Refund
- 06 Nov 2023
- 8 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Refund
- Updated on 06 Nov 2023
- 8 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
This message is used to refund a specific transaction partially or fully. The Refund message is based on the API communication model described in the Communication Model section.
Request Parameters
| Parameter | Description |
|---|---|
| MessageID required | An alphanumeric value that represents the action for defined unique numbers as mentioned below:
|
| TransactionID required | The merchant generates the Transaction ID. It represents a unique identifier for the transaction and is alphanumeric which must not include special characters or spaces.
|
| SubPUN Optional | Refers to the sub-PUN/ sub-Transaction that needs to be refunded.
|
| MerchantID required | An alphanumeric value that represents the unique Merchant ID at SmartRoute. The Payment Gateway operation team provides this value based on the merchant enrollment.
|
| CurrencyISOCode required | The numeric value is in ISO format for the currency. The value should be neither character value nor decimal point. For example, 840 for US Dollar, 400 for JOD.
|
| Amount required | A numeric value that contains the purchase amount of the item.
|
| Version required | A numeric value with (.) separator represents the command's version to be used. If this value is not provided, SmartRoute will consider its default value which is 1.0
|
| OriginalTransactionID required | The transaction ID belongs to the original transaction, which should be inquired.
|
| SecureHash required | An alphanumeric value that represents the generated hex-encoded hash using hashing algorithm SHA-2 (256) by concatenating parameters as a single string starting with the merchant’s Merchant Authentication Token. Then all parameters (required parameters and optional parameters - if available) are ordered alphabetically. By parameter’s name should be part of the secure hash, with no separators and no terminating character. Appendix B: Secure Hash – API Approve; for more information, see secure hash generation.
|
Sample Request Code (Java)
StringBuffer requestQuery = new StringBuffer();
requestQuery
.append("TransactionID").append("=").append(transactionId).append("&")
.append("MerchantID").append("=").append("ANBRedirectM").append("&")
.append("MessageID").append("=").append("4").append("&")
.append("Amount").append("=").append("2000").append("&")
.append("OriginalTransactionID").append("=").append("1440954863817").append("&")
.append("CurrencyISOCode").append("=").append("840").append("&")
.append("SecureHash").append("=").append(secureHash).append("&")
.append("Version").append("=").append("1.0").append("&");
//Send the request
URL url = new URL("https://SR_URL");
URLConnection conn = url.openConnection();
conn.setDoOutput(true);
OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream(), "UTF-8");
//write parameters
writer.write(requestQuery.toString());
writer.flush(); Response Parameters
| Parameter | Description |
|---|---|
Response.StatusCode required | An alphanumeric that value represents the response code that covers errors generated by the SmartRoute. Appendix A: Refund Response Codes for descriptive details about Response Codes.
|
| Response.StatusDescription required | An alphanumeric value that represents a message describing the response status received from SmartRoute. This parameter is filled only after a complete execution process using the language specified in the request. This value should be UTF-8 encoded when it is entered into the secure hash generation process.
|
| Response.Amount required | A numeric value that contains the purchase amount of the item.
|
| Response.CurrencyISOCode required | The numeric value is in ISO format for the currency. The value should be neither character value nor decimal point. For example, 840 for US Dollar, 400 for JOD.
|
| Response.MerchantID required | An alphanumeric value that represents the unique ID of the merchant at SmartRoute. The SmartRoute operation team provides this value upon merchant enrollment.
|
| Response.TransactionID required | The merchant generates the Transaction ID. It represents a unique identifier for the transaction and is alphanumeric which must not include special characters or spaces.
|
| Response.SubPUN Optional | Refers to the sub-PUN/ sub-Transaction that needs to be refunded.
|
| Response.MessageID required | An alphanumeric value that represents the action for defined unique numbers as mentioned below:
|
| Response.SecureHash required | An alphanumeric value that represents the generated hex-encoded hash using hashing algorithm SHA-2 (256) by concatenating parameters as a single string starting with the merchant’s Merchant Authentication Token. Then all response parameters are appended in alphabetical order based on the parameter’s name, with no separators and no terminating character. Appendix B: Secure Hash – Refund Transaction; for more information, see secure hash generation.
a27bc5 d7bf7da30f4f2e62b89df74a2e |
| Response.OriginalTransactionID required | The transaction ID belongs to the original transaction, which should be inquired.
|
| Response.RRN optional | An alphanumeric value that represents a Receipt Reference Number for the current payment transaction. This value is returned if the value is provided from the gateway.
|
Sample Response Code (Java)
// Get the response
StringBuffer output = new StringBuffer();
BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8"));
String line;
while ((line = reader.readLine()) != null) {
output.append(line);
}
writer.close();
reader.close();
//Output the response
System.out.println(output.toString());
// this string is formatted as a "Query String" - name=value&name2=value2.......
