Build a payment request
Sample Url
|
https://sandbox.app.initiumpay.com/gateway/pay?amount=400&clientID=b49f32e4-5990-4979-a7dc-d88c1918d69b¤cy=eur&orderReference=lamp&orderID=o420234&signature=6090a63e7118abc0aa26f5d1e983af5e107ea501079cf67fa9d82c1ca72a9805
|
|
amount Input the amount in cents 4 euro equal to 400
clientID Id merchant gateway
currency Currency of the operation, Euro is only supported.
culture Language prefix identification*
orderReference url encoded short description of the order
orderID Id order merchant
signature Hash of the url parameters
* Optional
Signature Generation
|
amount=400&clientID=b49f32e4-5990-4979-a7dc-d88c1918d69b¤cy=eur&orderReference=lamp&orderID=o420234 |
|
· Take querystring without ? as shown in the sample
· Append the secret assigned to the merchant to the sequence
· Compute the hash of the resulting string
· Add to the querystring the field signature and its hash value
Sample Merchant Credentials
{
"merchantID": "e2bc2030-9012-40b2-9a62-9d82aeeb7f09",
"clientID": "b49f32e4-5990-4979-a7dc-d88c1918d69b",
"secret": "ZmpuIRw8MGDFmXpkQQa4jrBn6NjCyADn",
"merchantDescription": "Edison Sample Shop" ,
"accountID": "109125464134516745",
"accountType": "managed_accounts",
"callbackUrl": "https://localhost:44332",
"callbackCancelUrl": https://localhost:44332
}
clientID ID merchant gateway
secret String for the signature generation
accountID InitiumPay accoynt ID
CallbackUrl Url merchant receving the results of the operation
CallbackCancelUrl Url merchant receving the cancenllig operation
Transaction Result
{merchantCallback}/? result={result}&amount={amountTransaction}&transactionID={transactionID}&orderID={orderID}&signature={signature}
merchantCallBack Url merchant dove ricevere l’esito della transazione
result Result of the operation true or false
amount Value of the transaction
transactionID Transaction ID sent only for a positive operation
orderID Oder ID
signature Anti tampering signature
Sample Class for a Signature generation
C#
using System.Security.Cryptography;
using System.Web;
namespace InitiumPay.Web.Extensions
{
public static class Security
{
public static string GenerateSign( string queryString, string secret)
{
string hashedVariables = GenerateHashToken(queryString, secret);
return hashedVariables;
}
private static string GenerateHashToken( string queryString, string secret)
{
string salt = secret;
string concatVariables = queryString + secret;
string hashedVariables = GetSha256Hash(concatVariables);
return hashedVariables;
}
private static string GetSha256Hash( string text)
{
byte [] bytes = System.Text.Encoding.UTF8.GetBytes(text);
var hashstring = SHA256.Create();
byte[] hash = hashstring.ComputeHash(bytes);
string hashString = string.Empty;
foreach (byte x in hash)
{
hashString += String.Format("{0:x2}" , x);
}
return hashString;
}
public static bool IsUrlTamperedFree( string queryString, string sign, string secret)
{
if (string.IsNullOrWhiteSpace(sign))
{
return false;
}
string hashedToken = GenerateHashToken(queryString, secret);
return hashedToken == sign;
}
public static string RemoveQueryStringByKey(HttpRequest request, string key)
{
var uri = new Uri($"{request.Scheme}://{request.Host}{request.Path}{request.QueryString}");
// this gets all the query string key value pairs as a collection
var newQueryString = HttpUtility.ParseQueryString(uri.Query);
// this removes the key if exists
newQueryString.Remove(key);
return newQueryString.Count > 0
? String.Format("{0}" , newQueryString)
: request.QueryString.Value;
}
}
}