-
Notifications
You must be signed in to change notification settings - Fork 1
Create Receive Renew Payment Operations
Chrono edited this page Sep 14, 2021
·
5 revisions
This section will be describing how developers can call payment related functions in this server API.
API Root URL: https://mrchewitsoftware.com.my:5001/api/CreateReceivePayment
Prerequisites:
- You must know how to convert data into/from Base64 encoding
- You must know how to convert data into URL encoded format
- You must know how to read cryptography data that stores on your side through files in binary format/any other applicable format
- You must know how to use query string in HttpGet
- You must know how to convert data into/from JSON string
https://mrchewitsoftware.com.my:5001/api/CreateReceivePayment/
https://mrchewitsoftware.com.my:5001/api/CreateReceivePayment/CheckPayment?
https://mrchewitsoftware.com.my:5001/api/CreateReceivePayment/RenewPayment?
These 3 endpoints act differently and have different purposes
https://mrchewitsoftware.com.my:5001/api/CreateReceivePayment
This endpoint was responsible to request server to generate a payment request.
Here's an example on how to do it.
CheckOutPageHolderModel PageHolder = new CheckOutPageHolderModel();
Boolean CheckServerBoolean = true;
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("https://mrchewitsoftware.com.my:5001/api/");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(
new MediaTypeWithQualityHeaderValue("application/json"));
var response = client.GetAsync("CreateReceivePayment/");
try
{
response.Wait();
}
catch
{
CheckServerBoolean = false;
}
if (CheckServerBoolean == true)
{
var result = response.Result;
if (result.IsSuccessStatusCode)
{
var readTask = result.Content.ReadAsStringAsync();
readTask.Wait();
var Result = readTask.Result;
if (Result != null && Result.CompareTo("") != 0 && Result.Contains("Error") == false)
{
//Temporarily store the PayPal checkout page URL and order ID
}
else
{
//Display Error
}
}
else
{
//Not able to request server to create a payment
}
}
else
{
//Server's offline
}
}
https://mrchewitsoftware.com.my:5001/api/CreateReceivePayment/CheckPayment?
This endpoint was responsible for verifying payment on server side.
Here's an example on how to do it.
Byte[] ClientECDSASK = new Byte[] { };
Byte[] SharedSecret = new Byte[] { };
Byte[] OrderIDByte = new Byte[] { };
Byte[] NonceByte = new Byte[] { };
Byte[] CipheredOrderIDByte = new Byte[] { };
Byte[] CombinedCipheredOrderIDByte = new Byte[] { };
Byte[] ETLSSignedCombinedCipheredOrderIDByte = new Byte[] { };
Byte[] ED25519PK = new Byte[] { };
Byte[] SignedED25519PK = new Byte[] { };
Byte[] MergedED25519PK = new Byte[] { };
Byte[] CipheredED25519PK = new Byte[] { };
Byte[] CombinedCipheredED25519PK = new Byte[] { };
Byte[] ETLSSignedCombinedCipheredED25519PK = new Byte[] { };
Boolean CheckServerBoolean = true;
RevampedKeyPair MyKeyPair = SodiumPublicKeyAuth.GenerateRevampedKeyPair();
FileCreationModel DirectoryHolder = new FileCreationModel();
String ETLSSessionID = "";
ETLSSessionID = File.ReadAllText(Application.StartupPath + "\\Temp_Session\\" + "SessionID.txt");
if (OrderID != null && OrderID.CompareTo("") != 0)
{
if (ETLSSessionID != null && ETLSSessionID.CompareTo("") != 0)
{
ClientECDSASK = File.ReadAllBytes(Application.StartupPath + "\\Temp_Session\\" + ETLSSessionID + "\\" + "ECDSASK.txt");
SharedSecret = File.ReadAllBytes(Application.StartupPath + "\\Temp_Session\\" + ETLSSessionID + "\\" + "SharedSecret.txt");
OrderIDByte = Encoding.UTF8.GetBytes(OrderID);
NonceByte = SodiumSecretBox.GenerateNonce();
