PC(Desktop) API integration
API integration
In API integration section, API type integration guide is provided.
Call Payment Window – Authentication Data Receive – Payment Request – Payment Result Process
Please check the PC Standard Web Payment Integration Guide through 4 STEP
API Download
Refer to Download menu for library and integration sample codes.
Payment Window Call JS
Introducing neccessary script to call NHN KCP payment page
<!-- Payment Window Call JS-->
1https://pay.kcp.co.kr/plugin/payplus_web.jspTest : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
Payment Window Execution Function
Introducing neccessary function to call NHN KCP payment page
<!-- Calling function(Execute) -->
1<script type="text/javascript">
2function jsf_pay(form)
3{
4 try
5 {
6 KCP_Pay_Execute( form );
7 }
8 catch (e)
9 {
10 /* Script finished with a throw in IE when the payment is normally closed */
11 }
12}
13</script>Type : text/javascriptAuthentication Data
The corresponding function is for handling authorization request upon completing the payment window authentication. (The function name cannot be changed.)
FormOrJson not to be used by merchants
FormOrJson value is set to frm value. You should use it as frm value.
The position of the function must be set before js_url javascript sourcing
Return Value is “form”
<!-- Example of m_Completepayment function -->
1<script type="text/javascript">
2function m_Completepayment( FormOrJson, closeEvent )
3 {
4 var frm = document.order_info; //submit
5 GetField( frm, FormOrJson );
6 if( frm.res_cd.value == "0000"
7 {
8 /* Response processing by merchant part */
9 frm.submit();
10 }
11 else
12 {
13 alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );
14 closeEvent();
15 }
16 }
17</script>Type : text/javascriptOrder Request Parameter Gulde
Required Parameter
site_cd
Merchant ID
ordr_idxx
Merchant order number
pay_method
Payment Method Code
Composed of 12 digits (Use: 1, Not used: 0)
- Credit Card : 100000000000
- Bank Transfer : 010000000000
- Virtual Account : 001000000000
- Mobile Billing : 000010000000
good_name
Product Name
good_mny
Payment Amount
currency
WON : 410 / USD : 840
shop_user_id
Shop user ID
Optional Parameter
site_name
Merchant Name(Recommend to input in English)
buyr_name
Buyer name
buyr_mail
Buyer mail
buyr_tel2
Buyer Mobile Number
Conditional Parameter
Credit card conditional parameter
quotaopt
Install payment option for transaction amount over 50,000 KRW.
kcp_noint
No - interest installment.“” : As stated in Merchant Portal configuration
“Y” : no interest option configured in the ‘no interest’ setup (kcp_noint_quota) in Merchant Portal
“N” : Ignores Merchant Portal configuration, general install payment is set in place.
kcp_noint_quota
In case that kcp_noint is set as ‘Y,’ no interest installment option will be shown on the payment window (as an icon).
Configurable by each card issuer
used_card_YN
Set the parameter value as “Y”, and enter the code corresponding to the desired credit card company in the used_card.
used_card
In case that user_card_YN is set as ‘Y’, enter the code corresponding to the desired credit card company.
View Card Code▼
| Card Code | Card Name | Card Code | Card Name |
|---|---|---|---|
| CCLG | Shinhan | CCKJ | Kwangju |
| CCDI | Hyundai | CCSU | Suhyup |
| CCLO | Lotte | CCJB | Jeonbuk |
| CCKE | KEB | CCCJ | Jeju |
| CCSS | Samsung | CCKD | KDB |
| CCKM | KB Kookmin | CCSB | Savings |
| CCBC | BC | CCCU | Shinhyup |
| CCNH | NH | CCPB | Korea Post |
| CCHN | Hana | CCSM | SMG |
| CCCT | Citi | CCKA | Kakaobank |
| CCPH | Woori | CCXB | Master |
| BC81 | HanaBC | CCXC | JCB |
| CCKK | K bank | ||
| CCUF | UnionPay | ||
| CCXA | VISA |
fix_inst
Fix Install payment option to one of the values from 0~12 for transaction amount over 50,000 KRW
Virtual Account Parameter
wish_vbank_list
You can select the desired bank(s) among the available banks on NHN KCP payment module.
vcnt_expire_term
Expiration time of the virtual account
vcnt_expire_term_time
Expiration time of the virtual account
Additional parameter to be set with vcnt_expire_term.
