Payform Integration

Integration

The steps below will help you setup the Payform in your environment. Let's get started

In order to test your implementation you need to create a test account on our sandbox envrionment and use the keys provided. (This is a test environment, and you can test it as you like.)

• Step 1: Import EveryPay script

Payform requires Everypay.js, as the only way to integrate our solution, which collects sensitive payment information and deals with fraud detection.
Always load Everypay.js from js.everypay.gr to remain compliant. Do not include the script in a bundle or host it yourself.
checkout.html
<html>
<head>
  <title>Page Title</title>
</head>

<body>
  <div>
    <!-- My App -->
  </div>
  <script src="https://sandbox-js.everypay.gr/v3"></script>
</body>
</html>
checkout.html
<body>
  ...
  <script src="https://js.everypay.gr/v3"></script>
</body>

• Step 2: Define the payment element

Create a div element with id="pay-form". This element is where the form will be positioned within your page.

This element is required by Everypay.js

checkout.html
 <body>
    <div>
      <!-- My App -->
      ...
      <div class="custom-control custom-radio">
        <input id="credit" name="paymentMethod" type="radio" class="custom-control-input" onclick="everypay.showForm()" required>
        <label class="custom-control-label" for="credit">Credit card</label>
        <div id="pay-form"></div>
      </div>
      ...
    </div>
  </body>

• Step 3: Mount the form

Let's create the previously declared function in our scripts section. Now lets call the everypay.payform() function. The everypay.payform() function expects a payload and a response handler.

Here you can read more about the Payload that is available.

<body>
  <div>
    <!-- My App -->
    ...
    <div class="custom-control custom-radio">
      <input id="credit" name="paymentMethod" type="radio" class="custom-control-input" onclick="everypay.showForm()" required>
      <label class="custom-control-label" for="credit">Credit card</label>
      <div id="pay-form"></div>
    </div>
    ...
  </div>
</body>
<script>

var payload = {
  pk: 'your-public-key',
  amount: 1000,
  locale: 'el',
  txnType: 'tds',
}

function handleResponse(r) {
  if (r.response === 'success') {
      // You have the token! Submit it to your backend
      axios.post("https://mybackend/endpoint", {
        token: r.token
        })
      .then(response => {
        console.log(response); // This is a response from your backend. Handle it as you wish.
      })
      .catch(error => {
        console.log(error); // This is a response from your backend. Handle it as you wish.
      }) 
  }
  else {
      // Inform the user if there was an error
  }
}

everypay.payform(payload,handleResponse);

</script>

• Step 4: Handle the response

Once the form is submitted, our handleResponse function will receive a response object, which declares the authentication status for that card.

If the authentication is successful, the response returns a token and uuid*.

If the authentication has failed, the response will return an error message and uuid*.

{ response: "success",
  token: "ctn_Yj0NIWKRpfiwsOgXG27kxnvO",
  uuid: "16a2b2f0-474d-45f9-a4a9-e4a3a827e8cd" }
  {response: "error", 
  {msg: { code: "20012", message: "3D Secure authentication failed Please provide another payment card", status: "402"}},
  uuid: "4eae8bda-c812-4cce-847c-938faef8dc4d"}

*uuid: a unique guid that refers to that specific instance of the form. You can store that in your own database as a reference towards that specific instance of the authentication process.

• Step 5: Charge the card

After you have acquired a token from a successful authentication, it is time to proceed with the payment and charge the card yourself - using our API.

*In order to charge the customers card you, have to make a POST Request with a Payload that includes the token, amount, secret-key and some extra information to Everypay's payments API.

*This request must be server to server, as it contains your secret-key. You should never expose your secret-key client-side.

If the response is successful, it means that the payment has gone through and the card has been successfully charged.

We suggest that you keep the responses, attached to that specific transaction in your database for debugging purposes.

