Code samples

import requests
import json
import hmac
import hashlib

ipn_secret = "your_API_secret"
merchant_id = "your_merchant_id"

# [Kriptopay] Create payment

def handle_request(request_data):
    if not merchant_id == request.data.get("merchant_id")
        raise exceptions.AuthenticationFailed("Hmac Invalid")
        # Handle Exceptions for your end.
    # encode rawdata without sorting keys..
    json_data = json.dumps(payment_data, separators=(',', ':'), sort_keys=False)
    
    # calculate hmac512
    digest = hmac.new(str.encode(ipn_secret), json_data.encode(), hashlib.sha512).hexdigest()
    
    hmac_signature = request.META.get('HTTP_HMAC')
    if not hmac.compare_digest(digest, hmac_signature):
        raise exceptions.AuthenticationFailed("Hmac Invalid")
        # Handle Exceptions for your end.
    request_data = requst.data.get("data")
    transaction_id = data.get("transaction_id")
    
    # Find here to find transaction_id or txn_id in your end...
    # Perform Ipn here..

$merchant_id = 'Your_Merchant_ID';
$secret = 'Your_IPN_Secret';

// assuming you received invoice callb


if (!isset($_SERVER['HTTP_HMAC']) || empty($_SERVER['HTTP_HMAC'])) {
  die("No HMAC signature sent");
}

$merchant = isset($_POST['merchant_id']) ? $_POST['merchant_id']:'';
if (empty($merchant)) {
  die("No Merchant ID passed");
}

if ($merchant != $merchant_id) {
  die("Invalid Merchant ID");
}

$body = json_encode($request_data, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);

$hmac = hash_hmac("sha512", $body, $secret);
if ($hmac != $_SERVER['HTTP_HMAC']) {
  die("HMAC signature does not match");
}

//process IPN here

PreviousWithdraw Callbacks NextAPI Referance

Last updated 1 year ago