<!-- Setting Virtual Account option example -->
<input type=”hidden” name=”wish_vbank_list” value=”05:03:04:07:11:23”> //Select Virtual Account
<input type=”hidden” name=”vcnt_expire_term” value=”3”> //Expiration term of the virtual account
<input type=”hidden” name=”vcnt_expire_term_time” value=“120000”> //Expiration time of the virtual account Add Optional Parameter
site_logo
A parameter that makes the site logo to appear on the upper left corner of the payment screen.
The URL of the site logo must be accurately entered, and omission of this parameter will result in the appearance of the site_name value without the logo.
Logo files in GIF / JPG formats only
max. size: 150 X 50 supported.
size above the standard, site_name will be displayed.
※ Using this may slow down the process.
eng_flag
English-Korean Switch
skin_indx
Payment Window skin preference (1~11 avail.)
kcp_pay_title
Payment Window Header Message
Ex) NHN KCP
Payment(Request/Authorization Return) code sample
<html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function m_Completepayment( FormOrJson, closeEvent )
{
var frm = document.order_info;
GetField( frm, FormOrJson );
if( frm.res_cd.value == "0000" )
{
/*
retrun data
*/
frm.submit();
}
else
{
alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );
closeEvent();
}
}
</script>
<!--
dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function jsf__pay( form )
{
try
{
KCP_Pay_Execute( form );
}
catch (e)
{
/* IE */
}
}
</script>
</head>
<body>
<form name="order_info" method="post" action="..action URL">
<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />
<input type="text" name="pay_method" value="100000000000" />
<a href="#none" onclick="jsf__pay(document.order_info);">action</a>
<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />
<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html><html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function m_Completepayment( FormOrJson, closeEvent )
{
var frm = document.order_info;
GetField( frm, FormOrJson );
if( frm.res_cd.value == "0000" )
{
/*
retrun data
*/
frm.submit();
}
else
{
alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );
closeEvent();
}
}
</script>
<!--
dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function jsf__pay( form )
{
try
{
KCP_Pay_Execute( form );
}
catch (e)
{
/* IE */
}
}
</script>
</head>
<body>
<form name="order_info" method="post" action="..action URL">
<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />
<input type="text" name="pay_method" value="100000000000" />
<a href="#none" onclick="jsf__pay(document.order_info);">action</a>
<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />
<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html><html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function m_Completepayment( FormOrJson, closeEvent )
{
var frm = document.order_info;
GetField( frm, FormOrJson );
if( frm.res_cd.value == "0000" )
{
/*
retrun data
*/
frm.submit();
}
else
{
alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );
closeEvent();
}
}
</script>
<!--
dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function jsf__pay( form )
{
try
{
KCP_Pay_Execute( form );
}
catch (e)
{
/* IE */
}
}
</script>
</head>
<body>
<form name="order_info" method="post" action="..action URL">
<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />
<input type="text" name="pay_method" value="100000000000" />
<a href="#none" onclick="jsf__pay(document.order_info);">action</a>
<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />
<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html><html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function m_Completepayment( FormOrJson, closeEvent )
{
var frm = document.order_info;
GetField( frm, FormOrJson );
if( frm.res_cd.value == "0000" )
{
/*
retrun data
*/
frm.submit();
}
else
{
alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );
closeEvent();
}
}
</script>
<!--
dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function jsf__pay( form )
{
try
{
KCP_Pay_Execute( form );
}
catch (e)
{
/* IE */
}
}
</script>
</head>
<body>
<form name="order_info" method="post" action="..action URL">
<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />
<input type="text" name="pay_method" value="100000000000" />
<a href="#none" onclick="jsf__pay(document.order_info);">action</a>
<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />
<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html><html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function m_Completepayment( FormOrJson, closeEvent )
{
var frm = document.order_info;
GetField( frm, FormOrJson );
if( frm.res_cd.value == "0000" )
{
/*
retrun data
*/
frm.submit();
}
else
{
alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );
closeEvent();
}
}
</script>
<!--
dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function jsf__pay( form )
{
try
{
KCP_Pay_Execute( form );
}
catch (e)
{
/* IE */
}
}
</script>
</head>
<body>
<form name="order_info" method="post" action="..action URL">
<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />
<input type="text" name="pay_method" value="100000000000" />
<a href="#none" onclick="jsf__pay(document.order_info);">action</a>
<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />
<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html><html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function m_Completepayment( FormOrJson, closeEvent )
{
var frm = document.order_info;
GetField( frm, FormOrJson );
if( frm.res_cd.value == "0000" )
{
/*
retrun data
*/
frm.submit();
}
else
{
alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );
closeEvent();
}
}
</script>
<!--
dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">
function jsf__pay( form )
{
try
{
KCP_Pay_Execute( form );
}
catch (e)
{
/* IE */
}
}
</script>
</head>
<body>
<form name="order_info" method="post" action="..action URL">
<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />
<input type="text" name="pay_method" value="100000000000" />
<a href="#none" onclick="jsf__pay(document.order_info);">action</a>
<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />
<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html>Returned Authentication Parameter Guide
Returned Parameter
enc_data
Encrypted data retuned by the payment UI.
