jonathantron-paypal 3.0.0pre

data/.document

@@ -0,0 +1,5 @@
+README.rdoc
+lib/**/*.rb
+bin/*
+features/**/*.feature
+LICENSE

data/.gitignore

@@ -0,0 +1,11 @@
+*.sw?
+.DS_Store
+coverage
+rdoc
+pkg
+._*
+*.orig
+Thumbs.db
+doc
+.yardoc
+.bundle

data/CHANGELOG.md

@@ -0,0 +1,73 @@
+= 3.0.0 (git)
+
+    Start spec on Paypal::Helpers::Common.paypal_setup
+    Fix specs for Paypal::Config
+    Upgrade dev dependencies to use Rspec >= 2.0.0.a
+    Introduce a Paypal::Config module to handle ipn/certificates (Jonathan Tron)
+    Allow access to params as method (via method_missing) (Jonathan Tron)
+    Rework Paypal::Notification :
+      Remove methods to get params informations (CAUTION !!! THIS BREAK OLD API) (Jonathan Tron)
+      Add methods for all possible statuses and rename #complete? as completed? to follow Paypal naming (Jonathan Tron)
+    Use Rack::Utils#parse_query in Paypal::Notification for query parsing (Jonathan Tron)
+    Add Spec for notification (Jonathan Tron)
+    Add paypal/rails.rb to trigger helper inclusion in view (Jonathan Tron)
+    Separate actual helpers in two files (paypal/helpers/common.rb and paypal/helpers/rails.rb) (Jonathan Tron)
+    Move files around (Jonathan Tron)
+    Update the README and switch to MarkDown (Jonathan Tron)
+    Add a CHANGELOG file and switch to new format (Jonathan Tron)
+    Remove init.rb (Jonathan Tron)
+    Configure gem generation with jelewer (Jonathan Tron)
+
+= 2008-10-16 -- 2.0.2
+
+    NEW: Added block style support for paypal_form_tag (paypal_form_tag do blah.. blah... end)
+    DEL: Removed patch for 2.0.0, no longer seems suitable.
+    NEW: Added testing for the paypal_form_tag block style.
+    NEW: Added a sample (actual from paypal sandbox) PayPal server response for IPN, to aid in testing.
+
+= 2008-10-15 -- 2.0.1
+
+    CHG: Modified README.
+    FIX: Moved patch to own directory, was being caught by git-hub as gem's README
+    NEW: Added patch for currently installed paypal-2.0.0 gem to apply directly on gems directory.
+    NEW: Added relevant test statements.
+    FIX: removed duplicate 'invoice' method in lib/notification.rb
+    NEW: added correct 'custom' method to lib/notification.rb
+    NEW: added pending_reason, reason_code, memo, payment_type, exchange_rate methods to lib/notification.rb
+
+= 2006-04-20 -- 2.0.0
+
+    Uses paypal extended syntax. The plugin can now submit shipping and billing addresses using the paypal_address helper.
+
+= 2006-04-20 -- 1.7.0 
+
+    Now a rails plugin
+
+= 2006-02-10 -- 1.5.1
+
+    added complete list of valid paypal options (Paul Hart)
+
+= 2006-02-02 -- 1.5.0
+
+    Now report an error when invalid option is passed to paypal_setup
+    Had to rename parameters cancel_url to cancel_return and return_url to return, please update your app
+    Improved the test coverage strategy for helper tests
+    Added support for encrypted form data (Paul Hart)
+
+= 2005-09-16 -- 0.9.6
+
+    Added readme note about the openssl requirement
+
+= 2005-07-26 -- 0.9.5
+
+    Added tax to the helper parameters
+    fixed bug when money class was used to pass in amount. Cents were always 00 (doh!)
+    Added invoice and custom optional parameters
+    Added charset = utf-8 to all paypal posts
+    Wrongly used undefined_quanitity parameter in 0.9.1, this caused users to be prompted for the quanitity on the paypal checkout page... fixed
+
+= 2005-07-22 -- 0.9.1
+
+    support for cancel_url as well as notify_url. This means you can now set the IPN callback address from the paypal_setup method and 
+  you don't have to do that in the paypal admin interface!
+    Removed the actual form tag from the paypal_setup generated code to conform better with docs 

