PHPackages                             pronnect/lib-gpwebpay - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Payment Processing](/categories/payments)
4. /
5. pronnect/lib-gpwebpay

ActiveLibrary[Payment Processing](/categories/payments)

pronnect/lib-gpwebpay
=====================

GP Webpay Gateway

1.0.6(2mo ago)00MITPHPPHP &gt;=8.0CI passing

Since Mar 26Pushed 2mo agoCompare

[ Source](https://github.com/pronnect/lib-gpwebpay)[ Packagist](https://packagist.org/packages/pronnect/lib-gpwebpay)[ RSS](/packages/pronnect-lib-gpwebpay/feed)WikiDiscussions main Synced 3w ago

READMEChangelog (8)Dependencies (10)Versions (9)Used By (0)

pronnect/gpwebpay
=================

[](#pronnectgpwebpay)

[![Tests](https://github.com/pronnect/lib-gpwebpay/actions/workflows/tests.yml/badge.svg)](https://github.com/pronnect/lib-gpwebpay/actions/workflows/tests.yml)[![codecov](https://camo.githubusercontent.com/c8c4928f47eafefb88d4e0c6d6b780d4d163526bac95c3db4911f9df5d899360/68747470733a2f2f636f6465636f762e696f2f67682f70726f6e6e6563742f6c69622d67707765627061792f67726170682f62616467652e7376673f746f6b656e3d5843433755504f434542)](https://codecov.io/gh/pronnect/lib-gpwebpay)

PHP library for communicating with the **GP Webpay** payment gateway.

Supports two independent integration modes:

ModeTransportNamespace**WS API v2.0** (SOAP)SOAP/WSDL — server-to-server`Pronnect\GpWebPay`**HTTP API** (redirect)Browser redirect (GET/POST form)`Pronnect\GpWebPay\Http`Requires PHP 8.1+, `ext-openssl`. SOAP mode additionally needs `ext-soap` and `ext-dom`. PSR-3 logger is optional.

---

Installation
------------

[](#installation)

```
composer require pronnect/lib-gpwebpay
```

---

Architecture
------------

[](#architecture)

The library follows a two-namespace design:

NamespaceLocationPurpose`Pronnect\GpWebPayApi``api/`Public interfaces only — code against these`Pronnect\GpWebPay``src/`Concrete implementations### Core flow

[](#core-flow)

1. Create a `Config` with endpoint, merchant certificates, and provider code.
2. Instantiate `Gateway` with the config, an optional `DigestSigner`, and an optional PSR-3 logger.
3. Construct a **Request** object and call the matching method on `Gateway`.
4. `Gateway` auto-fills `provider`, `merchantNumber`, `messageId` from config, signs the request, delegates to `WebService` (a `SoapClient` wrapper), verifies the response signature, and returns a typed **Response** object.

### Digest signing

[](#digest-signing)

Requests and responses implement `SignedInterface`. The digest is a `|`-separated string of specific fields in WSDL-defined order, signed with `openssl_sign` using the merchant private key, and verified with the GPE public key.

---

Configuration
-------------

[](#configuration)

```
use Pronnect\GpWebPay\Config;
use Pronnect\GpWebPay\ServiceProvider;

$config = new Config(
    wsUri: 'https://test.3dsecure.gpwebpay.com/pay-ws/v1/PaymentService',
    provider: ServiceProvider::CSOB,
    merchantNumber: '123456789',
    gpePublicKey: '/path/to/gpwebpay-pub.pem',
    merchantPrivateKey: '/path/to/merchant.key',
    merchantPrivateKeyPassword: 'secret',
);
```

**Test endpoint:** `https://test.3dsecure.gpwebpay.com/pay-ws/v1/PaymentService`**Prod endpoint:** `https://3dsecure.gpwebpay.com/pay-ws/v1/PaymentService`

