From cdfd8713cd2d2976a5481764cc746eb641fced59 Mon Sep 17 00:00:00 2001
From: Bushra Asif <bushraasif931@gmail.com>
Date: Mon, 23 Feb 2026 06:16:28 +0000
Subject: [PATCH 1/6] Add support for checkoutSession endpoint

---
 src/Api/Ecommerce/PaymentRequest.php     |  17 +-
 src/Api/Payments/CheckoutSession.php     | 243 +++++++++++++++++++++++
 src/Response/CheckoutSessionResponse.php |  46 +++++
 src/Response/Embeds/Session.php          |  39 ++++
 4 files changed, 344 insertions(+), 1 deletion(-)
 create mode 100644 src/Api/Payments/CheckoutSession.php
 create mode 100644 src/Response/CheckoutSessionResponse.php
 create mode 100644 src/Response/Embeds/Session.php

diff --git a/src/Api/Ecommerce/PaymentRequest.php b/src/Api/Ecommerce/PaymentRequest.php
index 75849b5..cb41a40 100644
--- a/src/Api/Ecommerce/PaymentRequest.php
+++ b/src/Api/Ecommerce/PaymentRequest.php
@@ -284,6 +284,20 @@ public function setFormTemplate($formTemplate)
         return $this;
     }
 
+    /**
+     * Set the session_id to the Payment Request.
+     *
+     * @param string $sessionId
+     *
+     * @return $this
+     */
+    public function setSessionId($sessionId)
+    {
+        $this->unresolvedOptions['session_id'] = $sessionId;
+
+        return $this;
+    }
+    
     /**
      * Configure options
      *
@@ -314,7 +328,8 @@ protected function configureOptions(OptionsResolver $resolver)
             'account_offer',
             'orderLines',
             'extra_merchant_data',
-            'form_template'
+            'form_template',
+            'session_id',
         ]);
 