CipheredOrderIDByte = SodiumSecretBox.Create(OrderIDByte, NonceByte, SharedSecret);
CombinedCipheredOrderIDByte = NonceByte.Concat(CipheredOrderIDByte).ToArray();
ETLSSignedCombinedCipheredOrderIDByte = SodiumPublicKeyAuth.Sign(CombinedCipheredOrderIDByte, ClientECDSASK);
NonceByte = SodiumSecretBox.GenerateNonce();
ED25519PK = MyKeyPair.PublicKey;
SignedED25519PK = SodiumPublicKeyAuth.Sign(ED25519PK, MyKeyPair.PrivateKey);
MergedED25519PK = ED25519PK.Concat(SignedED25519PK).ToArray();
CipheredED25519PK = SodiumSecretBox.Create(MergedED25519PK, NonceByte, SharedSecret, true);
CombinedCipheredED25519PK = NonceByte.Concat(CipheredED25519PK).ToArray();
ETLSSignedCombinedCipheredED25519PK = SodiumPublicKeyAuth.Sign(CombinedCipheredED25519PK, ClientECDSASK, true);
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("https://mrchewitsoftware.com.my:5001/api/");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(
new MediaTypeWithQualityHeaderValue("application/json"));
var response = client.GetAsync("CreateReceivePayment/CheckPayment?ClientPathID=" + ETLSSessionID + "&CipheredSignedOrderID=" + HttpUtility.UrlEncode(Convert.ToBase64String(ETLSSignedCombinedCipheredOrderIDByte)) + "&CipheredSignedED25519PK=" + HttpUtility.UrlEncode(Convert.ToBase64String(ETLSSignedCombinedCipheredED25519PK)));
try
{
response.Wait();
}
catch
{
CheckServerBoolean = false;
}
if (CheckServerBoolean == true)
{
var result = response.Result;
if (result.IsSuccessStatusCode)
{
var readTask = result.Content.ReadAsStringAsync();
readTask.Wait();
var Result = readTask.Result;
if ((Result == null || Result.CompareTo("") == 0) || (Result.Contains("Error") == true))
{
//Display Error
}
else
{
//Get Folder ID from the JSON result and create a local folder based on that ID at client device
//Store ED25519 SK and PK in the client machine
}
}
else
{
MyKeyPair.Clear();
}
}
else
{
MyKeyPair.Clear();
}
}
}
else
{
MyKeyPair.Clear();
}
}
else
{
MyKeyPair.Clear();
}
https://mrchewitsoftware.com.my:5001/api/CreateReceivePayment/RenewPayment?
This endpoint was responsible for payment renewal on server side.
Warning: Before you can call this endpoint/API, you must first request a signed random challenge from server and verified the challenge.
Here's an example on how to do it.
public Boolean RenewPayment(String OrderID, String DirectoryID, Byte[] Challenge)
{
if (OrderID != null && OrderID.CompareTo("") != 0 && DirectoryID != null && DirectoryID.CompareTo("") != 0 && Challenge.Length != 0)
{
Byte[] OrderIDByte = new Byte[] { };
Byte[] CipheredOrderIDByte = new Byte[] { };
Byte[] CombinedCipheredOrderIDByte = new Byte[] { };
Byte[] ETLSSignedCombinedCipheredOrderIDByte = new Byte[] { };
Byte[] DirectoryIDByte = new Byte[] { };
Byte[] CipheredDirectoryIDByte = new Byte[] { };
Byte[] CombinedCipheredDirectoryIDByte = new Byte[] { };
Byte[] ETLSSignedCombinedCipheredDirectoryIDByte = new Byte[] { };
Byte[] ClientECDSASK = new Byte[] { };
Byte[] UserECDSASK = new Byte[] { };
Byte[] SharedSecret = new Byte[] { };
Byte[] UserSignedRandomChallenge = new Byte[] { };
Byte[] ETLSSignedUserSignedRandomChallenge = new Byte[] { };
Byte[] NonceByte = new Byte[] { };
Byte[] ED25519PK = new Byte[] { };
Byte[] SignedED25519PK = new Byte[] { };
Byte[] MergedED25519PK = new Byte[] { };
Byte[] CipheredNewDirectoryED25519PK = new Byte[] { };
Byte[] CombinedCipheredNewDirectoryED25519PK = new Byte[] { };
Byte[] ETLSSignedCombinedCipheredNewDirectoryED25519PK = new Byte[] { };
Boolean ServerOnlineChecker = true;
RevampedKeyPair MyKeyPair = SodiumPublicKeyAuth.GenerateRevampedKeyPair();
OrderIDByte = Encoding.UTF8.GetBytes(OrderID);