String outputString=output.toString();
// To read the output string you might want to split it
// on '&' to get pairs then on '=' to get name and value
// and for a better and ease on verifying secure hash you should put them in a TreeMap
String [] pairs=outputString.split("&");
Map<String,String> result=new TreeMap<String,String>();
// now we have separated the pairs from each other {"name1=value1","name2=value2",....}
for(String pair:pairs){
// now we have separated the pair to {"name”, “value"}
String[] nameValue=pair.split("=");
String name=nameValue[0];//first element is the name
String value=nameValue[1];//second element is the value
// put the pair in the result map
result.put(name,value);
}
// Now that we have the map, order it to generate secure hash and compare it with the received one
StringBuilder responseOrderdString = new StringBuilder();
responseOrderdString.append(AUTHENTICATION_TOKEN);
for (String treeMapKey : result.keySet()) {
responseOrderdString.append(result.get(treeMapKey));
}
System.out.println("Response Orderd String is " + responseOrderdString.toString());
// Generate SecureHash with SHA256
// Using DigestUtils from appache.commons.codes.jar Library
String generatedsecureHash = new
String(DigestUtils.sha256Hex(responseOrderdString.toString()).getBytes());
// get the received secure hash from result map
String receivedSecurehash=result.get("Response.SecureHash");
if(!receivedSecurehash.equals(generatedsecureHash)){
//IF they are not equal then the response shall not be accepted
System.out.println("Received Secure Hash does not Equal generated Secure hash");
}
else{
// Complete the Action get other parameters from result map and do your processes
// please refer to The Integration Manual to See The List of The Received Parameters
String status=result.get("Response.Status");
System.out.println("Status is :"+ status);
} Other Sample Request Code (.Net /PHP)
Sample Request Code (.Net)
1. StringBuilder requestQuery = new StringBuilder();
2. requestQuery
3. .Append("TransactionID").Append("=").Append(transactionId).Append("&")
4. .Append("MerchantID").Append("=").Append("ANBRedirectM").Append("&")
5. .Append("MessageID").Append("=").Append("4").Append("&")
6. .Append("Amount").Append("=").Append("2000").Append("&")
7. .Append("OriginalTransactionID").Append("=").Append("1440954863817").Append("&")
8. .Append("CurrencyISOCode").Append("=").Append("840").Append("&")
9. .Append("SecureHash").Append("=").Append(secureHash).Append("&")
10. .Append("Version").Append("=").Append("1.0").Append("&");
11.
12. //Send the request
13. string data = requestQuery.ToString().ToString();
14. byte[] dataStream = Encoding.UTF8.GetBytes(data);
15. string urlPath = "https://SR_URL";
16. string request = urlPath;
17. WebRequest webRequest = WebRequest.Create(request);
18. webRequest.Method = "POST";
19. webRequest.ContentType = "application/x-www-form-urlencoded";
20. webRequest.ContentLength = dataStream.Length;
21. Stream newStream = webRequest.GetRequestStream();
22. // Send the data.
23. newStream.Write(dataStream,0,dataStream.Length);
24. newStream.Close();
25. WebResponse webResponse = webRequest.GetResponse();
26. String output = webResponse.ToString(); Sample Request Code (PHP)
1. $requestQueryArr = [
2. "TransactionID" => $transactionId,
3. "MarchantID" => "ANBRedirectM",
4. "MessageID" => "4",
5. "Amount" => "2000",
6. "OriginalTransactionID" => "1440954863817",
7. "CurrencyISOCode" => "840",
8. "SecureHash" => $secureHash,
9. "Version" => "1.0"
10. ];
11. //generate query string
12. $newRequestQuery = http_build_query($requestQueryArr);
13.
14. //Send the request
15. $ch = curl_init("https://SR_URL");
16. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
17.
