Code samples
import requests
import json
import hmac
import hashlib
ipn_secret = "your_API_secret"
merchant_id = "your_merchant_id"
# [Kriptopay] Create payment
def handle_request(request_data):
if not merchant_id == request.data.get("merchant_id")
raise exceptions.AuthenticationFailed("Hmac Invalid")
# Handle Exceptions for your end.
# encode rawdata without sorting keys..
json_data = json.dumps(payment_data, separators=(',', ':'), sort_keys=False)
# calculate hmac512
digest = hmac.new(str.encode(ipn_secret), json_data.encode(), hashlib.sha512).hexdigest()
hmac_signature = request.META.get('HTTP_HMAC')
if not hmac.compare_digest(digest, hmac_signature):
raise exceptions.AuthenticationFailed("Hmac Invalid")
# Handle Exceptions for your end.
request_data = requst.data.get("data")
transaction_id = data.get("transaction_id")
# Find here to find transaction_id or txn_id in your end...
# Perform Ipn here..api_secret = 'Your_IPN_Secret';
string_to_signature = request_data_HMAC
digest = OpenSSL::Digest.new('sha512')
signature = OpenSSL::HMAC.digest(digest, api_secret, string_to_signature)$merchant_id = 'Your_Merchant_ID';
$secret = 'Your_IPN_Secret';
// assuming you received invoice callb
if (!isset($_SERVER['HTTP_HMAC']) || empty($_SERVER['HTTP_HMAC'])) {
die("No HMAC signature sent");
}
$merchant = isset($_POST['merchant_id']) ? $_POST['merchant_id']:'';
if (empty($merchant)) {
die("No Merchant ID passed");
}
if ($merchant != $merchant_id) {
die("Invalid Merchant ID");
}
$body = json_encode($request_data, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
$hmac = hash_hmac("sha512", $body, $secret);
if ($hmac != $_SERVER['HTTP_HMAC']) {
die("HMAC signature does not match");
}
//process IPN hereLast updated