DEV Community: Joram Wambugu The latest articles on DEV Community by Joram Wambugu (@jwambugu). https://dev.to/jwambugu https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F317852%2Fcfe897dd-a9fc-4f6b-b431-22582d3d3edd.jpg DEV Community: Joram Wambugu https://dev.to/jwambugu en Part Two: Integrating MPesa B2C API Joram Wambugu Thu, 14 Oct 2021 08:08:07 +0000 https://dev.to/jwambugu/part-two-integrating-business-to-customer-b2c-api-3855 https://dev.to/jwambugu/part-two-integrating-business-to-customer-b2c-api-3855 <p>In the last <a href="https://dev.to/jwambugu/mpesa-apis-integration-in-go-180c">tutorial</a>, we learnt how to <a href="https://dev.to/jwambugu/mpesa-apis-integration-in-go-180c#creating-a-developers-account">set up a developers</a>, <a href="https://dev.to/jwambugu/mpesa-apis-integration-in-go-180c#generating-access-token">generate an access token</a> and finally <a href="https://dev.to/jwambugu/mpesa-apis-integration-in-go-180c#integrating-lipa-na-mpesa">integrated lipa na mpesa API</a>.<br> In this part, we will learn how we can integrate the <a href="https://developer.safaricom.co.ke/APIs/BusinessToCustomer">B2C API</a>. This API allows you to make MPesa transactions between a paybill (shortcode) and a customer's phone number.</p> <blockquote> <p>This a continuation which assumes you have already set up your project as per the last tutorial.</p> </blockquote> <p>The completed code can be found <a href="https://github.com/jwambugu/tutorials/tree/main/go/mpesa">here</a>.</p> <h3> What we will cover </h3> <ul> <li>Understanding the requirements</li> <li>Request setup</li> <li>Generating security credentials</li> <li>Making the B2C API request</li> </ul> <h3> Understanding the requirements </h3> <p>There are the requirements for production app. You will need to access <a href="https://org.ke.m-pesa.com/">MPesa Portal</a> which is now accessible without the need of the MPesa certificate 🎉🎉</p> <ul> <li> <strong>Initiator username</strong> which is the API operator's username set on the <a href="https://org.ke.m-pesa.com/">portal</a>.</li> <li> <strong>Initiator Password</strong> is the password for the API operator.</li> </ul> <blockquote> <p>To understand more about these requirements, please check the <a href="https://developer.safaricom.co.ke/Documentation">documentation</a> under the B2C API.</p> </blockquote> <h3> Request setup </h3> <p>In order to make the request, we will add two new structs as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code> <span class="c">// B2CRequestBody is the body with the parameters to be used to initiate a B2C request</span> <span class="k">type</span> <span class="n">B2CRequestBody</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">InitiatorName</span> <span class="kt">string</span> <span class="s">`json:"InitiatorName"`</span> <span class="n">SecurityCredential</span> <span class="kt">string</span> <span class="s">`json:"SecurityCredential"`</span> <span class="n">CommandID</span> <span class="kt">string</span> <span class="s">`json:"CommandID"`</span> <span class="n">Amount</span> <span class="kt">string</span> <span class="s">`json:"Amount"`</span> <span class="n">PartyA</span> <span class="kt">string</span> <span class="s">`json:"PartyA"`</span> <span class="n">PartyB</span> <span class="kt">string</span> <span class="s">`json:"PartyB"`</span> <span class="n">Remarks</span> <span class="kt">string</span> <span class="s">`json:"Remarks"`</span> <span class="n">QueueTimeOutURL</span> <span class="kt">string</span> <span class="s">`json:"QueueTimeOutURL"`</span> <span class="n">ResultURL</span> <span class="kt">string</span> <span class="s">`json:"ResultURL"`</span> <span class="n">Occassion</span> <span class="kt">string</span> <span class="s">`json:"Occassion"`</span> <span class="p">}</span> <span class="c">// B2CRequestResponse is the response sent back after initiating a B2C request.</span> <span class="k">type</span> <span class="n">B2CRequestResponse</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">ConversationID</span> <span class="kt">string</span> <span class="s">`json:"ConversationID"`</span> <span class="n">OriginatorConversationID</span> <span class="kt">string</span> <span class="s">`json:"OriginatorConversationID"`</span> <span class="n">ResponseCode</span> <span class="kt">string</span> <span class="s">`json:"ResponseCode"`</span> <span class="n">ResponseDescription</span> <span class="kt">string</span> <span class="s">`json:"ResponseDescription"`</span> <span class="n">RequestID</span> <span class="kt">string</span> <span class="s">`json:"requestId"`</span> <span class="n">ErrorCode</span> <span class="kt">string</span> <span class="s">`json:"errorCode"`</span> <span class="n">ErrorMessage</span> <span class="kt">string</span> <span class="s">`json:"errorMessage"`</span> <span class="p">}</span> </code></pre> </div> <ul> <li><p><code>B2CRequestBody</code> struct has the values required to build the request body. To learn more about the parameters, please check out <a href="https://developer.safaricom.co.ke/APIs/BusinessToCustomer">this link</a>.