From 4258e09eaab5ea408df659a5d3cd8a02ae9581b8 Mon Sep 17 00:00:00 2001 From: Komarudin Date: Fri, 17 Sep 2021 13:30:06 +0700 Subject: [PATCH 1/3] add note and warning message --- .gitignore | 2 ++ .../core_api/core_api_credit_card_example.py | 12 +++++-- examples/core_api/core_api_simple_example.py | 5 ++- examples/flask_app/templates/index.html | 2 +- .../templates/simple_core_api_checkout.html | 6 ++-- .../simple_core_api_checkout_permata.html | 2 +- examples/flask_app/web.py | 36 +++++++++++++++---- examples/snap/snap_advanced_example.py | 8 +++++ examples/snap/snap_simple_example.py | 8 +++++ .../notification_example.py | 4 +++ .../transaction_actions_example.py | 2 ++ 11 files changed, 71 insertions(+), 16 deletions(-) diff --git a/.gitignore b/.gitignore index 4e4bab5..01f3a95 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,5 @@ dist/ build/ push_to_twine.sh ./Pipfile +env/ +.DS_STORE diff --git a/examples/core_api/core_api_credit_card_example.py b/examples/core_api/core_api_credit_card_example.py index 2803d07..1d9e8d8 100644 --- a/examples/core_api/core_api_credit_card_example.py +++ b/examples/core_api/core_api_credit_card_example.py @@ -1,5 +1,8 @@ import midtransclient +# This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. + # initialize core api client object +# can find in Merchant Portal -> Settings -> Access keys core = midtransclient.CoreApi( is_production=False, server_key='YOUR_SERVER_KEY', @@ -20,10 +23,13 @@ # core.api_config.server_key='YOUR_SERVER_KEY' # core.api_config.client_key='YOUR_CLIENT_KEY' -# IMPORTANT NOTE: You should do credit card get token via frontend using `midtrans.min.js`, to avoid card data breach risks on your backend -# ( refer to: https://api-docs.midtrans.com ) +# IMPORTANT NOTE: You should do credit card get token via frontend using `midtrans-new-3ds.min.js`, to avoid card data breach risks on your backend +# ( refer to: https://docs.midtrans.com/en/core-api/credit-card?id=_1-getting-the-card-token ) +# For full example on Credit Card 3DS transaction refer to: +# (/examples/flask_app) that implement Snap & Core Api # prepare CORE API parameter to get credit card token +# another sample of card number can refer to https://docs.midtrans.com/en/technical-reference/sandbox-test?id=card-payments params = { 'card_number': '5264 2210 3887 4659', 'card_exp_month': '12', @@ -34,7 +40,7 @@ card_token_response = core.card_token(params) cc_token = card_token_response['token_id'] -# prepare CORE API parameter to charge credit card ( refer to: https://api-docs.midtrans.com ) +# prepare CORE API parameter to charge credit card ( refer to: https://docs.midtrans.com/en/core-api/credit-card?id=_2-sending-transaction-data-to-charge-api ) param = { "payment_type": "credit_card", "transaction_details": { diff --git a/examples/core_api/core_api_simple_example.py b/examples/core_api/core_api_simple_example.py index 0a07b3a..16e901e 100644 --- a/examples/core_api/core_api_simple_example.py +++ b/examples/core_api/core_api_simple_example.py @@ -1,12 +1,15 @@ import midtransclient +# This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. + # initialize core api client object +# can find in Merchant Portal -> Settings -> Access keys core = midtransclient.CoreApi( is_production=False, server_key='YOUR_SERVER_KEY', client_key='YOUR_CLIENT_KEY' ) -# prepare CORE API parameter ( refer to: https://api-docs.midtrans.com ) charge bank_transfer parameter example +# prepare CORE API parameter ( refer to: https://docs.midtrans.com/en/core-api/bank-transfer?id=sample-request-and-request-body ) charge bank_transfer parameter example param = { "payment_type": "bank_transfer", "transaction_details": { diff --git a/examples/flask_app/templates/index.html b/examples/flask_app/templates/index.html index 682cef3..fab1dfb 100644 --- a/examples/flask_app/templates/index.html +++ b/examples/flask_app/templates/index.html @@ -11,7 +11,7 @@

