Skip to content

2. Validate Order API signature

Jump to bottom
shravya-techjini edited this page May 10, 2016 · 1 revision

Validate Order API signature

UnoPay server will use this url to validate whether order is authentic with Third party app server. This API should have following request & response structure.

GET /order-details

Description: This is called from UnoPay server to Third Party app server to validate the order Id. Expected response contains amount , merchantId (to whom payment has to be made). serverApiKey will be given by UnoPay.

Header: x-checksum: hmac(sha256, (MerchantServerApiKey | orderId | MerchantServerApiKey )) x-order-id "KLJSADLK32059234"

Response:

HTTP Response Codes:
200: success.
400: fail. May be due to checksum issue, Merchant issue (error block should have message).
402: declined. May be due to invalid appKey,invalid orderId.
500: server error.
501: Not implemented.
503: Service unavailable/Server Down.

Response header:
"x-checksum": asfasfwr5235235
{content of data hmac(sha256, (serverApiKey | data | serverApiKey) )}

Response Body:

 
HTTP code 200 success
{
"data": {
    "amount": 4,
     "order_id":"nej54435435kg",
     "merchant_id":"nej54435435kg"  ,
     “store_id”:”jskjsks”,
    “additional_information”:[
    {
	“key”:”Table Number 1”,
            “value”:”11”
    },
 {
	“key”:”Second Key”,
            “value”:”value2”
    },
]
 }
}


Error:

400
{

"error": {
   type : "request_failed",
code : "invalid_request"
    "message": "Checksum failure"
  }
} 

404
{
  "error": {
   type : "invalid_data",
code : "invalid_orderid"
    "message": "Order not found"
  }
}
Clone this wiki locally