data/Gemfile

@@ -0,0 +1,12 @@
+source :gemcutter
+
+gem "rack", ">= 1.0.0"
+gem "json_pure"
+gem "rake"
+gem "jeweler"
+gem "rcov", ">= 0.9.8"
+gem "rspec", ">= 2.0.0.a"
+gem "nokogiri"
+gem "bluecloth"
+gem "yard"
+gem "fakeweb", :require => "fakeweb"

data/LICENSE

@@ -0,0 +1,23 @@
+#--
+# Copyright (c) 2005 Tobias Luetke
+# Copyright (c) 2009 Tron Jonathan
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#++

data/README.md

@@ -0,0 +1,117 @@
+# Welcome to Paypal ruby library
+
+This library is here to aid with integrating Paypal payments into ruby on rails
+applications or similar. To set this up you will need to log into your paypal
+business account and tell paypal where to send the IPN ( Instant payment notifications ).
+
+# Download
+
+* Preferred method of installation is using rubygems. gem install JonathanTron-paypal
+* Alternatively you can get the source code at http://github.com/JonathanTron/paypal
+
+# Requirements
+
+* Ruby 1.8.2 (may work with previous versions) With OpenSSL support compiled in.
+* Valid paypal business account.
+* (optional) The money library from http://dist.leetsoft.com/api/money
+
+# Installation
+
+1. sudo gem install JonathanTron-paypal --source=http://gems.github.com
+
+2. Require the library
+
+        require "paypal"
+
+  2.1. If you're using Rails add :
+
+        require "paypal/rails"
+
+3. Create a paypal_ipn ( or similar ) action like the one in the "Example action" appendix.
+
+
+## -- - TODO : REWRITE BELOW THIS POINT - --
+
+Within the new payment controller you can now create pages from which users can be sent to paypal. You always have to sent users to paypal using a HTTP Post so a standard link won't work (well OK but you need some javascript for that). The +Paypal::Helper+ namespace has some examples of how such a forward page may look.
+
+# Testing the integration
+
+Under https://developer.paypal.com/ you can signup for a paypal developer account.
+This allows you to set up "sandboxed" accounts which work and act like real accounts
+with the difference that no money is exchanged. Its a good idea to sign up for a
+sandbox account to use while the application is running in development mode.
+
+
+# Example rails controller
+
+    class BackendController < ApplicationController
+
+      # Simplification, please write better code then this...
+      def paypal_ipn
+       notify # Paypal::Notification.new(request.raw_post)
+
+       if notify.acknowledge
+         order # Order.find(notify.item_id)
+         order.success # (notify.complete? and order.total # notify.amount) ? 'success' : 'failure'
+         order.save
+       end
+
+       render :nothing #> true
+      end
+    end
+
+# Example paypal forward page
+
+   <%# paypal_form_tag %>
+     <%# paypal_setup "Item 500", Money.us_dollar(50000), "bob@bigbusiness.com", :notify_url #> url_for(:only_path #> false, :action #> 'paypal_ipn') %>
+
+     Please press here to pay $500US using paypal. <br/>
+     <%# submit_tag "Go to paypal >>" %>
+
+   </form>
+
+   or, with the same results, the block version:
+
+   <% paypal_form_tag do %>
+     <%# paypal_setup "Item 500", Money.us_dollar(50000), "bob@bigbusiness.com", :notify_url #> url_for(:only_path #> false, :action #> 'paypal_ipn') %>
+
+     Please press here to pay $500US using paypal. <br/>
+     <%# submit_tag "Go to paypal >>" %>
+
+   <% end %>
+
+# Using encrypted form data
+
+Paypal supports encrypted form data to prevent tampering by third parties.
+You must have a verified paypal account to use this functionality.
+
+1) Create a private key for yourself
+
+    openssl genrsa -out business_key.pem 1024
+
+2) Create a public certificate to share with Paypal
+
+    openssl req -new -key business_key.pem -x509 -days 3650 -out business_cert.pem
+
+3) Upload the public certificate to Paypal (under Profile -> Encrypted Payment Settings -> Your Public Certificates -> Add),
+and note the "Cert ID" that Paypal shows for the certificate.
+
+4) Update your controller to include the details for your key and certificate.
+
+    @business_key # File::read("business_key.pem")
+    @business_cert # File::read("business_cert.pem")
+    @business_certid # "certid from paypal"
+
+5) Update your views to populate the :business_key, :business_cert and :business_certid options in 'paypal_setup' - the rest of the signature is the same.
+
+6) When you're ready to go live, download the production Paypal certificate and override the default certificate.
+
+    Paypal::Notification.paypal_cert # File::read("paypal_cert.pem")
+
+7) Finally, add the following line to your environment.rb or inside an initializer:
+
+    Paypal::Notification.ipn_url # "https://www.paypal.com/cgi-bin/webscr"
+
+# Troubleshooting
+
+uninitalized constant Paypal - Make sure your ruby has openssl support

