = record.gateway.get_balance
unless response.params['balance'].present?
record.errors[:base] << "Please check the PayPal details and make sure all three are entered correctly."
end
end
end
end
Thanks to Neils for the idea to check the TransactionSearch.
Please let me know if there is a better way to check if any of the api field changed.
There is also a call for GetBalance in the API. Some sample code
Looks like the simplest (and quickest?) way.
PayPal does have an AddressVerify API. It confirms whether a postal address and postal code match those of the specified PayPal account holder. I'm in the process of implementing it on our website right now, in fact.
You can read more about it here:
https://www.x.com/docs/DOC-1162#id0862M0QH02L
Right, so if you want to test a user's credentials using ActiveMerchant, use the transaction_search method on the gateway
This example will return a success (make sure to fill in your test credentials)
@username = ''
@password = ''
@signature = ''
gateway = ActiveMerchant::Billing::PaypalExpressGateway.new(
login: @username,
password: @password,
signature: @signature,
test: true
)
gateway.transaction_search({start_date: DateTime.now})