enc_info
Encrypted data retuned by the payment UI.
tran_cd
Transaction code
callback Data Received Example
<!-- callback Data Received Example -->
1<input type="hidden" name="enc_info" value=""/>
2<input type="hidden" name="enc_data" value=""/>
3<input type="hidden" name="tran_cd" value=""/>Authorization Request
Request Authorization of authentication data with API URL.
<!-- API Call -->
1https://spl.kcp.co.kr/gw/enc/v1/paymentTest : https://stg-spl.kcp.co.kr/gw/enc/v1/payment
Authorization Request Data
Authorization Request Data needs to be as Json String method.
Refer to server certificate section for issurance of kcp_cert_infocertificate data that is required for authorization.
<!-- Authorization Request Data -->
1{
2 "tran_cd":”00100000”,
3 "ordr_mony":"1004",
4 "kcp_cert_info":"-----BEGIN CERTIFICATE-----MIID3DCCAsSgAwIBAgIJAM...=-----END CERTIFICATE-----",
5 "site_cd":"T1234",
6 "enc_data":"SnvXdGftIEjAequorkpNhJXc4u3GRuotLHW9vyDDOhdeorM4DPXMJgJlIEoRo6divo=",
7 "enc_info":"A12345B12345"
8}Response is returned in the same form of Json
Server Certificate
Extraction of data values from NHN KCP issued certificate,
For Merchant authentication, the certificate information issued by KCP must be delivered in text format.
The text value within the certificate must be serialized and delivered as the value of kcp_cert_info.
the parameter kcp_cert_info is needed for requesting Authorization cancel(mod) trade registration inquery
Authorization Request Parameter
Required Parameter
site_cd
Merchant ID
kcp_cert_info
Serialized KCP Server Certificate
enc_data
Encrypted data retuned by the payment UI.<
enc_info
Encrypted data retuned by the payment UI.
tran_cd
Transaction type.
ordr_mony
Actual payment request money
API Authorization sample
String target_URL = "https://stg-spl.kcp.co.kr/gw/enc/v1/payment"; //dev
JSONObject json_req = new JSONObject();
json_req.put("tran_cd", tran_cd);
json_req.put("site_cd", site_cd);
json_req.put("kcp_cert_info", kcp_cert_info);
json_req.put("enc_data", enc_data);
json_req.put("enc_info", enc_info);
json_req.put("ordr_mony",ordr_mony);
String temp_req_data = json_req.toString();
String req_data = temp_req_data.replace(",",",\r\n");
String inputLine = null;
StringBuffer outResult = new StringBuffer();
// API REQ
URL url = new URL(target_URL);
HttpURLConnection conn = (HttpURLConnection)url.openConnection();
conn.setDoOutput(true);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Accept-Charset", "UTF-8");
OutputStream os = conn.getOutputStream();
os.write(req_data.getBytes("UTF-8"));
os.flush();
// API RES
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8"));
while ((inputLine = in.readLine()) != null)
{
outResult.append(inputLine);
}
conn.disconnect();
String temp_result = outResult.toString();
String res_data = temp_result.replace(",",",\r\n");header("Content-type: text/html; charset=utf-8");
$target_URL = "https://stg-spl.kcp.co.kr/gw/enc/v1/payment"; //dev
$data = [
'tran_cd' => $tran_cd,
'site_cd' => $site_cd,
'kcp_cert_info' => $kcp_cert_info,
'enc_data' => $enc_data,
'enc_info' => $enc_info,
'ordr_mony' => $ordr_mony
];
$req_data = json_encode($data);
$header_data = array( "Content-Type: application/json", "charset=utf-8" );
// API REQ
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $target_URL);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header_data);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $req_data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// API RES
$res_data = curl_exec($ch);
// RES JSON DATA Parsing
$json_res = json_decode($res_data, true);
$res_cd = $json_res["res_cd"];
$res_msg = $json_res["res_msg"];
curl_close($ch);target_URL = "https://stg-spl.kcp.co.kr/gw/enc/v1/payment"; //dev