Here are some examples(not to be used on production) based on our sandbox-api (switch to api.everypay.gr for production mode):

<?php
$pk = 'your-private-key'
$postRequest = array(
    'token' => 'ctn_Yj0NIWKRpfiwsOgXG27kxnvO',
    'amount' => '10000',
    'description' => 'Order No.123'
);

$cURLConnection = curl_init('https://sandbox-api.everypay.gr/payments');
curl_setopt($cURLConnection, CURLOPT_USERPWD, $pk:);
curl_setopt($cURLConnection, CURLOPT_POSTFIELDS, $postRequest);
curl_setopt($cURLConnection, CURLOPT_RETURNTRANSFER, true);

$apiResponse = curl_exec($cURLConnection);
curl_close($cURLConnection);

// $apiResponse - available data from the API request
$jsonArrayResponse = json_decode($apiResponse);
require 'net/http'
require 'uri'

uri = URI.parse("https://sandbox-api.everypay.gr/payments")
request = Net::HTTP::Post.new(uri)
request.basic_auth("your-secret-key", "")
request.body = "token=ctn_KJ53Qx3ZGaNLttUNxyB5JQO3&amount=1000&description=Order #GGA-435167"

req_options = {
  use_ssl: uri.scheme == "https",
}

response = Net::HTTP.start(uri.hostname, uri.port, req_options) do |http|
  http.request(request)
end

# response.code
# response.body
import requests

data = {
  'token': 'ctn_KJ53Qx3ZGaNLttUNxyB5JQO3',
  'amount': '1000',
  'description': 'Order #GGA-435167'
}

response = requests.post('https://sandbox-api.everypay.gr/payments', data=data, auth=('your-secret-key', ''))
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;

import org.apache.commons.codec.binary.Base64;


public class HttpBasicAuth {

    public static void main(String[] args) {

        try {
            URL url = new URL ("https://sandbox-api.everypay.gr/payments");

            Base64 b = new Base64();
            String encoding = b.encodeAsString(new String("your-secret-key:").getBytes());
            
            String urlParameters  = "token=ctn_KJ53Qx3ZGaNLttUNxyB5JQO3&amount=1000&description=Order1";
            byte[] postData = urlParameters.getBytes( StandardCharsets.UTF_8 );

            HttpURLConnection connection = (HttpURLConnection) url.openConnection();
            connection.setRequestMethod("POST");
            connection.setDoOutput(true);
            connection.setRequestProperty  ("Authorization", "Basic " + encoding);
            connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); 
            connection.setRequestProperty("charset", "utf-8");
            
            try(DataOutputStream wr = new DataOutputStream(connection.getOutputStream())) {
                wr.write( postData );
            }
            InputStream content = (InputStream)connection.getInputStream();
            BufferedReader in   = 
                new BufferedReader (new InputStreamReader (content));
            String line;
            while ((line = in.readLine()) != null) {
                System.out.println(line);
            }
        } 
        catch(Exception e) {
            e.printStackTrace();
        }
    }
}
const https = require('https')
const querystring = require('querystring');

const form = querystring.stringify({
  token: 'ctn_Yj0NIWKRpfiwsOgXG27kxnvO',
  amount: '10000',
  description: 'Order No.123'
});

const auth = 'Basic ' + new Buffer("{your-private-key}:").toString('base64');

const options = {
  hostname: 'sandbox-api.everypay.gr',
  path: '/payments',
  method: 'POST',
  headers: {
    "Authorization": auth,
    'Content-Type': 'application/x-www-form-urlencoded',
  }
}

const req = https.request(options, res => {
  console.log(`statusCode: ${res.statusCode}`)

  res.on('data', d => {
    console.log('response', d);
  })
})

req.on('error', error => {
  console.error(error)
})

req.write(form)
req.end()
using (var httpClient = new HttpClient())
{
  using (var request = new HttpRequestMessage(new HttpMethod("POST"), "https://sandbox-api.everypay.gr/payments"))
  {
    var base64authorization = Convert.ToBase64String(Encoding.ASCII.GetBytes("sk_PqSohnrYrRI1GUKOZvDkK5VVWAhnlU3R:"));
    request.Headers.TryAddWithoutValidation("Authorization", $"Basic {base64authorization}"); 

    var contentList = new List<string>();
    contentList.Add("token=ctn_KJ53Qx3ZGaNLttUNxyB5JQO3");
    contentList.Add("amount=1000");
    contentList.Add("description=Order #GGA-435167");
    request.Content = new StringContent(string.Join("&", contentList));
    request.Content.Headers.ContentType = MediaTypeHeaderValue.Parse("application/x-www-form-urlencoded"); 

    var response = await httpClient.SendAsync(request);
  }
}