data/Rakefile

@@ -0,0 +1,45 @@
+require "rubygems"
+require "rake"
+
+$:.unshift "lib"
+require "paypal"
+
+begin
+  require "jeweler"
+  Jeweler::Tasks.new do |gem|
+    gem.name = "jonathantron-paypal"
+    gem.version = Paypal::VERSION
+    gem.summary = %Q{Paypal Express Integration}
+    gem.description = %Q{Integrate Paypal Express}
+    gem.email = "jonathan@tron.name"
+    gem.homepage = "http://github.com/JonathanTron/paypal"
+    gem.authors = ["Jonathan Tron", "Joseph Halter", "Tobias Luetke"]
+    gem.add_dependency "rack", ">= 1.0.0"
+    gem.add_development_dependency "rspec", ">= 2.0.0.a"
+    gem.add_development_dependency "rcov", ">= 0.9.8"
+    gem.add_development_dependency "nokogiri"
+    gem.add_development_dependency "bluecloth"
+    gem.add_development_dependency "yard"
+    gem.add_development_dependency "fakeweb"
+  end
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
+end
+
+require "rspec/core/rake_task"
+::Rspec::Core::RakeTask.new(:spec)
+::Rspec::Core::RakeTask.new(:rcov) do |spec|
+  spec.rcov = true
+  spec.rcov_opts = "--exclude spec/"
+end
+task :spec => :check_dependencies
+task :default => :spec
+
+begin
+  require "yard"
+  YARD::Rake::YardocTask.new
+rescue LoadError
+  task :yardoc do
+    abort "YARD is not available. In order to run yardoc, you must: sudo gem install yard"
+  end
+end

data/lib/paypal/certs/paypal_sandbox.pem

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDoTCCAwqgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx
+EzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3NlMRUwEwYDVQQK
+EwxQYXlQYWwsIEluYy4xFjAUBgNVBAsUDXNhbmRib3hfY2VydHMxFDASBgNVBAMU
+C3NhbmRib3hfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0
+MDQxOTA3MDI1NFoXDTM1MDQxOTA3MDI1NFowgZgxCzAJBgNVBAYTAlVTMRMwEQYD
+VQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEVMBMGA1UEChMMUGF5
+UGFsLCBJbmMuMRYwFAYDVQQLFA1zYW5kYm94X2NlcnRzMRQwEgYDVQQDFAtzYW5k
+Ym94X2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAt5bjv/0N0qN3TiBL+1+L/EjpO1jeqPaJC1fDi+cC
+6t6tTbQ55Od4poT8xjSzNH5S48iHdZh0C7EqfE1MPCc2coJqCSpDqxmOrO+9QXsj
+HWAnx6sb6foHHpsPm7WgQyUmDsNwTWT3OGR398ERmBzzcoL5owf3zBSpRP0NlTWo
+nPMCAwEAAaOB+DCB9TAdBgNVHQ4EFgQUgy4i2asqiC1rp5Ms81Dx8nfVqdIwgcUG
+A1UdIwSBvTCBuoAUgy4i2asqiC1rp5Ms81Dx8nfVqdKhgZ6kgZswgZgxCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEV
+MBMGA1UEChMMUGF5UGFsLCBJbmMuMRYwFAYDVQQLFA1zYW5kYm94X2NlcnRzMRQw
+EgYDVQQDFAtzYW5kYm94X2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNv
+bYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAFc288DYGX+GX2+W
+P/dwdXwficf+rlG+0V9GBPJZYKZJQ069W/ZRkUuWFQ+Opd2yhPpneGezmw3aU222
+CGrdKhOrBJRRcpoO3FjHHmXWkqgbQqDWdG7S+/l8n1QfDPp+jpULOrcnGEUY41Im
+jZJTylbJQ1b5PBBjGiP0PpK48cdF
+-----END CERTIFICATE-----

