Dwolla’s api provide the service to send money, request money, add bank accounts, retrieve transaction data and accept payment etc.
To access Dwolla api you need to create a consumer application using this link https://www.dwolla.com/applications/create. After creating it you will get api key and secret for api access.
You can use HTML code in your website payment page. This is just simple html form code.
For Dwolla payment authentication need api key, secret, current timestamp and signature parameter.
|
1 2 3 4 |
$key = "*********API KEY HERE*********"; $secret = "*********Secret Here**********"; $timestamp = time(); // for current time stamp $order_id = "123456789"; // any unique order id |
Now create a signature to authenticate the payment via api call. Need to pass signature in SHA1 hash_hmac() format with combination of key, timestamp, order id and secret key.
$signature = hash_hmac(‘sha1’, “{$key}&{$timestamp}&{$order_id}”, $secret);
Now use below html form code on your website.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
<html> <head></head> <body> <form accept-charset="UTF-8" action="https://uat.dwolla.com/payment/pay" method="post"> <input id="key" name="key" type="hidden" value="<?php echo $key ?>" /> <input id="signature" name="signature" type="hidden" value="<?php echo $signature ?>" /> <input id="timestamp" name="timestamp" type="hidden" value="<?php echo $timestamp ?>" /> <input id="realtime" name="realtime" type="hidden" value="false" /> <input id="guestcheckout" name="guestcheckout" type="hidden" value="true" /> <input id="test" name="test" type="hidden" value="true" /> <input name="callback" type="hidden" value="http://Your Server Link/return.php" /> <input name="redirect" type="hidden" value="http://Your Server Link/return.php" /> <input id="destinationid" name="destinationid" type="hidden" value="812-167-9397" /> <input id="name" name="name" type="hidden" value="Purchase" /> <input id="description" name="description" type="hidden" value="Description" /> <table> <tr> <td>Order Id:</td> <td><input id="orderid" name="orderid" value="<?php echo $order_id ?>" /></td> </tr> <tr> <td>Shipping Cost:</td> <td><input id="shipping" name="shipping" value="1.00" /></td> </tr> <tr> <td>Tax:</td> <td><input id="tax" name="tax" value="2.00" /></td> </tr> <tr> <td>Total Amount: </td> <td><input id="amount" name="amount" value="1.00" /></td> </tr> <tr> <td><button type="submit">Submit Order</button></td> </tr> </table> </form> </body> </html> |
There is another return.php file is use for callback and redirect parameter in form code.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
<?php $key = "*********API KEY HERE*********"; $secret = "*********Secret Here**********"; function verifyGatewaySignature($proposedSignature, $checkoutId, $amount) { $signature = hash_hmac("sha1", "{$checkoutId}&{$amount}", $secret); return $signature == $proposedSignature; } if (array_key_exists("error", $_GET)) { // find out what happened: $error_description = $_GET['error_description']; // "User Cancelled" exit($error_description); } echo $checkoutId = $_GET['checkoutId']; echo "<br/>"; echo $amount = $_GET['amount']; echo "<br/>"; echo $signature = $_GET['signature']; echo "<br/>"; echo $orderid = $_GET['orderId']; echo "<br/>"; $sigantureValid = verifyGatewaySignature($signature, $checkoutId, $amount); if (!sigantureValid) { exit("Bad signature!"); } $status = $_GET['status']; if ($status == "Completed") { // do something useful with the checkout results: echo $status; } ?> |
In this we use Dwolla sandbox url for development mode. Just replace the https://uat.dwolla.com/payment/pay url to https://dwolla.com/payment/pay for production.