         $resolver->setAllowedValues('language', Types\LanguageTypes::getAllowed());
diff --git a/src/Api/Payments/CheckoutSession.php b/src/Api/Payments/CheckoutSession.php
new file mode 100644
index 0000000..c50365c
--- /dev/null
+++ b/src/Api/Payments/CheckoutSession.php
@@ -0,0 +1,243 @@
+<?php
+/**
+ * Copyright (c) 2026 AltaPay
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is furnished
+ * to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+namespace Altapay\Api\Payments;
+
+use Altapay\AbstractApi;
+use Altapay\Exceptions\ClientException;
+use Altapay\Exceptions\ResponseHeaderException;
+use Altapay\Exceptions\ResponseMessageException;
+use Altapay\Serializer\ResponseSerializer;
+use Altapay\Response\CheckoutSessionResponse;
+use GuzzleHttp\Exception\ClientException as GuzzleHttpClientException;
+use GuzzleHttp\Exception\GuzzleException;
+use GuzzleHttp\Psr7\Request;
+use Psr\Http\Message\ResponseInterface;
+use Symfony\Component\OptionsResolver\OptionsResolver;
+
+class CheckoutSession extends AbstractApi
+{
+    /**
+     * Set the list of terminals available for the user
+     *
+     * @param array<string> $terminals
+     *
+     * @return $this
+     */
+    public function setTerminals(array $terminals)
+    {
+        $this->unresolvedOptions['terminals'] = $terminals;
+
+        return $this;
+    }
+
+    /**
+     * Set optional session identifier
+     *
+     * @param string $sessionId
+     *
+     * @return $this
+     */
+    public function setSessionId($sessionId)
+    {
+        $this->unresolvedOptions['session_id'] = $sessionId;
+
+        return $this;
+    }
+
+    /**
+     * Set shop order ID
+     *
+     * @param string $shopOrderId
+     *
+     * @return $this
+     */
+    public function setShopOrderId($shopOrderId)
+    {
+        $this->unresolvedOptions['shop_orderid'] = $shopOrderId;
+
+        return $this;
+    }
+
+    /**
+     * Set amount
+     *
+     * @param float $amount
+     *
+     * @return $this
+     */
+    public function setAmount($amount)
+    {
+        $this->unresolvedOptions['amount'] = $amount;
+
+        return $this;
+    }
+
+    /**
+     * Set currency
+     *
+     * @param string $currency
+     *
+     * @return $this
+     */
+    public function setCurrency($currency)
+    {
+        $this->unresolvedOptions['currency'] = $currency;
+
+        return $this;
+    }
+
+    /**
+     * Set config parameters
+     *
+     * @param array<string, mixed> $config
+     *
+     * @return $this
+     */
+    public function setConfig(array $config)
+    {
+        $this->unresolvedOptions['config'] = $config;
+
+        return $this;
+    }
+
+    /**
+     * Configure options
+     *
+     * @param OptionsResolver $resolver
+     *
+     * @return void
+     */
+    protected function configureOptions(OptionsResolver $resolver)
+    {
+        $resolver->setRequired(['terminals']);
+        $resolver->setDefined(['session_id', 'shop_orderid', 'amount', 'currency', 'config']);
+        $resolver->addAllowedTypes('terminals', 'array');
+        $resolver->addAllowedTypes('session_id', 'string');
+        $resolver->addAllowedTypes('shop_orderid', 'string');
+        $resolver->addAllowedTypes('amount', ['int', 'float']);
+        $resolver->addAllowedTypes('currency', 'string');
+        $resolver->addAllowedTypes('config', 'array');
+    }
+
+    /**
+     * Handle response
+     *
+     * @param Request $request
+     * @param ResponseInterface $response
+     *
+     * @return CheckoutSessionResponse
+     * @throws \Exception
+     */
+    protected function handleResponse(Request $request, ResponseInterface $response)
+    {
+        $body = (string)$response->getBody();
+        $xml = new \SimpleXMLElement($body);
+
+        return ResponseSerializer::serialize(CheckoutSessionResponse::class, $xml->Body, $xml->Header);
+    }
+
+    /**
+     * @return array<string, string>
+     */
+    protected function getBasicHeaders()
+    {
+        $headers = parent::getBasicHeaders();
+        if (mb_strtolower($this->getHttpMethod()) === 'post') {
+            $headers['Content-Type'] = 'application/x-www-form-urlencoded';
+        }
+
+        return $headers;
+    }
+
+    /**
+     * Url to api call
+     *
+     * @param array<string, mixed> $options Resolved options
+     *
+     * @return string
+     */
+    protected function getUrl(array $options)
+    {
+
+        $url = 'checkoutSession';
+        if (mb_strtolower($this->getHttpMethod()) === 'get') {
+            $query = $this->buildUrl($options);
+            $url = sprintf('%s/?%s', $url, $query);
+        }
+
+        return $url;
+
+        return 'checkoutSession';
+        
+    }
+
+    /**
+     * @return string
+     */
+    protected function getHttpMethod()
+    {
+        return 'POST';
+    }
+
+    /**
+     * Generate the response
+     *
+     * @throws \Exception
+     * @throws ClientException
+     * @throws GuzzleException
+     * @throws ResponseHeaderException
+     * @throws ResponseMessageException
+     */
+    protected function doResponse()
+    {
+        $this->doConfigureOptions();
+        $headers = $this->getBasicHeaders();
+        $request = new Request(
+            $this->getHttpMethod(),
+            $this->parseUrl(),
+            $headers,
+            $this->getPostOptions()
+        );
+        $this->request = $request;
+        
+        try {
+            $response = $this->getClient()->send($request);
+            $this->response = $response;
+            $output = $this->handleResponse($request, $response);
+            $this->validateResponse($output);
+
+            return $output;
+        } catch (GuzzleHttpClientException $e) {
+            throw new ClientException($e->getMessage(), $e->getRequest(), $e->getResponse(), $e);
+        }
+    }
+
+    /**
+     * @return string
+     */
+    protected function getPostOptions()
+    {
+        return http_build_query($this->options, '', '&');
+    }
+}
\ No newline at end of file
diff --git a/src/Response/CheckoutSessionResponse.php b/src/Response/CheckoutSessionResponse.php
new file mode 100644
index 0000000..cc97287
--- /dev/null
+++ b/src/Response/CheckoutSessionResponse.php
@@ -0,0 +1,46 @@
+<?php
+/**
+ * Copyright (c) 2026 AltaPay
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is furnished
+ * to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+namespace Altapay\Response;
+
+use Altapay\Response\Embeds\Session;
+
+class CheckoutSessionResponse extends AbstractResponse
+{
+    /**
+     * Children of the response
+     *
+     * @var array<string, array<string, mixed>>
+     */
+    protected $childs = [
+        'Session' => [
+            'class' => Session::class,
+            'array' => false
+        ],
+    ];
+
+    /**
+     * @var Session
+     */
+    public $Session;
+}
\ No newline at end of file
diff --git a/src/Response/Embeds/Session.php b/src/Response/Embeds/Session.php
new file mode 100644
index 0000000..df841d2
--- /dev/null
+++ b/src/Response/Embeds/Session.php
@@ -0,0 +1,39 @@
+<?php
+/**
+ * Copyright (c) 2026 AltaPay
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is furnished
+ * to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+namespace Altapay\Response\Embeds;
+
+use Altapay\Response\AbstractResponse;
+
+class Session extends AbstractResponse
+{
+    /**
+     * @var string
+     */
+    public $Id;
+
+    /**
+     * @var string
+     */
+    public $Status;
+}
\ No newline at end of file

