1.0.45 • Published 1 year ago

test-payments v1.0.45

Weekly downloads
-
License
MIT
Repository
github
Last release
1 year ago

bSecure Payment Plugin

npm version Build Status Code Coverage Scrutinizer Code Quality

bSecure Payment Plugin is a JavaScript library that allows you to securely process your payments. This plugin instantly creates a form that adheres to PCI, HIPAA, GDPR, or CCPA security requirements.\ It is built for desktop, tablet, and mobile devices and is continuously tested and updated to offer a frictionless payment experience for your e-commerce store.

About bSecure Payment Plugin

This Payment Gateway Integration Guide is a technical integration document for merchants to integrate with bSecure Payment Plugin allowing their customers to perform e-commerce transactions over the internet.\ It guides merchants on how to use various functionality of the bSecure. The Merchant can enable credit card payments over their e-commerce website with this integration:

Who Should Read This Guide

The document is intended for application developers and business analysts of merchants to allow them to integrate effectively with the bSecure Payment Plugin.

Merchant Setup Process

In order to process online payments using the bSecure Payment Plugin, the merchant needs to be registered on bSecure Builder Portal. \ The below process assumes that the merchant has been registered and all the parameters related to the merchant have been configured.\ Once merchant has signed up for bSecure Builder Portal and get its payment gateway configured, the merchant will be in a position to perform test transaction using the sample code provided. Once the sample transaction has been successfully processed it indicates that all the required systems have been configured correctly and the merchant is ready to go.

Getting Your Credentials

  1. Go to Builder Portal
  2. App Integration >> Sandbox / Live
  3. Copy Client Id from App Integration tab and save it in a secure file.

Installation

You can install the package via npm

npm install bsecure-payment-plugin --save

Configuration

a) Setting up a transaction:

The bSecure Payment Plugin will receive an HTTP POST request from the merchant website which will contain the merchant authentication details along with the transaction details. The Payment Plugin will inquire the required details from the customer and process transaction:

bSecurePaymentTransactionParameters.__00trid__ = '';
bSecurePaymentTransactionParameters.__01curr__ = '';
bSecurePaymentTransactionParameters.__02trdt__ = '';
bSecurePaymentTransactionParameters.__03stamt__ = '';
bSecurePaymentTransactionParameters.__04damt__ = '';
bSecurePaymentTransactionParameters.__05tamt__ = '';
bSecurePaymentTransactionParameters.__06cname__ = '';
bSecurePaymentTransactionParameters.__07ccc__ = '';
bSecurePaymentTransactionParameters.__08cphn__ = '';
bSecurePaymentTransactionParameters.__09cemail__ = '';
bSecurePaymentTransactionParameters.__10ccc__ = '';
bSecurePaymentTransactionParameters.__11cstate__ = '';
bSecurePaymentTransactionParameters.__12ccity__ = '';
bSecurePaymentTransactionParameters.__13carea__ = '';
bSecurePaymentTransactionParameters.__14cfadd__ = '';
bSecurePaymentTransactionParameters.__15mid__ = '';
bSecurePaymentTransactionParameters.__16stid__ = '';
bSecurePaymentTransactionParameters.__17seh__ = '';
bSecurePaymentTransactionParameters.__18ver__ = '';
bSecurePaymentTransactionParameters.__19lan__ = '';
bSecurePaymentTransactionParameters.__20red__ = '';
bSecurePaymentTransactionParameters.__21cenv__ = '';

Glossary

KeyPropertyTypeDefaultDescription
__00trid__Order idstringrequiredA unique value created by the merchant to identify the transaction.
__01curr__currencystring'PKR'Currency of Transaction amount. It has a fixed value of PKR
__02trdt__Transaction date timestringrequiredMerchant provided date and time of transaction. The format of date time should be yyyyMMddHHmmss.
__03stamt__Subtotal amountstringrequiredThe transaction subtotal amount amount.
__04damt__Discount amountstringrequiredThe transaction discount amount.
__05tamt__Total amountstringrequiredThe transaction total amount.
__06cname__Customer nameoptionalrequiredThe name of transaction customer
__07ccc__Customer country codestringrequiredThe country code of transaction customer
__08cphn__Customer phone numberstringrequiredThe phone number of transaction customer
__09cemail__Customer email addressstringoptionalThe email address of transaction customer
__10ccc__Customer country namestringrequiredThe country name of transaction customer. It has a fixed value of PK
__11cstate__Customer state namestringrequiredThe state name of transaction customer
__12ccity__Customer city namestringrequiredThe city name of transaction customer
__13carea__Customer area namestringrequiredThe area name of transaction customer
__14cfadd__Customer formatted addressstringrequiredThe formatted address of transaction customer
__15mid__Merchant idstringrequiredUnique Id assigned to merchant by bSecure Builder Portal.
__16stid__Store slugstringrequiredUnique Slug assigned to each store by bSecure Builder Portal.
__17seh__Client idstringrequiredUsed to allow the plugin .
__19lan__Order LangstringENLanguage of Transaction. It has a fixed value of EN
__20red__Redirect urlstringrequiredThe URL where merchant wants the transaction results to be shown. Once the transaction has been processed, response details will be sent over to the merchant on this URL using an HTTP POST Request.
__21cenv__Integration typestringrequiredThe transaction integration type 1: Live 2: Sandbox

b) Calculating Secure hash:

Secure Hash is used to detect whether a transaction request and response has been tampered with. The Client Id generated for merchant at its App Integration Tab is added to the transaction message and then an SHA256 algorithm is applied to generate a secure hash. The secure hash is then sent to the receiving entity with the transaction message. Because the receiving entity is the only other entity apart from transaction initiator that knows the shared secret it recreates the same secure hash and matches it with the one in the request message. If the secure hash matches, the receiving entity continues processing the transaction. If it doesn’t match, it assumes that the transaction request has been tampered with and will stop processing the transaction and send back an error message. This is a security feature to secure the transaction and is recommended.\ The pp_SecureHash field is used for the SHA256 secure hash of initiator’s shared secret and the transaction request. The secure hash value is the Hex encoded SHA256 output of the transaction request or response fields. The order that the fields are hashed in are:

  1. The Shared Secret (shared between the PG and a merchant), the system generated value, is always first.
  2. Then all transaction request fields are concatenated to the Shared Secret in alphabetical order of the field name. The sort should be in ascending order of the ASCII value of each field string. If one string is an exact substring of another, the smaller string should be before the longer string. For example, Card should come before CardNum.

  3. Fields must not have any spaces or separators between them and must not include any null terminating characters.\ For example, if the Shared Secret is 0F5DD14AE2E38C7EBD8814D29CF6F6F0, and the transaction request includes the following fields:

     | Parameter                | Sample Values   |
 | :---------:              | :--------:      |
 |pp_MerchantID             | 1421            |
 | pp_OrderInfo             | A48cvE28        |   
 | pp_Amount                | 2995        |   

 In ascending alphabetical order the transaction request fields inputted
 to the SHA256 hash would be:
 ``0F5DD14AE2E38C7EBD8814D29CF6F6F02995MER123A48cvE28``\
 Example of a Secure Hash Calculation
 0F5DD14AE2E38C7EBD8814D29CF6F6F02995MER123A48cvE28
 Merchant should also ensure that:
 1. UTF-8 encoding should be used to convert the input from a printable
 string to a byte array. Note that 7-bit ASCII encoding is unchanged
 for UTF-8.
 2. The hash output must be hex-encoded.

Note: Inorder to calculate secure hash we are using libraries named [CryptoJS](https://www.npmjs.com/package/crypto-js)

c) Listen events from Plugin:

The bSecure Payment Plugin will return an HTTP POST request inside its listeners defined on the merchant website which will contain the error response incurred while processing transaction request.

How to use

Merchant has to add below mention HTML code on its website

<div id="bSecurePaymentPluginContainer"></div>

a) Setting up a transaction:

import {
    TransactionParameters,
} from "bsecure-payments-js"


TransactionParameters.__00trid__   = "<order-id>";
TransactionParameters.__01curr__   = "<currency>";
TransactionParameters.__02trdt__   = "<transaction-date-time>";
TransactionParameters.__03stamt__  = "<subtotal-amount>";
TransactionParameters.__04damt__   = "<discount-amount>";
TransactionParameters.__05tamt__   = "<total-amount>";
TransactionParameters.__06cname__  = "<customer-name>";
TransactionParameters.__07ccc__    = "<customer-country-cod>";
TransactionParameters.__08cphn__   = "<customer-phone-number>";
TransactionParameters.__09cemail__ = "<customer-email-address>";
TransactionParameters.__10ccc__    = "<customer-country-name>";
TransactionParameters.__11cstate__ = "<customer-state-name>";
TransactionParameters.__12ccity__  = "<customer-city-name>";
TransactionParameters.__13carea__  = "<customer-area-name>";
TransactionParameters.__14cfadd__  = "<customer-formatted-address>";
TransactionParameters.__15mid__    = "<merchant-id>";
TransactionParameters.__16stid__   = "<store-slug>";
TransactionParameters.__18ver__    = "<plugin-version>";
TransactionParameters.__20red__    ="<redirect-url>";
TransactionParameters.__21cenv__   = "<integration-type>";

b) Calculating Secure hash:

const salt = "<CLIENT-ID>";
let _signature = salt + "&";
Object.keys(TransactionParameters)
    .sort()
    .forEach(function (v, idx, array) {
        let _val = TransactionParameters[v].toString().replace(/\s/g, '');
        _signature += _val.concat(idx === array.length - 1 ? "" : "&")
    });
let _hash = CryptoJS.HmacSHA256(_signature, salt).toString();
TransactionParameters.__17seh__ = _hash.toUpperCase();

c) Listen events from Plugin:

import {
    bSecurePaymentsHandler,
} from "bsecure-payments-js"

bSecurePaymentsHandler.initialize();
bSecurePaymentsHandler.onErrorAlert = function (msg) {
    return msg;
}
bSecurePaymentsHandler.onSuccessAlert = function (msg) {
    return msg;
        }
bSecurePaymentsHandler.onValidationErrorAlert = function (msg) {
    return msg;
}
bSecurePaymentsHandler.onProcessPaymentSuccess = function (msg) {
    return msg;
}
bSecurePaymentsHandler.onProcessPaymentFailure = function (msg) {
    return msg;
}

d) Initialize transaction:

import {
    bSecurePayments,
} from "bsecure-payments-js"

bSecurePayments.initialize("bSecurePaymentPluginContainer");

Demo

click here to see the demo

Changelog

Please see CHANGELOG for more information what has changed recently.

License

The MIT License (MIT). Please see License File for more information.

Contributions

"bSecure – Payment Plugin" is open source software.

paymentsnodepayment pluginbsecure-payment-pluginbsecurebsecurepaymentpayment gateway
@everything-registry/sub-chunk-2917
1.0.45

1 year ago

1.0.44

1 year ago

1.0.43

1 year ago

1.0.42

1 year ago

1.0.41

1 year ago

1.0.40

1 year ago

1.0.39

1 year ago

1.0.38

1 year ago

1.0.36

1 year ago

1.0.35

1 year ago

1.0.34

1 year ago

1.0.33

1 year ago

1.0.32

1 year ago

1.0.31

1 year ago

1.0.3

1 year ago

1.0.29

1 year ago

1.0.28

1 year ago

1.0.27

1 year ago

1.0.26

1 year ago

1.0.25

1 year ago

1.0.24

1 year ago

1.0.23

1 year ago

1.0.22

1 year ago

1.0.21

1 year ago

1.0.2

1 year ago

1.0.1

1 year ago

1.0.19

1 year ago

1.0.18

1 year ago

1.0.17

1 year ago

1.0.16

1 year ago

1.0.15

1 year ago

1.0.14

1 year ago