vguerrerobosch / redsys-php
Unofficial yet better PHP library for the Redsys API.
Installs: 1 796
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 0
Requires
- alcohol/iso4217: ^3.1
- league/iso3166: ^2.1
Requires (Dev)
- phpunit/phpunit: ^8.3
README
This unofficial Redsys PHP library provides convenient access to the Redsys API from applications written in the PHP language.
Requirements
PHP 5.6.0 and later.
Composer
You can install the library via Composer. Run the following command:
composer require vguerrerobosch/redsys-php
Manual Installation
If you do not wish to use Composer, you can download the latest release. Then, to use the bindings, include the init.php
file.
require_once('/path/to/redsys-php/init.php');
Getting Started
Payment Requests
You can create a payment request
use Vguerrerobosch\Redsys\Redsys; use Vguerrerobosch\Redsys\PaymentRequest; Redsys::setApiKey('sq7HjrUOBfKmC576ILgskD5srU870gJ7'); $payment_request = PaymentRequest::create([ 'amount' => 2000, 'order' => time(), 'merchant_code' => 999008881, 'merchant_url' => 'https://941a2b9e.ngrok.io/webhook', 'url_ok' => 'http://redsys-php.test/ok', 'url_ko' => 'http://redsys-php.test/ko', ]);
then you can build the form like:
$sumbit_onload = false; // default true $payment_request->form($submit_onload);
or you may access the properties directly:
$payment_request->url; // the Redsys endpoint $payment_request->params; // the encoded parameters $payment_request->signature; // the calculated signature $payment_request->signature_version // currently HMAC_SHA256_V1
Handling webhooks
The very first thing should be verifing the signature of the request:
use Vguerrerobosch\Redsys\Webhook as Webhook; use Vguerrerobosch\Redsys\Exception\SignatureVerificationException; $content_type = $_SERVER['CONTENT_TYPE']; Webhook::setContentType($content_type); // defaults to application/x-www-form-urlencoded $payload = $content_type == 'application/x-www-form-urlencoded' ? $_POST : @file_get_contents('php://input'); $secret_key = 'sq7HjrUOBfKmC576ILgskD5srU870gJ7'; try { Webhook::verifySignature($payload, $secret_key); } catch (SignatureVerificationException $exception) { http_response_code(403); die; }
then get the data from the response payload and update the order status on your database or whatever needs to be done.
$data = Webhook::getData($payload);
and finally return the response (required for SOAP)
echo Webhook::response($order_id, $secret_key); die;
Testing
Test card numbers
Genuine card information cannot be used in test mode. Instead, use the following test card numbers, a valid expiration date in the future, and any random CVC number, to create a successful payment.
Card number | Description |
---|---|
4548 8120 4940 0004 |
Visa charge succeeded. |
5576 4400 2278 8500 |
MasterCard charge is declined with 9551 response code. |