data/lib/paypal/config.rb

@@ -0,0 +1,58 @@
+module Paypal
+  module Config
+    IPN_URL_SANDBOX    = "https://www.sandbox.paypal.com/cgi-bin/webscr"
+    IPN_URL_PRODUCTION = "https://www.paypal.com/cgi-bin/webscr"
+
+    @@mode = :sandbox
+    def self.mode=(new_mode)
+      raise ArgumentError.new("Paypal::Config.mode should be either :sandbox or :production (you tried to set it as : #{new_mode})") unless [:sandbox, :production].include?(new_mode.to_sym)
+      @@mode = new_mode.to_sym
+    end
+    def self.mode
+      @@mode
+    end
+    
+    def self.ipn_url
+      case @@mode
+      when :sandbox
+        IPN_URL_SANDBOX
+      when :production
+        IPN_URL_PRODUCTION
+      end
+    end
+    
+    def self.ipn_validation_path
+      URI.parse(ipn_url).path + "?cmd=_notify-validate"
+    end
+
+    def self.ipn_validation_url
+      "#{ipn_url}?cmd=_notify-validate"
+    end
+
+    @@paypal_sandbox_cert = File.read(File.join(File.dirname(__FILE__), 'certs', 'paypal_sandbox.pem'))
+    def self.paypal_sandbox_cert=(new_cert)
+      @@paypal_sandbox_cert = new_cert
+    end
+    def self.paypal_sandbox_cert
+      @@paypal_sandbox_cert
+    end
+
+    @@paypal_production_cert = nil
+    def self.paypal_production_cert=(new_cert)
+      @@paypal_production_cert = new_cert
+    end
+    def self.paypal_production_cert
+      @@paypal_production_cert
+    end
+
+    def self.paypal_cert
+      case @@mode
+      when :sandbox
+        @@paypal_sandbox_cert
+      when :production
+        raise StandardError.new("You should set Paypal::Config.paypal_production_cert with your paypal production certificate") if @@paypal_production_cert.nil?
+        @@paypal_production_cert
+      end
+    end
+  end
+end

