Search code examples
paypalomnipaypayum

Difference between Omnipay and Payum


I was looking for a payment solution for my web-app. I saw that there are APIs like stripe (for credit cards) or PayPal plugins that can deal with certain paying methods.

Then I saw that there are libaries that can deal with all sorts of paying methods like Payum (https://github.com/Payum/Payum) or Omnipay (https://github.com/thephpleague/omnipay).

If I understood it correctly they are both the same type of library: They both process payments of various methods in a standardised way. However I did'nt find any comparison between the two, but solutions to how Payum can include OmniPay. So I got confused. Thus my question:

Does Omnipay cover the same purposes as Payum. If yes, which one has what advantages. If no, what parts of the paying process are they exactly implementing.


Solution

  • Payum vs Omnipay

    The short answer is Payum provides same functionality as Omnipay plus some extra features.

    Payum works best when you combine a payment model with a convert action. The model must not be only a Payum’s one, I encourage you to use your own or one from a ecommerce platform. The idea is simple: you send a request to Payum to capture your model. In the action you convert the payment model to a gateway specific format, most probably an array. The beauty of this approach is that your code is never changed, and looks like this:

    $gateway->execute(new Capture($payment));
    

    All gateway’s differences are hidden inside a gateway. Of course Payum supports a gateway specific format, or a Payum’s Payment model as well. In case of Omnipay you cannot simply replace a stripe gateway to a paypal one, because they behave differently and what is more important they require different data. Stripe require a credit card to be provided where Paypal does not care about it but instead wants return and cancel urls to be set. You have to reflect these differences in your code, is this abstraction? By the way Payum generate cancel and return urls for you and they are secure ones (we talk about it later).

    Sometimes you have to get more details about the payment transaction, or a payer, or more info about an error. Payum provides you access to all data that takes part in a communication between your code and a payment gateway. The data format is a payment specific, so if you familiar with Paypal protocol (for example) it would be easy for you to understand what is going on there. Another good example is Klarna Checkout. It returns shipping\billing addresses, gender and date of birth. With Payum you can easily get these out of payment and use for your needs.

    Payum gives you a better status handling. Omnipay provides only two statuses success and failed, but it is not enough. For example Paypal sometimes returns pending status because of multi currency issue. In this case omnipay says the payment has failed, but in fact it is not. Or user can cancel the payment at Paypal side, Omnipay will tell you it failed but it is not really true. If you need a status which is not provided by Payum by default, you can easily add it. Do you already have payment statuses, maybe your ecommerce platform provide them and you want to reuse, no problem Payum could be adjust to use them.

    Sometimes users want to cheat on you or pay less for the stuff. As a developer you have to think about it and take care of your data. What do you expose to a user? Could it be used the wrong way? You can not rely on an amount given in the url, until you validate it. For example Paypal sends you a push notification to the notify url you previously sent to them. Payum generates for you such an url and when the notification comes back it validates it. You get unique, secured urls out of the box. The payment internally associated with that url, and once you remove\invalidate the url user not able to access the payment behind it. Omnipay does not provide anything to help you solve security issues. There is one good side effect with these secured urls. The secured urls invalidated\deleted once they not needed. This is good, for example user clicks “Back” button in a browser. He would not be able to do a second payment because the purchase url no longer exists, instead he will see a 404 error.

    It is not a good practice to store credit cards at your side, isn’t it? There is no excuse for storing it accidentally, or just for few seconds. Payum has a sensitive value object which ensure that nothing is saved accidentally. You still able to store it, but while doing so you are on your own.

    Omnipay supports only gateways, that do a redirect to gateway side or require a credit card. But there are bunch of other gateways, and they act differently. For example Klarna Checkout require a snippet (iframe) to be rendered, Stripe.Js requires their javascript to be executed on a purchase page. Stripe Checkout renders its own popup. Payum supports them all, and as we talked at the beginning you can switch from one gateway to another without changes in your code. Payum does not natively supports a gateway you need? I do not think reimplementing every gateway in house is a good idea. That’s why a bridge for Omnipay gateways exists. It allows you to use Omnipay gateways the Payum way.

    Payum tries to standardise the payment flow. There are three steps prepare, capture\authorise and done. The first one is called “prepare” and at this step you have to prepare the payment, calculate total prices, taxes, get user or shipping information and so on. Once you are done you can redirect user to a capture\authorise step, From here user could be redirected to a gateway side or asked for a credit card, or something else. It depends on what gateway you chose. At “done” step you have to get the payment status and act according to it. Omnipay only partly solves this task.

    With a gateway factories you can easily overwrite\replace any parts of the gateway functionally, or add a custom actions, extensions or apis.

    Payum has official extensions for most modern frameworks such as Symfony. Laravel, Silex, Yii, Zend.

    At the end lets compare the corner stone interfaces from Payum and Omnipay.

    Disclaimer: I am the author of Payum