提交通过代码加密的 PayPal 数据
我正在使用 Ruby On Rails 3,我想执行以下操作,但从后面的代码来看:
<% form_tag "https://www.sandbox.paypal.com/cgi-bin/webscr" do %>
<%= hidden_field_tag :cmd, "_s-xclick" %>
<%= hidden_field_tag :encrypted, @cart.paypal_encrypted(products_url, payment_notifications_url) %>
<p><%= submit_tag "Checkout" %></p>
<% end %>
我已经在我的 Cart 模型中尝试过此操作,但它没有重定向到任何地方,并且我不知道该怎么办:
PAYPAL_CERT_PEM = File.read("#{Rails.root}/certs/paypal_cert.pem")
APP_CERT_PEM = File.read("#{Rails.root}/certs/app_cert.pem")
APP_KEY_PEM = File.read("#{Rails.root}/certs/app_key.pem")
PANEL = 'sandbox.paypal.com'
PATH = '/cgi-bin/webscr'
USERAGENT = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1'
def paypal_url(order_id, return_url, notify_url)
http = Net::HTTP.new(PANEL, 443)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
# GET request -> so the host can set cookies
resp, data = http.get2(PATH, {'User-Agent' => USERAGENT})
cookie = resp.response['set-cookie'].split('; ')[0]
values = {
:cmd => '_s-xclick',
:encrypted => paypal_encrypted(order_id, return_url, notify_url)
}
@headers = {
'Cookie' => cookie,
'Referer' => 'https://'+PANEL+PATH,
'Content-Type' => 'application/x-www-form-urlencoded',
'User-Agent' => USERAGENT
}
resp, data = http.post2(PATH, values.to_query, @headers)
end
def paypal_encrypted(order_id, return_url, notify_url)
values = {
:business => '[email protected]',
:cmd => '_cart',
:upload => 1,
:return => return_url,
:invoice => order_id.to_s,
:notify_url => notify_url,
:currency_code => "USD"
}
items.each_with_index do |item, index|
values.merge!({
"amount_#{index + 1}" => item.unit_price,
"item_name_#{index + 1}" => item.product.title,
"item_number_#{index + 1}" => item.product.id + Time.now.to_i,
"quantity_#{index + 1}" => item.quantity.to_i
})
end
encrypt_for_paypal(values)
end
def encrypt_for_paypal(values)
signed = OpenSSL::PKCS7::sign(OpenSSL::X509::Certificate.new(APP_CERT_PEM), OpenSSL::PKey::RSA.new(APP_KEY_PEM, ''), values.map { |k, v| "#{k}=#{v}" }.join("\n"), [], OpenSSL::PKCS7::BINARY)
OpenSSL::PKCS7::encrypt([OpenSSL::X509::Certificate.new(PAYPAL_CERT_PEM)], signed.to_der, OpenSSL::Cipher::Cipher::new("DES3"), OpenSSL::PKCS7::BINARY).to_s.gsub("\n", "")
end
如果您想知道为什么我不能只使用 html 表单,那是因为我让用户使用单选字段在多个付款选项之间进行选择,一旦他们选择了一个,他们就会点击“提交订单”按钮,在重定向到付款方式之前在我的数据库中生成相应的动作。
I'm working with Ruby On Rails 3, and I would like to do the following, but from the code behind:
<% form_tag "https://www.sandbox.paypal.com/cgi-bin/webscr" do %>
<%= hidden_field_tag :cmd, "_s-xclick" %>
<%= hidden_field_tag :encrypted, @cart.paypal_encrypted(products_url, payment_notifications_url) %>
<p><%= submit_tag "Checkout" %></p>
<% end %>
I've tried this in my Cart model, but it's not redirecting anywhere, and I don't know what to do:
PAYPAL_CERT_PEM = File.read("#{Rails.root}/certs/paypal_cert.pem")
APP_CERT_PEM = File.read("#{Rails.root}/certs/app_cert.pem")
APP_KEY_PEM = File.read("#{Rails.root}/certs/app_key.pem")
PANEL = 'sandbox.paypal.com'
PATH = '/cgi-bin/webscr'
USERAGENT = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1'
def paypal_url(order_id, return_url, notify_url)
http = Net::HTTP.new(PANEL, 443)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
# GET request -> so the host can set cookies
resp, data = http.get2(PATH, {'User-Agent' => USERAGENT})
cookie = resp.response['set-cookie'].split('; ')[0]
values = {
:cmd => '_s-xclick',
:encrypted => paypal_encrypted(order_id, return_url, notify_url)
}
@headers = {
'Cookie' => cookie,
'Referer' => 'https://'+PANEL+PATH,
'Content-Type' => 'application/x-www-form-urlencoded',
'User-Agent' => USERAGENT
}
resp, data = http.post2(PATH, values.to_query, @headers)
end
def paypal_encrypted(order_id, return_url, notify_url)
values = {
:business => '[email protected]',
:cmd => '_cart',
:upload => 1,
:return => return_url,
:invoice => order_id.to_s,
:notify_url => notify_url,
:currency_code => "USD"
}
items.each_with_index do |item, index|
values.merge!({
"amount_#{index + 1}" => item.unit_price,
"item_name_#{index + 1}" => item.product.title,
"item_number_#{index + 1}" => item.product.id + Time.now.to_i,
"quantity_#{index + 1}" => item.quantity.to_i
})
end
encrypt_for_paypal(values)
end
def encrypt_for_paypal(values)
signed = OpenSSL::PKCS7::sign(OpenSSL::X509::Certificate.new(APP_CERT_PEM), OpenSSL::PKey::RSA.new(APP_KEY_PEM, ''), values.map { |k, v| "#{k}=#{v}" }.join("\n"), [], OpenSSL::PKCS7::BINARY)
OpenSSL::PKCS7::encrypt([OpenSSL::X509::Certificate.new(PAYPAL_CERT_PEM)], signed.to_der, OpenSSL::Cipher::Cipher::new("DES3"), OpenSSL::PKCS7::BINARY).to_s.gsub("\n", "")
end
If you're wondering why I can't just use the html form, that's because I let users choose between more than one payment option, using radio fields, and once they have selected one, they will click on the "Submit Order" button, generating the respective movements in my database, before redirecting to the payment method.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论