I am writing my first PayPal app with the Classic API for Adaptive Payments. It's using Java Servlets with Tomcat.
The code seems to working correctly except I cannot see any transactions in the Seller sandbox account. The transactions are processed and do show up correctly in the Buyer's sandbox account.
I am using the sandbox credentials for both Buyer and Seller. I've tried credentials for the default "facilitator" account as well as creating a separate Business account as Seller. In either case, no transactions show in the Seller's history. I'm also using the testing AppID APP-80W284485P519543T.
I'd like to move on but without being able to see where the money goes, I'm not convinced this is working.
Any ideas?
Thanks
Sounds to me like maybe you've just got your accounts mixed up and the API credentials you're using in the app don't belong to the same sandbox account you're looking at when you check the history.
Or it could be a case where the API credentials do match the account you're logging into, but your app is actually sending the money to a 3rd party account..??
If the calls are working successfully then the money is going somewhere. If it's not in the account you think it should be then it's gotta be something like what I mentioned.
Related
I have a website and my own server and database, I also have an native Android app. I need to allow users to be able to sign-in with their account from the website inside the app in order to sync information and other things they need to use. I've been stuck for a couple of days trying to figure out how to do that. I've found a lot of content regarding OAuth and AppAuth but they are focused on using an OAuth API to the job. Back on my server, I use Hybridauth for social login, but users can also register directly on the site. How would be the proper way to allow my users to sign-in to their website account through the Android app?
You're overthinking it. OAuth isn't meant for users to log in, it's meant to enable external services to access data on behalf of a user.
To make a user log in? Create a POST endpoint on your webservice named login. It should take two parameters- username and password. The body of the login service should salt and hash the password, then check if the hash equals the hash stored in the db for the same user. If so, you're logged in and you return a success packet with a unique token to authenticate you for later requests. If not, you return a failure. The Android app would ask the user for their data, then send a request to the endpoint. On success it saves the token and sends it in all future requests to authenticate yourself, either as a parameter or as a header.
This is of course the simplest possible version. More advanced features would include expiring of login tokens, refresh tokens, possible lockout if you have too many bad requests, etc. But the above is the basic idea. Although really I'd look for an open source solution you can take, as there's quite a lot of complexity when you get into all the stuff mentioned above, and its a place where a mistake that leads to a vulnerability is probably the most dangerous.
I have to send an email from IntentService. My data is mostly the backup from a phone. I am using smtp.google.com + javamail.I can use a gmail account and send data through it.(http://www.oracle.com/technetwork/java/javamail/faq/index.html#gmail):
From my point of view the problem with this approach is that my app uses the gmail account and sends data via my account. All personal data would go through one my account. Question#1 - Is it a good approach to do it?
The gmail api uses OAuth 2.0. And I have to store my client ID in some place of my program. I read that it is impossible to restore login/password from it. This token has validity. Question#2 Is it possible to use this token for reading or deleting something from gmail account until it is valid?
For all examples of my app would be the same gmail account. This think bothers me sometimes, because if something happens with gmail account I will not be able to do anything.
Question#3 Is it worth to use services like https://www.mailgun.com/ or maybe to create at least another gmail account and to use them both?
Only if you're the only one using your app.
Yes.
Email is probably not the right solution to your problem. But without knowing more about the problem you're trying to solve and what your requirements are, it's hard to know what to suggest instead.
Hi everybody,
well, here it is my problem.
I have a corporation gmail user, lets say developer-user#mycompany.com, and I would like to list all the gsheets I have in my gdriver trhough the google API for Java applications, so I generated the credentials I supposed to need:
the email, which was auto-created by google with a different domain,
in this case something like 1234567890#developer.gserviceaccount.com
then I created the p12 key file.
After that I tried the connection and everything ran fine, but It did not list the spread sheets I had, and I figured out that I can not list all the gsheets I had 'till I shared them with the 1234567890#developer.gserviceaccount.com mail/user, but the problem is that I can NOT share anything outside of the #mycompany.com domain, even though the email (1234567890#developer.gserviceaccount.com) created for the authentication is linked to my developer-user#mycompany.com account.
I am not sure if I was clear enough, but what I need is a solution for that. did someone figur out something? may you help me?
Anyway, thank you guys and I appreciate your time.
You'll have to ask your Google Apps Admin to enable sharing outside your domain on Google docs, that's the only way Drive will allow the service account to reach existing docs.
The only alternative is to recreate the docs using the service account (programatically) and share them with your account.
Your admin can delegate domain wide access to your app which will then be able to impersonate you.
Alternatively, don't use service accounts and simply generate a refresh token for your own account (which is by far the easiest solution).
I'm trying to create an application using Java with PayPal.
Scenario: There is a webshop, a buyer and my application. I want to create the application such that the buyer and the webshop firstly give the app permissions to pay and receive money respectively. Then in the future when the buyer buys something from the webshop, my application has all the information needed to execute this action without involvement of the buyer or webshop.
Now there are two things that are not clear (and I can't find it in the PayPal documentation):
Using the Permissions API you must select the GroupIDs to get permissions for the different API sets. I don't know which one to select for the buyer or for the webshop.
Then, using the authorization header, you can perform the API call. In the case of the buyer, I want to perform a PayPal payment (NOT using a credit card). How do I do this? Which API call do I need to call? (something in Adaptive Payments maybe?)
Thanks in advance.
Classic API has a third party authorization system you can use.
When you give permission to a third party, you grant access to specific information that is account-related or transaction-related and may also be authorizing the third party to take certain actions on your behalf. These services allow the third party to make different kinds of payments, refund payments, search for transaction data, and more. You should be very selective about the type of access you grant to specific third parties.
Once you have obtained authorization, you can then run calls for their PayPal account on their behalf. The catch there is that you can only do what they have authorization for. So if, for instance, you want to run cards on their behalf, they would have to subscribe to payments Pro.
I'm trying to add a payment option for an application to allow users to donate/pay for certain features. To do this, I want to have the application periodically check PayPal for recent payments, preferably using a PayPal API.
I've looked at the PayPal IPN, and that seems to require that you own a web-server which PayPal can send an HTTP request to. However, I'm trying to avoid linking the application with a web-server. The other PayPal APIs I have looked at (I'm only looking at official APIs), from what I can tell, don't serve the purpose I seek.
The user experience I'm seeking is that the user will give the application their PayPal email address, donate/pay on the Paypal website to my account (or whoever's account). My application will then check PayPal for the past X donations, and reward the user accordingly if their email address is found on there and that payment has not yet been rewarded. The reason I want to do this is for security. I'll probably be publishing my work as open source, and I don't want someone modifying it and keeping the user's PayPal credentials.
So, a recap, which (if any) PayPal API would I use to check if there are any recent donations to a given account? Ideally, the user will donate/pay money on the PayPal website to an account, and the application will identify that transaction and reward the user appropriately. I intend to do this in Java, so I can use any Java APIs or web APIs that I can subsequently call with HTTP requests.
If I'm going about this the wrong way, or if it's impossible, let me know.
You can use the TransactionSearch API endpoint referenced here:
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_nvp_r_TransactionSearch
to find transactions in a certain date range.
If you need more information about one of the donors, you can use the transactionID you get from the search request to query the TransactionDetails end point here:
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_nvp_r_GetTransactionDetails