Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
microduino-paypal-rest-sdk
Advanced tools
Readme
Continuous integration status:
NPM status:
Repository for PayPal's Node SDK (node.js version >=0.6.x) and Node samples for REST API. For a full working app and documentation, have a look at the PayPal Node SDK Page.
v1.0.0 notice: If upgrading from paypal rest sdk 0.*, Please view Breaking Changes in release_notes.md
Before starting to use the sdk, please be aware of the existing issues and currently unavailable or upcoming features for the REST APIs. (which the sdks are based on)
npm install paypal-rest-sdk
To write an app using the SDK
Register for a developer account and get your client_id and secret at PayPal Developer Portal.
Add dependency 'paypal-rest-sdk' in your package.json file.
Require 'paypal-rest-sdk' in your file
var paypal = require('paypal-rest-sdk');
Create config options, with parameters (mode, client_id, secret).
paypal.configure({
'mode': 'sandbox', //sandbox or live
'client_id': 'EBWKjlELKMYqRNQ6sYvFo64FtaRLRR5BdHEESmha49TM',
'client_secret': 'EO422dn3gQLgDbuwqTjzrFgFtaRLRR5BdHEESmha49TM'
});
For multiple configuration support, have a look at the sample
Invoke the rest api (eg: store a credit card) with required parameters (eg: data, config_options, callback).
var card_data = {
"type": "visa",
"number": "4417119669820331",
"expire_month": "11",
"expire_year": "2018",
"cvv2": "123",
"first_name": "Joe",
"last_name": "Shopper"
};
paypal.creditCard.create(card_data, function(error, credit_card){
if (error) {
console.log(error);
throw error;
} else {
console.log("Create Credit-Card Response");
console.log(credit_card);
}
})
For creating Subscription Payments, check out the samples for creating planned sets of future recurring payments at periodic intervals.
To create Future Payments, check out this sample for executing future payments for a customer who has granted consent on a mobile device.
For exploring additional payment capabilites, such as handling discounts, insurance, soft_descriptor and invoice_number, have a look at this example. These bring REST payment functionality closer to parity with older Merchant APIs.
Customizing a PayPal payment experience is available as of version 1.1.0 enabling merchants to provide a customized experience to consumers from the merchant’s website to the PayPal payment. Get started with the supported rest methods and samples.
For creating and managing Orders, i.e. getting consent from buyer for a purchase but only placing the funds on hold when the merchant is ready to fulfill the order, have a look at samples.
For creating batch and single payouts, check out the samples for payouts and payout items. The Payouts feature enables you to make PayPal payments to multiple PayPal accounts in a single API call.
For Invoicing, check out the samples to see how you can use the node sdk to create, send and manage invoices.
To receive notifications from PayPal about Payment events on your server, webhook support is now available as of version 1.2.0. For creating and managing Webhook and Webhook Events, check out the samples to see how you can use the node sdk to manage webhooks, webhook events and verify that the response unaltered and is really from PayPal. Since 1.6.0, it is highly recommended to use getAndVerify to verify the authenticity of webhook messages. It is also important to note that simulated messages generated using the Webhook simulator would not be compatible with the verification process since they are only mock data.
To use OpenID Connect
// OpenID configuration
paypal.configure({
'openid_client_id': 'CLIENT_ID',
'openid_client_secret': 'CLIENT_SECRET',
'openid_redirect_uri': 'http://example.com' });
// Authorize url
paypal.openIdConnect.authorizeUrl({'scope': 'openid profile'});
// Get tokeninfo with Authorize code
paypal.openIdConnect.tokeninfo.create("Replace with authorize code", function(error, tokeninfo){
console.log(tokeninfo);
});
// Get tokeninfo with Refresh code
paypal.openIdConnect.tokeninfo.refresh("Replace with refresh_token", function(error, tokeninfo){
console.log(tokeninfo);
});
// Get userinfo with Access code
paypal.openIdConnect.userinfo.get("Replace with access_code", function(error, userinfo){
console.log(userinfo);
});
// Logout url
paypal.openIdConnect.logoutUrl("Replace with tokeninfo.id_token");
Instructions for running samples are located in the sample directory. Try these samples in a live sandbox environment:
To run the test suite first invoke the following command within the repo
If mocha is not installed
npm install -g mocha
and then to install the development dependencies:
npm install
then run the tests:
grunt test (timeout is specified in milliseconds eg: 15000ms)
[REST API Reference] (https://developer.paypal.com/webapps/developer/docs/api/)
FAQs
SDK for PayPal REST APIs
The npm package microduino-paypal-rest-sdk receives a total of 1 weekly downloads. As such, microduino-paypal-rest-sdk popularity was classified as not popular.
We found that microduino-paypal-rest-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.