data/lib/paypal/helpers/common.rb

@@ -0,0 +1,300 @@
+module Paypal
+  # This is a collection of helpers which aid in the creation of paypal buttons
+  #
+  # Example:
+  #
+  #    <%= form_tag Paypal::Config.ipn_url %>
+  #
+  #      <%= paypal_setup "Item 500", Money.us_dollar(50000), "bob@bigbusiness.com" %>
+  #      Please press here to pay $500US using paypal. <%= submit_tag %>
+  #
+  #    <% end_form_tag %>
+  #
+  # For this to work you have to include these methods as helpers in your rails application.
+  # One way is to add "include Paypal::Helpers" in your application_helper.rb
+  # See Paypal::Notification for information on how to catch payment events.
+  module Helpers
+    module Common
+      # This helper creates the hidden form data which is needed for a paypal purchase.
+      #
+      # * <tt>item_number</tt> -- The first parameter is the item number. This is for your personal organization and can
+      #   be arbitrary. Paypal will sent the item number back with the IPN so its a great place to
+      #   store a user ID or a order ID or something like  this.
+      #
+      # * <tt>amount</tt> -- should be a parameter of type Money ( see http://leetsoft.com/api/money ) but can also
+      #   be a string of type "50.00" for 50$. If you use the string syntax make sure you set the current
+      #   currency as part of the options hash. The default is USD
+      #
+      # * <tt>business</tt> -- This is your paypal account name ( an email ). This needs to be a valid paypal business account.
+      #
+      # The last parameter is a options hash. You can set or override any Paypal-recognized parameter, including:
+      #
+      # * <tt>:cmd</tt> -- default is '_xclick' or '_xclick-subscriptions' when you use :subscription.
+      # * <tt>:quantity</tt> -- default is '1'.
+      # * <tt>:no_note</tt> -- default is '1'.
+      # * <tt>:item_name</tt> -- default is 'Store purchase'. This is the name of the purchase which will be displayed
+      #   on the paypal page.
+      # * <tt>:no_shipping</tt> -- default is '1'. By default we tell paypal that no shipping is required. Usually
+      #   the shipping address should be collected in our application, not by paypal.
+      # * <tt>:currency</tt> -- default is 'USD'. If you provide a Money object, that will automatically override
+      #   the value.
+      # * <tt>:charset</tt> -- default is 'utf-8'.
+      # * <tt>:notify_url</tt> -- If provided paypal will send its IPN notification once a
+      #   purchase is made, canceled or any other status changes occur.
+      # * <tt>:return</tt> -- If provided paypal will redirect a user back to this url after a
+      #   successful purchase. Useful for a kind of thankyou page.
+      # * <tt>:cancel_return</tt> -- If provided paypal will redirect a user back to this url when
+      #   the user cancels the purchase.
+      # * <tt>:tax</tt> -- the tax for the store purchase. Same format as the amount parameter but optional
+      # * <tt>:invoice</tt> -- Unique invoice number. User will never see this. optional
+      # * <tt>:custom</tt> -- Custom field. User will never see this. optional
+      #
+      # Dealing with subscriptions
+      #
+      # * <tt>:subscription</tt> -- Hash containing the subscription options. optional
+      #   * <tt>:period</tt> -- One of :monthly, :yearly, :weekly or :daily
+      #   * <tt>:length</tt> -- How often, based on :period. E.g. 6 :monthly?
+      #   * <tt>:retry</tt> -- Default is false. Boolean for if paypal should retry failed payments.
+      #   * <tt>:recurring</tt> -- Default is false. Boolean for if paypal should recur payment and end of period.
+      #
+      # Generating encrypted form data
+      #
+      # The helper also supports the generation of encrypted button data. Please see the README for more information
+      # on the setup and prerequisite steps for using encrypted forms.
+      #
+      # The following options must all be provided (as strings) to encrypt the data:
+      #
+      # * <tt>:business_key</tt> -- The private key you have generated
+      # * <tt>:business_cert</tt> -- The public certificate you have also uploaded to Paypal
+      # * <tt>:business_certid</tt> -- The certificate ID that Paypal has assigned to your certificate.
+      #
+      # Examples:
+      #
+      #   <%= paypal_setup @order.id, Money.us_dollar(50000), "bob@bigbusiness.com" %>
+      #   <%= paypal_setup @order.id, '50.00', "bob@bigbusiness.com", :currency => 'USD' %>
+      #   <%= paypal_setup @order.id, '50.00', "bob@bigbusiness.com", :currency => 'USD', :notify_url => url_for(:only_path => false, :action => 'paypal_ipn') %>
