applepay

package module
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2022 License: MIT Imports: 26 Imported by: 0

README

applepay

GoDoc

applepay is a Go package for processing Apple Pay transactions easily. It is aimed at merchants or PSPs that are looking to manage their own Apple Pay flow, as opposed to letting a third-party (such as Stripe) do it end-to-end. You will need a paid Apple Developer account to use this.

Note: we have included the Apple root CA in this repository. For production use-cases, you should always download the certificates directly from Apple.

Running tests

go test

You may need to change your PKG_CONFIG_PATH to include OpenSSL. For example, on my Mac I use PKG_CONFIG_PATH=$(brew --prefix openssl)/lib/pkgconfig go test.

Getting up and running with the example

Requirements:

  • An account in the Apple Developer Program
  • A recent version of Go (tested with v1.9.2)
  • cfssl
  • OpenSSL/libssl-dev
  • make

  1. Log into your developer account. In the developer console, create a Merchant ID

  2. Verify your domain by serving the apple-developer-merchantid-domain-association file at https://yourdomain.com/.well-known/apple-developer-merchantid-domain-association (the example app will do it for you if you put it in example/static/.well-known). Note: Be careful to support one of the supported cipher suites for HTTPS!

  3. Generate a Payment Processing Certificate.

  4. Upload the certificate request to the developer console. Select your merchant ID and click "Create Certificate" in the "Payment Processing Certificate" section.

  5. Repeat steps for the Merchant Identity Certificate.

Picking a Payment Service Provider (PSP) that supports Apple Pay

Some PSPs, such as Braintree or Stripe, will accept Apple Pay payments on your behalf. That means that you don't have to use this package and just need to verify your domain with them. If you really want to, you can probably use this package and pass the tokens that decrypt yourself. Check with your processor for more info on how to know how to do that.

Other payment services may not do the integration for you, but will let you pass Apple Pay-related values (such as the payment cryptogram). This package is made for you!

If you can't charge network tokens with your payment processor, unfortunately you will not be able to accept Apple Pay. Contact your provider for more details.

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (

	// AppleRootCertificatePath is the relative path to Apple's root certificate
	AppleRootCertificatePath = "AppleRootCA-G3.cer"

	// TransactionTimeWindow is the window of time, in minutes, where
	// transactions can fit to limit replay attacks
	TransactionTimeWindow = 5 * time.Minute
)

Functions

func MerchantCertificate 

func MerchantCertificate(cert tls.Certificate) func(*Merchant) error

func MerchantCertificateLocation 

func MerchantCertificateLocation(certLocation,
	keyLocation string) func(*Merchant) error

func MerchantDisplayName 

func MerchantDisplayName(displayName string) func(*Merchant) error

func MerchantDomainName 

func MerchantDomainName(domainName string) func(*Merchant) error

func MerchantSessionDefaultPaymentSessionRequest 

func MerchantSessionDefaultPaymentSessionRequest(defaultPaymentSessionRequest PaymentSessionRequest) func(*Merchant) error

func MerchantSessionSandbox 

func MerchantSessionSandbox(sandbox bool) func(*Merchant) error

func ProcessingCertificate 

func ProcessingCertificate(cert tls.Certificate) func(*Merchant) error

func ProcessingCertificateLocation 

func ProcessingCertificateLocation(certLocation,
	keyLocation string) func(*Merchant) error

Types

type Contact 

type Contact struct {
	GivenName          string
	FamilyName         string
	EmailAddress       string
	AddressLines       []string
	AdministrativeArea string
	Locality           string
	PostalCode         string
	Country            string
	CountryCode        string
}

Contact is the struct that contains billing/shipping information from an Apple Pay response 

type Header struct {
	ApplicationData    string `json:"applicationData,omitempty"`
	EphemeralPublicKey []byte `json:"ephemeralPublicKey,omitempty"`
	WrappedKey         []byte `json:"wrappedKey,omitempty"`
	PublicKeyHash      []byte `json:"publicKeyHash,omitempty"`
	TransactionID      string `json:"transactionId,omitempty"`
}

type Merchant 

type Merchant struct {
	// contains filtered or unexported fields
}

func New 

func New(merchantID string, options ...func(*Merchant) error) (*Merchant, error)

New creates an instance of Merchant using the given configuration

func (Merchant) DecryptResponse 

func (m Merchant) DecryptResponse(r *Response) (*Token, error)

DecryptResponse calls DecryptToken(r.Token)

func (Merchant) DecryptToken 

func (m Merchant) DecryptToken(t *PKPaymentToken) (*Token, error)

