Before the API integration, you need to get your APP ID and APP Secret.
Get APP ID and APP Secret
CCPayment API authenticates your requests by APP ID and APP Secret. Log in to your CCPayment account , go to Developer page, APP ID and APP Secret on this page.
APP ID and APP Secret carries many privileges, so be sure to keep it secure. Please do not share your developer information in publicly accessible areas such as GitHub, client code, etc.
Signature Guide
The body of HTTP is a json string.
Add the content in body of HTTP to the signature. Ensure the body content matches the signature content. As soon as CCPayment receives the request, the body content will be read and the signature will be verified.
If you use a tool to simulate the request, please make sure that the data in the body will not be formatted by json . Always make sure the body is a json string ; for example, if you use postman, you should choose text format.
Examples
Java PHP Python Node Golang
Copy
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public String getSign(String appId, String appSecret, String timestamp, String data) throws NoSuchAlgorithmException {
String originStr = String.format("%s%s%s%s", appId, appSecret, timestamp, data);
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] digestOriginData = digest.digest(originStr.getBytes(StandardCharsets.UTF_8));
BigInteger number = new BigInteger(1, digestOriginData);
StringBuilder hexString = new StringBuilder(number.toString(16));
while (hexString.length() < 64) {
hexString.insert(0, '0');
}
return hexString.toString();
}
Copy <? php
$app_id = “ < your app_id > ”;
$app_secret = “ < your app_secret > ”;
$url = “https : //admin.ccpayment.com/ccpayment/v1/concise/url/get”;
$body = array (
“product_price” => “0 . 01 ” ,
“merchant_order_id” => “007” ,
“product_name” => “test”
);
$body_str = json_encode ( $body ) ;
$timestamp = strval ( time ()) ;
$hash = $app_id . $app_secret . $timestamp . $body_str;
$hashed = hash ( “sha256 ", $hash);
$headers = array(
“Content-Type: application/json;charset=utf-8”,
“Appid: ” . $app_id,
“Sign: ” . $hashed,
“Timestamp: ” . $timestamp
);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body_str);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$response = curl_exec($ch);
curl_close($ch);
$response_data = json_decode($response, true);
print_r($response_data);
?>
Copy #Python 3.7.4
import time
import unittest
import json
import hashlib
import urllib . request
class TestCCPaymentClass (unittest.TestCase):
app_id = "202312345678980...38276"
app_secret = "abc12345678...09876"
url = "https: //admin.ccpayment.com/ccpayment/v1/token/chain"
args = {
"token_id" : "8addd19b-37df-4faf-bd74-e61e214b008a"
}
timestamp = int (time . time () )
args_str = json . dumps ( args )
sign_str = hashlib . sha256 ( (app_id + app_secret + str ( timestamp ) + args_str) . encode ( "utf-8" )) . hexdigest ()
req = urllib . request . Request ( url = url , method = "POST" , data = args_str . encode ( "utf-8" ), headers = {
"Content-Type" : "application/json;charset=uf8" ,
"Appid" : app_id ,
"Sign" : sign_str ,
"Timestamp" : str ( timestamp )
} )
req . timeout = 60 # s
resp = urllib . request . urlopen ( req )
data_str = resp . read () . decode ( 'utf-8' )
data = json . loads ( data_str )
print ( data )
Copy const axios = require("axios");
const crypto = require("crypto");
const APIURL = {
checkoutURL: "https://admin.ccpayment.com/ccpayment/v1/concise/url/get",
};
const app_id = "your add_id";
const app_secret = "your app_secret";
const handleDeposit = async (data) => {
const timestamp = Math.floor(Date.now() / 1000);
const str = `${app_id}${app_secret}${timestamp}${JSON.stringify(data)}`;
const sign = crypto.createHash("sha256").update(str, "utf-8").digest("hex");
return axios.post(
APIURL.checkoutURL,
{
...data,
},
{
headers: {
// "Content-Type": "application/json;charset-uf8",
Appid: app_id,
Sign: sign,
Timestamp: timestamp,
},
}
);
};
handleDeposit({
product_price: "0.6",
product_name: "test",
merchant_order_id: "2023",
}).then((res) => {
console.log("res", res.data);
});
Copy go
package main
import (
"crypto/hmac"
"crypto/md5"
"encoding/hex"
"encoding/json"
"fmt"
"time"
)
func main () {
appId := "your AppId"
appSecret := "your Secret"
// Signing
hasherMD5 := hmac. New (md5.New, [] byte (appSecret))
// No request params
uri := "/merchant/wallet/api/v1/get/coin/list"
timestamp := time. Now (). Unix ()
signStr := fmt. Sprintf ( " %s%s%d " , appId, uri, timestamp)
hasherMD5. Write ([] byte (signStr))
sign := hex. EncodeToString (hasherMD5. Sum ( nil ))
fmt. Printf ( "Sign: %s \n" , sign)
// With request params
uri = "/merchant/wallet/api/v1/new/user/wallet"
args := struct {
UserId string `json:"UserId"`
UserName string `json:"UserName"`
}{
UserId: "100001" ,
UserName: "testuser" ,
}
argsJson, _ := json. Marshal (args)
timestamp = time. Now (). Unix ()
signStr = fmt. Sprintf ( " %s%s%d%s " , appId, uri, timestamp, argsJson)
hasherMD5. Write ([] byte (signStr))
sign = hex. EncodeToString (hasherMD5. Sum ( nil ))
fmt. Printf ( "Sign: %s \n" , sign)
// Making API call
url := "https://api.example.com" + uri
// Set headers
headers := map [ string ] string {
"AppId" : appId,
"Sign" : sign,
"Timestamp" : fmt. Sprintf ( " %d " , timestamp),
}
// Make POST request
resp, _ := http. Post (url, "application/json" , bytes. NewBuffer (argsJson))
// Handle response
} For the specific fields of signature, please refer to the API interface and ensure the order of the fields.
