Integrating Interswitch WebPay Payment Gateway With Rails

Interswitch WebPay is a leading Nigerian payment gateway and integrating WebPAY with any website is fairly simple. At a high level this integration can be achieved with following steps:

  • Calculate a request hash based on input parameters like transaction reference, amount, callback url etc. to ensure transaction integrity.
  • Provide a URL at which WebPAY would post back the authorization response (callback url).
  • POST these transaction details to WebPAY page
  • Once the transaction is done, query the transaction details directly from WebPAY to ensure the actual transaction amount and the transaction status.

To integrate WebPay with any rails application seamlessly we have extracted the code into WebPay Interswitch Gem. The gem provides a form helper for generating a form, which is eventually submitted to the gateway. This form helper would need a transaction reference token to uniquely identify the transaction, so we need to generate this transaction token our own and pass it to form helper along with the transaction amount. For example:

 <%= form_for_webpay(txn_ref, amount) %>

The gem needs a configuration file to store WebPay’s credentials, the example configuration file can be generated by running
rails generate webpay_interswitch:install.

The Gem also provides a nice interface to query the response received at the callback url. This gives us several basic methods to test the integrity of our transaction and inspect it.

Here is how we can query the response received at the callback url:

transaction = WebpayInterswitch::TransactionQuery.new(reponse_params, amount)
transaction.success?
transaction.fetch_response
transaction.full_error_message

You need to pass in the transaction amount to the TransactionQuery initializer as Interswitch expects you to validate the amount of transaction to detect any tampering with the parameters by a potential attackers.

For a more details, please refer the readme.

Leave a Reply

Your email address will not be published. Required fields are marked *