我正试图在我的应用程序上集成Paypal。这个应用程序将允许人们在他们之间出售代币。所以钱不是我的,而是收款人的。
我首先使用智能按钮直接在我的前端(https://developer.paypal.com/docs/checkout/integrate/)。我只需要添加一个收款人字段,它工作得很好。0 bug,没有问题
但是现在,我想在NodejS后端进行集成,因为它对我来说更安全。
尽管我在做完全相同的事情(create order ->捕获顺序),我得到这个错误:
{"name":"NOT_AUTHORIZED","details": [{
"issue":"PAYEE_NOT_CONSENTED","description":"Payee does not have appropriate consent to
allow the API caller to process this type of transaction on their behalf. Your current
setup requires the 'payee' to provide a consent before this transaction can be
processed successfully."
}],
"message": "Authorization failed due to insufficient permissions.",
"debug_id":"300756d694c77","links": [{
"href":"https://developer.paypal.com/docs/api/orders/v2/#error-PAYEE_NOT_CONSENTED",
"rel":"information_link","method":"GET"
}]
}
为什么?为什么用智能按钮做这种操作没有问题,但我不能用nodejs上的checkout sdk做,需要收款人同意?
有什么不同?
需要收款人的同意或任何类型的操作对我来说真的很烦人,因为我需要收款人以最小的行动来出售他们的代币。
我看不出智能按钮和后端有什么区别。
Btw这是我的代码:
const paypal = require('@paypal/checkout-server-sdk')
if (process.env.NODE_ENV === "prod") {
APP_SETTINGS = require('src/PRIVATE_APP_SETTINGS.json').prod;
var environment = new paypal.core.LiveEnvironment(APP_SETTINGS.paypal.paypal_client_id, APP_SETTINGS.paypal.paypal_secret);
} else {
APP_SETTINGS = require('src/PRIVATE_APP_SETTINGS.json').dev;
var environment = new paypal.core.SandboxEnvironment(APP_SETTINGS.paypal.paypal_client_id, APP_SETTINGS.paypal.paypal_secret);
}
var client = new paypal.core.PayPalHttpClient(environment);
function createPayment(info)
{
const body = {
intent: 'CAPTURE',
purchase_units: [{
amount:
{
value: info.usdAmount,
currency_code: 'USD'
},
payee: {
email_address: info.paypalEmail
}
}],
}
let request = new paypal.orders.OrdersCreateRequest()
request.requestBody(body)
return client.execute(request).then(res => {
return {res: true, id: res.result.id}
}).catch(err => {
if (err) {
console.error(err.message);
}
return {res: false}
})
}
function executePayment(info)
{
console.log(info)
const request = new paypal.orders.OrdersCaptureRequest(info.orderId)
request.requestBody({})
return client.execute(request).then((result) => {
console.log("Payment suceed")
return {res: true}
}).catch(err => {
if (err) {
console.error(err);
}
return {res: false}
})
}
奇怪的是,你似乎没有做错什么。我测试了完全相同的东西,除了使用简单的curl集成而不是节点,一切都如预期的那样工作。以下是curl请求,您可以验证它是否适合您…
#!/bin/bash
access_token=$(curl -s https://api-m.sandbox.paypal.com/v1/oauth2/token
-H "Accept: application/json"
-H "Accept-Language: en_US"
-u "clientid:secret"
-d "grant_type=client_credentials" | python3 -c "import sys, json; print(json.load(sys.stdin)['access_token'])")
echo $access_token
#!/bin/bash
access_token=$(./curl_rest_gettoken);
curl $@ -s https://api-m.sandbox.paypal.com/v2/checkout/orders
-H "Content-Type: application/json"
-H "Authorization: Bearer $access_token"
-d '{
"intent": "CAPTURE",
"purchase_units": [
{
"amount": {
"currency_code": "USD",
"value": "5"
},
"payee": {
"email_address": "......@business.example.com"
}
}
],
"application_context": {
"return_url": "https://www.yahoo.com"
}
}' | python -mjson.tool
#!/bin/bash
access_token=$(./curl_rest_gettoken);
curl -v -s -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders/$1/capture
-H "Content-Type:application/json"
-H "Authorization: Bearer $access_token" | python -mjson.tool