</p></li> <li><p><code>B2CRequestResponse</code> struct is used to process the response after initiating a request.</p></li> </ul> <h3> Generating security credentials </h3> <p>The B2C API requires us to provide <code>SecurityCredential</code> in the request body which can be generated by encrypting the API initiator password using the public key certificate provided by Safaricom.</p> <p><strong>Please note that at the time of writing, the provided links to download the certificates were broken. If you encounter the same issue, please download them <a href="https://github.com/jwambugu/tutorials/tree/main/go/mpesa">here</a>.</strong></p> <p>There are two sets of certificates, the <a href="https://developer.safaricom.co.ke/sites/default/files/cert/cert_sandbox/cert.cer">sandbox</a> and <a href="https://developer.safaricom.co.ke/sites/default/files/cert/cert_prod/cert.cer">production</a> used when your application has been approved to go live.<br> Go ahead and <a href="https://developer.safaricom.co.ke/sites/default/files/cert/cert_sandbox/cert.cer">download sandbox certificate</a>, then create <code>certificates</code> directory and move the downloaded certificate there.</p> <p>To generate the <code>SecurityCredential</code>, we will create a helper function <code>GenerateSecurityCredentials</code> as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// getSecurityCredentials returns the encrypted password using the public key of the specified environment</span> <span class="k">func</span> <span class="n">GenerateSecurityCredentials</span><span class="p">(</span><span class="n">password</span> <span class="kt">string</span><span class="p">,</span> <span class="n">isOnProduction</span> <span class="kt">bool</span><span class="p">)</span> <span class="p">(</span><span class="kt">string</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">path</span> <span class="o">:=</span> <span class="s">"./certificates/production.cer"</span> <span class="k">if</span> <span class="o">!</span><span class="n">isOnProduction</span> <span class="p">{</span> <span class="n">path</span> <span class="o">=</span> <span class="s">"./certificates/sandbox.cer"</span> <span class="p">}</span> <span class="n">f</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Open</span><span class="p">(</span><span class="n">path</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">defer</span> <span class="k">func</span><span class="p">(</span><span class="n">f</span> <span class="o">*</span><span class="n">os</span><span class="o">.</span><span class="n">File</span><span class="p">)</span> <span class="p">{</span> <span class="n">_</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="p">}(</span><span class="n">f</span><span class="p">)</span> <span class="n">contents</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">io</span><span class="o">.</span><span class="n">ReadAll</span><span class="p">(</span><span class="n">f</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">block</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">pem</span><span class="o">.</span><span class="n">Decode</span><span class="p">(</span><span class="n">contents</span><span class="p">)</span> <span class="k">var</span> <span class="n">cert</span> <span class="o">*</span><span class="n">x509</span><span class="o">.</span><span class="n">Certificate</span> <span class="n">cert</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">x509</span><span class="o">.</span><span class="n">ParseCertificate</span><span class="p">(</span><span class="n">block</span><span class="o">.</span><span class="n">Bytes</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">rsaPublicKey</span> <span class="o">:=</span> <span class="n">cert</span><span class="o">.</span><span class="n">PublicKey</span><span class="o">.</span><span class="p">(</span><span class="o">*</span><span class="n">rsa</span><span class="o">.