RDP Redirect API

First Phase – Constructing Payment URL

First Phase Description

The first phase request is meant to request RDP (Red Dot Payment) payment gateway in order to construct a payment URL for merchant’s customer. This is a server-to-server communication. Communication is using HTTP protocol POST request and in the message format of JSON. In the production (live) server everything is communicated under SSL Secured Channel using standard port 443.

First Phase Service End Points

The URL service end points for the redirect payment API are as follow:

First Phase Request Parameters

First Phase Request JSON formatted example:

{
 "redirect_url":"http:\/\/localhost\/rdp\/service\/test-suite\/T_redirection_hosted_single\/redirect_url",
 "notify_url":"http:\/\/localhost\/rdp\/notif_server\/payment_api\/notif-url.php",
 "back_url":"http:\/\/localhost\/rdp\/service\/test-suite\/T_redirection_hosted_single\/back_url",
 "mid":"1000089029",
 "order_id":"TST102",
 "amount":"0.01",
 "ccy":"SGD",
 "api_mode":"redirection_hosted",
 "payment_type":"S",
 "merchant_reference":"the things to reference",
 "signature":"325cda0dc4a0dfa523afc542c245ae008ca73910779e670f96b3ed4bd241b966e752036afd1920ae9690ca475b82eda302a3b0a7ad9157a4d4cdb0cc38b36e52"
}




First Phase Response Parameters

First phase response JSON formatted example:

For successful transaction:

{  
 "created_timestamp":1454382081,
 "expired_timestamp":1454468481,
 "mid":"1000089029",
 "order_id":"TST102",
 "transaction_id":"TST102_59772881953567319",
 "payment_url":"http:\/\/test.reddotpayment.com\/service\/secure-payment\/--REDSHOP--\/2608ed4b6363e80104effca44d2b1c4170f06d570fe78430ba0f7dd7016ea975710d78fd9f41dc3561ada259d8f95112f30d81ae1f5e9a0277cb64f9f449b427",
 "response_code":0,
 "signature":"58060d69ac7c7f60b8dc6a3ddd2485d9d0f744a8c604c347f50a06025d076ce367be5140690b095e17fa293b973a37ad073ab6c36ebe4d31eaae679a2de60bcc"
}

For failed or error transaction:

{  
   "response_status":"error",
   "response_code":"-1901",
   "response_msg":"redirect_url could not be found"
}

First Phase Response Handling Example

Below are the procedures for first phase response parameters handling:

  1. When the ‘response_code’ parameter indicates a successful payment (response_code is ‘0’), merchants should check the transaction signature (‘signature’ parameter) by using generic signature algorithm (please refer to chapter 4.2 about ‘Generic Section’).
{  
 "created_timestamp":1454382081,
 "expired_timestamp":1454468481,
 "mid":"1000089029",
 "order_id":"TST102",
 "transaction_id":"TST102_59772881953567319",
 "payment_url":"http:\/\/test.reddotpayment.com\/service\/secure-payment\/--REDSHOP--\/2608ed4b6363e80104effca44d2b1c4170f06d570fe78430ba0f7dd7016ea975710d78fd9f41dc3561ada259d8f95112f30d81ae1f5e9a0277cb64f9f449b427",
 "response_code":0,
 "signature":"58060d69ac7c7f60b8dc6a3ddd2485d9d0f744a8c604c347f50a06025d076ce367be5140690b095e17fa293b973a37ad073ab6c36ebe4d31eaae679a2de60bcc"
}

2. After validating the transaction signature, merchants should get the payment URL parameter and redirect customers to that particular URL.
Below is the sample code for first phase response parameter handling in PHP programming language.

<?php
function response_handling($mid, $secret_key, $json_response)
{
    $array_response = json_decode($json_response,true);
    if ($array_response['response_code'] == 0)
    {
    // Successfull transaction //

    // Calculate signature using sign generic function //
    $calculated_signature = sign_generic($secret_key,
                              $array_response);

    // Validate the received transaction signature //
    if ($calculated_signature == $array_response['signature'])
    {
        if (!empty($array_response['payment_url']))
        {
        // Redirect customers to payment page //
        header ('Location: ' . $array_response['payment_url']);
        exit;
        }
        else
        {
        // Empty payment URL in succesful txn (should not happen) //
        throw new Exception('Invalid response, no payment_url');
        }
    }
    else
    {
        // Invalid signature, the response might not come from RDP //
        throw new Exception('Invalid signature!');
    }
    }
    else
    {
    throw new Exception('Invalid request : '.
                 $array_reponse['response_msg']);
    }
};

?>