Payin API Requirements
All requests to the Brazil Payin API must include the following headers:
Header | Description |
---|---|
Accept | application/vnd.boacompra.com.v1+json; charset=UTF-8 |
Content-Type | application/json |
Accept-Language | Input language. Default is en-US . |
Authorization | Generated HMAC using your store-id , secret-key , and request path/query string. |
Your
store-id
andsecret-key
are provided by your Account Manager.
Header Generation
Use the examples below to generate the Authorization
header based on your integration language:
<?php
class header {
private $_secretKey = 'YOURSECRETKEY';
private $_storeId = '10';
function __construct($url, $content = '') {
$this->_setContentMd5($content);
$this->_setHttpVerb($url);
}
private function _setContentMd5($content) {
if ($content == '') $this->_contentMd5 = '';
else $this->_contentMd5 = base64_encode(md5($content));
}
private function _getQueryString($url){
$queryString = parse_url($url, PHP_URL_QUERY);
return empty($queryString) ? '' : '?' . $queryString;
}
private function _setHttpVerb($url) {
$this->_httpVerb = parse_url($url, PHP_URL_PATH) . $this->_getQueryString($url);
}
private function _generateAuthorization() {
return hash_hmac('sha256', $this->_httpVerb . $this->_contentMd5, $this->_secretKey);
}
public function generateHeader() {
$headers = array(
'Accept' => 'application/vnd.boacompra.com.v1+json; charset=UTF-8',
'Content-Type' => 'application/json',
'Authorization' => $this->_storeId.':'.$this->_generateAuthorization(),
'Accept-Language' => 'en-US'
);
return $headers;
}
}
echo '<pre>'. 'GET EXAMPLE <br />';
$headerGet = new header('https://api.boacompra.com/transactions/87585840', '');
print_r($headerGet->generateHeader());
public class Header {
private String secretKey = "YOURSECRETKEY";
private String storeId = "10";
private String contentMD5;
private String httpVerb;
public Header(String url, String content) throws NoSuchAlgorithmException, MalformedURLException, UnsupportedEncodingException {
this.setContentMd5(content);
this.setHttpVerb(new URL(url));
}
private void setHttpVerb(URL url) {
this.httpVerb = url.getPath() + (url.getQuery() != null ? url.getQuery() : "");
}
private void setContentMd5(String content) throws NoSuchAlgorithmException, UnsupportedEncodingException {
if (content == "") {
this.contentMD5 = "";
}else {
MessageDigest md = MessageDigest.getInstance("MD5");
byte messageDigest[] = md.digest(content.getBytes("UTF-8"));
this.contentMD5 = Base64.encodeBase64String(new BigInteger(1,messageDigest).toString(16).getBytes());
}
}
private String generateAuthorization() throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
final String data = this.httpVerb+this.contentMD5;
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(this.secretKey.getBytes("UTF8"), "HmacSHA256"));
return Hex.encodeHexString(mac.doFinal(data.getBytes("UTF-8")));
}
public HashMap<String,String> generateHeader() throws InvalidKeyException, NoSuchAlgorithmException, UnsupportedEncodingException {
HashMap<String, String> headers = new HashMap<>();
headers.put("Accept", "application/vnd.boacompra.com.v1+json; charset=UTF-8");
headers.put("Content-Type", "application/json");
headers.put("Authorization", this.storeId+':'+this.generateAuthorization());
headers.put("Accept-Language", "en-US");
return headers;
}
}
Header header = new Header("https://api.boacompra.com/transactions/87585840", "");
HashMap<String, String> headerMap = header.generateHeader();
System.out.println(Arrays.asList(headerMap));
require 'uri'
require 'base64'
require 'openssl'
require 'digest/md5'
class Header
SECRET_KEY = 'YOURSECRETKEY'
STORE_ID = 10
attr_reader :contentMD5, :httpVerb
def initialize(url, content = '')
setContentMD(content)
setHttpVerb(url)
end
private
def setContentMD(content)
if content.to_s.empty?
@contentMD5 = ''
else
@contentMD5 = Base64.encode64(Digest::MD5.hexdigest(content)).delete!("\n")
end
end
private
def getQueryString(url)
uri = URI(url)
url.to_s.empty? || uri.query.nil? ? '' : '?' + uri.query
end
private
def setHttpVerb(url)
uri = URI::parse(url)
@httpVerb = uri.path + getQueryString(url)
end
private
def generateAuthorization()
OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), SECRET_KEY, @httpVerb + @contentMD5)
end
public
def generateHeader()
headers = {
"Accept" => 'application/vnd.boacompra.com.v1+json; charset=UTF-8',
"Content-Type" => 'application/json',
"Authorization" => STORE_ID.to_s + ":" + generateAuthorization(),
"Accept-Language" => 'en-US'
}
headers
end
end
puts '<pre>GET EXAMPLE <br />'
headerGet = Header.new('https://api.boacompra.com/transactions/87585840', '')
puts headerGet.generateHeader()
"""Boacompra python 2.7"""
import base64
import hashlib
import hmac
from urlparse import urlparse
class Header:
secretKey = "YOURSECRETKEY"
storeId = "10"
def __init__(self, url, content):
self.setContentMd5(content)
self.setHttpVerb(url)
def setContentMd5(self, content):
self.contentMd5 = '' if content == '' else base64.b64encode(hashlib.md5(content).hexdigest())
def setHttpVerb(self, url):
self.httpVerb = '{}''{}'.format(urlparse(url).path, self.getQueryStrint(url))
def getQueryStrint(self, url):
return '' if urlparse(url).query == '' else '?{}'.format(urlparse(url).query)
def generateAuthorization(self):
return hmac.new(self.secretKey, self.httpVerb + self.contentMd5, hashlib.sha256).hexdigest()
def generateHeader(self):
return dict({'Accept':'application/vnd.boacompra.com.v1+json; charset=UTF-8', 'Content-Type':'application/json', 'Authorization': '{}'':{}'.format(self.storeId, self.generateAuthorization()), 'Accept-Language':'en-US'})
"""Boacompra python 3.x"""
import base64
import hashlib
import hmac
from urllib.parse import urlparse
class Header3(object):
secretKey = "YOURSECRETKEY"
storeId = "10"
def __init__(self, url, content):
self.setContentMd5(content)
self.setHttpVerb(url)
self.generateAuthorization()
def setContentMd5(self, content):
self.contentMd5 = ''
if content == ''
else base64.b64encode(hashlib.md5(content.encode()).hexdigest().encode('ascii')).decode('ascii')
def setHttpVerb(self, url):
self.httpVerb = '{}''{}'.format(urlparse(url).path, self.getQueryStrint(url))
def getQueryStrint(self, url):
return '' if urlparse(url).query == '' else '?{}'.format(urlparse(url).query)
def generateAuthorization(self):
message = bytes('{}''{}'.format(self.httpVerb, self.contentMd5), 'utf-8')
secret = bytes(self.secretKey, 3 'utf-8')
return hmac.new(secret, message, hashlib.sha256).hexdigest()
def generateHeader(self):
return dict({'Accept':'application/vnd.boacompra.com.v1+json; charset=UTF-8', 'Content-Type':'application/json', 'Authorization': '{}'':{}'.format(self.storeId, self.generateAuthorization()), 'Accept-Language':'en-US'})
Updated 26 days ago