API Access Rules
Protocol Rules
Transmission Method: Use HTTPS
Testing Environment: https://ts-api-pay.gnete.com.hk
Production Environment: https://api-pay.gnete.com.hk
Submission Method: POST
or GET
Content Type: application/json
Character Encoding: UTF-8
Signature Algorithm: MD5
Parameter Specification
Transaction Amount: Default to RMB transactions, unit in cents, parameter value cannot include decimal points.
Time Parameters: All time-related parameters should use a 13-digit value with millisecond precision, such as: 1622016572190. The timestamp specifically refers to the number of milliseconds since January 1, 1970 00:00:00 GMT.
Signature Algorithm
The general steps to generate a signature are as follows
Step 1: Collect all data to be sent or received into a set M. Sort the non-empty parameter values in set M by the ASCII code of the parameter names in ascending order (lexicographical order), and concatenate them into a string stringA using URL key-value pair format (i.e., key1=value1&key2=value2…). Special notes on important rules:
- Parameters are sorted by ASCII code of parameter names in ascending order (lexicographical order);
- Parameters with empty values do not participate in signing;
- Parameter names are case-sensitive;
- When verifying signatures for responses or notifications from the payment center, the transmitted
sign
parameter does not participate in signing; the generated signature should be compared with thesign
value; - The payment center interface may add fields, so the signature verification must support the addition of extended fields.
Step 2: Append the key to the end of stringA [i.e., StringA +"&key=" + private key ]
to obtain the stringSignTemp string. Perform MD5 hash on stringSignTemp, and convert all characters of the resulting string to uppercase to obtain the sign value signValue.
For example, if the payment system parameters are as follows:
Map signMap = new HashMap<>();
signMap.put("platId", "1000");
signMap.put("mchOrderNo", "P0123456789101");
signMap.put("amount", "10000");
signMap.put("clientIp", "192.168.0.111");
signMap.put("returnUrl", "https://www.baidu.com");
signMap.put("notifyUrl", "https://www.baidu.com");
signMap.put("reqTime", "20190723141000");
signMap.put("version", "1.0");
String to be signed:
amount=10000&clientIp=192.168.0.111&mchOrderNo=P0123456789101¬ifyUrl=https://www.baidu.com&platId=1000&reqTime=20190723141000&returnUrl=https://www.baidu.com&version=1.0&key=EWEFD123RGSRETYDFNGFGFGSHDFGH
Signature Result:
4A5078DABBCE0D9C4E7668DACB96FF7A
Final Payment System Parameters:
amount=10000&clientIp=192.168.0.111&mchOrderNo=P0123456789101¬ifyUrl=https://www.baidu.com&platId=1000&reqTime=20190723141000&returnUrl=https://www.baidu.com&version=1.0&sign=4A5078DABBCE0D9C4E7668DACB96FF7A