---

Usage
-----

[](#usage)

```
use Pronnect\GpWebPay\Gateway;
use Pronnect\GpWebPay\DigestSigner;
use Pronnect\GpWebPay\Request\PaymentLinkRequest;

$gateway = new Gateway($config);

// Create a payment link
$request = (new PaymentLinkRequest())
    ->setPaymentNumber('ORDER-001')
    ->setAmount(10000)          // in lowest currency unit (e.g. cents)
    ->setCurrencyCode(978)      // ISO 4217 — 978 = EUR
    ->setCaptureFlag(true)
    ->setUrl('https://example.com/return');

$response = $gateway->createPaymentLink($request);
echo $response->getPaymentLink(); // redirect the cardholder here
```

---

Implemented API operations
--------------------------

[](#implemented-api-operations)

Gateway methodRequest classResponse classDescription`echo()`——Connectivity check`createPaymentLink``PaymentLinkRequest``PaymentLinkResponse`Create a hosted payment page link. Supports `registerToken` and `registerRecurring` flags`getPaymentLinkStatus``PaymentLinkStatusRequest``StatusResponse`Get payment link status`revokePaymentLink``RevokePaymentLinkRequest``StateResponse`Cancel a payment link`getPaymentStatus``PaymentStatusRequest``StateResponse`Get payment status (state, subStatus)`getPaymentDetail``PaymentDetailRequest``PaymentDetailResponse`Get full payment detail (card brand, amounts, timestamps, …)`getTokenStatus``TokenStatusRequest``StatusResponse`Get card token status`processTokenRevoke``TokenRevokeRequest``StatusResponse`Revoke a card token`processCardOnFilePayment``CardOnFilePaymentRequest``CardOnFilePaymentResponse`Server-side COF payment using a stored token (MIT). Soft decline (PRCODE=46) surfaces `authenticationLink` via `CardOnFilePaymentFaultDetail``getCardData``CardDataRequest``CardDataResponse`Retrieve masked card data and card art image for a token or master payment`processCapture``CaptureRequest``StateResponse`Capture a pre-authorized amount (deferred capture flow)`processCaptureReverse``CaptureReverseRequest``StateResponse`Reverse a capture by captureNumber`processAuthorizationReverse``AuthorizationReverseRequest``StateResponse`Reverse a pre-authorization (void before capture)`processPaymentClose``PaymentCloseRequest``StateResponse`Close a payment (mark as final, no further changes)`processPaymentDelete``PaymentDeleteRequest``StateResponse`Delete a payment that has not been settled`processRefund``RefundRequest``StateResponse`Issue a partial or full refund for a settled payment`processRefundReverse``RefundReverseRequest``StateResponse`Reverse a previously issued refund by refundNumber`getMasterPaymentStatus``MasterPaymentStatusRequest``StatusResponse`Get status of a master (linked) payment group`processMasterPaymentRevoke``MasterPaymentStatusRequest``StatusResponse`Cancel a master (linked) payment group`processRecurringPayment``RecurringPaymentRequest``RecurringPaymentResponse`Recurring (MIT) payment using a master payment number`processUsageBasedPayment``UsageBasedPaymentRequest``CardOnFilePaymentResponse`Usage-based payment with stored token`processUsageBasedSubscriptionPayment``UsageBasedSubscriptionPaymentRequest``RecurringPaymentResponse`Usage-based subscription payment`processRegularSubscriptionPayment``RegularSubscriptionPaymentRequest``RecurringPaymentResponse`Regular subscription payment`processPrepaidPayment``PrepaidPaymentRequest``RecurringPaymentResponse`Prepaid card payment`processBatchClose``BatchCloseRequest``BatchCloseResponse`Close the settlement batch`processPayout``PayoutRequest``RecurringPaymentResponse`General payout (push-to-card)`processPayoutWinning``PayoutWinningRequest``RecurringPaymentResponse`Payout — winnings`processPayoutInsurance``PayoutInsuranceRequest``RecurringPaymentResponse`Payout — insurance`getSubsqTransBatchStatus``SubsqTransBatchStatusRequest``SubsqTransBatchStatusResponse`Get subsequent transactions batch status`resolvePaymentStatus``ResolvePaymentStatusRequest``StateResponse`Resolve push payment status notification`mpsPreCheckout``MpsPreCheckoutRequest``MpsPreCheckoutResponse`Masterpass pre-checkout`mpsExpressCheckout``MpsExpressCheckoutRequest``RecurringPaymentResponse`Masterpass express checkout### Token / Card-on-File flow