+      #   <%= paypal_setup @order.id, Money.ca_dollar(50000), "bob@bigbusiness.com", :item_name => 'Snowdevil shop purchase', :return_url => paypal_return_url, :cancel_url => paypal_cancel_url, :notify_url => paypal_ipn_url  %>
+      #   <%= paypal_setup @order.id, Money.ca_dollar(50000), "bob@bigbusiness.com", :item_name => 'Snowdevil shop purchase', :return_url => paypal_return_url, :cancel_url => paypal_cancel_url, :business_key => @business_key, :business_cert => @business_cert, :business_certid => @business_certid  %>
+      #
+      def paypal_setup(item_number, amount, business, options = {})
+
+        subscription = options.delete(:subscription)
+
+        misses = (options.keys - valid_setup_options)
+        raise ArgumentError, "Unknown option #{misses.inspect}" unless misses.empty?
+
+        params = {
+          :cmd => subscription ? '_ext-enter' : '_xclick',
+          :redirect_cmd => subscription ? '_xclick-subscriptions' : nil,
+          :quantity => 1,
+          :business => business,
+          :item_number => item_number,
+          :item_name => 'Store purchase',
+          :no_shipping => '1',
+          :no_note => '1',
+          :charset => 'utf-8'
+        }.reject{|k,v| v.nil?}.merge(options)
+
+        params[:currency_code] = amount.currency if amount.respond_to?(:currency)
+        params[:currency_code] = params.delete(:currency) if params[:currency]
+        params[:currency_code] ||= 'USD'
+
+        # We accept both strings and money objects as amount
+        amount = amount.cents.to_f / 100.0 if amount.respond_to?(:cents)
+        amount = sprintf('%.2f', amount)
+
+        if subscription.nil?
+          params[:amount] = amount
+        else
+          params[:a3]  = amount
+          params[:p3]  = subscription[:length]
+          params[:sra] = subscription[:retry] == true ? 1 : 0
+          params[:src] = subscription[:recurring] == true ? 1 : 0
+          params[:t3]  = case subscription[:period]
+            when :monthly; 'M'
+            when :yearly;  'Y'
+            when :weekly;  'W'
+            when :daily;   'D'
+          end
+        end
+
+        # same for tax
+        tax = params[:tax]
+        unless tax.nil?
+          tax = tax.cents.to_f / 100.0 if tax.respond_to?(:cents)
+          params[:tax] = sprintf("%.2f", tax)
+        end
+
+        # look for encryption parameters, save them outsite the parameter hash.
+        business_key = params.delete(:business_key)
+        business_cert = params.delete(:business_cert)
+        business_certid = params.delete(:business_certid)
+
+        # Build the form
+        buttons = []
+        # Only attempt an encrypted form if we have all the required fields.
+        if business_key and business_cert and business_certid
+          require 'openssl'
+
+          # Convert the key and certificates into OpenSSL-friendly objects.
+          paypal_cert = OpenSSL::X509::Certificate.new(Paypal::Config.paypal_cert)
+          business_key = OpenSSL::PKey::RSA.new(business_key)
+          business_cert = OpenSSL::X509::Certificate.new(business_cert)
+          # Put the certificate ID back into the parameter hash the way Paypal wants it.
+          params[:cert_id] = business_certid
+
+          # Prepare a string of data for encryption
+          data = ""
+          params.each_pair {|k,v| data << "#{k}=#{v}\n"}
+
+          # Sign the data with our key/certificate pair
+          signed = OpenSSL::PKCS7::sign(business_cert, business_key, data, [], OpenSSL::PKCS7::BINARY)
+          # Encrypt the signed data with Paypal's public certificate.
+          encrypted = OpenSSL::PKCS7::encrypt([paypal_cert], signed.to_der, OpenSSL::Cipher::Cipher::new("DES3"), OpenSSL::PKCS7::BINARY)
+
+          # The command for encrypted forms is always '_s-xclick'; the real command is in the encrypted data.
+          buttons << %Q{<input type="hidden" name="cmd" value="_s-xclick" />}
+          buttons << %Q{<input type="hidden" name="cmd" value="#{encrypted}" />}
+        else
+          # Just emit all the parameters that we have as hidden fields.
+          # Note that the sorting isn't really needed, but it makes testing a lot easier for now.
+          params.each do |key, value|
+            buttons << %Q{<input type="hidden" name="#{key}" value="#{value}" />} unless value.nil?
+          end
+        end
+        buttons.join("\n")
+      end
+
+      # Pass an address to paypal so that all signup forms can be prefilled
+      #
+      # * <tt>email</tt> -- Customer's email address
