I am trying to integrating Paypal on my application. This application will allow people to sell tokens between them. So the money doesn't go to me, but to the payees.
I first used smart button directly on my front-end (https://developer.paypal.com/docs/checkout/integrate/). I just had to add a payee field and it worked perfectly fine. 0 bug, no issue.
But now, I want to make the integration on a NodejS back-end, because it is more secure for me.
And despite I am doing exactly the same thing (create order -> capturing order), I am getting this error :
{"name":"NOT_AUTHORIZED","details": [{
"issue":"PAYEE_NOT_CONSENTED","description":"Payee does not have appropriate consent to
allow the API caller to process this type of transaction on their behalf. Your current
setup requires the 'payee' to provide a consent before this transaction can be
processed successfully."
}],
"message": "Authorization failed due to insufficient permissions.",
"debug_id":"300756d694c77","links": [{
"href":"https://developer.paypal.com/docs/api/orders/v2/#error-PAYEE_NOT_CONSENTED",
"rel":"information_link","method":"GET"
}]
}
Why ? Why it has no issue doing this kind of operation with smart button, but I can't do it with the checkout sdk on nodejs and need the payee consent ?
Whats the difference ?
Needing the consent or any kind of operation from the payee is really annoying for me, because I need payee to sell their tokens with the minimal of action to do it.
And I don't see whats the difference between doing it with smart button, or with a back-end.
Btw here is my code :
const paypal = require('@paypal/checkout-server-sdk')
if (process.env.NODE_ENV === "prod") {
APP_SETTINGS = require('src/PRIVATE_APP_SETTINGS.json').prod;
var environment = new paypal.core.LiveEnvironment(APP_SETTINGS.paypal.paypal_client_id, APP_SETTINGS.paypal.paypal_secret);
} else {
APP_SETTINGS = require('src/PRIVATE_APP_SETTINGS.json').dev;
var environment = new paypal.core.SandboxEnvironment(APP_SETTINGS.paypal.paypal_client_id, APP_SETTINGS.paypal.paypal_secret);
}
var client = new paypal.core.PayPalHttpClient(environment);
function createPayment(info)
{
const body = {
intent: 'CAPTURE',
purchase_units: [{
amount:
{
value: info.usdAmount,
currency_code: 'USD'
},
payee: {
email_address: info.paypalEmail
}
}],
}
let request = new paypal.orders.OrdersCreateRequest()
request.requestBody(body)
return client.execute(request).then(res => {
return {res: true, id: res.result.id}
}).catch(err => {
if (err) {
console.error(err.message);
}
return {res: false}
})
}
function executePayment(info)
{
console.log(info)
const request = new paypal.orders.OrdersCaptureRequest(info.orderId)
request.requestBody({})
return client.execute(request).then((result) => {
console.log("Payment suceed")
return {res: true}
}).catch(err => {
if (err) {
console.error(err);
}
return {res: false}
})
}
Oddly, you don't seem to be doing anything wrong. I tested the exact same thing except using a simple curl integration rather than node, and everything worked as expected. Here are the curl requests so you can validate whether it works for you...
#!/bin/bash
access_token=$(curl -s https://api-m.sandbox.paypal.com/v1/oauth2/token \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "clientid:secret" \
-d "grant_type=client_credentials" | python3 -c "import sys, json; print(json.load(sys.stdin)['access_token'])")
echo $access_token
#!/bin/bash
access_token=$(./curl_rest_gettoken);
curl $@ -s https://api-m.sandbox.paypal.com/v2/checkout/orders \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $access_token" \
-d '{
"intent": "CAPTURE",
"purchase_units": [
{
"amount": {
"currency_code": "USD",
"value": "5"
},
"payee": {
"email_address": "......@business.example.com"
}
}
],
"application_context": {
"return_url": "https://www.yahoo.com"
}
}' | python -mjson.tool
#!/bin/bash
access_token=$(./curl_rest_gettoken);
curl -v -s -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders/$1/capture \
-H "Content-Type:application/json" \
-H "Authorization: Bearer $access_token" | python -mjson.tool