Advanced usage:

\ No newline at end of file diff --git a/examples/flask_app/templates/simple_core_api_checkout.html b/examples/flask_app/templates/simple_core_api_checkout.html index e77f876..d4eca6d 100644 --- a/examples/flask_app/templates/simple_core_api_checkout.html +++ b/examples/flask_app/templates/simple_core_api_checkout.html @@ -61,7 +61,7 @@

Checkout


- Check `app.js` file, section `Using Core API - Credit Card` for the backend implementation + Check `web.js` file, section `Using Core API - Credit Card` for the backend implementation @@ -91,7 +91,7 @@

Checkout

onSuccess: function(response){ // success to get card token // [2] Send AJAX to let backend charge the card using the card token_id - // Check backend implementation on `app.js` file, section `[2]` + // Check backend implementation on `web.js` file, section `[2]` fetch("/charge_core_api_ajax", { method : "POST", body: JSON.stringify({ @@ -147,7 +147,7 @@

Checkout

if (responseObj.transaction_id){ // [4] Inform the result to backend update DB status and verify to Midtrans - // Check backend implementation on `app.js` file, section `[4]` + // Check backend implementation on `web.js` file, section `[4]` fetch('/check_transaction_status', { method : "POST", body: JSON.stringify({ "transaction_id" : responseObj.transaction_id }), diff --git a/examples/flask_app/templates/simple_core_api_checkout_permata.html b/examples/flask_app/templates/simple_core_api_checkout_permata.html index 91df28e..b877c4e 100644 --- a/examples/flask_app/templates/simple_core_api_checkout_permata.html +++ b/examples/flask_app/templates/simple_core_api_checkout_permata.html @@ -13,7 +13,7 @@

Permata VA Transaction Created

Order ID:
{{ order_id }}


- Check `app.js` file, section `/simple_core_api_checkout_permata` for the backend implementation + Check `web.js` file, section `/simple_core_api_checkout_permata` for the backend implementation diff --git a/examples/flask_app/web.py b/examples/flask_app/web.py index 4f1c79f..be0ef43 100644 --- a/examples/flask_app/web.py +++ b/examples/flask_app/web.py @@ -1,9 +1,16 @@ +# This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. + import datetime import json +import os from flask import Flask, render_template, request, jsonify - from midtransclient import Snap, CoreApi +# Set Your server key +# can find in Merchant Portal -> Settings -> Access keys +SERVER_KEY = '' +CLIENT_KEY = '' + app = Flask(__name__) #==============# @@ -15,8 +22,8 @@ def simple_checkout(): snap = Snap( is_production=False, - server_key='SB-Mid-server-GwUP_WGbJPXsDzsNEBRs8IYA', - client_key='SB-Mid-client-61XuGAwQ8Bj8LxSS', + server_key=SERVER_KEY, + client_key=CLIENT_KEY ) timestamp = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S") transaction_token = snap.create_transaction_token({ @@ -27,11 +34,11 @@ def simple_checkout(): "secure" : True } }) + return render_template('simple_checkout.html', token = transaction_token, client_key = snap.api_config.client_key) - #==============# # Using Core API - Credit Card #==============# @@ -39,8 +46,8 @@ def simple_checkout(): # [0] Setup API client and config core = CoreApi( is_production=False, - server_key='SB-Mid-server-GwUP_WGbJPXsDzsNEBRs8IYA', - client_key='SB-Mid-client-61XuGAwQ8Bj8LxSS', + server_key=SERVER_KEY, + client_key=CLIENT_KEY ) # [1] Render HTML+JS web page to get card token_id and [3] 3DS authentication @app.route('/simple_core_api_checkout') @@ -171,12 +178,27 @@ def simple_core_api_checkout_permata(): # Homepage of this web app @app.route('/') def index(): + if not SERVER_KEY or not CLIENT_KEY: + # non-relevant function only used for demo/example purpose + return printExampleWarningMessage() + return render_template('index.html') + # credit card frontend demo @app.route('/core_api_credit_card_frontend_sample') def core_api_credit_card_frontend_sample(): return render_template('core_api_credit_card_frontend_sample.html', client_key = core.api_config.client_key) + +def printExampleWarningMessage(): + pathfile = os.path.abspath("web.py") + message = "

