Credit Card processing using Pin Payments - pin.net.au - using omnipay gateway, card_token method (pin.js)

Question

I am trying to integrate Pin.net.au CC processing into my site. I am using Omnipay library to make the calls.

To not store CC details in my server, I am using the Pin.js token method.

On form submit page (after user fills in personal and CC details) javascript does a 'prevent default' and sends the data from forms (browser) straight to pin.net.au servers. Server sends a card_token in response and resubmits the form to my server.

This token is recieved successfully and I can output it in my tests.

I get into trouble when I take that token and send a purchase request to pin.net.au. According to the API docs, I need not send user and card details when I send the token (the entire point of the token, really). I send this token along with other compulsory bits like email, amount, description etc.

This works when I cURL on my terminal and I get a charge success.

However, sending this purchase/charge request using the Omnipay library, each time I get a 422 (invalid resource) that asks for the user details and CC information. It should have populated this stuff from the token I sent.

I have scoured the API docs of both Omnipay and Pin.net.au. I don't seem to be doing anything wrong. What am I missing?

Here's my charge request:

$gateway = GatewayFactory::create('Pin');
$gateway->setSecretKey('MY_SECRET_KEY');
$response = $gateway->purchase([
  'email'       => 'user@email.com',
  'description' => 'Package',
  'amount'      => '99',
  'currency'    => 'AUD',
  'card_token'  => Input::get('card_token'),
  'ip_address'  => Input::get('ip_address')
 ])->send();

Finally, it shouldn't really matter but if you'd like to know, I'm using Laravel 4.

Answer 1

Your example request has an amount of 99, the minimum amount for a Pin Payments charge is $1 (amount = 100).

I don't think this is the problem you are referring to though, it looks like Omnipay does not support using the card_token gear. If you go look over here - https://github.com/adrianmacneil/omnipay/blob/master/src/Omnipay/Pin/Message/PurchaseRequest.php#L34 - you can see Omnipay isn't sending the card_token field with it's request, it only tries to send card details, which obviously aren't present from your example!

Perhaps you could get in touch with the Omnipay developers or write a pull request yourself!

Answer 2

This is fixed in Omnipay v1.0.4 - you should be able to use the token like this:

$gateway = GatewayFactory::create('Pin');
$gateway->setSecretKey('MY_SECRET_KEY');
$response = $gateway->purchase([
  'description' => 'Package',
  'amount'      => '99.00',
  'currency'    => 'AUD',
  'token'       => Input::get('token'),
  'ip_address'  => Input::get('ip_address'),
  'card'        => ['email' => 'user@email.com'],
 ])->send();