有没有一种方法可以生成 Braintree 令牌而无需向我的服务器添加 PHP 脚本?

Is there a way to generate a Braintree token without having to add a PHP script to my server?

目前,我的 Javascript/jQuery 必须执行以下操作才能生成随机数以用于我的 Braintree 付款表格:

<script type="text/javascript">

jQuery(document).ready(function(){

  $.get('http://me.com/braintree/gen-token.php',{},function(sData) {
    var clientToken = $.trim(sData);
    braintree.setup(clientToken, 'custom', {id:'checkout'});    
  });
});

</script>

这需要我在我的服务器上执行额外的步骤来创建该令牌:

<?php

error_reporting(E_ALL);
ini_set('display_errors','On');

require_once('braintree/lib/Braintree.php');

// change me whether live or not
Braintree_Configuration::environment('sandbox'); 
// change the next three
Braintree_Configuration::merchantId('4444hjxm5h27zxdb');
Braintree_Configuration::publicKey('444443c8qcf2wq5p');
Braintree_Configuration::privateKey('4444b76e4bbf8a6f03cb7ace0e812ba');

echo($clientToken = Braintree_ClientToken::generate());

有什么方法可以跳过该 nonce 的服务器步骤吗?

编辑:是的,我还可以将此代码添加到 PHP 部分的表单页面顶部(在显示 HTML 之前),并通过 [=13 设置令牌=].这是另一种方法。

其实有:

https://developers.braintreepayments.com/guides/authorization/tokenization-key/javascript/v2

您登录到您的 Braintree 仪表板,然后转到帐户 > 我的用户 > 查看授权 > 令牌化密钥,然后单击生成新的令牌化密钥。这会给你一个硬编码的。然后你可以像这样切换你的代码:

<script type="text/javascript">

function invalidForm(){
    // use the Stripe or Braintree credit card form validator and any other form validations you want here
    // Braintree: https://github.com/braintree/card-validator
    // Stripe: https://github.com/stripe/jquery.payment
    // return a string value of the problem
    return '';
}

jQuery(document).ready(function(){

    $('FORM#checkout').append('<input type="hidden" id="token" name="token" />');
    var clientToken = 'sandbox_555555_555555555555555';
    braintree.setup(clientToken, 'custom', {
        id:'checkout',
        onPaymentMethodReceived: function (paymentMethod) { // Braintree's docs fail to mention this happens only on a form submit
            $('#btnPurchase').addClass('disabled').attr('disabled');
            var sErr = invalidForm();
            if (sErr) {
                alert(sErr); // obviously do something better than this
                $('#btnPurchase').removeClass('disabled').removeAttr('disabled');
                return false;
            } // else...
            $('#token').val(paymentMethod.nonce);
            $('FORM#checkout').submit();
            return true;
        }
    });

});

</script>

现在,在表单 post 的接收端,您可以处理 $_POST['token'] 而不是 $_POST['payment_method_nonce'],但它们是同一件事,只是名称不同。请注意,您不应将字段名称更改为 'payment_method_nonce',因为出于某些奇怪的原因,Braintree API 会删除该值!

注意你的问题——你错了,因为你打算在没有客户端卡验证的情况下提交表单。因此,请参阅上面的评论并使用验证信用卡的 Stripe 或 Braintree Javascript 代码。

请注意,您的信用卡表格不得在以下字段中包含 "name" 属性:持卡人姓名、信用卡号、到期日期 (MM/YY) 或 CVV/CVC。如果你这样做了,那么你将需要 PCI 合规性,这很痛苦。相反,您必须在这些字段上使用这些属性。

data-braintree-name="cardholder_name"
data-braintree-name="number"
data-braintree-name="expiration_date"
data-braintree-name="cvv"

在服务器上,您可以像下面这样进行收费。我下面的示例要求您根据需要进行更改,例如接收姓名、电子邮件、电话号码、账单和送货的 $_POST 字段,而不是对它们进行硬编码:

<?php

error_reporting(E_ALL);
ini_set('display_errors','On');
header('Content-Type: text/plain');

$sToken = @ $_POST['token'];

require_once('braintree/lib/Braintree.php');

// modify if going live
Braintree_Configuration::environment('sandbox');
// change the next three per your configuration
Braintree_Configuration::merchantId('4444hjxm5h27zxdb');
Braintree_Configuration::publicKey('444443c8qcf2wq5p');
Braintree_Configuration::privateKey('4444b76e4bbf8a6f03cb7ace0e812ba');

$result = Braintree_Transaction::sale(
  [
    'paymentMethodNonce' => $sToken,
    'amount' => '100.00', // currency not required because it's determined by the merchant account settings
    'customer' => [
        'firstName' => 'John',
        'lastName' => 'Doe',
        'phone' => '614-111-2222',
        'email' => 'example@example.com'
    ],
    'billing' => [
        'firstName' => 'John',
        'lastName' => 'Doe',
        'streetAddress' => '100 Main Street',
        'extendedAddress' => 'Apt A',
        'locality' => 'Columbus',
        'region' => 'OH',
        'postalCode' => '43085',
        'countryCodeAlpha2' => 'US'
    ],
    'shipping' => [
        'firstName' => 'John',
        'lastName' => 'Doe',
        'streetAddress' => '100 Main Street',
        'extendedAddress' => 'Apt A',
        'locality' => 'Columbus',
        'region' => 'OH',
        'postalCode' => '43085',
        'countryCodeAlpha2' => 'US'
    ],
    'options' => [
        'submitForSettlement' => TRUE
    ]
  ]
);

print_r($result);