This can be done using REST APIs. the Flow is the same classic Express Checkout.
If you want to use Checkout JS, it'd look something like this:
1. Render Button using payment details.
2. Call your server in the payment function, create the payment and get a Pay-ID back.
3. Payment function launches, user logs in and authorizes payment.
4. Once payment is authorized, the checkout popup / iframe closes and the onAuthorize function is called
5. Within onAuthorize, you could call your server side again, retrieve the shipping details from the pay id and the pass it back to the client in JSON format.
6. The client will display the "order page" and once satisfied, can execute the payment by clicking a button, which will in turn call your servers execute function to execute the payment.
This should be it. See https://github.com/paypal/paypal-checkout/tree/master/docs for some examples.
I've also created a very rough proof of concept that works with a classic integration's EC-Token (see: https://github.com/marsie84/computop-paypal-v4/blob/master/index.php )
OK I think I might know what the issue is here, the URL you're using is not right:
Can you remove "index.php?confirm=true", so use this instead:
PayPal dont like URL parameters being passed in that are unrecognized, also the index.php doesnt point to anything on our side.
Just spoke to the client, and the money was returned on Friday (6 days ago).
Thanks to PayPal People for sorting this out.
But I was amazed to find that this could happen! I didn't realise that Sandbox would take money, if the visitor logged in with an email attached to a real paypal account - I have to admit, I thought the client was trying to get something for nothing!
The payment was to cgrp-facilitator at hotcosta.com
The client writes
"I made the transaction yesterday (01/05) at 14:07."
I have a screen shot of her statement, which shows
PAYPAL *CGRPFACILI -39.00 (GBP)
Her email address is firstname.lastname@example.org
And I see nothing in Sandbox on my account, but she has the details, and knew the test email address.
We figured out the problem in our OSCommerce Paypal module. We were passing duplicated variables. This may not be the problem for everyone but essentially we followed the "Payment Standard Upgrade FAQ" steps to debug.
If you aren't aware of what variables you are passing, load up your site in Chrome and checkout until you get the blank Paypal screen. At that point right click the blank area and select "INSPECT", go to the "NETWORK" tab then press F5. You should see something like WebSCR. Click that link and then click the "HEADERS" tab. Find the POST VARIABLES area under Request headers and see if your variables are duplicated.
Hope that helps!