Голомт Банк
  • E-Commerce
  • WC Payment Plugin
  • IPPOS
  • Instore
  • Card Gateway
  • Instore v2
  • Tokenization
  • Socialpay

›API

SocialPay

  • Танилцуулга
  • Үйл ажиллагааны диаграм
  • API

    • Mini App - Web token
    • SocialPay E-Commerce Deeplink

SocialPay English

  • Introduction
  • Workflow
  • API

    • Mini App - Web token
    • SocialPay E-Commerce Deeplink

Mini App - Web token

Purpose of the document

This document defines the data exchange rules of the Socialpay 3.0 system, which is being newly developed by Golomt Bank.

General request information

When sending data, it is necessary to prepare and send the JSON of the request according to the SPEC in the Request Body section using the HTTP protocol and REST using the POST function.

ProtocolHTTP
MethodPOST
URL (үндсэн орчин)https://sp-api.golomtbank.com/api
Request Headers
Content-TypeApplication/json
X-Golomt-Cert-IdThere is a fixed value given in the tertiary system
X-Golomt-SignatureBase64.decode the request (JSON request) and send it secretly using RSA encrypt
Response Headers
Content-TypeApplication/json

System security

Key for third-party systems

    X-Golomt-Cert-Id:   test_cert_id
    Public key: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ7rnZH30unXZbTNHNX7wjfECxWyaABX88F5cjSqnA5Soo6Uwu72ufzjEzAtoPk8sE9tnfi/74dyZa0PEK4mT7KK+Yy73acKNv0zKVYnFZMBWxH75ezEv6+4YllUHZ+AIjUN6d2Si/AJrvYmeFayykbXpFEN5+GycBp35cGxGYyQIDAQAB

How to create a Signature (X-Golomt-Signature).

A request prepared according to the instructions, or a JSON request, will be hashed using the SHA256 algorithm. The length of the generated text is 64 Byte.

The generated text data of length 64 will be encrypted using RSA (Mode = ECB; Padding = PKCS1Padding; Output text format = Base64) encryption type with the help of given keys. The output is the X-Golomt-Signature value of the http header.

Call the enterprise web with additional user tokens

Call the organization web containing the token

An additional one-time token is generated when the user selects a menu in the app. Call the organization web containing the token Example

The service provider will download the user's information from the bank and provide the service with an additional token.

Retrieving user data with an additional token

    URI: /utility/miniapp/token/check?language=mn
    Тайлбар: Retrieving user data with additional tokens.
    Хүсэлтийн төрөл: POST
    HEADER:
Field nameValue
X-Golomt-Cert-Id<<CERT_ID>>
X-Golomt-Signature<<ENCRYPTED_REQUEST>>

Description of the Request

Field nameValueExplanationMandatory
token123456789abcdefgНэмэлт токенТийм

Description of the Response

Field nameValueExplanation
individualId12121212Individual ID
registerNumberБӨ95020321Register Number
lastNameБатLastname
firstNameДоржFirstname
account2015115673Account number
mobileNumber99999999Mobile number
emailbat@gmail.comEmail
imgUrlhttps://sp-uat.golomtbank.com:8443/api/utility/image/100603-093882492803.jpgProfile picture of Socialpay

Example code in the Java programming language:

package mn.golomt.payment.util;

import org.apache.commons.codec.digest.DigestUtils;

import javax.crypto.Cipher;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;

import static java.nio.charset.StandardCharsets.UTF_8;

public class RSAEncrypt {

    public static String encrypt(String data, String publicKey) {
        try {
            //get public key
            X509EncodedKeySpec keySpecPublic = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKey));
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PublicKey pubKey = keyFactory.generatePublic(keySpecPublic);

            //encrypt
            byte[] hex = getHex(data).getBytes(UTF_8);

            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(Cipher.ENCRYPT_MODE, pubKey);
            byte[] encryptedBytes = cipher.doFinal(hex);
            return Base64.getEncoder().encodeToString(encryptedBytes);
        } catch (Exception ex) {
            ex.printStackTrace();
        }

        return null;
    }

    public static String decrypt(String cipherText, String privateKey) {
        try {
            //get private key
            PKCS8EncodedKeySpec keySpecPrivate = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey));
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PrivateKey pKey = keyFactory.generatePrivate(keySpecPrivate);

            byte[] encryptedBytes = Base64.getDecoder().decode(cipherText);

            //decrypt
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(Cipher.DECRYPT_MODE, pKey);
            byte[] decryptedMessage = cipher.doFinal(encryptedBytes);
            return new String(decryptedMessage, UTF_8);

        } catch (Exception ex) {
            ex.printStackTrace();
            return null;
        }
    }

    public static String getHex(String data) {
        return DigestUtils.sha256Hex(data);
    }
}

← WorkflowSocialPay E-Commerce Deeplink →
  • Purpose of the document
  • General request information
    • System security
    • How to create a Signature (X-Golomt-Signature).
    • Call the enterprise web with additional user tokens
  • Call the organization web containing the token
    • Retrieving user data with an additional token
    • Description of the Request
    • Description of the Response
    • Example code in the Java programming language:
Facebook Open Source
Copyright © 2024 Golomt Bank