DirectoryIDByte = Encoding.UTF8.GetBytes(DirectoryID);
if (ETLSSessionIDStorage.ETLSID.CompareTo("") != 0 && ETLSSessionIDStorage.ETLSID != null)
{
if (UserIDTempStorage.UserID != null && UserIDTempStorage.UserID.CompareTo("") != 0)
{
ClientECDSASK = File.ReadAllBytes(Application.StartupPath + "\\Temp_Session\\" + ETLSSessionIDStorage.ETLSID + "\\" + "ECDSASK.txt");
UserECDSASK = File.ReadAllBytes(Application.StartupPath + "\\Application_Data\\" + "User\\" + UserIDTempStorage.UserID + "\\Server_Directory_Data\\" + DirectoryID + "\\rootSK.txt");
SharedSecret = File.ReadAllBytes(Application.StartupPath + "\\Temp_Session\\" + ETLSSessionIDStorage.ETLSID + "\\" + "SharedSecret.txt");
NonceByte = SodiumSecretBox.GenerateNonce();
CipheredOrderIDByte = SodiumSecretBox.Create(OrderIDByte, NonceByte, SharedSecret);
CombinedCipheredOrderIDByte = NonceByte.Concat(CipheredOrderIDByte).ToArray();
ETLSSignedCombinedCipheredOrderIDByte = SodiumPublicKeyAuth.Sign(CombinedCipheredOrderIDByte, ClientECDSASK);
NonceByte = SodiumSecretBox.GenerateNonce();
CipheredDirectoryIDByte = SodiumSecretBox.Create(DirectoryIDByte, NonceByte, SharedSecret);
CombinedCipheredDirectoryIDByte = NonceByte.Concat(CipheredDirectoryIDByte).ToArray();
ETLSSignedCombinedCipheredDirectoryIDByte = SodiumPublicKeyAuth.Sign(CombinedCipheredDirectoryIDByte, ClientECDSASK);
UserSignedRandomChallenge = SodiumPublicKeyAuth.Sign(Challenge, UserECDSASK, true);
ETLSSignedUserSignedRandomChallenge = SodiumPublicKeyAuth.Sign(UserSignedRandomChallenge, ClientECDSASK);
NonceByte = SodiumSecretBox.GenerateNonce();
ED25519PK = MyKeyPair.PublicKey;
SignedED25519PK = SodiumPublicKeyAuth.Sign(ED25519PK, MyKeyPair.PrivateKey);
MergedED25519PK = ED25519PK.Concat(SignedED25519PK).ToArray();
CipheredNewDirectoryED25519PK = SodiumSecretBox.Create(MergedED25519PK, NonceByte, SharedSecret, true);
CombinedCipheredNewDirectoryED25519PK = NonceByte.Concat(CipheredNewDirectoryED25519PK).ToArray();
ETLSSignedCombinedCipheredNewDirectoryED25519PK = SodiumPublicKeyAuth.Sign(CombinedCipheredNewDirectoryED25519PK, ClientECDSASK, true);
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("https://mrchewitsoftware.com.my:5001/api/");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(
new MediaTypeWithQualityHeaderValue("application/json"));
var response = client.GetAsync("CreateReceivePayment/RenewPayment?ClientPathID=" + ETLSSessionIDStorage.ETLSID + "&CipheredSignedOrderID=" + HttpUtility.UrlEncode(Convert.ToBase64String(ETLSSignedCombinedCipheredOrderIDByte)) + "&CipheredSignedDirectoryID=" + HttpUtility.UrlEncode(Convert.ToBase64String(ETLSSignedCombinedCipheredDirectoryIDByte)) + "&SignedSignedRandomChallenge=" + HttpUtility.UrlEncode(Convert.ToBase64String(ETLSSignedUserSignedRandomChallenge)) + "&CipheredSignedED25519PK=" + HttpUtility.UrlEncode(Convert.ToBase64String(ETLSSignedCombinedCipheredNewDirectoryED25519PK)));
try
{
response.Wait();
}
catch
{
ServerOnlineChecker = false;
}
if (ServerOnlineChecker == true)
{
var result = response.Result;
if (result.IsSuccessStatusCode)
{
var readTask = result.Content.ReadAsStringAsync();
readTask.Wait();
var Result = readTask.Result;
if ((Result == null || Result.CompareTo("") == 0) || (Result.Contains("Error") == true))
{
//Display Error
MyKeyPair.Clear();
return false;
}
else
{
//Store newly generated ED25519 PK and SK on client device
MyKeyPair.Clear();
return true;
}
}
else
{
MyKeyPair.Clear();
return false;
}
}
else
{
MyKeyPair.Clear();
return false;
}
}
}
else
{
MyKeyPair.Clear();
return false;
}
}
else
{
MyKeyPair.Clear();
return false;
}
}
else
{
return false;
}
}