[](#token--card-on-file-flow)

```
// Step 1 — register a token during PaymentLink checkout
$request = (new PaymentLinkRequest())
    ->setPaymentNumber('ORDER-001')
    ->setAmount(10000)
    ->setCurrencyCode(978)
    ->setCaptureFlag(true)
    ->setUrl('https://example.com/return')
    ->setRegisterToken(true);   // request token registration

$link = $gateway->createPaymentLink($request);

// Step 2 — use the token for a server-side payment (no cardholder present)
use Pronnect\GpWebPay\Request\CardOnFilePaymentRequest;
use SoapFault;

$cofRequest = (new CardOnFilePaymentRequest())
    ->setPaymentNumber('ORDER-002')
    ->setAmount(5000)
    ->setCurrencyCode(978)
    ->setCaptureFlag(1)
    ->setTokenData($tokenReceivedFromGateway)
    ->setReturnUrl('https://example.com/return');

try {
    $response = $gateway->processCardOnFilePayment($cofRequest);
} catch (SoapFault $e) {
    // Soft decline — cardholder must authenticate (3DS)
    $authLink = $e->detail->cardOnFilePaymentFaultDetail->authenticationLink ?? null;
}
```

---

HTTP API (redirect-based)
-------------------------

[](#http-api-redirect-based)

The HTTP API is a **browser-redirect** integration: your server builds a signed URL (or hidden POST form), redirects the cardholder to GP Webpay, and GP Webpay redirects back to your return URL with a signed callback.

### HTTP API configuration

[](#http-api-configuration)

```
use Pronnect\GpWebPay\DigestSigner;
use Pronnect\GpWebPay\Http\HttpConfig;
use Pronnect\GpWebPay\Http\HttpGateway;

$config = new HttpConfig([
    'isTestEnvironment'          => true,   // false for production
    'merchantNumber'             => '0123456789',
    'GPEPublicKey'               => file_get_contents('/path/to/gpe.pub.pem'),
    'merchantPrivateKey'         => file_get_contents('/path/to/merchant.key'),
    'merchantPrivateKeyPassword' => 'secret',
    'defaultLang'                => 'CS',   // optional; 2-letter ISO 639-1
]);

$rawSigner = new DigestSigner(
    $config->getGPEPublicKey(),
    $config->getMerchantPrivateKey(),
    $config->getMerchantPrivateKeyPassword(),
);

// Always use the factory — it wraps DigestSigner in Base64DigestSigner automatically
$gateway = HttpGateway::create($config, $rawSigner);
```

**Test endpoint:** `https://test.3dsecure.gpwebpay.com/pgw/order.do`**Prod endpoint:** `https://3dsecure.gpwebpay.com/pgw/order.do`

### Redirect (GET)

[](#redirect-get)

```
use Pronnect\GpWebPay\Http\Request\CardPaymentRequest;

$request = new CardPaymentRequest(
    orderNumber: 123456,
    amount:      19900,      // in lowest currency unit (e.g. hellers / cents)
    currency:    203,        // ISO 4217 — 203 = CZK
    depositFlag: 1,          // 1 = direct capture, 0 = pre-auth
    url:         'https://myshop.cz/return',
);
$request->setDescription('Order #123456');
$request->setLang('CS');

// Redirect cardholder to GP Webpay
header('Location: ' . $gateway->getRedirectUrl($request));
exit;
```

### POST form

[](#post-form)

When ADDINFO (3DS2 additional data) is present, the spec requires a hidden POST form instead of a GET redirect:

```
use Pronnect\GpWebPay\Http\Request\AddInfo;
use Pronnect\GpWebPay\Http\Request\AddInfo\CardholderInfo;

$addInfo = (new AddInfo())
    ->setCardholderInfo((new CardholderInfo())->setAddrMatch('Y'));

$request->setAddInfo($addInfo->toXml());

$params = $gateway->getFormParams($request); // same as getRedirectUrl but returns array
?>