Reputation: 1972
Braintree Transaction Sale storing in valult and proper use of nonce and token
I have a few questions:
Can I store the credit card/paypal method in sale but also prevent duplicates? OR do duplicates just create an error when using storeInVaultOnSuccess. Will a "duplicate method" error cause sale to fail?
Can I create a customer with Braintree_Transaction::sale? Will a "duplicate customer" error cause sale to fail?
Is there a way to combine to do a "either/or" for paymentMethodNonce and paymentMethodToken?
Lastly security question. Does Braintree make sure the paymenthMethodToken for a customer matches the customerId of the sale? To ensure a token for one customer method cannot be used to complete sale for another customer.
if($paymentMethodNonce){
if($save){
$create=Braintree_PaymentMethod::create([
"customerId"=>$customerId,
"paymentMethodNonce"=>$paymentMethodNonce,
"options"=>["failOnDuplicatePaymentMethod"=>true]
]);
}
$sale=Braintree_Transaction::sale([
"amount"=>$cost,
"paymentMethodNonce"=>$paymentMethodNonce,
"customerId"=>$customerId
]);
}
else if($paymentMethodToken){
$sale=Braintree_Transaction::sale([
"amount"=>$cost,
"paymentMethodToken"=>$paymentMethodToken,
"customerId"=>$customerId
]);
}
Upvotes: 2
Views: 1536
Answers (2)
Reputation: 181
To answer your last question, if you include both a paymentMethodToken and a customerId when creating a sale, we require that the paymentMethodToken belongs to the customer specified by the provided customerId. If it does not belong to the customer specified, we throw a Transaction Error with code 91516 (Cannot provide both payment_method_token and customer_id unless the payment_method belongs to the customer).
Upvotes: 2
Reputation: 1972
You can create customers and payment methods inside the sale transaction, but they do create errors on duplicates which cause sale to fail. The best way is just to create and ignore errors
$create_customer=Braintree_Customer::create([
"id"=>$id,
]);
$create_payment_method=Braintree_PaymentMethod::create([
"customerId"=>$login,
"paymentMethodNonce"=>$method
]);
Next, the only way to combine paymentMethodNonce and paymentMethodToken is to switch according to which one is being handled.
$TokenOrNonceType="paymentMethodToken"; or $TokenOrNonceType="paymentMethodNonce";
$sale=Braintree_Transaction::sale([
"amount"=>$cost,
$TokenOrNonceType=>$TokenOrNonce,
"customerId"=>$customerId
]);
Lastly, I am still unsure about the last question. Does Braintree make sure the paymenthMethodToken for a customer matches the customerId of the sale? To ensure a token for one customer method cannot be used to complete sale for another customer. Thanks
Upvotes: 1
Related Questions
- Braintree\Configuration::merchantId needs to be set (or accessToken needs to be passed to Braintree\Gateway)
- Braintree payment integration : Using Client AuthorizationTokenization Keys
- Braintree - What to post for paymentMethodNonce
- Braintree Payment Gateway - processing orders
- Trying to send custom inputs to braintree but only payment_method_nonce works
- Payment method nonce or token
- php braintree integration
- Generating multiple Braintree payment method nonce using one hosted form
- Braintree API in PHP - enforce currency for transaction
- Braintree PayPal Integration