Login

Encrypted paypal buttons

Author:
grillermo
Posted:
February 29, 2012
Language:
Python
Version:
Not specified
Score:
1 (after 1 ratings)

Function and usage in views and template with django-paypal to have encrypted paypal buttons with a cart(adding multiple elements). All credits go to Jon Atkinson, http://jonatkinson.co.uk/paypal-encrypted-buttons-django/ I just added it here with a complete implementation using a cart(his example didnt include it). I know there is some redundancy in the data passed to the dict and the submit form, i'm just not sure what can i take out, the paypal docs are not clear about it, if you test this code without some of the data and it works, please tell me.

The key parts are the cmd _s-xclick and again the cmd '_cart' both are needed.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
###### Put this in some file in your python path

from M2Crypto import BIO, SMIME, X509
from django.conf import settings
	
def paypal_encrypt(attributes):
    plaintext = ''

    for key, value in attributes.items():
        plaintext += u'%s=%s\n' % (key, value)
    plaintext = plaintext.encode('utf-8')

    # Instantiate an SMIME object.
    s = SMIME.SMIME()

    # Load signer's key and cert. Sign the buffer.
    s.load_key_bio(BIO.openfile(settings.MY_KEYPAIR), BIO.openfile(settings.MY_CERT))

    p7 = s.sign(BIO.MemoryBuffer(plaintext), flags=SMIME.PKCS7_BINARY)

    # Load target cert to encrypt the signed message to.
    x509 = X509.load_cert_bio(BIO.openfile(settings.PAYPAL_CERT))
    sk = X509.X509_Stack()
    sk.push(x509)
    s.set_x509_stack(sk)

    # Set cipher: 3-key triple-DES in CBC mode.
    s.set_cipher(SMIME.Cipher('des_ede3_cbc'))

    # Create a temporary buffer.
    tmp = BIO.MemoryBuffer()

    # Write the signed message into the temporary buffer.
    p7.write_der(tmp)

    # Encrypt the temporary buffer.
    p7 = s.encrypt(tmp, flags=SMIME.PKCS7_BINARY)

    # Output p7 in mail-friendly format.
    out = BIO.MemoryBuffer()
    p7.write(out)

    return out.read() 

##### In your settings.py you need

MY_KEYPAIR = os.path.join(ROOT_PATH,'cert/my-prvkey.pem') #$ openssl genrsa -out my-prvkey.pem 1024
MY_CERT = os.path.join(ROOT_PATH,'cert/my-pubcert.pem') #$ openssl req -new -key my-prvkey.pem -x509 -days 365 -out my-pubcert.pem
PAYPAL_CERT = os.path.join(ROOT_PATH,'cert/paypal_cert.pem')
MY_CERT_ID = 'this paypal will give it to you when you upload your my-pubcert.pem'
## https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_html_encryptedwebpayments 



##### In your view you need to build the encrypted code for the form
notify_url = 'http://www.yourdomain.com/yournotifyurl'
return_url = 'http://www.yourdomain.com/yourreturnurl'
cancel_url = 'http://www.yourdomain.com/yourcancelurl'


paypal_dict = {}
paypal_dict['item_id_1'] = '666'
paypal_dict['item_name_1'] = 'evil book'
paypal_dict['amount_1'] = '666'
paypal_dict['item_id_2'] = '333'
paypal_dict['item_name_2'] = 'holly book'
paypal_dict['amount_2'] = '333'
paypal_dict['business'] = your@email.paypal.com
paypal_dict['currency_code'] = 'US' #dollars
paypal_dict[u'invoice'] = random.random() #it has to be unique for each purchase
paypal_dict[u'custom'] = 'pass here whatever you want, paypal will return it, max_length=256'
paypal_dict[u'cert_id'] = settings.MY_CERT_ID
paypal_dict['upload'] = 1
paypal_dict['notify_url'] = notify_url
paypal_dict['return_url'] = return_url
paypal_dict['cancel_url'] = cancel_url
paypal_dict['cmd'] = '_cart'
context['encrypted'] = paypal_encrypt(paypal_dict)
context.update(paypal_dict)

########## In your template

  <form class="checkout" action="http://www.paypal.com/cgi-bin/webscr">
    {% csrf_token %}
    <input type="hidden" name="cmd" value="_s-xclick" />
    <input type="hidden" name="encrypted" value="{{encrypted}}" />
    <input type="hidden" name="upload" value="1" />
    <input type="hidden" name="notify_url" value="{{notify_url}}" />
    <input type="hidden" name="return_url" value="{{return_url}}" />
    <input type="hidden" name="cancel_url" value="{{cancel_url}}" />
    <input type="submit" class="pay" value="Paga a trav&Atilde;&copy;s de PayPal" name=
    "paypal_submit" />
  </form>

More like this

  1. Template tag - list punctuation for a list of items by shapiromatron 3 months, 2 weeks ago
  2. JSONRequestMiddleware adds a .json() method to your HttpRequests by cdcarter 3 months, 3 weeks ago
  3. Serializer factory with Django Rest Framework by julio 10 months, 2 weeks ago
  4. Image compression before saving the new model / work with JPG, PNG by Schleidens 11 months, 1 week ago
  5. Help text hyperlinks by sa2812 12 months ago

Comments

Please login first before commenting.