Skip to main content

Webhooks

Code samples to generate and verify signature hash for the data received via Payment Status webhooks sent from PortOne servers.

package main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"fmt"
"net/url"
"strconv"
)
type WebhookResponse struct {
Amount float64
ChannelKey string
ChannelOrderRef string
CountryCode string
Currency string
MerchantOrderRef string
MethodName string
OrderRef string
SignatureHash string
Status string
}
func VerifySignature(webhookResponse WebhookResponse, secretKey string) bool {
// Create a url.Values map and add the necessary parameters
params := make(url.Values)
params.Add("amount", strconv.FormatFloat(webhookResponse.Amount, 'f', -1, 64))
params.Add("channel_key", webhookResponse.ChannelKey)
params.Add("channel_order_ref", webhookResponse.ChannelOrderRef)
params.Add("country_code", webhookResponse.CountryCode)
params.Add("currency", webhookResponse.Currency)
params.Add("merchant_order_ref", webhookResponse.MerchantOrderRef)
params.Add("method_name", webhookResponse.MethodName)
params.Add("order_ref", webhookResponse.OrderRef)
params.Add("status", webhookResponse.Status)
// Encode the parameters
data := params.Encode()
// Create the HMAC hash using SHA-256
secret := []byte(secretKey)
message := []byte(data)
hash := hmac.New(sha256.New, secret)
hash.Write(message)
// Convert the hash to a base64 string
hashValue := base64.StdEncoding.EncodeToString(hash.Sum(nil))
// Compare the computed hash with the signature received in the payment response
if hashValue != webhookResponse.SignatureHash {
fmt.Println("Hash verification failed, not from valid source")
return false
} else {
fmt.Println("Hash verification succeeded")
return true
}
}
func main() {
portOneSecret := "PORTONE_SECRET"
// Define the webhook response struct below with the respective params received in webhook
var amount float64
amount = 100.25
webhookResponse := WebhookResponse{
Amount: amount,
ChannelKey: "channel_key",
ChannelOrderRef: "channel_order_ref",
CountryCode: "country_code",
Currency: "currency",
MerchantOrderRef: "merchant_order_ref",
MethodName: "method_name",
OrderRef: "order_ref",
SignatureHash: "signature_hash",
Status: "status",
}
// Verify the signature
isValid := VerifySignature(webhookResponse, portOneSecret)
// Output the result of the verification
if isValid {
fmt.Println("Webhook response is valid.")
} else {
fmt.Println("Webhook response is invalid.")
}
}

Code samples to generate and verify signature hash for the data received via Payment Link Status webhooks sent from PortOne servers.

package main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"fmt"
"net/url"
"strconv"
)
type PLWebhookResponse struct {
Amount float64
CountryCode string
Currency string
LinkRef string
MerchantOrderRef string
SignatureHash string
Status string
}
func VerifySignature(plWebhookResponse PLWebhookResponse, secretKey string) bool {
// Create a url.Values map and add the necessary parameters
params := make(url.Values)
params.Add("amount", strconv.FormatFloat(plWebhookResponse.Amount, 'f', -1, 64))
params.Add("country_code", plWebhookResponse.CountryCode)
params.Add("currency", plWebhookResponse.Currency)
params.Add("link_ref", plWebhookResponse.LinkRef)
params.Add("merchant_order_ref", plWebhookResponse.MerchantOrderRef)
params.Add("status", plWebhookResponse.Status)
// Encode the parameters
data := params.Encode()
// Create the HMAC hash using SHA-256
secret := []byte(secretKey)
message := []byte(data)
hash := hmac.New(sha256.New, secret)
hash.Write(message)
// Convert the hash to a base64 string
hashValue := base64.StdEncoding.EncodeToString(hash.Sum(nil))
// Compare the computed hash with the signature received in the payment response
if hashValue != plWebhookResponse.SignatureHash {
fmt.Println("Hash verification failed, not from valid source")
return false
} else {
fmt.Println("Hash verification succeeded")
return true
}
}
func main() {
portOneSecret := "PORTONE_SECRET"
// Define the webhook response struct below with the respective params received in webhook
var amount float64
amount = 100.25
plWebhookResponse := PLWebhookResponse{
Amount: amount,
CountryCode: "country_code",
Currency: "currency",
MerchantOrderRef: "merchant_order_ref",
LinkRef: "link_ref",
SignatureHash: "signature_hash",
Status: "status",
}
// Verify the signature
isValid := VerifySignature(plWebhookResponse, portOneSecret)
// Output the result of the verification
if isValid {
fmt.Println("Payment Link Webhook response is valid.")
} else {
fmt.Println("Payment Link Webhook response is invalid.")
}
}

Code samples to generate and verify signature hash for the data received via Subscription Link Status webhooks sent from PortOne servers.

package main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"fmt"
"net/url"
)
type SLWebhookResponse struct {
Currency string
OrderRef string
MerchantOrderRef string
SignatureHash string
Status string
}
func VerifySignature(slWebhookResponse SLWebhookResponse, secretKey string) bool {
// Create a url.Values map and add the necessary parameters
params := make(url.Values)
params.Add("currency", slWebhookResponse.Currency)
params.Add("order_ref", slWebhookResponse.OrderRef)
params.Add("merchant_order_ref", slWebhookResponse.MerchantOrderRef)
params.Add("status", slWebhookResponse.Status)
// Encode the parameters
data := params.Encode()
// Create the HMAC hash using SHA-256
secret := []byte(secretKey)
message := []byte(data)
hash := hmac.New(sha256.New, secret)
hash.Write(message)
// Convert the hash to a base64 string
hashValue := base64.StdEncoding.EncodeToString(hash.Sum(nil))
// Compare the computed hash with the signature received in the payment response
if hashValue != slWebhookResponse.SignatureHash {
fmt.Println("Hash verification failed, not from valid source")
return false
} else {
fmt.Println("Hash verification succeeded")
return true
}
}
func main() {
portOneSecret := "PORTONE_SECRET"
// Define the webhook response struct below with the respective params received in webhook
slWebhookResponse := SLWebhookResponse{
Currency: "currency",
MerchantOrderRef: "merchant_order_ref",
OrderRef: "order_ref",
SignatureHash: "signature_hash",
Status: "status",
}
// Verify the signature
isValid := VerifySignature(slWebhookResponse, portOneSecret)
// Output the result of the verification
if isValid {
fmt.Println("Subscription Link Webhook response is valid.")
} else {
fmt.Println("Subscription Link Webhook response is invalid.")
}
}