Omnipay Paypal Express Checkout Error: Security header is not valid
Omnipay Paypal Express Checkout Error: Security header is not valid
每当使用 setTestMode() 方法时,都会弹出错误 "Security header is not valid"。
但是如果我删除 setTestMode() 并只保留 setUsername()、setPassword() 和 setSignature() 方法,它会通过并直接重定向到 PayPal (Live Paypal)。
所以 AFAIK 问题应该在于我如何使用 setTestMode 而不是关于不正确的 API 信用,因为大多数 "Security header is not valid" 错误都是关于。
我目前正在使用 Laravel 5.8 和 Omnipay/PayPal 使用 PayPal Express Checkout
这是使用过的文件
Paypal.php
public function gateway()
{
$gateway = Omnipay::create('PayPal_Express');
$gateway->setUsername(config('services.paypal.username'));
$gateway->setPassword(config('services.paypal.password'));
$gateway->setSignature(config('services.paypal.signature'));
$gateway->setTestMode(config('services.paypal.sandbox'));
// $gateway->setTestMode(true);
return $gateway;
}
public function purchase(array $parameters)
{
$response = $this->gateway()
->purchase($parameters)
->send();
return $response;
}
PaypalController.php
public function checkout($order_id)
{
$order = Order::findOrFail(decrypt($order_id));
$paypal = new PayPal;
$response = $paypal->purchase([
'amount' => $paypal->formatAmount($order->amount),
'transactionId' => $order->transaction_id,
'currency' => 'PHP',
'cancelUrl' => $paypal->getCancelUrl($order),
'returnUrl' => $paypal->getReturnUrl($order),
'notifyUrl' => $paypal->getNotifyUrl($order),
]);
if ($response->isRedirect()) {
$response->redirect();
}
return redirect()->back()->with([
'message' => $response->getMessage(),
]);
}
这是$response
的内容
ExpressAuthorizeResponse {#1098 ▼
#liveCheckoutEndpoint: "https://www.paypal.com/cgi-bin/webscr"
#testCheckoutEndpoint: "https://www.sandbox.paypal.com/cgi-bin/webscr"
#request: ExpressAuthorizeRequest {#1095 ▼
#liveEndpoint: "https://api-3t.paypal.com/nvp"
#testEndpoint: "https://api-3t.sandbox.paypal.com/nvp"
#negativeAmountAllowed: true
#parameters: ParameterBag {#1097 ▶}
#httpClient: Client {#1063 ▶}
#httpRequest: Request {#1086 ▶}
#response: ExpressAuthorizeResponse {#1098}
#currencies: ISOCurrencies {#1096}
#zeroAmountAllowed: true
}
#data: array:9 [▼
"TIMESTAMP" => "2020-02-03T11:04:45Z"
"CORRELATIONID" => "c8d066c9b5ccd"
"ACK" => "Failure"
"VERSION" => "119.0"
"BUILD" => "54118205"
"L_ERRORCODE0" => "10002"
"L_SHORTMESSAGE0" => "Security error"
"L_LONGMESSAGE0" => "Security header is not valid"
"L_SEVERITYCODE0" => "Error"
]
}
---编辑---
刚刚创建了一个新的 Sandbox 企业帐户并使用了那个人的 NVP API Creds,然后就成功了!旧帐号的问题可能是我编辑的电子邮件,因为这是新旧帐户之间唯一的区别。
实时环境和 test/sandbox 环境是完全独立的,因此需要单独的凭据。
对于 PayPal 沙盒(测试模式),您需要来自 sandbox PayPal 企业帐户的 API 用户名、密码和签名,通过 https://www.paypal.com/signin?intent=developer&returnUri=https%3A%2F%2Fdeveloper.paypal.com%2Fdeveloper%2Faccounts%2F
10002 "Security Header is not Valid" 总是表示您的凭据无效,即 Username/Password/Signature 有问题或者您在沙盒模式下使用实时凭据,反之亦然
每当使用 setTestMode() 方法时,都会弹出错误 "Security header is not valid"。
但是如果我删除 setTestMode() 并只保留 setUsername()、setPassword() 和 setSignature() 方法,它会通过并直接重定向到 PayPal (Live Paypal)。
所以 AFAIK 问题应该在于我如何使用 setTestMode 而不是关于不正确的 API 信用,因为大多数 "Security header is not valid" 错误都是关于。
我目前正在使用 Laravel 5.8 和 Omnipay/PayPal 使用 PayPal Express Checkout
这是使用过的文件
Paypal.php
public function gateway()
{
$gateway = Omnipay::create('PayPal_Express');
$gateway->setUsername(config('services.paypal.username'));
$gateway->setPassword(config('services.paypal.password'));
$gateway->setSignature(config('services.paypal.signature'));
$gateway->setTestMode(config('services.paypal.sandbox'));
// $gateway->setTestMode(true);
return $gateway;
}
public function purchase(array $parameters)
{
$response = $this->gateway()
->purchase($parameters)
->send();
return $response;
}
PaypalController.php
public function checkout($order_id)
{
$order = Order::findOrFail(decrypt($order_id));
$paypal = new PayPal;
$response = $paypal->purchase([
'amount' => $paypal->formatAmount($order->amount),
'transactionId' => $order->transaction_id,
'currency' => 'PHP',
'cancelUrl' => $paypal->getCancelUrl($order),
'returnUrl' => $paypal->getReturnUrl($order),
'notifyUrl' => $paypal->getNotifyUrl($order),
]);
if ($response->isRedirect()) {
$response->redirect();
}
return redirect()->back()->with([
'message' => $response->getMessage(),
]);
}
这是$response
的内容ExpressAuthorizeResponse {#1098 ▼
#liveCheckoutEndpoint: "https://www.paypal.com/cgi-bin/webscr"
#testCheckoutEndpoint: "https://www.sandbox.paypal.com/cgi-bin/webscr"
#request: ExpressAuthorizeRequest {#1095 ▼
#liveEndpoint: "https://api-3t.paypal.com/nvp"
#testEndpoint: "https://api-3t.sandbox.paypal.com/nvp"
#negativeAmountAllowed: true
#parameters: ParameterBag {#1097 ▶}
#httpClient: Client {#1063 ▶}
#httpRequest: Request {#1086 ▶}
#response: ExpressAuthorizeResponse {#1098}
#currencies: ISOCurrencies {#1096}
#zeroAmountAllowed: true
}
#data: array:9 [▼
"TIMESTAMP" => "2020-02-03T11:04:45Z"
"CORRELATIONID" => "c8d066c9b5ccd"
"ACK" => "Failure"
"VERSION" => "119.0"
"BUILD" => "54118205"
"L_ERRORCODE0" => "10002"
"L_SHORTMESSAGE0" => "Security error"
"L_LONGMESSAGE0" => "Security header is not valid"
"L_SEVERITYCODE0" => "Error"
]
}
---编辑---
刚刚创建了一个新的 Sandbox 企业帐户并使用了那个人的 NVP API Creds,然后就成功了!旧帐号的问题可能是我编辑的电子邮件,因为这是新旧帐户之间唯一的区别。
实时环境和 test/sandbox 环境是完全独立的,因此需要单独的凭据。
对于 PayPal 沙盒(测试模式),您需要来自 sandbox PayPal 企业帐户的 API 用户名、密码和签名,通过 https://www.paypal.com/signin?intent=developer&returnUri=https%3A%2F%2Fdeveloper.paypal.com%2Fdeveloper%2Faccounts%2F
10002 "Security Header is not Valid" 总是表示您的凭据无效,即 Username/Password/Signature 有问题或者您在沙盒模式下使用实时凭据,反之亦然