stackoom
  简体   繁体   中英

Laravel 5.1 csrftoken curl from paypal

 原文  2015-09-24 13:27:41       php/ laravel/ curl/ paypal

Question

How i Can add or somethink do with csrftoken when paypal send post on my website. My error code: TokenMismatchException in VerifyCsrfToken.php line 53.

Here code: 

    public function getPaypal(Request $request)
   {

    $uri = $request->all();

    if(isset($uri['tx']))
    {

      $pp_hostname = "www.sandbox.paypal.com"; // Change to www.sandbox.paypal.com to test against sandbox
      // read the post from PayPal system and add 'cmd'
      $req = 'cmd=_notify-synch';

      $tx_token = $uri['tx'];
      $auth_token = "EHNebv....e";
      $req .= "&tx=$tx_token&at=$auth_token";

      $ch = curl_init();
      curl_setopt($ch, CURLOPT_URL, "https://$pp_hostname/cgi-bin/webscr");
      curl_setopt($ch, CURLOPT_POST, 1);
      curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
      curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
      curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
      //set cacert.pem verisign certificate path in curl using 'CURLOPT_CAINFO' field here,
      //if your server does not bundled with default verisign certificates.
      curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
      curl_setopt($ch, CURLOPT_HTTPHEADER, array("Host: $pp_hostname"));
      $res = curl_exec($ch);
      curl_close($ch);

   }

3 answers

solution1
 4  2015-09-24 14:56:46

According to Laravel Docs: http://laravel.com/docs/5.1/routing#csrf-protection .

Excluding URIs From CSRF Protection

Sometimes you may wish to exclude a set of URIs from CSRF protection. For example, if you are using Stripe to process payments and are utilizing their webhook system, you will need to exclude your webhook handler route from Laravel's CSRF protection.

You may exclude URIs by adding them to the $except property of the VerifyCsrfToken middleware: 

<?php

namespace App\Http\Middleware;

use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;

class VerifyCsrfToken extends BaseVerifier
{
    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        'paypal/*',
    ];
}

Let me know if it is still not clear.

solution2
 3 ACCPTED  2015-09-24 14:10:11

You don't need to completely disable the middleware just go to VerifyCrsfToken file in app\\Http\\Middle then edit the protected array $except and include and entry of the route paypal is posting to. 

protected $except = [
    /paypal/data,


];

solution3
 1  2015-09-24 13:57:28

TokenMismatchException is a Laravel error, not PayPal. With every POST request, you need to send a _token value through with it.

If you are sending this through a form, simply echo csrf_field() into your form template.

If you are sending the request from something other than Laravel, you can disable the CSRF protection on that route. Read more about Middleware here: http://laravel.com/docs/5.1/middleware

Read more about it here: http://laravel.com/docs/5.1/routing#csrf-protection

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Paypal integration with Laravel 5.1 PayPal donation integration with laravel 5.1 Laravel + Paypal + cUrl + Ionic Need to Test a Service that Uses CURL in Laravel 5.1 Modify from in laravel 5.1 Curl request to twitter API using laravel 5.1 PHP + Curl to log into a remote page with a csrfToken Laravel CsrfToken expires on refresh after switching servers Paypal Adaptivepayments Issue when requesting from cURL How to fetch values from URL in laravel 5.1
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM