Request Handler

The payment data posted/passed via the checkout form is handled by HesabeRequestHandler. The posted data are first validated and encrypted in this file. The Encryption key and IV (Initialization Vector) taken from Profile page of Hesabe Merchant dashboard are used as the encryption keys.

The sample PHP code snippets demonstrates how the process can be implemented in PHP Laravel.

$validator = $this->validate($request, [
    'merchantCode' => 'required',
    'amount' => 'required|numeric|between:0.200,100000|regex:/^\d+(\.\d{1,3})?$/',
    'paymentType' => 'required|in:0,1,2',
    'responseUrl' => 'required|url',
    'failureUrl' => 'required|url',
    'version' => 'required'
]);

Loading Encryption Keys, Access Code, And Api Urls From Config

$ivKey = HSB_IV_KEY;
$encryptionKey = HSB_ENCRYPTION_KEY;
$accessCode = HSB_ACCESS_CODE;
$checkoutApiUrl = HSB_CHECKOUT_API_URL;
$paymentUrl = HSB_PAYMENT_URL;

Json Encoding

After Validation, the request data is JSON encoded which is the array of the request keys & values.

$requestDataJson = json_encode($request->input());

Encrytion

This JSON data is then encrypted using AES algorithm with HesabeCrypt library.

$encryptedData = HesabeCrypt::encrypt($requestDataJson, $encryptionKey, $ivKey);

Invoking Hesabe Payment Api “CHECKOUT” ENDPOINT

The accessCode is initialized in the Request header and the Request data is posted to the Hesabe Payment Gateway Checkout API endpoint.

$baseUrl = https://sandbox.hesabe.com
$checkoutApiUrl = {{$baseUrl}}/checkout
$checkoutRequestData = new Request([ 'data' => $encryptedData ]);
$checkoutRequest = Request::create($checkoutApiUrl, 'POST', $checkoutRequestData->all());
$checkoutRequest->headers->set('accessCode', $accessCode);
$checkoutRequest->headers->set('Accept', 'application/json');   // Only for JSON response

Reading Response

$checkoutResponse = Route::dispatch($checkoutRequest);
$checkoutResponseContent = $checkoutResponse->content();