Initial Commit

Initial Commit

.gitignore

@@ -0,0 +1 @@
+vendor

README.md

@@ -3,16 +3,19 @@
   <!-- <h3 align="center">Payfast</h3> -->
 </p>
 
-
 [![Latest Version on Packagist](https://img.shields.io/packagist/v/zfhassaan/Payfast.svg?style=flat-square)](https://packagist.org/packages/zfhaisssaan/alfa)
 [![Total Downloads](https://img.shields.io/packagist/dt/zfhassaan/Payfast.svg?style=flat-square)](https://packagist.org/packages/zfhassaan/alfa)
 
 
 <h4> Disclaimer </h4>
 This is unofficial Payfast API Payment Gateway. Payfast is not responsible for anything that happens on your website / Application. This repository  is only created to help developers in streamlining the integration process. You can Review the Official Payment Gateway <a href="https://gopayfast.com/docs/#preface" >here.</a> 
 
+This Package only covers direct checkout and hosted checkout process. There's no Subscription option enabled yet it'll be added in the next build.
+
+
 #### About
 This document contains detailed explanation about how to integrate with Payfast API's Based transactions functionality. This document also contains the details for online transaction. 
+<small>v1.0.0</small>
 
 #### Intended Audience 
 This document is for merchants acquires and developers who want to integrate with Payfast to perform a API's based Transaction. 
@@ -23,17 +26,21 @@ The merchant will implement all ecommerce functionality. PayFast service (PayFas
 #### API End Points
 This section contains the details of all APIs provided by Payfast. These APIs could be called by the merchants, acquirers and/or aggregators. These APIs are based on REST architecture and serve standard HTTP codes for the response payload. 
 
+#### Integration Prerequisites
+Merchants will be registered on PayFast prior to integration. After merchant sign up for PayFast account, following two unique values will be provided to merchant to operate: *Merchant_ID* and *Secured_key* , these keys are used to get a one-time authentication token, which is used to authenticate payment requests to the "PayFast"payment gateway.
+
 #### Installation
 You can install the package via composer 
 
 ````
-composer require zfhassaan/php-payfast
+composer require zfhassaan/payfast
 ````
 
 #### Set .env configurations
 
 ```
 PAYFAST_API_URL=
+PAYFAST_SANDBOX_URL=
 PAYFAST_GRANT_TYPE=
 PAYFAST_MERCHANT_ID=
 PAYFAST_MODE=
@@ -71,8 +78,51 @@ and also in alias in `app/config.php`
 1. Get Authentication Token
 2. Initiate Transaction on Payfast Page.
 
-The Direct Checkout and Hosted checkout credentials can be obtained from <a href="https://gopayfast.com/">Payfast</a>
+The Direct Checkout and Hosted checkout credentials can be obtained from <a href="https://gopayfast.com/">Payfast</a> The following are direct checkout methods that can be used with PCIDSS certified websites.
+
+##### What is PCI DSS Certified.
+PCI certification ensures the security of card data at your business through a set of requirements established by the PCI SSC. These include a number of commonly known best practices, such as: Installation of firewalls. Encryption of data transmissions, use of anti-virus software. In addition businesses must restrict access to cardholder data and monitor access to network resources.
+
+PCI-compliant security provides a valuable asset that informs customers that your business is safe to transact with. Conversely, the cost of noncompliance, both in monetary and reputational terms, should be enough to convince any business owner to take data security seriously.
+
+A data breach that reveals sensitive customer information is likely to have severe repercussions on an enterprise. A breach may result in fines from payment card issuers, lawsuits, diminished sales and a severely damaged reputation.
 
+After experiencing a breach, a business may have to cease accepting credit card transactions or be forced to pay higher subsequent charges than the initial cost of security compliance. The investment in PCI security procedures goes a long way toward ensuring that other aspects of your commerce are safe from malicious online actors.
+
+##### Hosted Checkout 
+The Hosted checkout requires to follow following steps;
+1. Get Authentication Token from Payfast
+2. Create signature with md5 standard `md5($merchant_id.':' . $merchant_name.':'.$amount.':'.$order_id)`
+3. Create Payload for website. The website payload will look something like this: 
+
+```php 
+...
+...
+$backend_callback = "signature=".$signature."&order_id=".$order_id;
+...
+...
+$payload = array(
+            'MERCHANT_ID' => $merchant_id, // Merchant ID received from Payfast
+            'MERCHANT_NAME' => $merchant_name, // Merchant Name registered with Payfast.
+            'TOKEN' => $ACCESS_TOKEN, // Access Token received from Payfast.
+            'PROCCODE' => 00, // status code default is 00
+            'TXNAMT' => $amount, // Transaction Amount or total amount
+            'CUSTOMER_MOBILE_NO' => $mobile, // Customer Mobile Number
+            'CUSTOMER_EMAIL_ADDRESS' => $email, // Customer Email address
+            'SIGNATURE' => $signature, // Signature as described in above step 2.
+            'VERSION' => 'WOOCOM-APPS-PAYMENT-0.9', // Optional
+            'TXNDESC' => 'Products purchased from ' .$merchant_name, // Transaction Description to show on website
+            'SUCCESS_URL' => urlencode($successUrl), // Success URL where to redirect user after success
+            'FAILURE_URL' => urlencode($failUrl), // Failure URL where to redirect user after failure
+            'BASKET_ID' => $order_id, // Order ID from Checkout Page.
+            'ORDER_DATE' => date('Y-m-d H:i:s', time()), // Order Date 
+            'CHECKOUT_URL' => urlencode($backend_callback), // Encrypted Checkout URL
+        );
+
+
+```
+
+4. Submit it on Payfast provided URL. 
 #### Usage 
 