DecryptToken decrypts an Apple Pay token

func (*Merchant) IsSandbox 

func (m *Merchant) IsSandbox() bool

IsSandbox check if the merchant configuration is for sandbox or prod env

func (*Merchant) LoadMerchantCertificate 

func (m *Merchant) LoadMerchantCertificate(certEncoded, keyEncoded string) error

func (*Merchant) LoadProcessingCertificate 

func (m *Merchant) LoadProcessingCertificate(certEncoded, keyEncoded string) error

func (*Merchant) PaymentSession 

func (m *Merchant) PaymentSession(validationURL string, req PaymentSessionRequest) (session []byte, err error)

func (Merchant) Session 

func (m Merchant) Session(url string) (sessionPayload []byte, err error)

Session returns an opaque payload for setting up an Apple Pay session

type PKPaymentToken 

type PKPaymentToken struct {
	TransactionIdentifier string        `json:"transactionIdentifier,omitempty"`
	PaymentMethod         PaymentMethod `json:"paymentMethod,omitempty"`
	PaymentData           PaymentData   `json:"paymentData,omitempty"`
	// contains filtered or unexported fields
}

PKPaymentToken is the payment information returned by Apple Pay with all data, and an encrypted token See https://developer.apple.com/library/content/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html

func (PKPaymentToken) PublicKeyHash 

func (t PKPaymentToken) PublicKeyHash() ([]byte, error)

PublicKeyHash returns the hash of the public key used in the token after checking the message's signature. This is useful for selecting the appropriate processing key for merchants/PSPs that may have many.

func (*PKPaymentToken) SetTransactionTime 

func (t *PKPaymentToken) SetTransactionTime(transactionTime time.Time) error

SetTransactionTime sets the time the merchant received the token. This is useful to protect against replay attacks. By default this value is set to time.Now(), when the token is decrypted. It may be useful to change the transaction time window (see the global variable TransactionTimeWindow)

type PaymentData 

type PaymentData struct {
	Version   string `json:"version,omitempty"`
	Signature []byte `json:"signature,omitempty"`
	Header    Header `json:"header,omitempty"`
	Data      []byte `json:"data,omitempty"`
}

type PaymentMethod 

type PaymentMethod struct {
	Type        string `json:"type,omitempty"`
	Network     string `json:"network,omitempty"`
	DisplayName string `json:"displayName,omitempty"`
}

type PaymentSessionRequest 

type PaymentSessionRequest struct {
	MerchantIdentifier string `json:"merchantIdentifier"`
	DisplayName        string `json:"displayName"`
	Initiative         string `json:"initiative"`
	InitiativeContext  string `json:"initiativeContext"`
}

https://developer.apple.com/documentation/apple_pay_on_the_web/apple_pay_js_api/requesting_an_apple_pay_payment_session

type Response 

type Response struct {
	ShippingContact Contact
	BillingContact  Contact
	Token           PKPaymentToken
}

Response is the full response from the user's device after an Apple Pay request

type Token 

type Token struct {
	// ApplicationPrimaryAccountNumber is the device-specific account number of the card that funds this
	// transaction
	ApplicationPrimaryAccountNumber string `json:"applicationPrimaryAccountNumber,omitempty"`
	// ApplicationExpirationDate is the card expiration date in the format YYMMDD
	ApplicationExpirationDate string `json:"applicationExpirationDate,omitempty"`
	// CurrencyCode is the ISO 4217 numeric currency code, as a string to preserve leading zeros
	CurrencyCode string `json:"currencyCode,omitempty"`
	// TransactionAmount is the value of the transaction
	TransactionAmount float64 `json:"transactionAmount,omitempty"`
	// CardholderName is the name on the card
	CardholderName string `json:"cardholderName,omitempty"`
	// DeviceManufacturerIdentifier is a hex-encoded device manufacturer identifier
	DeviceManufacturerIdentifier string `json:"deviceManufacturerIdentifier,omitempty"`
	// PaymentDataType is either 3DSecure or, if using Apple Pay in China, EMV
	PaymentDataType string `json:"paymentDataType,omitempty"`
	// PaymentData contains detailed payment data
	PaymentData struct {

		// OnlinePaymentCryptogram is the 3-D Secure cryptogram
		OnlinePaymentCryptogram string `json:"onlinePaymentCryptogram,omitempty"`
		// ECIIndicator is the Electronic Commerce Indicator for the status of 3-D Secure
		ECIIndicator string `json:"eciIndicator,omitempty"`

		// EMVData is the output from the Secure Element
		EMVData []byte `json:"emvData,omitempty"`
		// EncryptedPINData is the PIN encrypted with the bank's key
		EncryptedPINData string `json:"encryptedPINData,omitempty"`
	} `json:"paymentData,omitempty"`
}

Token is the decrypted form of Response.Token.PaymentData.Data https://developer.apple.com/library/archive/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html#//apple_ref/doc/uid/TP40014929

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.