Documentation ¶
Overview ¶
Package applepay abstracts all the Apple Pay flow.
It support features such as RSA-encrypted tokens (used in China), elliptic curve-encrypted token, full signature verification and protection against replay attacks.
Sample usage:
ap, err := applepay.New( "com.processout.test", applepay.MerchantDisplayName("ProcessOut Test Store"), applepay.MerchantDomainName("store.processout.com"), applepay.MerchantCertificateLocation("cert-merchant.crt", "cert-merchant-key.pem"), applepay.ProcessingCertificateLocation("cert-processing.crt", "cert-processing-key.pem"), ) // Create a new session sessionPayload, err := ap.Session("https://apple-pay-gateway.apple.com/paymentservices/startSession") // Decrypt a token token, err := ap.DecryptResponse(res)
A working example can be found in applepay/app.go. It requires a registered domain and valid certificates to work.
Index ¶
- Variables
- func MerchantCertificate(cert tls.Certificate) func(*Merchant) error
- func MerchantCertificateLocation(certLocation, keyLocation string) func(*Merchant) error
- func MerchantDisplayName(displayName string) func(*Merchant) error
- func MerchantDomainName(domainName string) func(*Merchant) error
- func ProcessingCertificate(cert tls.Certificate) func(*Merchant) error
- func ProcessingCertificateLocation(certLocation, keyLocation string) func(*Merchant) error
- type Contact
- type Header
- type Merchant
- type PKPaymentToken
- type PaymentData
- type PaymentMethod
- type Response
- type Token
Constants ¶
This section is empty.
Variables ¶
var ( // AppleRootCertificatePath is the relative path to Apple's root certificate AppleRootCertificatePath = "AppleRootCA-G3.crt" // TransactionTimeWindow is the window of time, in minutes, where // transactions can fit to limit replay attacks TransactionTimeWindow = 5 * time.Minute )
Functions ¶
func MerchantCertificate ¶
func MerchantCertificate(cert tls.Certificate) func(*Merchant) error
func MerchantDisplayName ¶
func MerchantDomainName ¶
func ProcessingCertificate ¶
func ProcessingCertificate(cert tls.Certificate) func(*Merchant) error
Types ¶
type Contact ¶
type Contact struct { GivenName string FamilyName string EmailAddress string AddressLines []string AdministrativeArea string Locality string PostalCode string Country string CountryCode string }
Contact is the struct that contains billing/shipping information from an Apple Pay response
type Merchant ¶
type Merchant struct {
// contains filtered or unexported fields
}
func (Merchant) DecryptResponse ¶
DecryptResponse calls DecryptToken(r.Token)
func (Merchant) DecryptToken ¶
func (m Merchant) DecryptToken(t *PKPaymentToken) (*Token, error)
DecryptToken decrypts an Apple Pay token
type PKPaymentToken ¶
type PKPaymentToken struct { TransactionIdentifier string PaymentMethod PaymentMethod PaymentData PaymentData // contains filtered or unexported fields }
PKPaymentToken is the payment information returned by Apple Pay with all data, and an encrypted token See https://developer.apple.com/library/content/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html
func (PKPaymentToken) PublicKeyHash ¶
func (t PKPaymentToken) PublicKeyHash() ([]byte, error)
PublicKeyHash returns the hash of the public key used in the token after checking the message's signature. This is useful for selecting the appropriate processing key for merchants/PSPs that may have many.
func (*PKPaymentToken) SetTransactionTime ¶
func (t *PKPaymentToken) SetTransactionTime(transactionTime time.Time) error
SetTransactionTime sets the time the merchant received the token. This is useful to protect against replay attacks. By default this value is set to time.Now(), when the token is decrypted. It may be useful to change the transaction time window (see the global variable TransactionTimeWindow)
type PaymentData ¶
type PaymentMethod ¶
type Response ¶
type Response struct { ShippingContact Contact BillingContact Contact Token PKPaymentToken }
Response is the full response from the user's device after an Apple Pay request
type Token ¶
type Token struct { // ApplicationPrimaryAccountNumber is the device-specific account number of the card that funds this // transaction ApplicationPrimaryAccountNumber string // ApplicationExpirationDate is the card expiration date in the format YYMMDD ApplicationExpirationDate string // CurrencyCode is the ISO 4217 numeric currency code, as a string to preserve leading zeros CurrencyCode string // TransactionAmount is the value of the transaction TransactionAmount float64 // CardholderName is the name on the card CardholderName string // DeviceManufacturerIdentifier is a hex-encoded device manufacturer identifier DeviceManufacturerIdentifier string // PaymentDataType is either 3DSecure or, if using Apple Pay in China, EMV PaymentDataType string // PaymentData contains detailed payment data PaymentData struct { // OnlinePaymentCryptogram is the 3-D Secure cryptogram OnlinePaymentCryptogram []byte // ECIIndicator is the Electronic Commerce Indicator for the status of 3-D Secure ECIIndicator string // EMVData is the output from the Secure Element EMVData []byte // EncryptedPINData is the PIN encrypted with the bank's key EncryptedPINData string } }
Token is the decrypted form of Response.Token.PaymentData.Data