Please set your server key and client key from sandbox

In file: " + pathfile + message += "

# Set Your server key" + message += "
# can find in Merchant Portal -> Settings -> Access keys" + message += "
SERVER_KEY = ''" + message += "
CLIENT_KEY = ''
" + return message + if __name__ == '__main__': - app.run(debug=True,port=5000,host='0.0.0.0') \ No newline at end of file + app.run(debug=True,port=5000,host='0.0.0.0') diff --git a/examples/snap/snap_advanced_example.py b/examples/snap/snap_advanced_example.py index eb6a623..a505f3b 100644 --- a/examples/snap/snap_advanced_example.py +++ b/examples/snap/snap_advanced_example.py @@ -1,5 +1,13 @@ import midtransclient +# This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. +# Please refer to this docs for snap popup: +# https://docs.midtrans.com/en/snap/integration-guide?id=integration-steps-overview + +# Please refer to this docs for snap-redirect: +# https://docs.midtrans.com/en/snap/integration-guide?id=alternative-way-to-display-snap-payment-page-via-redirect + # initialize snap client object +# can find in Merchant Portal -> Settings -> Access keys snap = midtransclient.Snap( is_production=False, server_key='YOUR_SERVER_KEY', diff --git a/examples/snap/snap_simple_example.py b/examples/snap/snap_simple_example.py index 9e86c30..2beaee9 100644 --- a/examples/snap/snap_simple_example.py +++ b/examples/snap/snap_simple_example.py @@ -1,5 +1,13 @@ import midtransclient +# This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. +# Please refer to this docs for snap popup: +# https://docs.midtrans.com/en/snap/integration-guide?id=integration-steps-overview + +# Please refer to this docs for snap-redirect: +# https://docs.midtrans.com/en/snap/integration-guide?id=alternative-way-to-display-snap-payment-page-via-redirect + # initialize snap client object +# can find in Merchant Portal -> Settings -> Access keys snap = midtransclient.Snap( is_production=False, server_key='YOUR_SERVER_KEY', diff --git a/examples/transaction_actions/notification_example.py b/examples/transaction_actions/notification_example.py index a5a3344..364b8ab 100644 --- a/examples/transaction_actions/notification_example.py +++ b/examples/transaction_actions/notification_example.py @@ -1,6 +1,10 @@ import midtransclient +# This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. +# Please refer to this docs for sample HTTP POST notifications: +# https://docs.midtrans.com/en/after-payment/http-notification?id=sample-of-different-payment-channels # initialize api client object +# can find in Merchant Portal -> Settings -> Access keys api_client = midtransclient.CoreApi( is_production=False, server_key='YOUR_SERVER_KEY', diff --git a/examples/transaction_actions/transaction_actions_example.py b/examples/transaction_actions/transaction_actions_example.py index 0097d85..ca956c5 100644 --- a/examples/transaction_actions/transaction_actions_example.py +++ b/examples/transaction_actions/transaction_actions_example.py @@ -1,6 +1,8 @@ import midtransclient +# This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. # initialize api client object +# can find in Merchant Portal -> Settings -> Access keys api_client = midtransclient.CoreApi( is_production=False, server_key='YOUR_SERVER_KEY', From 8207abe03ac9c3d0e83aeafc4b6a8397ee2b12ca Mon Sep 17 00:00:00 2001 From: Komarudin Date: Wed, 22 Sep 2021 08:45:52 +0700 Subject: [PATCH 2/3] default credential --- examples/flask_app/web.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/examples/flask_app/web.py b/examples/flask_app/web.py index be0ef43..e4a4c08 100644 --- a/examples/flask_app/web.py +++ b/examples/flask_app/web.py @@ -7,9 +7,9 @@ from midtransclient import Snap, CoreApi # Set Your server key -# can find in Merchant Portal -> Settings -> Access keys -SERVER_KEY = '' -CLIENT_KEY = '' +# You can find it in Merchant Portal -> Settings -> Access keys +SERVER_KEY = 'SB-Mid-server-GwUP_WGbJPXsDzsNEBRs8IYA' +CLIENT_KEY = 'SB-Mid-client-61XuGAwQ8Bj8LxSS' app = Flask(__name__) @@ -195,7 +195,7 @@ def printExampleWarningMessage(): pathfile = os.path.abspath("web.py") message = "

Please set your server key and client key from sandbox

In file: " + pathfile message += "

# Set Your server key" - message += "
# can find in Merchant Portal -> Settings -> Access keys" + message += "
# You can find it in Merchant Portal -> Settings -> Access keys" message += "
SERVER_KEY = ''" message += "
CLIENT_KEY = ''
" return message From ccc7bf14c5801261cd3f724d71b2e357c911983b Mon Sep 17 00:00:00 2001 From: Komarudin Date: Wed, 22 Sep 2021 08:46:01 +0700 Subject: [PATCH 3/3] update text --- examples/core_api/core_api_credit_card_example.py | 4 ++-- examples/core_api/core_api_simple_example.py | 4 ++-- examples/flask_app/templates/simple_core_api_checkout.html | 6 +++--- .../templates/simple_core_api_checkout_permata.html | 2 +- examples/snap/snap_advanced_example.py | 4 ++-- examples/snap/snap_simple_example.py | 4 ++-- examples/transaction_actions/notification_example.py | 4 ++-- examples/transaction_actions/transaction_actions_example.py | 4 ++-- 8 files changed, 16 insertions(+), 16 deletions(-) diff --git a/examples/core_api/core_api_credit_card_example.py b/examples/core_api/core_api_credit_card_example.py index 1d9e8d8..0640c5f 100644 --- a/examples/core_api/core_api_credit_card_example.py +++ b/examples/core_api/core_api_credit_card_example.py @@ -1,8 +1,8 @@ import midtransclient # This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. -# initialize core api client object -# can find in Merchant Portal -> Settings -> Access keys +# Initialize core api client object +# You can find it in Merchant Portal -> Settings -> Access keys core = midtransclient.CoreApi( is_production=False, server_key='YOUR_SERVER_KEY', diff --git a/examples/core_api/core_api_simple_example.py b/examples/core_api/core_api_simple_example.py index 16e901e..072996a 100644 --- a/examples/core_api/core_api_simple_example.py +++ b/examples/core_api/core_api_simple_example.py @@ -1,8 +1,8 @@ import midtransclient # This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. -# initialize core api client object -# can find in Merchant Portal -> Settings -> Access keys +# Initialize core api client object +# You can find it in Merchant Portal -> Settings -> Access keys core = midtransclient.CoreApi( is_production=False, server_key='YOUR_SERVER_KEY', diff --git a/examples/flask_app/templates/simple_core_api_checkout.html b/examples/flask_app/templates/simple_core_api_checkout.html index d4eca6d..ec46de4 100644 --- a/examples/flask_app/templates/simple_core_api_checkout.html +++ b/examples/flask_app/templates/simple_core_api_checkout.html @@ -61,7 +61,7 @@

Checkout


- Check `web.js` file, section `Using Core API - Credit Card` for the backend implementation + Check `web.py` file, section `Using Core API - Credit Card` for the backend implementation @@ -91,7 +91,7 @@

Checkout

onSuccess: function(response){ // success to get card token // [2] Send AJAX to let backend charge the card using the card token_id - // Check backend implementation on `web.js` file, section `[2]` + // Check backend implementation on `web.py` file, section `[2]` fetch("/charge_core_api_ajax", { method : "POST", body: JSON.stringify({ @@ -147,7 +147,7 @@

Checkout

if (responseObj.transaction_id){ // [4] Inform the result to backend update DB status and verify to Midtrans - // Check backend implementation on `web.js` file, section `[4]` + // Check backend implementation on `web.py` file, section `[4]` fetch('/check_transaction_status', { method : "POST", body: JSON.stringify({ "transaction_id" : responseObj.transaction_id }), diff --git a/examples/flask_app/templates/simple_core_api_checkout_permata.html b/examples/flask_app/templates/simple_core_api_checkout_permata.html index b877c4e..aa319a8 100644 --- a/examples/flask_app/templates/simple_core_api_checkout_permata.html +++ b/examples/flask_app/templates/simple_core_api_checkout_permata.html @@ -13,7 +13,7 @@

Permata VA Transaction Created

Order ID:
{{ order_id }}


- Check `web.js` file, section `/simple_core_api_checkout_permata` for the backend implementation + Check `web.py` file, section `/simple_core_api_checkout_permata` for the backend implementation diff --git a/examples/snap/snap_advanced_example.py b/examples/snap/snap_advanced_example.py index a505f3b..0b6d1d9 100644 --- a/examples/snap/snap_advanced_example.py +++ b/examples/snap/snap_advanced_example.py @@ -6,8 +6,8 @@ # Please refer to this docs for snap-redirect: # https://docs.midtrans.com/en/snap/integration-guide?id=alternative-way-to-display-snap-payment-page-via-redirect -# initialize snap client object -# can find in Merchant Portal -> Settings -> Access keys +# Initialize snap client object +# You can find it in Merchant Portal -> Settings -> Access keys snap = midtransclient.Snap( is_production=False, server_key='YOUR_SERVER_KEY', diff --git a/examples/snap/snap_simple_example.py b/examples/snap/snap_simple_example.py index 2beaee9..3fa698d 100644 --- a/examples/snap/snap_simple_example.py +++ b/examples/snap/snap_simple_example.py @@ -6,8 +6,8 @@ # Please refer to this docs for snap-redirect: # https://docs.midtrans.com/en/snap/integration-guide?id=alternative-way-to-display-snap-payment-page-via-redirect -# initialize snap client object -# can find in Merchant Portal -> Settings -> Access keys +# Initialize snap client object +# You can find it in Merchant Portal -> Settings -> Access keys snap = midtransclient.Snap( is_production=False, server_key='YOUR_SERVER_KEY', diff --git a/examples/transaction_actions/notification_example.py b/examples/transaction_actions/notification_example.py index 364b8ab..7648893 100644 --- a/examples/transaction_actions/notification_example.py +++ b/examples/transaction_actions/notification_example.py @@ -3,8 +3,8 @@ # Please refer to this docs for sample HTTP POST notifications: # https://docs.midtrans.com/en/after-payment/http-notification?id=sample-of-different-payment-channels -# initialize api client object -# can find in Merchant Portal -> Settings -> Access keys +# Initialize api client object +# You can find it in Merchant Portal -> Settings -> Access keys api_client = midtransclient.CoreApi( is_production=False, server_key='YOUR_SERVER_KEY', diff --git a/examples/transaction_actions/transaction_actions_example.py b/examples/transaction_actions/transaction_actions_example.py index ca956c5..d939538 100644 --- a/examples/transaction_actions/transaction_actions_example.py +++ b/examples/transaction_actions/transaction_actions_example.py @@ -1,8 +1,8 @@ import midtransclient # This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. -# initialize api client object -# can find in Merchant Portal -> Settings -> Access keys +# Initialize api client object +# You can find it in Merchant Portal -> Settings -> Access keys api_client = midtransclient.CoreApi( is_production=False, server_key='YOUR_SERVER_KEY',