From 55b56a901c436b190e9609002ec2349db7ccf3ce Mon Sep 17 00:00:00 2001
From: Bushra Asif <bushraasif931@gmail.com>
Date: Mon, 23 Feb 2026 06:20:44 +0000
Subject: [PATCH 2/6] Update version and release notes

---
 CHANGELOG.md        | 4 ++++
 src/AbstractApi.php | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c998713..efbf652 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.5.8] - 2026-02-23
+### Added
+- Add support for `checkoutSession` API method.
+
 ## [3.5.7] - 2025-11-24
 ### Added
 - Add option to use `transaction_info` for `captureReservation`, `refundCapturedReservation` and `updateOrder/{id}/reconciliationIdentifier`.
diff --git a/src/AbstractApi.php b/src/AbstractApi.php
index 23a4e4e..e415c70 100644
--- a/src/AbstractApi.php
+++ b/src/AbstractApi.php
@@ -55,7 +55,7 @@ abstract class AbstractApi
     /**
      * PHP API version
      */
-    const PHP_API_VERSION = '3.5.7';
+    const PHP_API_VERSION = '3.5.8';
 
     /**
      * Event dispatcher

From 6b7a4f14f66fc97ece6aa412fbe13ba1872fce58 Mon Sep 17 00:00:00 2001
From: Bushra Asif <bushraasif931@gmail.com>
Date: Mon, 23 Feb 2026 06:36:17 +0000
Subject: [PATCH 3/6] Fix: php-cs-fixer issues

---
 src/Api/Payments/CheckoutSession.php     | 2 +-
 src/Response/CheckoutSessionResponse.php | 2 +-
 src/Response/Embeds/Session.php          | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/Api/Payments/CheckoutSession.php b/src/Api/Payments/CheckoutSession.php
index c50365c..1742bbd 100644
--- a/src/Api/Payments/CheckoutSession.php
+++ b/src/Api/Payments/CheckoutSession.php
@@ -240,4 +240,4 @@ protected function getPostOptions()
     {
         return http_build_query($this->options, '', '&');
     }
-}
\ No newline at end of file
+}
diff --git a/src/Response/CheckoutSessionResponse.php b/src/Response/CheckoutSessionResponse.php
index cc97287..cc4544a 100644
--- a/src/Response/CheckoutSessionResponse.php
+++ b/src/Response/CheckoutSessionResponse.php
@@ -43,4 +43,4 @@ class CheckoutSessionResponse extends AbstractResponse
      * @var Session
      */
     public $Session;
-}
\ No newline at end of file
+}
diff --git a/src/Response/Embeds/Session.php b/src/Response/Embeds/Session.php
index df841d2..0efd97a 100644
--- a/src/Response/Embeds/Session.php
+++ b/src/Response/Embeds/Session.php
@@ -36,4 +36,4 @@ class Session extends AbstractResponse
      * @var string
      */
     public $Status;
-}
\ No newline at end of file
+}

