Mastercard Payment Gateway Services (MPGS) is a secure payment gateway that enables businesses to accept online payments from customers through various payment channels.
<?phpusePlutu\Services\PlutuMpgs;$amount =5.0; // amount in float format$invoiceNo ='inv-12345'; // invoice number$returnUrl ='https://example.com/callback/handler'; // the url to handle the callback from plututry { $api =newPlutuMpgs; $api->setCredentials('api_key','access_token','secret_key'); $apiResponse = $api->confirm($amount, $invoiceNo, $returnUrl);if ($apiResponse->getOriginalResponse()->isSuccessful()) {// Redirect URL for Plutu checkout page $redirectUrl = $apiResponse->getRedirectUrl();// You should rediect the customer to payment checkout page// header("location: " . $redirectUrl); } elseif ($apiResponse->getOriginalResponse()->hasError()) {// Possible errors from Plutu API// @see https://docs.plutu.ly/api-documentation/errors Plutu API Error Documentation $errorCode = $apiResponse->getOriginalResponse()->getErrorCode(); $errorMessage = $apiResponse->getOriginalResponse()->getErrorMessage(); $statusCode = $apiResponse->getOriginalResponse()->getStatusCode(); $responseData = $apiResponse->getOriginalResponse()->getBody(); }// Handle exceptions that may be thrown during the execution of the code// The following are the expected exceptions that may be thrown:// Check the "Handle Exceptions and Errors" section for more details// // InvalidAccessTokenException, InvalidApiKeyException, InvalidSecretKeyException,// InvalidAmountException, InvalidInvoiceNoException, InvalidReturnUrlException} catch (\Exception $e) { $exception = $e->getMessage();}
Check out the example Confirm (Pay) in the Plutu PHP Examples document on GitHub.
Callback handler
The callback will be received from Plutu when the transaction is completed or canceled. This gives a Merchant better control of how the transaction is processed on the Merchant's side. This is useful e.g. when you want to mark an order as paid, update your shop's inventory, or add appropriate records to Merchant’s internal accounting system.
Callback response parameters:
The callback is called with HTTP GET and with the same query string parameters as in the redirect
SHA-256 HMAC is calculated as follows:
The SHA-256 HMAC calculation includes all response query string parameters and key-value pairs except the “hashed” parameter.
Create an SHA-256 HMAC of the resultant string using the secret key created in the Plutu account and convert it to uppercase and compare it with the “hashed” parameter received in the callback.
Formatting is allowed with a maximum of two decimal places: XXX, XX.X, XX.XX
invoice_no*
String
Invoice number associated with transaction
return_url*
String
Redirect URL after completing the payments
customer_ip
String
[Optional] Customer IP address
lang
String
[Optional] Accepts ar or en, by default ar
gateway
Gateway name: mpgs
approved
It will only be returned if the transaction is approved and completed
canceled
It will only be returned if the transaction is canceled by the customer
amount
amount sent in the request
currency
Transaction currency refers to the currency used for processing payments through MPGS and is configured in your Plutu account. It currently supports USD
invoice_no
Invoice number sent in the pay request
transaction_id
Plutu transaction id
hashed
Hash message authorization code (HMAC) is used to verify both the data integrity and the authorization of a message.