+      # * <tt>first_name</tt> --  Customer's first name. Must be alpha-numeric, with a 32 character limit
+      # * <tt>last_name</tt> -- Customer's last name. Must be alpha-numeric, with a 64 character limit
+      # * <tt>address1</tt> --  First line of customer's address. Must be alpha-numeric, with a 100 character limit
+      # * <tt>address2</tt> --  Second line of customer's address. Must be alpha-numeric, with a 100 character limit
+      # * <tt>city</tt> --  City of customer's address. Must be alpha-numeric, with a 100 character limit
+      # * <tt>state</tt> -- State of customer's address. Must be official 2 letter abbreviation
+      # * <tt>zip</tt> -- Zip code of customer's address
+      # * <tt>night_phone_a</tt> -- Area code of customer's night telephone number
+      # * <tt>night_phone_b</tt> -- First three digits of customer's night telephone number
+      # * <tt>day_phone_a</tt> -- Area code of customer's daytime telephone number
+      # * <tt>day_phone_b</tt> -- First three digits of customer's daytime telephon
+      def paypal_address(options = {})
+        options.collect do |key, value|
+          %Q{<input type="hidden" name="#{key}" value="#{value}" />}
+        end.join("\n")
+      end
+
+    private
+
+      # See https://www.paypal.com/IntegrationCenter/ic_std-variable-reference.html for details on the following options.
+      def valid_setup_options
+        [
+        # Generic Options
+        :cmd,
+        # IPN Support
+        :notify_url,
+        # Item Information
+        :item_name,
+        :quantity,
+        :undefined_quantity,
+        :on0,
+        :os0,
+        :on1,
+        :os1,
+        # Display Information
+        :add,
+        :cancel_return,
+        :cbt,
+        :cn,
+        :cpp_header_image,
+        :cpp_headerback_color,
+        :cpp_headerborder_color,
+        :cpp_payflow_color,
+        :cs,
+        :display,
+        :image_url,
+        :no_note,
+        :no_shipping,
+        :page_style,
+        :return,
+        :rm,
+        # Transaction Information
+        :address_override,
+        :currency,
+        :currency_code,
+        :custom,
+        :handling,
+        :invoice,
+        :redirect_cmd,
+        :shipping,
+        :tax,
+        :tax_cart,
+        # Shopping Cart Options
+        :amount,
+        :business,
+        :handling_cart,
+        :paymentaction,
+        :rupload,
+        :charset,
+        :upload,
+        # Prepopulating PayPal FORMs or Address Overriding
+        :address1,
+        :address2,
+        :city,
+        :country,
+        :email,
+        :first_name,
+        :last_name,
+        :lc,
+        :night_phone_a,
+        :night_phone_b,
+        :night_phone_c,
+        :state,
+        :zip,
+        # Prepopulating Business Account Sign-up
+        :business_address1,
+        :business_address2,
+        :business_city,
+        :business_state,
+        :business_country,
+        :business_cs_email,
+        :business_cs_phone_a,
+        :business_cs_phone_b,
+        :business_cs_phone_c,
+        :business_url,
+        :business_night_phone_a,
+        :business_night_phone_b,
+        :business_night_phone_c,
+        # End of list from https://www.paypal.com/IntegrationCenter/ic_std-variable-reference.html
+        # The following items are known to exist but are not yet on the above page.
+        :business_zip,
+        :day_phone_a,
+        :day_phone_b,
+        :day_phone_c,
+        # Subscription Options
+        :a1, # Trial Amount 1
+        :p1, # Trial Period 1
+        :t1, # Trial Period 1 Units (D=days, W=weeks, M=months, Y=years)
+        :a2, # Trial Amount 2
+        :p2, # Trial Period 2
+        :t2, # Trial Period 2 Units
+        :a3, # Regular Subscription Amount
+        :p3, # Regular Subscription Period
+        :t3, # Regular Subscription Period Units
+        :src, # Recurring Payments? (1=yes, default=0)
+        :sra, # Reattempt Transaction on Failure? (1=yes, default=0)
+        :srt, # Recurring Times (number of renewals before auto-cancel, default=forever)
+        :usr_manage, # Username and Password Generator? (1=yes, default=0)
+        :modify, # Modification Behaviour (0=new subs only, 1=new or modify, 2=modify existing only, default=0)
+        # Encryption Options - used internally only.
+        :business_key, # Your private key
+        :business_cert, # Your public certificate
+        :business_certid, # Your public certificate ID (from Paypal)
+        # Other
+        :bn
+        ]
+      end
+    end
+  end
+end