language: php

php:

- 5.5

- 5.6

- 7.0

- hhvm

matrix:

allow_failures:

- php: hhvm

install: travis_retry composer install --no-interaction --prefer-source

script:

- mkdir -p build/logs

- php vendor/bin/phpunit -c phpunit.xml.dist

- phpunit --coverage-text --coverage-clover=coverage.clover

- phpunit --coverage-clover build/logs/clover.xml

after_script:

- wget https://scrutinizer-ci.com/ocular.phar

- php ocular.phar code-coverage:upload --format=php-clover coverage.clover

- travis_retry php vendor/bin/coveralls -v

notifications:

slack: red-creek:5lI8ybvl6YTcCNPosh4TE13h

All Notable changes to `laravel-paystack` will be documented in this file

- Initial release

Contributions are **welcome** and will be fully **credited**.

We accept contributions via Pull Requests on [Github](https://github.com/unicodeveloper/laravel-paystack).

- **[PSR-2 Coding Standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md)** - The easiest way to apply the conventions is to install [PHP Code Sniffer](http://pear.php.net/package/PHP_CodeSniffer).

- **Add tests!** - Your patch won't be accepted if it doesn't have tests.

- **Document any change in behaviour** - Make sure the `README.md` and any other relevant documentation are kept up-to-date.

- **Consider our release cycle** - We try to follow [SemVer v2.0.0](http://semver.org/). Randomly breaking public APIs is not an option.

- **Create feature branches** - Don't ask us to pull from your master branch.

- **One pull request per feature** - If you want to do more than one thing, send multiple pull requests.

