# H365 Backend API prod ICP domain:https://api.hnqsjx.cn prod general domain:https://api.h365.games sandbox domain:https://sapi.h365.games #### H365 should provide CP setting parameters * merchantId * serviceId * hash key * hash iv * RSA public key ### SignUp/Login API > User account will be created if the userEmail has not been registered. If the userEmail already registered, the system will check if the input password match our system record. >P.S. The user email address will not be verified. * URL:{{domain}}/api/v1/user/register-or-login * method:POST * content-type:application/json * Request body: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | userEmail | string(email format)| max 150 char | true | user's login email | | password | string | 6-12char | true | user's login password | | merchantId | string | max 45 char | true | should be provided by H365 | | serviceId | string | max 45 char | true | should be provided by H365 | | deviceBrand | string | max 45 char | false | like HTC | | deviceModel | string | max 45 char | false | phone type | | clientIp | string | max 45 char | false | user's request IP | * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | code | number | 0:success,1:account already exists| | message | string | | | data | string | JWT token | ### Logout API > User logout by JWT token,H365 will kill the session and this JWT token will be not allowed to use again. * URL:{{domain}}/api/v1/user/logout * method:POST * content-type:application/json * Request body:no need * Request header: | Key | value | Description | |-------------|----------------------|----------------------------------| |Authorization| Bearer {{JWT Token}} | 0:success | * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | code | number | 0:success | | message | string | | | data | string | | ### Get user uuid API > THis API will return the user uuid and the value is unique in every game. * URL:{{domain}}/api/v1/user/profile?merchantId={{merchantId}}&serviceId={{serviceId}} * method:POST * content-type:application/json * Request header: | Key | value | Description | |-------------|----------------------|----------------------------------| |Authorization| Bearer {{JWT Token}} |JWT Token is from login API | * Request Url param: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | merchantId | string | max 45 char | true | should be provided by H365 | | serviceId | string | max 45 char | true | should be provided by H365 | * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | code | number | 0:success | | data | string | user uuid data | user uuid data: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | uuid | string | example:"36815b07-e1f1-4079-916b-9053f4de2ad0" | ### Reset password(sending email) API (Optional) > H365 will send a reset password email to user's email. * URL:{{domain}}/api/v1/user/reset/sendEmail * method:POST * content-type:application/json * Request header:none * Request body: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | userEmail | string(email format)| max 150 char | true | user's login email | * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | code | number | 0:success | | message | string | | ### CP give user id API (Optional) > It's for CP to send player id to H365. * URL:{{domain}}/api/v1/user/cp-user * method:PATCH * content-type:application/json * Request header:none * Request body: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | serviceId | string | max 45 char | true | should be provided by H365 | | uuid | string | 36 char | true | It's from get user uuid API| | cpUserId | string | max 45 char | true | It's the user id of CP game| | checkCode | string | max 45 char | true | Please follow CheckCode generate rule| * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | code | number | 0:success | | message | string | | | data | boolean | | * CheckCode generate rule: Please hash the playload in JSON string with sha256 algorithm and the hash result's format must be hex. **Notice: The request body parameter sequence must be the same as checkCode parameter sequence.