Notification S2S
Server-to-server (S2S) notification about the payment status (Tinaba > Merchant Server).
This method that optimizes data exchange requires a prior security configuration. To use the S2S notification, you must contact Tinaba at ecommerce@tinaba.it for the exchange of information related to communication between infrastructures.
Attribute explanation
Name of domain | Type | Mandatory | Description |
---|---|---|---|
externalId | String | Yes | Payment identifier on the merchant's server, sent during the creation phase of the pending payment. |
checkoutState | String | Yes | Payment status. 000 = is successfully completed 001 = completed with error (payment failed) 004 = is a product that has already been purchased. Used only if the paymentMode in the initCheckout is MEDIA. In this case, the user can have access to the product without having to pay for it again 005 = pre-authorized payment to be confirmed. Used only if the paymentMode in the initCheckout is PREAUTH |
signature | String | Yes | Authentication and data integrity signature. |
userAddress | userAddress | No | If one-click mode is configured, it contains the shipping and billing information of the user who ended the payment |
userAddress.name | String | Yes | Name Tinaba User |
userAddress.surname | String | Yes | Last name Tinaba user |
userAddress.email | String | Yes | Email Tinaba user |
userAddress.shippingAddress | shippingAddress | No | Shipping address |
userAddress.billingAddress | billingAddress | No | Billing address |
shippingAddress.receiverName | String | Yes | Full name on address |
shippingAddress.address | String | Yes | Address |
shippingAddress.streetNumber | String | Yes | Number |
shippingAddress.city | String | Yes | City |
shippingAddress.cap | String | Yes | Zip Code |
shippingAddress.district | String | Yes | Province |
shippingAddress.country | String | Yes | Country |
shippingAddress.sendAt | String | No | At |
shippingAddress.phoneNumber | String | No | Phone number |
billingAddress.receiverName | String | Yes | Billing first and last name |
billingAddress.address | String | Yes | Address |
billingAddress.streetNumber | String | Yes | Number |
billingAddress.city | String | Yes | City |
billingAddress.cap | String | Yes | Zip Code |
billingAddress.district | String | Yes | Province |
billingAddress.country | String | Yes | Country |
billingAddress.fiscalCode | String | Yes | Tax code |
The data integrity signature, exchanged in the "signature" field, is based on a shared secret, exchanged offline, and is generated using the SHA256 protocol.
signature = base64(SHA256(<merchantid><datefrom><dateto><secret>))</secret></dateto></datefrom></merchantid>
For more information on how to generate the integrity signature, see:
Attribute explanation – response
Name of domain | Type | Mandatory | Description |
---|---|---|---|
status | String | Yes | 000 = OK 001 = KO |
Request
{
"externalId":"TR_1",
"checkoutState":"000"
}
Answers
200 Success
{
"status":"000"
}
400 Error Validation
{
"status":"001",
"errorCode":"XXX"
}
// The request body as an associative array
$requestBody = json_decode($request->body, true);
$callbackRequest = CheckoutStateCallback::parse($request->body)
$valid = $client->verifyCallback($callbackRequest);
if($valid) {
$successResponse = new CallbackSuccessResponse();
// Return the response as json
$responseBody = json_encode($successResponse->toArray());
/*
* Send the response as JSON with $responseBody as payload.
* The following line is for example purpose only.
*/
return response()->json($responseBody, 200);
}else {
// Handle error
}
For the full PHP SDK visit this link
from sdk.callbacks import CheckoutStateCallback
from sdk.exceptions import ValidationError
try:
callback = CheckoutStateCallback.create(request.json())
# handle callback
# return a response with body {"status": "000"}
except ValidationError:
# handle exception
For the full PHP SDK visit this link