在Ruby中生成Paypal签名,’X-PAYPAL-AUTHORIZATION’
发布时间:2020-12-17 02:35:28 所属栏目:百科 来源:网络整理
导读:Ruby中是否有任何库生成签名,“X-PAYPAL-AUTHORIZATION”标题,代表通过paypal权限API授权我们的帐户持有者进行调用. 我完成了权限流并获得了所需的访问令牌tokenSecret.我觉得我生成的签名不正确,因为所有使用生成的’X-PAYPAL-AUTHORIZATION’的调用都失败
|
Ruby中是否有任何库生成签名,“X-PAYPAL-AUTHORIZATION”标题,代表通过paypal权限API授权我们的帐户持有者进行调用.
我完成了权限流并获得了所需的访问令牌tokenSecret.我觉得我生成的签名不正确,因为所有使用生成的’X-PAYPAL-AUTHORIZATION’的调用都失败了.他们给出以下错误: 对于NVP电话我得到: 您无权进行此API调用 对于GetBasicPersonalData调用,我得到: 有人在Ruby中经历过这个吗?什么是生成签名的最佳方式. Paypal刚刚在Paypal,Java中提供了一些SDK,但没有提供生成签名的算法. 谢谢, 解决方法
看看PayPal Permissions gem.
https://github.com/moshbit/paypal_permissions 特别是lib / paypal_permissions / x_pp_authorization.rb class Hash
def to_paypal_permissions_query
collect do |key,value|
"#{key}=#{value}"
end.sort * '&'
end
end
module ActiveMerchant #:nodoc:
module Billing #:nodoc:
module XPPAuthorization
public
def x_pp_authorization_header url,api_user_id,api_password,access_token,access_token_verifier
timestamp = Time.now.to_i.to_s
signature = x_pp_authorization_signature url,timestamp,access_token_verifier
{ 'X-PAYPAL-AUTHORIZATION' => "token=#{access_token},signature=#{signature},timestamp=#{timestamp}" }
end
public
def x_pp_authorization_signature url,access_token_verifier
# no query params,but if there were,this is where they'd go
query_params = {}
key = [
paypal_encode(api_password),paypal_encode(access_token_verifier),].join("&")
params = query_params.dup.merge({
"oauth_consumer_key" => api_user_id,"oauth_version" => "1.0","oauth_signature_method" => "HMAC-SHA1","oauth_token" => access_token,"oauth_timestamp" => timestamp,})
sorted_query_string = params.to_paypal_permissions_query
base = [
"POST",paypal_encode(url),paypal_encode(sorted_query_string)
].join("&")
base = base.gsub /%([0-9A-F])([0-9A-F])/ do
"%#{$1.downcase}#{$2.downcase}" # hack to match PayPal Java SDK bit for bit
end
digest = OpenSSL::HMAC.digest('sha1',key,base)
Base64.encode64(digest).chomp
end
# The PayPalURLEncoder java class percent encodes everything other than 'a-zA-Z0-9 _'.
# Then it converts ' ' to '+'.
# Ruby's CGI.encode takes care of the ' ' and '*' to satisfy PayPal
# (but beware,URI.encode percent encodes spaces,and does nothing with '*').
# Finally,CGI.encode does not encode '.-',which we need to do here.
def paypal_encode str
s = str.dup
CGI.escape(s).gsub('.','%2E').gsub('-','%2D')
end
end
end
end
示例参数: url = 'https://svcs.sandbox.paypal.com/Permissions/GetBasicPersonalData' api_user_id = 'caller_1234567890_biz_api1.yourdomain.com' api_password = '1234567890' access_token = 'YJGjMOmTUqVPlKOd1234567890-jdQV3eWCOLuCQOyDK1234567890' access_token_verifier = 'PgUjnwsMhuuUuZlPU1234567890' (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |