Skip to content
Permalink
Browse files

Readme.md updated

  • Loading branch information...
MaximKalga committed Apr 1, 2019
1 parent b149c3e commit 8daf3d131c50d2eea969c4c914e6999da1a13648
Showing with 129 additions and 1 deletion.
  1. +129 −1 Readme.md
130 Readme.md
@@ -12,6 +12,9 @@ xBit iOS payments library
- [Requirements](#requirements)
- [Installation](#installation)
- [Usage](#usage)
- [Callback](#callback)
- [Signature](#signature)
- [Currency Rates](#currency-rates)
- [License](#license)

## Requirements
@@ -145,7 +148,7 @@ $ git submodule update --init --recursive

## Usage

To initiate a payment, you need to import library and call it's method this way to get a payment ViewController. After that you should present it:
To start accepting payments in xBit you need to create [xChange](https://xbitcrypto.com/) account, configure a [Merchant](https://xbitcrypto.com/merchant/) and get your API Key and API Secret. To initiate a payment, you need to import library and call it's method this way to get a payment ViewController. After that you should present it:

``` swift
@@ -163,6 +166,131 @@ let paymentVC = XPayment.paymentViewControllerWith(

Example project is available at /xBit_iOS_SDK_Test folder of the repository. To test it, clone repository and open xBit_iOS_SDK.xcworkspace file

## Callback

xChange offers a callback service that will notify your system about successfull payments and used to mark an order as paid.

The callback service is asynchronous and as such will not interfer with or prolong the processing time of the API request generating a callback - eg. the time your customer will have to wait for payment confirmation.

In the event that your system is not able to receive or correctly process the callback, the callback service will try to deliver its message up to 10 times, with gradually increasing delays between each try.


### Callback params:

| Param | Description |
| --- | --- |
| api_key | your Merchant API Key |
| amount | amount in xBit |
| order_id | given Order ID |
| signature | calculated signature for callback validation |

## Signature

For protocols HTTP and HTTPS it is specified that xChange signs the callback. If the client verifies the signature according to the specified signature method, any data sent with the callback can be used safely. To verify that the values, which you have received in the result URL, are valid and have not been tampered in the process, refer to this examples.

To verify that the values, which you have received in the result URL, are valid and have not been tampered in the process, refer to this examples:

<details>
<summary><strong>PHP</strong></summary>

``` php
<?php
class XBitGateway
{
private $apiKey;
private $apiSecret;
private $logger;
public function processCallback()
{
$this->logger->putLog("Callback");
foreach (["api_key", "amount", "order_id", "signature"] as $name) {
if (empty($_POST[$name])) {
$this->logger->putLog("Callback fail. \n" . var_export($_SERVER, 1) . "\n" . var_export($_REQUEST, 1));
wp_die( 'XBIT Request Check Failure', 'XBIT payment', array( 'response' => 500 ) );
}
}
if (!$this->checkSignature()) {
wp_die( 'XBIT Request Check Failure', 'XBIT payment', array( 'response' => 500 ) );
}
$order = wc_get_order($_POST['order_id']);
if (($total = get_post_meta($_POST['order_id'], "_xbit_total", true)) == $_POST["amount"]) {
$this->logger->putLog("Everything is OK");
$order->payment_complete();
} else {
$this->logger->putLog("Order Total is $total but amount is $_POST[amount]");
}
}
private function checkSignature()
{
$recalculatedSignature = hash("sha256", $this->apiKey . $_POST["order_id"] . sprintf("%.02f", round($_POST["amount"], 2)) . $this->apiSecret);
if ($recalculatedSignature !== $_POST["signature"]) {
$this->logger->putLog("Invalid signature\nRecalculated Signature is $recalculatedSignature\nSent signature is $_POST[signature]\n" . var_export($_REQUEST, 1));
return false;
}
return true;
}
}
?>
```
</details>

<details>
<summary><strong>Python</strong></summary>

``` python
from hashlib import sha256
def process_callback(request):
data = request.POST.dict()
api_key = 'YourMerchantAPIKey'
order_id = data.get('order_id')
amount = data.get('amount')
api_secret = 'YourMerchantAPISecret'
sign = '{api_key}{order_id}{amount}{api_secret}'.format(
api_key=api_key,
order_id=order_id,
amount=amount,
api_secret=api_secret
)
signature = sha256(sign.encode('ascii')).hexdigest()
# compare calculated signature with received from request
if signature == data.get(signature):
# callback is authenticated
else:
# callback is not authenticated
...
```
</details>


## Currency rates

You can get xBit rates in JSON format sending GET request to Currency Rates endpoint:<br />
[https://xbitcrypto.com/api/v1/xbit_currency_rates/](https://xbitcrypto.com/api/v1/xbit_currency_rates/)


#### Response example:
``` glade
{
"status": 1,
"rates":{
"EUR": "0.296766823",
"USD": "0.332283877",
"GBP": "0.256415435",
"BTC": "0.000080135",
"ETH": "0.002346883"
}
}
```

## Contributing

Issues and pull requests are welcome!

0 comments on commit 8daf3d1

Please sign in to comment.
You can’t perform that action at this time.