18. //write parameters
19. curl_setopt($ch, CURLOPT_POST, true);
20. curl_setopt($ch, CURLOPT_POSTFIELDS, $newRequestQuery);
21. Other Sample Response Code (.Net /PHP)
Sample Response Code (.Net)
27. //Output the response
28. Console.WriteLine(output);
29. // this string is formatted as a "Query String" - name=value&name2=value2.......
30.
31. SortedDictionary<string, string> dictionaryOutput = new SortedDictionary<String, String>(StringComparer.Ordinal);
32. // To read the output string you might want to split it
33. // on '&' to get pairs then on '=' to get name and value
34. // and for a better and ease on verifying secure hash you should put them in a SortedDictionary
35. NameValueCollection qscoll = HttpUtility.ParseQueryString(output);
36. foreach (String kv in qscoll.AllKeys )
37. {
38. dictionaryOutput.Add(kv, qscoll[kv]);
39. }
40.
41. // Now that we have the sorted dictionary, order it to generate secure hash and compare it with the received one
42. StringBuilder responseOrderdString = new StringBuilder();
43. responseOrderdString.Append(AUTHENTICATION_TOKEN);
44. foreach (KeyValuePair<string, string> kv in dictionaryOutput)
45. {
46. if(!"Response.SecureHash".Equals(kv.Key))
47. {
48.
49. if("Response.StatusDescription".Equals(kv.Key) || "Response.GatewayStatusDescription".Equals(kv.Key))
50. {
51. responseOrderdString.Append(HttpUtility.UrlEncode(kv.Value, System.Text.Encoding.UTF8));
52. }
53. else
54. {
55. responseOrderdString.Append(kv.Value);
56. }
57. }
58.
59. }
60. Console.WriteLine("Response Orderd String is " + responseOrderdString);
61. string generatedsecureHash = string.Empty;
62.
63. bytes = Encoding.UTF8.GetBytes(responseOrderdString.ToString().ToString());
64. sha256 = SHA256Managed.Create();
65. hash = sha256.ComputeHash(bytes);
66. foreach (byte x in hash)
67. {
68. generatedsecureHash += String.Format("{0:x2}", x);
69. }
70.
71. // get the received secure hash from result dictionary
72. String receivedSecurehash = dictionaryOutput["Response.SecureHash"];
73. if (!receivedSecurehash.Equals(generatedsecureHash))
74. {
75. //IF they are not equal then the response shall not be accepted
76. Console.WriteLine("Received Secure Hash does not Equal generated Secure hash");
77. }
78. else
79. {
80. // Complete the Action get other parameters from result dictionary and do your processes
81. // please refer to The Integration Manual to See The List of The Received Parameters
82. String status = dictionaryOutput["Response.Status"];
83. Console.WriteLine("Status is :" + status);
84. } Sample Response Code (PHP)
22. // Get the response
23. $output = curl_exec($ch);
24. curl_close($ch);
25.
26.
27. //Output the response
28. echo ($output);
29. // this string is formatted as a "Query String" - name=value&name2=value2.......
30. $result = [];
31.
32. // To read the output string you might want to split it
33. // on '&' to get pairs then on '=' to get name and value
34. // and for a better and ease on verifying secure hash using parse_str
35. parse_str($output, $result);
36.
37. //sort result alphabatically by key
38. ksort($result);
39.
40. // Now that we have the array sorted, order it to generate secure hash and compare it with the received one
41.
42. $responseOrderdString = $AUTHENTICATION_TOKEN;
43. foreach ($result as $result_v) {
44. $responseOrderdString .= $result_v;
45. }
46. echo "Response Orderd String is " . $responseOrderdString;
47. // Generate SecureHash with SHA256
48. $generatedsecureHash = hash('sha256',$responseOrderdString);
49. // get the received secure hash from result map
50. $receivedSecurehash = $result["Response.SecureHash"];
51. if($receivedSecurehash != $generatedsecureHash){
52. //IF they are not equal then the response shall not be accepted
53. echo ("Received Secure Hash does not Equal generated Secure hash");
54. }else{
55. // Complete the Action get other parameters from result map and do your processes
56. // please refer to The Integration Manual to See The List of The Received Parameters
57. $status = $result["Response.Status"];
58. echo ("Status is :". $status);
59. }