- **Send coherent history** - Make sure each individual commit in your pull request is meaningful. If you had to make multiple intermediate commits while developing, please [squash them](http://www.git-scm.com/book/en/v2/Git-Tools-Rewriting-History#Changing-Multiple-Commit-Messages) before submitting.

``` bash

$ composer test

**Happy coding**!

Copyright (c) 2015 Prosper Otemuyiwa <prosperotemuyiwa@gmail.com>

[](https://packagist.org/packages/unicodeveloper/laravel-paystack)

[](LICENSE.md)

[](https://travis-ci.org/unicodeveloper/laravel-paystack)

[](https://scrutinizer-ci.com/g/unicodeveloper/laravel-paystack)

[](https://packagist.org/packages/unicodeveloper/laravel-paystack)

[PHP](https://php.net) 5.4+ or [HHVM](http://hhvm.com) 3.3+, and [Composer](https://getcomposer.org) are required.

To get the latest version of Laravel Paystack, simply add the following line to the require block of your `composer.json` file.

You'll then need to run `composer install` or `composer update` to download it and have the autoloader updated.

Once Laravel Paystack is installed, you need to register the service provider. Open up `config/app.php` and add the following to the `providers` key.

* `Unicodeveloper\Paystack\PaystackServiceProvider::class`

Also, register the Facade like so:

'aliases' => [

...

'Paystack' => Unicodeveloper\Paystack\Facades\Paystack::class,

...

]

You can publish the configuration file using this command:

php artisan vendor:publish --provider="Unicodeveloper\Paystack\PaystackServiceProvider"

A configuration-file named `paystack.php` with some sensible defaults will be placed in your `config` directory:

<?php

return [

/**

* Public Key From Paystack Dashboard

*

*/

'publicKey' => getenv('PAYSTACK_PUBLIC_KEY'),

/**

* Secret Key From Paystack Dashboard

*

*/

'secretKey' => getenv('PAYSTACK_SECRET_KEY'),

/**

* Paystack Payment URL

*

*/

'paymentUrl' => getenv('PAYSTACK_PAYMENT_URL'),

/**

* Optional email address of the merchant

*

*/

'merchantEmail' => getenv('MERCHANT_EMAIL'),

];

##General payment flow

Though there are multiple ways to pay an order, most payment gateways expect you to follow the following flow in your checkout process:

###1. The customer is redirected to the payment provider

After the customer has gone through the checkout process and is ready to pay, the customer must be redirected to site of the payment provider.

The redirection is accomplished by submitting a form with some hidden fields. The form must post to the site of the payment provider. The hidden fields minimally specify the amount that must be paid, the order id and a hash.

The hash is calculated using the hidden form fields and a non-public secret. The hash used by the payment provider to verify if the request is valid.

###2. The customer pays on the site of the payment provider

The customer arrived on the site of the payment provider and gets to choose a payment method. All steps necessary to pay the order are taken care of by the payment provider.

###3. The customer gets redirected back

After having paid the order the customer is redirected back. In the redirection request to the shop-site some values are returned. The values are usually the order id, a paymentresult and a hash.

The hash is calculated out of some of the fields returned and a secret non-public value. This hash is used to verify if the request is valid and comes from the payment provider. It is paramount that this hash is thoroughly checked.

Open your .env file and add your public key, secret key, merchant email and payment url like so:

PAYSTACK_PUBLIC_KEY=xxxxxxxxxxxxx

PAYSTACK_SECRET_KEY=xxxxxxxxxxxxx

PAYSTACK_PAYMENT_URL=https://api.paystack.co

MERCHANT_EMAIL=unicodeveloper@gmail.com

Set up routes and controller methods like so:

Note: Make sure you have `/payment/callback` registered in Paystack Dashboard [https://dashboard.paystack.co/#/settings/developer](https://dashboard.paystack.co/#/settings/developer) like so:


Route::post('/pay', 'PaymentController@redirectToGateway')->name('pay'); // Laravel 5.1.17 and above

OR

Route::post('/pay', [

'uses' => 'PaymentController@redirectToGateway',

'as' => 'pay'

]);

Route::get('/payment/callback', 'PaymentController@handleGatewayCallback');

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

use App\Http\Requests;

use App\Http\Controllers\Controller;

use Paystack;

class PaymentController extends Controller

{

/**

* Redirect the User to Paystack Payment Page

* @return Url

*/

public function redirectToGateway()

{

return Paystack::getAuthorizationUrl()->redirectNow();

}

/**

* Obtain Paystack payment information

* @return void

*/

public function handleGatewayCallback()

{

$paymentDetails = Paystack::getPaymentData();

dd($paymentDetails);

// Now you have the payment details,

// you can store the authorization_code in your db to allow for recurrent subscriptions

// you can then redirect or do whatever you want

}

}

Let me explain the fluent methods this package provides a bit here.

/**

* This fluent method does all the dirty work of sending a POST request with the form data

* to Paystack Api, then it gets the authorization Url and redirects the user to Paystack

* Payment Page. I abstracted all of it, so you don't have to worry about that.

* Just eat your cookies while coding!

*/

Paystack::getAuthorizationUrl()->redirectNow();

/**

* This fluent method does all the dirty work of verifying that the just concluded transaction was actually valid,

* It verifies the transaction reference with Paystack Api and then grabs the data returned from Paystack.

* In that data, we have a lot of good stuff, especially the `authorization_code` that you can save in your db

* to allow for easy recurrent subscription.

*/

Paystack::getPaymentData();

/**

* This method gets all the customers that have performed transactions on your platform with Paystack

* @returns array

*/

Paystack::getAllCustomers();

/**

* This method gets all the plans that you have registered on Paystack

* @returns array

*/

Paystack::getAllPlans();

/**

* This method gets all the transactions that have occurred

* @returns array

*/

Paystack::getAllTransactions();

/**

* This method generates a unique super secure cryptograhical hash token to use as transaction reference

* @returns string

*/

Paystack::genTranxRef();

A sample form will look like so:

<form method="POST" action="{{ route('pay') }}" accept-charset="UTF-8" class="form-horizontal" role="form">

<div class="row" style="margin-bottom:40px;">

<div class="col-md-8 col-md-offset-2">

<p>

<div>

Lagos Eyo Print Tee Shirt

₦ 2,950

</div>

</p>

<input type="hidden" name="email" value="otemuyiwa@gmail.com"> {{-- required --}}

<input type="hidden" name="orderID" value="345">

<input type="hidden" name="amount" value="800"> {{-- required in kobo --}}

<input type="hidden" name="quantity" value="3">

<input type="hidden" name="reference" value="{{ Paystack::genTranxRef() }}"> {{-- required --}}

<input type="hidden" name="key" value="{{ config('paystack.secretKey') }}"> {{-- required --}}

{{ csrf_field() }} {{-- works only when using laravel 5.1, 5.2 --}}

<input type="hidden" name="_token" value="{{ csrf_token() }}"> {{-- employ this in place of csrf_field only in laravel 5.0 --}}

<p>

<button class="btn btn-success btn-lg btn-block" type="submit" value="Pay Now!">

<i class="fa fa-plus-circle fa-lg"></i> Pay Now!

</button>

</p>

</div>

</div>

</form>

When clicking the submit button the customer gets redirected to the Paystack site.

So now we've redirected the customer to Paystack. The customer did some actions there (hopefully he or she paid the order) and now gets redirected back to our shop site.

Paystack will redirect the customer to the url of the route that is specified in the Callback URL of the Web Hooks section on Paystack dashboard.

We must validate if the redirect to our site is a valid request (we don't want imposters to wrongfully place non-paid order).

In the controller that handles the request coming from the payment provider, we have

`Paystack::getPaymentData()` - This function calls the verification methods and ensure it is a valid transction else it throws an exception.

You can test with these details

Card Number: 4123450131001381

Expiry Date: any date in the future

CVV: 883

* Charge Returning Customers

* Add Comprehensive Tests

* Implement Transaction Dashboard to see all of the transactions in your laravel app

Please feel free to fork this package and contribute by submitting a pull request to enhance the functionalities.

Why not star the github repo? I'd love the attention! Why not share the link for this repository on Twitter or HackerNews? Spread the word!

Don't forget to [follow me on twitter](https://twitter.com/unicodeveloper)!

Thanks!

Prosper Otemuyiwa.

The MIT License (MIT). Please see [License File](LICENSE.md) for more information.