In contrast to the (auto-generated) PayPal / BrainTree Checkout SDK, this is a small, lightweight API, specifically designed for idiomatic Node.js

Go to file

AJ ONeal e1fa70d495 WIP: Order.{createRequest,capture}		2021-10-16 22:07:59 -06:00
tests	WIP: Order.{createRequest,capture}	2021-10-16 22:07:59 -06:00
utils	chore: console.log => console.info	2021-10-12 01:24:18 -06:00
.gitignore	initial commit	2021-10-09 17:10:40 -06:00
.jshintrc	initial commit	2021-10-09 17:10:40 -06:00
.prettierignore	initial commit	2021-10-09 17:10:40 -06:00
.prettierrc.json	initial commit	2021-10-09 17:10:40 -06:00
LICENSE	initial commit	2021-10-09 17:10:40 -06:00
README.md	WIP: Order.{createRequest,capture}	2021-10-16 22:07:59 -06:00
example.env	initial commit	2021-10-09 17:10:40 -06:00
package-lock.json	bugfix: postinstall -> prepare	2021-10-09 17:17:38 -06:00
package.json	bugfix: postinstall -> prepare	2021-10-09 17:17:38 -06:00
paypal-checkout.js	WIP: Order.{createRequest,capture}	2021-10-16 22:07:59 -06:00
test.js	docs: update info on return_url	2021-10-12 01:43:47 -06:00

README.md

@root/paypal-checkout

In contrast to the official PayPal Checkout SDK - which is auto-generated code with lots of abstraction without much value - this is very little abstraction, but specificially designed to be (mostly) idiomatic JavaScript / Node.js.
(excuse the snake_case - that's how the PayPal REST API is designed).

The Good Documentation™ for the PayPal API (a.k.a. PayPal Checkout SDK) is the "REST API". See

https://developer.paypal.com/docs/api/orders/v2/ (one-time payments)
https://developer.paypal.com/docs/api/subscriptions/v1/ (recurring subscriptions)
https://www.paypal.com/webapps/mpp/logos-buttons (the buttons)

Install

npm install --save @root/paypal-checkout

Usage

"use strict";

require("dotenv").config({ path: ".env" });

let PPC = require("@root/paypal-checkout");
PPC.init({
  client_id: "xxxx",
  client_secret: "****",
});

PPC.Subscriptions.createRequest({
  // See https://developer.paypal.com/docs/api/subscriptions/v1/#subscriptions
});

API

PayPal.init(client_id, client_secret, 'sandbox|live', defaults);
PayPal.request({ method, url, headers, json });

Subscrptions (Recurring Payments)

                                              // Webhook 'event_type':

PayPal.Product.create({ ... });               // CATALOG.PRODUCT.CREATED
PayPal.Product.list();
PayPal.Product.details(id);
PayPal.Product.update(id, { description });   // CATALOG.PRODUCT.UPDATED

PayPal.Plan.create({ ... });                  // BILLING.PLAN.CREATED
PayPal.Plan.list();
PayPal.Plan.details(id);
PayPal.Plan.update(id, { description });      // BILLING.PLAN.UPDATED

PayPal.Subscription.createRequest({ ... });   // BILLING.SUBSCRIPTION.CREATED
// subscription.links[rel="approve"].href     // BILLING.SUBSCRIPTION.ACTIVATED
                                              // PAYMENT.SALE.COMPLETED
PayPal.Subscription.details(id);
PayPal.Subscription.cancel(id, { reason });

Orders (One-Time Payments)

PayPal.Order.createRequest({ ... });          // ??

Redirects

return_url
cancel_url

Orders

`return_url`

Order Request return_url will be called with the token query param as the order_id:

https://example.com/redirects/paypal-checkout/return
  ?token=XXXXXXXXXXXXXXXXX
  &PayerID=XXXXXXXXXXXXX

Again, token is the order_id.

`cancel_url`

The cancel_url will have the same query params as the return_url.

Also, PayPal presents the raw cancel_url and will NOT update the order status. It's up to you to confirm with the user and change the status to CANCELLED.

Subscriptions

`return_url`

Subscription Request return_url will include the following:

https://example.com/redirects/paypal-checkout/return
  ?subscription_id=XXXXXXXXXXXXXX
  &ba_token=BA-00000000000000000
  &token=XXXXXXXXXXXXXXXXX

`cancel_url`

The cancel_url will have the same query params as the return_url.

Also, PayPal presents the raw cancel_url and will NOT update the subscription status. It's up to you to confirm with the user and change the status to CANCELLED.

Webhooks

Webhooks can be set up in the Application section of the Dashboard:

https://developer.paypal.com/developer/applications

You'll see a list of applications. Click on one to access the webhooks.

Security: You must put a secret or token or your webhook URLs - PayPal provides no measure of authentication (and otherwise an attacker could just send random crap to your webhooks making it look like they've paid for all sorts of things).

Security

User email addresses

Emails addresses available through the PayPal Checkout API guaranteed to have been verified by PayPal.

See:

Notes

Note: Just about everything in the PayPal SDK that uses ALL_CAPS is a constant/enum representing an option you can pick from limited number of options.

Sandbox accounts (for creating fake purchases) can be managed at: https://developer.paypal.com/developer/accounts

Note on Auth + Capture:

Authorization and capture enables you to authorize fund availability but delay fund capture. This can be useful for merchants who have a delayed order fulfillment process. Authorize & Capture also enables merchants to change the original authorization amount in case the order changes due to shipping, taxes, or gratuity.

For any payment type, you can capture less than or the full original authorized amount. You can also capture up to 115% of or $75 USD more than the original authorized amount, whichever is less.

See

https://developer.paypal.com/docs/admin/auth-capture/

https://developer.paypal.com/docs/api/payments/v2/#authorizations_capture

Buttons:

https://www.paypal.com/webapps/mpp/logos-buttons <== THE ONE YOU WANT
https://developer.paypal.com/docs/checkout/
https://www.paypal.com/buttons/