< Day Day Up > |
Create a Windows DLL to call the API and eliminate need for the console application . Using the API from a console application [Hack #88] is nice for testing, but for real-world applications, you'll want to use an encapsulated module to handle calls to the API. That way, you can reuse the functionality in multiple applications.
The underlying architecture of the PayPal API is the same for each API method, all of which use four basic classes to complete a call:
8.5.1 Handling the BasicsThe API wrapper class makes it easier for you to access the PayPal API, and you can reuse it in multiple applications. The wrapper class has four properties ( APIPassword , APIPassword , CertLocation , and APIUrl ) set by the class constructor method, as well as some additional methods to simplify security setup and formatting.
using System; using System.Net; using System.Security.Cryptography.X509Certificates; using System.Text; using PayPalAPI.PayPalSvc; using System.Data; using System.Collections; namespace PayPalAPI { /// <summary> /// Summary description for APIWrapper. /// </summary> public class APIWrapper { string _APIUserName=""; string _APIPassword=""; string _CertLocation=""; string _APIUrl=""; public string APIUserName { get{return _APIUserName;} } public string APIPassword { get{return _APIPassword;} } public string CertLocation { get{return _CertLocation;} } public string APIUrl { get{return _APIUrl;} } PayPalAPIInterfaceService service; public APIWrapper(String APIUserName, string APIPassword, string CertLocation, string APIUrl) { _APIUserName=APIUserName; _APIPassword=APIPassword; _CertLocation=CertLocation; _APIUrl=APIUrl; // Add the CertificatePolicy so we can post to an untrusted site ServicePointManager.CertificatePolicy = new MyCertificateValidation( ); service = new PayPalAPIInterfaceService( ); service.Url = _APIUrl; // Add the X509 Cert to the service for authentication X509Certificate certificate = X509Certificate.CreateFromCertFile(_CertLocation); service.ClientCertificates.Add(certificate); SetHeaderCredentials(service); } void SetHeaderCredentials(PayPalAPIInterfaceService service) { CustomSecurityHeaderType securityHeader = new CustomSecurityHeaderType( ); UserIdPasswordType userIdPassword = new UserIdPasswordType( ); userIdPassword.Username = _APIUserName; userIdPassword.Password = _APIPassword; //userIdPassword.Subject = subject; securityHeader.Credentials = userIdPassword; securityHeader.MustUnderstand = true; service.RequesterCredentials = securityHeader; } string GetAmountValue(BasicAmountType amount) { string sOut=""; try { sOut="$"+amount.Value.ToString( ); amount.currencyID = CurrencyCodeType.USD; } catch { sOut="--"; } return sOut; } } } 8.5.2 Creating Your Own Certificate HandlerIf you have trouble accessing the PayPal API, it might be because your .NET code does not trust the PayPal digital certificate. But you know that you're talking to PayPal, so it's not that important. Adding the following code to your API wrapper overrides .NET's default certificate policy, which is to challenge certificates issued by untrusted certificate authorities: class MyCertificateValidation : ICertificatePolicy { // Default policy for certificate validation. public static bool DefaultValidate = false; public bool CheckValidationResult(ServicePoint sp, X509Certificate cert, WebRequest request, int problem) { //implement your custom code here return true; } } Eventually, you'll need to implement your own code for this class, but for development purposes, you can simply tell your server to trust every certificate issuer. -- Rob Conery and Dave Nielsen |
< Day Day Up > |