 ```php 
@@ -99,15 +149,15 @@ public function checkout(Request $request) {
 /**
  * Receive 3ds PaRes from Callback. 
  * This will be called on Callback from OTP Screen.
- * You can Show Proceed to Payment Screen or Complete Transaction Screen Here.
+ * You can Show Proceed to Payment Screen or Complete Transaction Screen.
  * Step 2
  */
 public function callback(Request $request) {
-
     return response()->json($request->all());
 }
 
 /**
+ * Send a request again with Required Params and complete the transaction
  * Proceed to Payment and complete Transaction
  * Step 3 
  */
@@ -117,6 +167,27 @@ public function proceed(Request $request) {
   return $response;
 }
 
+
+/**
+ * Mobile Wallet Account Initiate Transaction 
+ * This is demo function for Easy Paisa. 
+ * 
+ */
+
+public function payfast(Request $request)
+{
+    $payfast = new Payfast();
+    $response = $payfast->getToken();
+    if($response != null && $response->code == "00" ){
+        $payfast->setAuthToken($response->token);
+    } else {
+        abort(403, 'Error: Auth Token Not Generated.');
+    }
+    $show_otp = $payfast->wallet($request->all());
+    return $show_otp;
+}
+
+
 ```
 
 #### Changelog

changelog.md

@@ -1,3 +1,6 @@
 ### v1.0.0
 - Updated Namespace for Service Provider
 - Updated namespace for Facades
+- Hosted Checkout 
+- Wallet Checkout
+- Direct Checkout

composer.json

@@ -17,5 +17,15 @@
             "email": "zfhassaan@gmail.com"
         }
     ],
+    "extra": {
+        "laravel": {
+            "providers": [
+                "zfhassaan\\Payfast\\PayFastServiceProvider"
+            ],
+            "aliases": {
+                "payfast": "zfhassaan\\Payfast\\PayfastFacade"
+            }
+        }
+    },
     "minimum-stability": "stable"
 }

config/config.php

@@ -2,6 +2,7 @@
 
 return [
     'api_url'    => env('PAYFAST_API_URL', ''),
+    'sandbox_api_url'=>env('PAYFAST_SANDBOX_URL',''),
     'grant_type' => env('PAYFAST_GRANT_TYPE', ''),
     'merchant_id'=> env('PAYFAST_MERCHANT_ID', ''),
     'secured_key'=> env('PAYFAST_SECURED_KEY', ''),

src/PayFast.php

@@ -3,8 +3,9 @@
 namespace zfhassaan\Payfast;
 
 use Carbon\Carbon;
+use Illuminate\Http\JsonResponse;
 
-class Payfast {
+class PayFast {
 
     protected $apiUrl;
     public $merchant_id;
@@ -51,7 +52,7 @@ public function __construct()
      */
     public function initConfig()
     {
-        $this->setApiUrl(config('payfast.api_url'));
+        config('payfast.mode') === 'sandbox' ? $this->setApiUrl(config('payfast.sandbox_api_url')) : $this->setApiUrl(config('payfast.api_url'));   
         $this->merchant_id = config('payfast.merchant_id');
         $this->store_id = config('payfast.store_id');
         $this->api_mode = config('payfast.mode');
@@ -78,9 +79,7 @@ public function getToken() {
 
         $field_string = http_build_query($fields);
 
-        // Open Connection
         $ch = curl_init();
-        // Set the url, number of POST vars, POST Data
         curl_setopt($ch, CURLOPT_URL, $this->getApiUrl().'token');
         curl_setopt($ch, CURLOPT_POST, true);
         curl_setopt($ch, CURLOPT_POSTFIELDS, $field_string);
@@ -101,6 +100,8 @@ public function getToken() {
      * original token.
      * 
      * Request URL: /refreshtoken
+     * 
+     * @return hash key
      */
     public function refreshToken(){
         $fields = [
@@ -138,9 +139,12 @@ public function refreshToken(){
     /**
      * This API will be used if you choose to send OTP to registered mobile number of the customer 
      * that respective Issuer/Bank.
+     * @return JsonResponse
      */
     public function customer_validate($data){
         // Data Received on Post Request for OTP Screen
+        $data['order_date'] = Carbon::today()->toDateString();
+        $data['account_type_id'] = 1;
         $field_string = http_build_query($data);
         $curl = curl_init();
         curl_setopt_array($curl, array(
@@ -160,10 +164,53 @@ public function customer_validate($data){
         ));
 
         $response = curl_exec($curl);
+
         curl_close($curl);
         return response()->json(['response' => json_decode($response), 'token'=>$this->getAuthToken()]);
     }
 
+
+
+    /**
+     * Mobile Wallet Transaction
+     *
+     * @param [type] $data
+     * @return void
+     */
+    public function wallet($data){
+        // Data Received on Post Request for OTP Screen
+        $data['order_date'] = Carbon::today()->toDateString();
+        $data['bank_code'] = 13; // Change it according to your own Bank i.e. Easy Paisa / Jazz Cash / UPaisa
+        $data['account_type_id'] = 4;
+
+        $field_string = http_build_query($data);
+        $curl = curl_init();
+        curl_setopt_array($curl, array(
+        CURLOPT_URL => $this->getApiUrl().'customer/validate',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => false,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'POST',
+        CURLOPT_POSTFIELDS => $field_string,
+        CURLOPT_HTTPHEADER => array(
+            'Content-Type: application/x-www-form-urlencoded',
+            'Authorization: Bearer '.$this->getAuthToken()
+        ),
+        ));
+
+        $response = curl_exec($curl);
+        curl_close($curl);
+        if(json_decode($response)->code == "00"){
+            $data['token'] = $this->getAuthToken();
+            $data['transaction_id'] = json_decode($response)->transaction_id;
+            return $this->wallet_transaction($data);
+        }
+        return $response;
+    }    
+
     /**
      * Initiate Transaction 
      * 
@@ -195,26 +242,36 @@ public function initiate_transaction($data)
      * Mobile Wallet Initiate Transaction
      */
     public function wallet_transaction($data) {
-        $res = [
-            'basket_id' => $data['basket_id'],
-            'txnamt' => $data['txnamt'],
-            'customer_email_address' => $data['customer_email_address'],
-            'account_type_id' => 4,
-            'customer_mobile_no' => $data['customer_mobile_no'],
-            'account_number' => $data['account_number'],
-            'bank_code' => $data['bank_code'],
-            'transaction_id' => $this->getTransactionId(),
-            'order_date' => Carbon::today()->toDateString(),
-        ];
+        // dd($data);
+        $field_string = http_build_query($data);
+        $curl = curl_init();
+        curl_setopt_array($curl, array(
+        CURLOPT_URL => $this->getApiUrl().'transaction',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => false,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'POST',
+        CURLOPT_POSTFIELDS => $field_string,
+        CURLOPT_HTTPHEADER => array(
+            'Content-Type: application/x-www-form-urlencoded',
+            'Authorization: Bearer '.$this->getAuthToken()
+        ),
+        ));
 
-        return $this->__initiate_transaction($res);
+        $response = curl_exec($curl);
+        curl_close($curl);
+
+        return $response;
     }
     /**
      * Initiate Transaction Extracted 
      * 
      */
     public function __initiate_transaction($data) {
-
+        // dd($data);
         $field_string = http_build_query($data);
 
         $curl = curl_init();

src/PayFastServiceProvider.php

@@ -8,38 +8,10 @@ class PayFastServiceProvider extends \Illuminate\Support\ServiceProvider {
      */
     public function boot()
     {
-        /**
-         * Optional Methods to load the package assets. 
-         * 
-         */
-
-        // $this->loadTranslationsFrom(__DIR__.'/../resources/lang', 'alfapay');
-        // $this->loadViewsFrom(__DIR__.'/../resources/views', 'alfapay');
-        // $this->loadMigrationsFrom(__DIR__.'/../database/migrations');
-        // $this->loadRoutesFrom(__DIR__.'/routes.php');
-
         if ($this->app->runningInConsole()) {
             $this->publishes([
-                __DIR__ . './config/config.php' => config_path('payfast.php'),
+                __DIR__.'/../config/config.php'  => config_path('payfast.php'),
             ], 'config');
-
-            // Publishing the views.
-            /*$this->publishes([
-                __DIR__.'/../resources/views' => resource_path('views/vendor/alfapay'),
-            ], 'views');*/
-
-            // Publishing assets.
-            /*$this->publishes([
-                __DIR__.'/../resources/assets' => public_path('vendor/alfapay'),
-            ], 'assets');*/
-
-            // Publishing the translation files.
-            /*$this->publishes([
-                __DIR__.'/../resources/lang' => resource_path('lang/vendor/alfapay'),
-            ], 'lang');*/
-
-            // Registering package commands.
-            // $this->commands([]);
         }
     }
 
@@ -49,7 +21,7 @@ public function boot()
     public function register()
     {
         // Automatically apply the package configuration
-        $this->mergeConfigFrom(__DIR__ . './config/config.php', 'payfast');
+        $this->mergeConfigFrom(__DIR__ . '/../config/config.php', 'payfast');
 
         // Register the main class to use with the facade
         $this->app->singleton('payfast', function () {