req_data = "{\"tran_cd\" : \"" + tran_cd + "\"," +
"\"site_cd\":\"" + site_cd + "\"," +
"\"kcp_cert_info\":\"" + KCP_CERT_INFO + "\"," +
"\"enc_data\":\"" + enc_data + "\"," +
"\"enc_info\":\"" + enc_info + "\"," +
"\"ordr_mony\":\"" + ordr_mony + "\"}";
// API REQ
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(target_URL);
req.Method = "POST";
req.ContentType = "application/json";
byte[] byte_req = Encoding.UTF8.GetBytes(req_data);
req.ContentLength = byte_req.Length;
Stream st = req.GetRequestStream();
st.Write(byte_req, 0, byte_req.Length);
st.Close();
// API RES
HttpWebResponse res = (HttpWebResponse)req.GetResponse();
StreamReader st_read = new StreamReader(res.GetResponseStream(), Encoding.GetEncoding("utf-8"));
res_data = st_read.ReadToEnd();
st_read.Close();
res.Close();
// RES JSON DATA Parsing
JObject json_data = JObject.Parse(res_data);
res_cd = json_data["res_cd"].ToString();
res_msg = json_data["res_msg"].ToString();target_URL = "https://stg-spl.kcp.co.kr/gw/enc/v1/payment" 'dev
req_data = "{""tran_cd"":""" & tran_cd & """,""site_cd"":""" & site_cd & """,""kcp_cert_info"":""" & kcp_cert_info & """,""enc_data"":""" & enc_data & """,""enc_info"":""" & enc_info & """,""ordr_mony"":""" & ordr_mony & """}"
' API REQ
set req = Server.CreateObject("MSXML2.ServerXMLHTTP")
req.open "POST", target_URL, false
req.setRequestHeader "Content-Type", "application/json;charset=UTF-8"
req.send req_data
if req.status = 200 then
res_data = req.ResponseText
else
res_data = "http error code : " & req.status
end if
set req = nothing
'' RES JSON DATA Parsing
set json_data = JSON.parse(res_data)
res_cd = json_data.res_cd
res_msg = json_data.res_msg//REQ DATA
var req_data = {
tran_cd : f_get_parm(req.body.tran_cd),
site_cd : site_cd,
kcp_cert_info : KCP_CERT_INFO,
enc_data : f_get_parm(req.body.enc_data),
enc_info : f_get_parm(req.body.enc_info),
ordr_mony : '1'
};
fetch("https://stg-spl.kcp.co.kr/gw/enc/v1/payment", {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify(req_data),
})
// API RES
.then(response => {
return response.json();
})
.then(data => {
res.render('kcp_api_pay', {
req_data : JSON.stringify(req_data),
res_data : JSON.stringify(data),
});
});# API
target_URL = 'https://stg-spl.kcp.co.kr/gw/enc/v1/payment' #dev
headers = {'Content-Type': 'application/json', 'charset': 'UTF-8'}
site_cd = f_get_parm(request.form['site_cd'])
# REQ DATA
req_data = {
'tran_cd' : f_get_parm(request.form['tran_cd']),
'site_cd' : site_cd,
'kcp_cert_info' : KCP_CERT_INFO,
'enc_data' : f_get_parm(request.form['enc_data']),
'enc_info' : f_get_parm(request.form['enc_info']),
'ordr_mony' : '1'
}
res = requests.post(target_URL, headers=headers, data=json.dumps(req_data, ensure_ascii=False, indent="\t").encode('utf8'))Authorization Result
Common Return Paramter
Authorization Success Parameter
res_cd
Result code
If the request is approved, ‘0000’ will return.
res_msg
Result message
res_en_msg
Result message in English
tno
Transaction number
amount
Payment Amount
Authorization Failure Parameter
res_cd
Result code
If the request is failed, an error code will return.
res_msg
Result message
Authorization response Parameter
Credit Card Payment Response Parameter
card_cd
The issuer code
card_name
The name of the issuer
card_no
The card number used for the purchase.
app_no
The authorization number of the purchase
app_time
The time of payment (approval) using Credit Card
noinf
No interest option for the purchase. (Y/N)
quota
Installment period.
card_mny
Credit Card portion of the payment amount
coupon_mny
The coupon discount amount or the payment amount using PAYCO Point will be returned.
partcanc_yn
A partial refund availability indicator.
