Configurations

Get updates on transaction status

The configuration of the CALLBACK service is very simple since it can be done through the LocalPayment user interface Stage and/or Production environment.

Once you have entered the user interface, click on: Settings → Edit Client → Notifications.

In the "Notifications" section, select Callbacks tab and enter a URL. On the reported URL, you will receive a POST request each time a transaction reaches a final status (described above).

In addition to the notification URL, we will configure and share with you a secret key that will be used to sign the request via HMAC-SHA256. The resulting signature will be sent in the X-Signature header like shown in the image:

HMAC-SHA256 ecac5e86f0c63a52297e1b48cbgea38fbf98kce89n8227b22d3009b6713428e9

When you sign the HMAC-SHA256 request, it is recommended that you compress the json request to remove white space. Also avoid using any json formatter that can modify the original format of property values.

Remember that you are able to setup and change your own Callbacks - Webhooks by accessing with an ADMIN user to the application.

HMAC algorithm

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;

namespace Localpayment.API.Helpers
{
    public static class HmacHelper
    {
        //This function receives the parameters secret, payload, signature and validates the signature. If it is the correct signature, it returns true,
        // otherwise it returns false.
        public static bool IsValid(string secret, string payload, string signature)
        {
            //calculate the signature
            var verifiedHash = ComputeHash(secret, payload);
            
            //Validate the signature
            if (!String.IsNullOrEmpty(verifiedHash) && !String.IsNullOrEmpty(signature) && signature.ToLower().Equals(verifiedHash.ToLower()))
            {
                return true;
            }
            return false;
        }
        
        //function used to generate the hmac
        public static string ComputeHash(string secret, string payload)
        {
            byte[] key = Encoding.UTF8.GetBytes(secret);
            HMACSHA256 myhmacsha256 = new HMACSHA256(key);
            byte[] byteArray = Encoding.UTF8.GetBytes(payload);
            MemoryStream stream = new MemoryStream(byteArray);
            string result = myhmacsha256.ComputeHash(stream).Aggregate("", (s, e) => s + String.Format("{0:x2}", e), s => s);
            return result;
        }
    }
}

import java.util.Objects;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

public class HmacHelper {

   //algorithm used for hmac
   public static final String ALGORITHM = "HmacSHA256";

   //function used to generate the hmac
   public static String calculateHMAC(String key, String data) throws Exception {

      //Returns a Mac object that implements the specified MAC algorithm.
      Mac sha256_HMAC = Mac.getInstance(ALGORITHM);

      //Constructs a secret key from the given byte array.
      SecretKeySpec secret_key = new SecretKeySpec(key.getBytes("UTF-8"), ALGORITHM);

      //Initializes this Mac object with the given key.
      sha256_HMAC.init(secret_key);

      //Processes the given array of bytes and finishes the MAC operation.
      byte[] MAC = sha256_HMAC.doFinal(data.getBytes("UTF-8"));
      
      //return: the MAC result .
      return byteArrayToHex(MAC);
   }

   //This function receives the parameters secret, payload, signature and validates the signature. If it is the correct signature, it returns true,
   // otherwise it returns false.
   public static boolean IsValid(String secret, String payload, String signature) throws Exception {
      //calculate the signature
      String verifiedHash = calculateHMAC(secret, payload);

      //Validate the signature
      if (Objects.nonNull(verifiedHash) && Objects.nonNull(signature) && signature.toLowerCase().equals(verifiedHash.toLowerCase())) {
         return true;
      }
      return false;
   }
   
   //this function convert byte Array To Hexadecimal String
   public static String byteArrayToHex(byte[] a) {
      StringBuilder sb = new StringBuilder(a.length * 2);
      for (byte b : a) {
         sb.append(String.format("%02x", b));
      }
      return sb.toString();
   }

}

Our Dynamic tutorial:

Follow our tutorial to configure the callback url from our frontend:

Example: Callback Notifications Service

The general structure for this request is:

{

"transactionType": "Payin",

"data": {

...

} }

The "data" node content of the Callback is the same as the Body structure of the Check Payment

Remember that you can also check the status of each transaction using the Check Status endpoint. The request payload you will receive will be the same as the one sent by the CALLBACK push notification service.

PreviousCallbacks - Webhooks NextPayins

Last updated 1 year ago

Was this helpful?