netoxygen/proxypay

ProxyPay library. Provides methods to compose SHA signatures and to check ProxyPay responses.

Maintainers

Details

github.com/NetOxygen/proxypay

Homepage

Source

Issues

Installs: 2 031

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 4

Forks: 0

Open Issues: 0

1.9.1 2022-10-24 16:05 UTC

Requires

  • php: >=5.6.0

Requires (Dev)

MIT b1e5cf94de838fdcb178f22e67f7cdae197fb42f

  • Belkacem Alidra <belkacem.alidra.woop@netoxygen.ch>

paymentshaproxypay

This package is auto-updated.

Last update: 2025-02-24 20:50:30 UTC

README

Latest Stable Version Build Status Coverage Status

ProxyPay library

Provides methods to compose SHA signatures and to check ProxyPay responses.

Full documentation can be found here

Requirements:

  • PHP 5.5+

Installation:

The library is PSR-4 compliant and the simplest way to install it is via composer:

 composer require netoxygen/proxypay

Description

Request and Responses signature

All the communication between your server and ProxyPay is signed using HMAC SHA256.

Keys

You have been provided two keys:

  • key_in: use it to sign your requests
  • key_out: use it to check ProxyPay responses signature

Usage

Signing your requests to ProxyPay

You have to add in your request a param named sha_sign (or SHA_SIGN). The easier way to sign your requests is to use the PaymentRequest class.

use Netoxygen\ProxyPay\PaymentRequest;

/**
  * We assume that $_POST contains all your request parameters:
  * - seller
  * - amount
  * - description
  * - success_url
  * - error_url
  * - cancel_url
  *
  * All the other parameters will be filtered.
  */
$request = new PaymentRequest($_POST, 'my_key_in');

// You can loop over all your parameters in the $request
foreach ($request->get_parameters() as $key => $value) {
    echo $key . '=' . $value;
}

// You can retrieve the SHA_SIGN
$sha_sign = $request->compose_sha_sign();

Check ProxyPay responses signature

At the end of the process, you receive a signed GET callback from ProxyPay. To ensure that the request is correctly signed, just use the Paymentresponse class.

use Netoxygen\ProxyPay\PaymentResponse;

$response = new PaymentResponse($_GET, 'my_key_out');
if ($response->is_valid()) {
    // $response signature is verified, now check the transaction status
    $params         = $response->get_parameters();
    $payment_status = $params['STATUS'];
    switch($payment_status) {
        case 'SUCCESS':
            // Complete the transaction on your side
            break;
  
        case 'CANCEL':
            // The transaction has been cancelled by the user
            break;
  
        case 'ERROR':   /* FALLTHROUGH */
        default:
            // An error occured
            break;
} else {
    // Bad request: throw away
}