isp_issuer_cd
The issuer code for ISP-Card
isp_issuer_nm
The name of the issuer for ISP-Card
payco_point_mny
Amount of PAYCO point used for the transaction
Bank Transfer Response Parameter
bankname
The name of the bank used
bankcode
The bank code
cash_authno
The Cash Receipt Authorization Number
cash_no
The Cash Receipt Transaction Number
bk_mny
The amount transferred for the purchase
app_time
The time of payment (approval) for the purchase
Virtual Account Response Parameter
bankname
The name of the bank used
bankcode
The Bank Code
account
The virtual account number for the purchase
va_date
Deposit deadline for virtual account
app_time
The time of payment (approval) for the purchase
Mobile Billing Response Parameter
van_cd
Mobile Payment Issuer (Carrier) Code
van_id
Product/Contents classification
commid
The Mobile Carrier code
mobile_no
Mobile number for the purchase.
pnt_issue
Points Settlement Company Code
pnt_app_no
Points Authorization Number
pnt_app_time
The time of payment using points
pnt_receipt_gubn
Cash Receipt registered (Y/N)
cash_authno
Cash receipt approval number for the purchase
add_pnt
Earned/usable points for the purchase
use_pnt
The used points for the purchase
rsv_pnt
The total points available for use
tk_van_code
Voucher company code
tk_app_no
Voucher authorization number
tk_app_time
The time of payment using voucher
Cash Receipt Response Parameter
cash_authno
Cash Receipt authorization number
cash_no
Cash Receipt transaction number
Authorization Page Configuration
When configuring the Authorization page Authorization Generate Signature Auto Cancel Result function can be included.
For Auto Cancel function, refer to Transaction Modification page.
For Singaure Generation function, refer to Server Certificate page.
Call payment window, Download if an entire sample source including Call payment window, and Authorization is needed
kcp_sign_data
Below codes for processing authorization is included in the auto-cancel logic and,
kcp_sign_data is required for transaction query and cancel request.
To create kcp_sign_data private key is required. For test server private key refer to download menu.
kcp_sign_data example
public class MakeSplParam
{
static{ Security.addProvider( new BouncyCastleProvider() ); }
private static final String PRIVATE_KEY = "../splPrikeyPKCS8.pem";
private static final String PRIVATE_KEY_PASSWD = "changeit";
private static final String ORG_SIGN_DATA = "T0000^20210719000000^PACA";
private static final String SIGNATURE_ALGORITHM = "SHA256WithRSA";
public static void main(String[] args)
{
PrivateKey priKey = loadSplMctPrivateKeyPKCS8( PRIVATE_KEY, PRIVATE_KEY_PASSWD );
String signData = makeSignatureData( priKey, ORG_SIGN_DATA );
System.out.println( "\n[signdata(kcp_sign_data)] : " );
System.out.println( signData );
System.out.println( "-----------------------------\n" );
}
public static PrivateKey loadSplMctPrivateKeyPKCS8( String filePath, String privateKeyPassword )
{
PrivateKey priKey = null;
try
{
Path path = Paths.get( filePath );
String strPriKeyData = Files.readAllLines( path )
.stream()
.filter( line -> !line.startsWith( "-----BEGIN" ) && !line.startsWith( "-----END" ) )
.collect( Collectors.joining() );
// Base64 decoding
byte[] btArrPriKey = Base64.getDecoder().decode( strPriKeyData );
ASN1Sequence derSeq = ASN1Sequence.getInstance( btArrPriKey );
PKCS8EncryptedPrivateKeyInfo encPkcs8PriKeyInfo = new PKCS8EncryptedPrivateKeyInfo( org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo.getInstance( derSeq ) );
JcaPEMKeyConverter pemKeyConverter = new JcaPEMKeyConverter();
InputDecryptorProvider decProvider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build( privateKeyPassword.toCharArray() );
PrivateKeyInfo priKeyInfo = encPkcs8PriKeyInfo.decryptPrivateKeyInfo( decProvider );
priKey = pemKeyConverter.getPrivateKey( priKeyInfo );
}
catch (IOException e)
{
e.printStackTrace();
}
catch (OperatorCreationException e)
{
e.printStackTrace();
}
catch (PKCSException e)
{
e.printStackTrace();
