Utility Update and bug fixes

pythonKit 3.X/Checksum.py

@@ -0,0 +1,137 @@
+import base64
+import string
+import random
+import hashlib
+
+from Crypto.Cipher import AES
+
+
+IV = "@@@@&&&&####$$$$"
+BLOCK_SIZE = 16
+
+
+def generate_checksum(param_dict, merchant_key, salt=None):
+    params_string = __get_param_string__(param_dict)
+    salt = salt if salt else __id_generator__(4)
+    final_string = '%s|%s' % (params_string, salt)
+
+    hasher = hashlib.sha256(final_string.encode())
+    hash_string = hasher.hexdigest()
+
+    hash_string += salt
+
+    return __encode__(hash_string, IV, merchant_key)
+
+def generate_refund_checksum(param_dict, merchant_key, salt=None):
+    for i in param_dict:    
+        if("|" in param_dict[i]):
+            param_dict = {}
+            exit()
+    params_string = __get_param_string__(param_dict)
+    salt = salt if salt else __id_generator__(4)
+    final_string = '%s|%s' % (params_string, salt)
+
+    hasher = hashlib.sha256(final_string.encode())
+    hash_string = hasher.hexdigest()
+
+    hash_string += salt
+
+    return __encode__(hash_string, IV, merchant_key)
+
+
+def generate_checksum_by_str(param_str, merchant_key, salt=None):
+    params_string = param_str
+    salt = salt if salt else __id_generator__(4)
+    final_string = '%s|%s' % (params_string, salt)
+
+    hasher = hashlib.sha256(final_string.encode())
+    hash_string = hasher.hexdigest()
+
+    hash_string += salt
+
+    return __encode__(hash_string, IV, merchant_key)
+
+
+def verify_checksum(param_dict, merchant_key, checksum):
+    # Remove checksum
+    if 'CHECKSUMHASH' in param_dict:
+        param_dict.pop('CHECKSUMHASH')
+
+    # Get salt
+    paytm_hash = __decode__(checksum, IV, merchant_key)
+    salt = paytm_hash[-4:]
+    calculated_checksum = generate_checksum(param_dict, merchant_key, salt=salt)
+    return calculated_checksum == checksum
+
+def verify_checksum_by_str(param_str, merchant_key, checksum):
+    # Remove checksum
+    #if 'CHECKSUMHASH' in param_dict:
+        #param_dict.pop('CHECKSUMHASH')
+
+    # Get salt
+    paytm_hash = __decode__(checksum, IV, merchant_key)
+    salt = paytm_hash[-4:]
+    calculated_checksum = generate_checksum_by_str(param_str, merchant_key, salt=salt)
+    return calculated_checksum == checksum
+
+
+
+def __id_generator__(size=6, chars=string.ascii_uppercase + string.digits + string.ascii_lowercase):
+    return ''.join(random.choice(chars) for _ in range(size))
+
+
+def __get_param_string__(params):
+    params_string = []
+    for key in sorted(params.keys()):
+        if("REFUND" in params[key] or "|" in params[key]):
+            respons_dict = {}
+            exit()
+        value = params[key]
+        params_string.append('' if value == 'null' else str(value))
+    return '|'.join(params_string)
+
+
+__pad__ = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * chr(BLOCK_SIZE - len(s) % BLOCK_SIZE)
+__unpad__ = lambda s: s[0:-ord(s[-1])]
+
+
+def __encode__(to_encode, iv, key):
+    # Pad
+    to_encode = __pad__(to_encode)
+    # Encrypt
+    c = AES.new(key, AES.MODE_CBC, iv)
+    to_encode = c.encrypt(to_encode)
+    # Encode
+    to_encode = base64.b64encode(to_encode)
+    return to_encode.decode("UTF-8")
+
+
+def __decode__(to_decode, iv, key):
+    # Decode
+    to_decode = base64.b64decode(to_decode)
+    # Decrypt
+    c = AES.new(key, AES.MODE_CBC, iv)
+    to_decode = c.decrypt(to_decode)
+    if type(to_decode) == bytes:
+        # convert bytes array to str.
+        to_decode = to_decode.decode()
+    # remove pad
+    return __unpad__(to_decode)
+
+
+if __name__ == "__main__":
+    params = {
+        "MID": "mid",
+        "ORDER_ID": "order_id",
+        "CUST_ID": "cust_id",
+        "TXN_AMOUNT": "1",
+        "CHANNEL_ID": "WEB",
+        "INDUSTRY_TYPE_ID": "Retail",
+        "WEBSITE": "xxxxxxxxxxx"
+    }
+
+    print(verify_checksum(
+        params, 'xxxxxxxxxxxxxxxx',
+        "CD5ndX8VVjlzjWbbYoAtKQIlvtXPypQYOg0Fi2AUYKXZA5XSHiRF0FDj7vQu66S8MHx9NaDZ/uYm3WBOWHf+sDQAmTyxqUipA7i1nILlxrk="))
+
+    # print(generate_checksum(params, "xxxxxxxxxxxxxxxx"))

