Hack 89 Create a Wrapper Class for Your API Calls

figs/expert.gif figs/hack89.gif

Create a Windows DLL to call the API and eliminate need for the console application.

Using the API from a console application [Hack #88] is nice for testing, but for real-world applications, you'll want to use an encapsulated module to handle calls to the API. That way, you can reuse the functionality in multiple applications.

This wrapper class DLL is written in C# and assembled in Visual Studio .NET.

The underlying architecture of the PayPal API is the same for each API method, all of which use four basic classes to complete a call:


This is a generic term for a class that holds information. You fill out the properties in the type and add the type to the request object.


This object is responsible for creating and sending the SOAP package to the API. It hands the type to the API that contains information specific to the call (the TransactionID for example, in the GetTransactionDetail() method).


This object holds the API's response to the call, including whether the call was successful. It also returns a type object, with specifics (transaction details, for example, in the GetTransactionDetail() method).

API service

This object executes the call using the request object as an argument and returns a response object.

8.5.1 Handling the Basics

The API wrapper class makes it easier for you to access the PayPal API, and you can reuse it in multiple applications. The wrapper class has four properties (APIPassword, APIPassword, CertLocation, and APIUrl) set by the class constructor method, as well as some additional methods to simplify security setup and formatting.

  1. Open Visual Studio .NET and go to FileNewProject.

  2. On the New Project screen, select Visual C# Projects and Class Library.

  3. Name your project PayPalAPI and click OK.

  4. Add a PayPal web reference [Hack #88] . Name it PayPalSvc and click Add Reference.

  5. Add a new class file to the project and name it APIWrapper.cs.

  6. Copy the following code into APIWrapper.cs, and save the project when you're done:

using System;

using System.Net;

using System.Security.Cryptography.X509Certificates;

using System.Text;

using PayPalAPI.PayPalSvc;

using System.Data;

using System.Collections;

namespace PayPalAPI 


        /// <summary>

        /// Summary description for APIWrapper.

        /// </summary>


        public class APIWrapper 


                string _APIUserName="";

                string _APIPassword="";

                string _CertLocation="";

                string _APIUrl="";

                public string APIUserName


                        get{return _APIUserName;}


                public string APIPassword


                        get{return _APIPassword;}


                public string CertLocation


                        get{return _CertLocation;}


                public string APIUrl


                        get{return _APIUrl;}


                PayPalAPIInterfaceService service;

                public APIWrapper(String APIUserName, string APIPassword, 

                        string CertLocation, string APIUrl) 






                        // Add the CertificatePolicy so we can post to an untrusted


                        ServicePointManager.CertificatePolicy = new

                                MyCertificateValidation( );

                        service = new PayPalAPIInterfaceService( );

                        service.Url = _APIUrl;

                        // Add the X509 Cert to the service for authentication

                        X509Certificate certificate = 





                void SetHeaderCredentials(PayPalAPIInterfaceService service)


                        CustomSecurityHeaderType securityHeader = 

                                new CustomSecurityHeaderType( );

                        UserIdPasswordType userIdPassword = new UserIdPasswordType( );

                        userIdPassword.Username = _APIUserName;

                        userIdPassword.Password = _APIPassword;

                        //userIdPassword.Subject = subject;

                        securityHeader.Credentials = userIdPassword;

                        securityHeader.MustUnderstand = true;


                        service.RequesterCredentials = securityHeader;



                string GetAmountValue(BasicAmountType amount)


                        string sOut="";



                                sOut="$"+amount.Value.ToString( );

                                amount.currencyID = CurrencyCodeType.USD;






                        return sOut;





8.5.2 Creating Your Own Certificate Handler

If you have trouble accessing the PayPal API, it might be because your .NET code does not trust the PayPal digital certificate. But you know that you're talking to PayPal, so it's not that important. Adding the following code to your API wrapper overrides .NET's default certificate policy, which is to challenge certificates issued by untrusted certificate authorities:

class MyCertificateValidation : ICertificatePolicy {


// Default policy for certificate validation.

public static bool DefaultValidate = false; 

public bool CheckValidationResult(ServicePoint sp, X509Certificate cert, WebRequest 

request, int problem) {        

  //implement your custom code here

  return true;



Eventually, you'll need to implement your own code for this class, but for development purposes, you can simply tell your server to trust every certificate issuer.

--Rob Conery and Dave Nielsen