bencroker
commented
11 months ago Sorry for not responding sooner, this went under my radar, somehow.
Yes, this does look like a bad idea, but it was the only option at the time. The API has since changed, so this package is now outdated.
Shouldn't this SDK use the correct authorization headers as shown in the API:
https://developer.worldpay.com/docs/access-worldpay
I have not tested this yet, but just looking at the code, I saw the params were user and password and for a bank api, this seems like a terrible idea.
Any thoughts on this?