** How to generate checkCode: ``` const obj = { "hashkey":"yGoLHBYjXDdP8myNtGInF4mNNMCcoq35", "serviceId":"h365-platform", "uuid":"36815b07-e1f1-4079-916b-9053f4de2ad0", "cpUserId":"fake-cp-user-id", "iv":"hOHmh3tojsUyGYNk" } const checkCode = crypto.createHash('sha256').update(JSON.stringify(obj)).digest('hex'); //49b90e9d7c6c75f75d04faa55116ba23ee3b85d8f8b531f1dc366c7d51767bd4 ``` | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | hashkey | string | 32 char | true | should be provided by H365 | | serviceId | string | max 45 char | true | should be provided by H365 | | uuid | string | 36 char | true | It's from get user uuid API| | cpUserId | string | max 45 char | true | It's the user id in CP game| | iv | string | 16 char | true | should be provided by H365 | ``` request body: { "serviceId":"h365-platform", "uuid":"36815b07-e1f1-4079-916b-9053f4de2ad0", "cpUserId":"fake-cp-user-id", "checkCode":"49b90e9d7c6c75f75d04faa55116ba23ee3b85d8f8b531f1dc366c7d51767bd4" } ``` ### CP give username in game API (Optional) > It's forCP to give player name to H365. * URL:{{domain}}/api/v1/user/cp-user * method:PATCH * content-type:application/json * Request header:none * Request body: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | serviceId | string | max 45 char | true | should be provided by H365 | | uuid | string | 36 char | true | It's from get user uuid API| | nameInGame | string | max 45 char | true | It's the username in CP game| | checkCode | string | max 45 char | true | Please follow CheckCode generate rule| * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | code | number | 0:success | | message | string | | | data | boolean | | * CheckCode generate rule: Please hash the playload in JSON string with sha256 algorithm and the hash result's format must be hex. **Notice: The request body parameter sequence must be the same as checkCode parameter sequence.** How to generate checkCode: ``` const obj = { "hashkey":"yGoLHBYjXDdP8myNtGInF4mNNMCcoq35", "serviceId":"h365-platform", "uuid":"36815b07-e1f1-4079-916b-9053f4de2ad0", "nameInGame":"fake-name-in-game", "iv":"hOHmh3tojsUyGYNk" }; const checkCode = crypto.createHash('sha256').update(JSON.stringify(obj)).digest('hex'); //7b2585a3d25d38d0927abbcdad6e82f44d5b4692f822947da47f700da0c24089 ``` ``` request body: { "serviceId":"h365-platform", "uuid":"36815b07-e1f1-4079-916b-9053f4de2ad0", "nameInGame":"fake-name-in-game", "checkCode":"7b2585a3d25d38d0927abbcdad6e82f44d5b4692f822947da47f700da0c24089" } ``` ### Get available pay list API (Payment - step 1) > This api would return all available payment channels according to the payment amount and currency * URL:{{domain}}/api/v1/pay/list?orderAmt=100&currency=CNY * method:GET * content-type:application/json * Request header:none * Request Url parameter: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | orderAmt | string | | true | pay amount | | currency | string | | true | pay currency,USD,CNY,HKD,TWD| * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | code | number | 200:success | | data | array | available pay list | | message | string | | available pay list: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | name | string | | | currency | string | pay currency | | payGate | string | payment gateway | | payType | string | user should choose one | | iconUrl | string | icon image url | | additionalFields| string | | ### Create platform payment API (Payment - step 2) > To create an order on platform, CP would need to save the paymentId from response for another API call. * URL:{{domain}}/api/v1/payment * method:POST * content-type:application/json * Request header: | Key | value | Description | |-------------|----------------------|----------------------------------| |Authorization| Bearer {{JWT Token}} |JWT Token is from login API | * Resquest body: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | callbackUrl | string | max 500 char | true | CP callback url | | currency | string | 3 char | true | Must set USD | | item | object | | true | CP shopping item | | orderId | string | max 45 char | true | CP order id,cannot be duplicated| | merchantId | string | max 45 char | true | should be provided by H365 | | serviceId | string | max 45 char | true | should be provided by H365 | | applicationUrl | string | max 500 char | true | app deep link | | deviceBrand | string | max 45 char | true | phone brand like HTC | | deviceModel | string | max 45 char | true | phone type | | clientIp | string | max 45 char | true | user's request IP | CP shopping item: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | itemId | string | max 45 char | true | merchantdise id | | itemName | string | max 45 char | true | merchantdise name | | quantity | integer | | true | | | unitPrice | float | allow 0.01 | true | | | imageUrl | string | max 500 char | true | merchantdise image url | | description | string | max 250 char | true | merchantdise description | * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | code | number | -1:訂單確認失敗,0:訂單建立失敗,1:success| | data | array | Result of creating platform payment | | message | string | | Result of creating platform payment: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | paymentId | string | | | paymentStatus | number | Please check payment status list | | orderTime | number | | | transactionUrl | string | Should be opened to choose a payment method| ### Create platform payment confirmation (Payment - step 3) * H365 will notify CP with the callbackUrl to let CP know they have successfully created platform payment. * url: CP callbackUrl from above request * method:POST * Resquest body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | token | string | JWT token | JWT token decode payload: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | paymentId | string | | | merchantId | string | should be provided by H365 | | serviceId | string | should be provided by H365 | | uuid | number | It's from get user uuid API | | orderId | string | CP order id | | orderTime | number | | | status | number | Please check payment status list | | currency | string | | | item | object | CP shopping item | CP shopping item: | Column | Type | Description | |-------------|-------------------- |----------------------------| | itemId | string | merchantdise id | | itemName | string | merchantdise name | | quantity | integer | | | unitPrice | float | | | imageUrl | string | merchantdise image url | | description | string | merchantdise description | * **Notice: Response is required :** * Response http status:**200** * Response Content-Type:application/json * Response body: | Key | Value | |--------------|-----------------------------| | response_code| OK | ### Create payGate payment API(Payment - step 4) > Create payment record on payment gateway and display coresponding payment ui to game player. **Notice:paymentId only can be used for one time.** * URL:{{domain}}/api/v1/pay/{{payGate}}/create (payGate from Step1) * method:POST * content-type:application/json * Request header: | Key | value | Description | |-------------|----------------------|----------------------------------| |Authorization| Bearer {{JWT Token}} |JWT Token is from login API | * Request body: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | paymentId | string | max 45 char | true | It's from creating platform payment API | | payType | string | | true | It's from creating platform payment API | | currency | string | 3 char | true | USD,CNY,HKD,TWD | * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | code | number | 200:success | | data | object | Result of creating payGate payment API | | message | string | | Result of creating payGate payment API: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | type | string | url,form,html | | resource | string | do a transaction via payment resource | ### Payment updates callback(Payment - step 5) * **Notice: H365 will notify CP with the callbackUrl to let CP know the latest payment status** * url:CP callbackUrl * method:GET * Resquest url parameter: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | token | string | JWT token | JWT token decode payload: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | paymentId | string | | | merchantId | string | should be provided by H365 | | serviceId | string | should be provided by H365 | | uuid | number | It's from get user uuid API | | orderId | string | CP order id | | orderTime | number | | | status | number | Please check payment status list | | currency | string | | | item | object | CP shopping item | CP shopping item: | Column | Type | Description | |-------------|-------------------- |----------------------------| | itemId | string | merchantdise id | | itemName | string | merchantdise name | | quantity | integer | | | unitPrice | float | | | imageUrl | string | merchantdise image url | | description | string | merchantdise description | * **Notice Response is required:** * Response http status:**200** * Response Content-Type:application/json * Response body: | Key | Value | |--------------|-----------------------------| | response_code| OK | ### Get payment result API (Optional) > This API is for CP query the result of transaction. **Notice:** There are three kind API for query the payment result.One is for querying one record by paymentId,another is for querying one record by orderId and the other is for querying by order create time and return list. **Query one record by paymentId:** * URL:{{domain}}/api/v1/payment/get-order-list * method:POST * content-type:application/json * Request body: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | serviceId | string | max 45 char | true | should be provided by H365 | | paymentId | string | max 45 char | true | It's from creating platform payment API | | checkCode | string | max 45 char | true | Please follow CheckCode generate rule| * CheckCode generate rule: Please hash the playload in JSON string with sha256 algorithm and the hash result's format must be hex. **Notice: The request body parameter sequence must be the same as checkCode parameter sequence.