pythonKit 3.X/response.cgi

@@ -0,0 +1,34 @@
+#!/usr/bin/python3
+
+import Checksum
+import requests
+import base64
+import json
+import requests
+
+print("Content-type: text/html\n")
+MERCHANT_KEY = 'xxxxxxxxxxxxxxxx';
+import cgi
+
+form = cgi.FieldStorage()
+respons_dict = {}
+
+for i in form.keys():
+ respons_dict[i]=form[i].value
+ if i=='CHECKSUMHASH':
+    checksum = form[i].value
+
+if 'GATEWAYNAME' in respons_dict:
+	if respons_dict['GATEWAYNAME'] == 'WALLET':
+		respons_dict['BANKNAME'] = 'null';
+
+verify = Checksum.verify_checksum(respons_dict, MERCHANT_KEY, checksum)
+print verify
+
+if verify:
+	if respons_dict['RESPCODE'] == '01':
+		print("order successful")
+	else:
+		print("order unsuccessful because"+respons_dict['RESPMSG'])
+else: 
+	print("order unsuccessful because"+respons_dict['RESPMSG'])

pythonKit 3.X/test.cgi

@@ -0,0 +1,38 @@
+#!/usr/bin/python
+
+import Checksum
+import requests
+import base64
+import json
+print("Content-type: text/html\n")
+
+
+MERCHANT_KEY = 'kbzk1DSbJiV_O3p5';
+data_dict = {
+            'MID':'WorldP64425807474247',
+            'ORDER_ID':'dddgfgfeeed',
+            'TXN_AMOUNT':'1',
+            'CUST_ID':'[email protected]',
+            'INDUSTRY_TYPE_ID':'Retail',
+            'WEBSITE':'worldpressplg',
+            'CHANNEL_ID':'WEB',
+	    #'CALLBACK_URL':'http://localhost/pythonKit/response.cgi',
+        }
+
+
+param_dict = data_dict  
+param_dict['CHECKSUMHASH'] =Checksum.generate_checksum(data_dict, MERCHANT_KEY)
+
+
+
+#for key in param_dict:
+ #   print(key.strip()+param_dict[key].strip())
+
+print('<h1>Merchant Check Out Page</h1></br>')
+print('<form method="post" action="https://pguat.paytm.com/oltp-web/processTransaction" name="f1">')
+for key in param_dict:
+    print('<input type="hidden" name="'+key.strip()+'"value="'+param_dict[key].strip()+'">')
+print('<script type="text/javascript">')
+print('document.f1.submit();')
+print('</script>')
+print('</form>')

pythonKit/Checksum.py → pythonKit2.X/Checksum.py

@@ -22,6 +22,22 @@ def generate_checksum(param_dict, merchant_key, salt=None):
 
     return __encode__(hash_string, IV, merchant_key)
 
+def generate_refund_checksum(param_dict, merchant_key, salt=None):
+    for i in param_dict:    
+    if("|" in param_dict[i]):
+        param_dict = {}
+        exit()
+    params_string = __get_param_string__(param_dict)
+    salt = salt if salt else __id_generator__(4)
+    final_string = '%s|%s' % (params_string, salt)
+
+    hasher = hashlib.sha256(final_string.encode())
+    hash_string = hasher.hexdigest()
+
+    hash_string += salt
+
+    return __encode__(hash_string, IV, merchant_key)
+
 
 def generate_checksum_by_str(param_str, merchant_key, salt=None):
     params_string = param_str

pythonKit/test.cgi → pythonKit2.X/test.cgi

@@ -29,7 +29,7 @@ param_dict['CHECKSUMHASH'] =Checksum.generate_checksum(data_dict, MERCHANT_KEY)
  #   print key.strip()+param_dict[key].strip()
 
 print '<h1>Merchant Check Out Page</h1></br>'
-print '<form method="post" action="https://pguat.paytm.com/oltp-web/processTransaction" name="f1">'
+print '<form method="post" action="https://securegw-stage.paytm.in/theia/processTransaction" name="f1">'
 print '<table border="1">'
 print '<tbody>'
 for key in param_dict:

readme.md

@@ -2,11 +2,21 @@
 This sample kit is ready to be deployed and tested.
 
 # Instructions
- 1. Copy the *pythonKit* folder into the root folder of your server (like /var/www/html)
+ 1. Copy the *pythonKit* folder(according to your python version) into the root folder of your server (like /var/www/html)
  2. **Mandatory Step**: For each test transaction, please change the value of the parameter "ORDER_ID" in the test.cgi file.
 
 # Usage Description
 The *pythonKit* folder has the following files:
  1. CheckSum.py – This file has the logic for checksum generation and verification.
  2. test.cgi – This file will initiate the sample test transaction through the Paytm gateway. Paytm parameters need to be added in this file.
  3. response.cgi – This file has the logic for processing PG response after the transaction processing.
+
+ # For Offline(Wallet Api) Checksum Utility below are the methods:
+  1. generate_checksum_by_str : For generating the checksum
+  2. verify_checksum_by_str : For verifing the checksum
+
+# To generate refund checksum in Python :
+  1. Create an array with key value pair of following paytm parameters 
+     (MID, ORDERID, TXNTYPE, REFUNDAMOUNT, TXNID, REFID)
+  2. To generate checksum, call the following method. This function returns the checksum as a string.
+     generate_refund_checksum(param_dict, merchant_key, salt=None)