}
return priKey;
}
public static String makeSignatureData(PrivateKey priKey, String targetData)
{
String signData = null;
byte[] btArrTargetData = targetData.getBytes( StandardCharsets.UTF_8 );
try {
Signature sign = Signature.getInstance( SIGNATURE_ALGORITHM );
sign.initSign( priKey );
sign.update( btArrTargetData );
byte[] btArrSignData = sign.sign();
signData = Base64.getEncoder().encodeToString( btArrSignData );
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (SignatureException e) {
e.printStackTrace();
}
return signData;
}
}<?php
$cancel_target_data = "T0000^22284971100001^STSC";
echo "cancel_target_data : ".$cancel_target_data."<br><br>";
$inquery_target_data = "T0000^22284971100001^PACA";
echo "inquery_target_data : ".$inquery_target_data."<br><br>";
$key_data = file_get_contents('../splPrikeyPKCS8.pem');
$pri_key = openssl_pkey_get_private($key_data,'changeit');
openssl_sign($cancel_target_data, $signature, $pri_key, 'sha256WithRSAEncryption');
echo "cancel_signature :".base64_encode($signature)."<br><br>";
openssl_sign($inquery_target_data, $signature, $pri_key, 'sha256WithRSAEncryption');
echo "inquery_signature :".base64_encode($signature)."<br><br>";
?>namespace kcp_sign_data_sample
{
class Program
{
static void Main(string[] args)
{
// PKCS#8 PEM READ
StreamReader sr = new StreamReader("../splPrikeyPKCS8.pem");
String privateKeyText = sr.ReadToEnd();
string privateKeyPass = "changeit";
StringReader stringReader = new StringReader(privateKeyText);
PemReader pemReader = new PemReader(stringReader, new PasswordFinder(privateKeyPass));
RsaPrivateCrtKeyParameters keyParams = (RsaPrivateCrtKeyParameters)pemReader.ReadObject();
var textToSign = "T0000^22671971380028^PACA";
byte[] tmpSource = Encoding.ASCII.GetBytes(textToSign);
ISigner sign = SignerUtilities.GetSigner(PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id);
sign.Init(true, keyParams);
sign.BlockUpdate(tmpSource, 0, tmpSource.Length);
var kcp_sign_data = sign.GenerateSignature();
// Console
Console.WriteLine("kcp_sign_data:" + Convert.ToBase64String(kcp_sign_data));
Console.ReadKey();
}
private class PasswordFinder : IPasswordFinder
{
private string password;
public PasswordFinder(string pwd)
{
password = pwd;
}
public char[] GetPassword()
{
return password.ToCharArray();
}
}
}
}<%
KeyPath = "../splPrikeyPKCS8.pem"
KeyPw = "changeit"
textToSign = "T0000^22671971380028^PACA"
set kcpSign = server.createobject("kcp_sign_data_lib.GenSign")
kcp_sign_data = kcpSign.Sign(KeyPath, KeyPw, textToSign)
response.write "original: " + textToSign + "<br/>"
response.write "kcp_sign_data : " + kcp_sign_data + "<br/>"
%>// Inquery
const data = "T0000^22296971511092^PACA";
console.log('\n>>> Message:\n\n' + data);
// crypto Set
const crypto = require('crypto');
const fs = require('fs');
const ALGORITHM = "RSA-SHA256";
const SIGNATURE_FORMAT = "base64";
const signature = getSignatureToVerify(data);
// READ
function getPrivateKeySomehow()
{
const pKey = fs.readFileSync('../splPrikeyPKCS8.pem', 'utf8' ); // "splPrikeyPKCS8.pem"
const pKeyObj = crypto.createPrivateKey({
key : pKey,
passphrase : "changeit", // "changeit"
format : "pem",
type : "pkcs8"
})
const pKeyStr = pKeyObj.export({
format: 'pem',
type: 'pkcs8'
}).toString();
return pKeyStr;
}
function getSignatureToVerify(data)
{
const privateKey = getPrivateKeySomehow();
const sign = crypto.createSign(ALGORITHM);
sign.update(data);
const signature = sign.sign(privateKey, SIGNATURE_FORMAT);
console.log(">>> Signature:\n\n" + signature);
return signature;
}
import OpenSSL
from OpenSSL import crypto
import base64
data = 'T0000^22671971380028^PACA'
# READ
# "splPrikeyPKCS8.pem"
key_file = open('../splPrikeyPKCS8.pem', 'r')
key = key_file.read()
key_file.close()
# "changeit"
password = 'changeit'.encode('utf-8')
pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, key, password)
sign = OpenSSL.crypto.sign(pkey, data, 'sha256')
kcp_sign_data = base64.b64encode(sign)
print("kcp_sign_data : ", kcp_sign_data)