** How to generate checkCode: ``` const obj = { "hashkey":"yGoLHBYjXDdP8myNtGInF4mNNMCcoq35", "serviceId":"h365-dev-service", "paymentId":"15899451389039836", "iv":"hOHmh3tojsUyGYNk" }; const checkCode = crypto.createHash('sha256').update(JSON.stringify(obj)).digest('hex'); //78b984355824c3396dc0fa62f5ca053474d096516cc2e58ebf134c15affd7f76 ``` ``` request body: { "serviceId":"h365-dev-service", "paymentId":"15899451389039836", "checkCode":"78b984355824c3396dc0fa62f5ca053474d096516cc2e58ebf134c15affd7f76" } ``` * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | paymentId | string | | | merchantId | string | | | serviceId | string | | | paymentStatus | number | Please check payment status list | | orderTimeMs | number | | **Query one record by orderId:** * URL:{{domain}}/api/v1/payment/get-order-list * method:POST * content-type:application/json * Request body: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | serviceId | string | max 45 char | true | should be provided by H365 | | orderId | string | max 45 char | true | It's CP order id | | checkCode | string | max 45 char | true | Please follow CheckCode generate rule| * CheckCode generate rule: Please hash the playload in JSON string with sha256 algorithm and the hash result's format must be hex. **Notice: The request body parameter sequence must be the same as checkCode parameter sequence.** How to generate checkCode: ``` const obj = { "hashkey":"yGoLHBYjXDdP8myNtGInF4mNNMCcoq35", "serviceId":"h365-dev-service", "orderId":"01scc011-xogp-nx0i-chhp-jec1c0cs0axa", "iv":"hOHmh3tojsUyGYNk" }; const checkCode = crypto.createHash('sha256').update(JSON.stringify(obj)).digest('hex'); //327b8d342d813ef58d195378e1437c893d05c984f22c9c85d4a17956735e78c1 ``` ``` request body: { "serviceId":"h365-dev-service", "orderId":"01scc011-xogp-nx0i-chhp-jec1c0cs0axa", "checkCode":"327b8d342d813ef58d195378e1437c893d05c984f22c9c85d4a17956735e78c1" } ``` * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | paymentId | string | | | orderId | string | | | merchantId | string | | | serviceId | string | | | paymentStatus | number | Please check payment status list | | orderTimeMs | number | | **Query one record by orderTimeMs:** * URL:{{domain}}/api/v1/payment/get-order-list * method:POST * content-type:application/json * Request body: | Column | Type | Length | IsRequired| Description | |-------------|---------------------|--------------|-----------|----------------------------| | serviceId | string | max 45 char | true | should be provided by H365 | | orderTimeMs | number | | true | | | pageSize | number | | false | If it used,please include this into checkCode generation| | currentPage | number | | false | If it used,please include this into checkCode generation| | checkCode | string | max 45 char | true | Please follow CheckCode generate rule| * CheckCode generate rule: Please hash the playload in JSON string with sha256 algorithm and the hash result's format must be hex. **Notice: The request body parameter sequence must be the same as checkCode parameter sequence.** How to generate checkCode: ``` const obj = { "hashkey":"yGoLHBYjXDdP8myNtGInF4mNNMCcoq35", "serviceId":"h365-dev-service", "orderTimeMs":1594346290674, "iv":"hOHmh3tojsUyGYNk" }; const checkCode = crypto.createHash('sha256').update(JSON.stringify(obj)).digest('hex'); //05c155745d8e75ce105782555a62783446cd88fa04ed662df976340d6d26648b ``` ``` request body: { "serviceId":"h365-dev-service", "orderTimeMs":1594346290674, "checkCode":"05c155745d8e75ce105782555a62783446cd88fa04ed662df976340d6d26648b" } ``` * Response body: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | total | number | | | pages | number | | | pageSize | number | | | currentPage | number | | | list | array | payment result record | payment result record: | Column | Type | Description | |-------------|---------------------|-----------------------------------| | paymentId | string | | | merchantId | string | | | serviceId | string | | | paymentStatus | number | Please check payment status list | | orderTimeMs | number | | ### Payment Status List API | Status | Kind | Description | |-------------|---------------------|-----------------------------------| | -999 | UNKNOWN_ERROR | user paid failed | | -9 | PayGate_Invalid_Param| user paid failed | | -8 | Need_Sync_Order | user paid failed | | -5 | PostOrder_Error | user paid failed | | -4 | PayChannel_Invalid | user paid failed | | -3 | Amount_Inconsistent | user paid failed | | -2 | Paygate_Error | user paid failed | | 0 | Payment_Created | After calling creating platform payment API| | 1 | Payment_ID_issued | After calling creating payGate payment API | | 2 | Payment_Completed | **user paid successfully** | | 3 | Cancelled | user paid failed | | 4 | Expired | user paid failed | | 7 | PayGate_In_Progress | customer is paying |