From ea81218d8e676a98ca8775fe1b11f812d9fdd871 Mon Sep 17 00:00:00 2001
From: Bushra Asif <bushraasif931@gmail.com>
Date: Mon, 23 Feb 2026 06:43:36 +0000
Subject: [PATCH 4/6] Fix Unreachable statement issue

---
 src/Api/Payments/CheckoutSession.php | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/Api/Payments/CheckoutSession.php b/src/Api/Payments/CheckoutSession.php
index 1742bbd..d3bbbce 100644
--- a/src/Api/Payments/CheckoutSession.php
+++ b/src/Api/Payments/CheckoutSession.php
@@ -187,9 +187,6 @@ protected function getUrl(array $options)
         }
 
         return $url;
-
-        return 'checkoutSession';
-        
     }
 
     /**

From 73a70e82c918d8803bb26d2368af86e8f3ceaaa4 Mon Sep 17 00:00:00 2001
From: Bushra Asif <bushraasif931@gmail.com>
Date: Mon, 23 Feb 2026 08:12:35 +0000
Subject: [PATCH 5/6] Ignore property name rule for sonar

---
 sonar-project.properties | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/sonar-project.properties b/sonar-project.properties
index 6921e39..ed263d1 100644
--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -1,3 +1,7 @@
 sonar.projectKey=AltaPay_api-php_90804e1e-91c4-43f6-a024-51f03ac0e4e8
 sonar.projectBaseDir=src
 sonar.coverage.exclusions=**
+# Ignore Sonar rule: Property names should match ^[a-z][a-zA-Z0-9]*$
+sonar.issue.ignore.multicriteria=e1
+sonar.issue.ignore.multicriteria.e1.ruleKey=php:S116
+sonar.issue.ignore.multicriteria.e1.resourceKey=**/*.php

From 7f7dc97d9b089dbfe14b30d41a3654932ad9b1f2 Mon Sep 17 00:00:00 2001
From: Bushra Asif <bushraasif931@gmail.com>
Date: Mon, 23 Feb 2026 08:23:52 +0000
Subject: [PATCH 6/6] Refactor CheckoutSession

---
 src/Api/Payments/CheckoutSession.php | 13 ++-----------
 1 file changed, 2 insertions(+), 11 deletions(-)

diff --git a/src/Api/Payments/CheckoutSession.php b/src/Api/Payments/CheckoutSession.php
index d3bbbce..36dbc7b 100644
--- a/src/Api/Payments/CheckoutSession.php
+++ b/src/Api/Payments/CheckoutSession.php
@@ -163,9 +163,7 @@ protected function handleResponse(Request $request, ResponseInterface $response)
     protected function getBasicHeaders()
     {
         $headers = parent::getBasicHeaders();
-        if (mb_strtolower($this->getHttpMethod()) === 'post') {
-            $headers['Content-Type'] = 'application/x-www-form-urlencoded';
-        }
+        $headers['Content-Type'] = 'application/x-www-form-urlencoded';
 
         return $headers;
     }
@@ -179,14 +177,7 @@ protected function getBasicHeaders()
      */
     protected function getUrl(array $options)
     {
-
-        $url = 'checkoutSession';
-        if (mb_strtolower($this->getHttpMethod()) === 'get') {
-            $query = $this->buildUrl($options);
-            $url = sprintf('%s/?%s', $url, $query);
-        }
-
-        return $url;
+        return 'checkoutSession';
     }
 
     /**