Sunday, July 16, 2017

PayWay Payment GateWay | Hosted Payment Page Setup | PayWay Hosted Payment | Hosted Payment

It's easy to integrate PayWay hosted payment system. First we need an account. If you have not any PayWay account yet, go to https://www.payway.com.au/core/LoginView and create an account first.

Now visit to https://www.payway.com.au/net/HostedPaymentPageSetupView and follow below screen:


Next step is to collect PayWay biller code:



Next step is to setup some notification configuration:



Below screen for notification panel, the marked url will be notified once a payment made via POST method:



I used "http://luckyorange.net/payway-hosted/callback.php?ThisPartWould0=&SecurityCheck=" as "Browser Return URL".

Where SecurityCheck field will be filled up when return to our working server.

Now from below page we will collect decryption key and security username and password. You have to add your server ip address here.



Now we will setup customer reference field as below:



Next we will setup minimum and maximum payment amount.



Next we will setup surcharge configuration:



And now finally we will do implementation.

First we will create a payment token and then redirect to PayWay payment page, below is a PHP script:


<?php
include_once "CurlExecutor.php";

$token_url = "https://www.payway.com.au/RequestToken";
$payment_url = "https://www.payway.com.au/MakePayment";
$redirect_uri = "http://luckyorange.net/payway-hosted/callback.php?ThisPartWould0=&SecurityCheck=";

define("BILLER_CODE", "10...6");
define("USERNAME", "T1...");
define("PASSWORD", "N........");

$post_data = "biller_code=" . BILLER_CODE;
$post_data = $post_data . "&username=" . USERNAME;
$post_data = $post_data . "&password=" . PASSWORD;

/* CUSTOMER INFORMATION */
$post_data = $post_data . "&information_fields=Name,InvoiceNO,Address";
$post_data = $post_data . "&Name=" . urlencode("Pritom Kumar");
$post_data = $post_data . "&InvoiceNO=" . strtoupper(substr(md5(time()), 0, 10));
$post_data = $post_data . "&Address=" . urlencode("Some Address");

/* HIDDEN FIELDS */
$post_data = $post_data . "&hidden_fields=SecurityCheck";
$post_data = $post_data . "&SecurityCheck=" . urlencode("SECURE TEXT");

/* PRODUCT DETAILS */
$post_data = $post_data . "&Shampoo=1,0.10";
$post_data = $post_data . "&Soap=2,0.20";

/* REQUEST HEADERS */
$headers[] = "Content-type: application/x-www-form-urlencoded";

$response = CurlExecutor::execute($token_url, "POST", $post_data, null, $headers);
if ($response["code"] == 200) {
    $token = substr($response["response"], 6);
    header("Refresh:0; url=$payment_url?biller_code=" . BILLER_CODE . "&token=" . $token);
}
CurlExecutor::prettyPrint($response);


Which will redirect to PayWay payment page as below screenshot:



After successful payment PayWay will make a redirection to our server (redirect url we provided) as below format:

http://luckyorange.net/payway-hosted/callback.php?EncryptedParameters=...&Signature=...

We will decrypt "EncryptedParameters" using AES 128 algorithm with PKCS7 padding. Key is "Encryption Key" on "Security Information" page.


<?php
function decrypt($key, $to_decrypt)
{
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
    $iv = substr($to_decrypt, 0, $iv_size);
    $to_decrypt = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, substr($to_decrypt, $iv_size), MCRYPT_MODE_CBC, $iv);
    $pad = ord($to_decrypt[strlen($to_decrypt) - 1]);
    return substr($to_decrypt, 0, -$pad);
}

$key = base64_decode("NI+YM.............ojAIQ==");
$params = decrypt($key, base64_decode($_GET["EncryptedParameters"]));
echo "<pre>";
print_r(explode("&", $params));
echo "</pre>";

And would be like below:


Array
(
    [0] => SecurityCheck=SECURE+TEXT
    [1] => payment_reference=E4DF550696
    [2] => payment_amount=0.50
    [3] => payment_date=20170717
    [4] => payment_time=17+Jul+2017+01%3A33%3A53
    [5] => payment_number=1979758473
    [6] => bank_reference=1979758473
    [7] => remote_ip=103.59.179.132
    [8] => card_type=VISA
    [9] => response_code=08
    [10] => summary_code=0
    [11] => response_text=Honour+with+identification
    [12] => payment_status=approved
)


And the payment in PayWay below screenshot:



So it's all now. Pure implementation. Step by step description. Simple coding. At last you can download PayWay hosted payment documentation from link next PayWay Hosted Payment Guide.

No comments:

Post a Comment