</span><span class="n">PublicKey</span><span class="p">)</span> <span class="n">reader</span> <span class="o">:=</span> <span class="n">rand</span><span class="o">.</span><span class="n">Reader</span> <span class="n">encryptedPayload</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">EncryptPKCS1v15</span><span class="p">(</span><span class="n">reader</span><span class="p">,</span> <span class="n">rsaPublicKey</span><span class="p">,</span> <span class="p">[]</span><span class="kt">byte</span><span class="p">(</span><span class="n">password</span><span class="p">))</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">securityCredentials</span> <span class="o">:=</span> <span class="n">base64</span><span class="o">.</span><span class="n">StdEncoding</span><span class="o">.</span><span class="n">EncodeToString</span><span class="p">(</span><span class="n">encryptedPayload</span><span class="p">)</span> <span class="k">return</span> <span class="n">securityCredentials</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <ul> <li>The function takes in a <code>password</code> which is the API initiator password and <code>isOnProduction</code> which is used to determine the certificate to use.</li> <li>We attempt to read and parse the contents certificate to return an encrypted <code>password</code>.</li> </ul> <p>We can test if the code works by updating our <code>main</code> method to the snippet below.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">securityCredentials</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">GenerateSecurityCredentials</span><span class="p">(</span><span class="s">"test-password"</span><span class="p">,</span> <span class="no">false</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalln</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"%+v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">securityCredentials</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>If we run our code, an output similar to the one below will be printed.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">NCV</span><span class="mi">4</span><span class="err">uID/dA</span><span class="mi">5</span><span class="err">OpNmgtwk</span><span class="mi">2</span><span class="err">UJj</span><span class="mi">1</span><span class="err">NXyEa</span><span class="mi">0</span><span class="err">KNyhxm/</span><span class="mi">8</span><span class="err">fb</span><span class="mi">82</span><span class="err">Cojo</span><span class="mi">6</span><span class="err">UQKaw</span><span class="mi">1</span><span class="err">Lk</span><span class="mi">2</span><span class="err">MHzD+kX</span><span class="mi">3</span><span class="err">NXQppwaoTFjkPGNjlWWBO</span><span class="mi">2</span><span class="err">VDu</span><span class="mi">15</span><span class="err">IGZGWSOWdS</span><span class="mi">6</span><span class="err">Wuqc</span><span class="mi">8</span><span class="err">U</span><span class="mi">8</span><span class="err">BqVWXcTLCMA</span><span class="mi">5</span><span class="err">UujQBEfSJsIYROGdbeqUSLE</span><span class="mi">88</span><span class="err">I/</span><span class="mi">3</span><span class="err">NNH</span><span class="mi">1</span><span class="err">nINDgI</span><span class="mi">5</span><span class="err">A</span><span class="mi">91</span><span class="err">LX/Fwouewy</span><span class="mi">4</span><span class="err">S</span><span class="mi">5</span><span class="err">aogcb</span><span class="mi">9</span><span class="err">M+KrcVDcoNSkmCY+S</span><span class="mi">4</span><span class="err">UFlUGMUPAIMxIzZh</span><span class="mi">6</span><span class="err">z</span><span class="mi">39</span><span class="err">LCXhM/ARItbJJXK</span><span class="mi">6</span><span class="err">Nj</span><span class="mi">31</span><span class="err">cmIimXE</span><span class="mi">3</span><span class="err">UWTLq</span><span class="mi">8</span><span class="err">uqHNwafDAidjgUenwTOeO</span><span class="mi">2</span><span class="err">/pJ/x</span><span class="mi">3</span><span class="err">rjbM</span><span class="mi">3</span><span class="err">RyOHd</span><span class="mi">2</span><span class="err">JTlM</span><span class="mi">3</span><span class="err">eazBqSSIFh</span><span class="mi">2</span><span class="err">YaVxrKtCvOtowMXPDQ//</span><span class="mi">1</span><span class="err">ZKzErnFZtViw==</span><span class="w"> </span></code></pre> </div> <h4> Making the B2C API request </h4> <p>For us to make the request, we will create two new methods <code>setupHttpRequestWithAuth</code> and <code>InitiateB2CRequest</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// setupHttpRequestWithAuth is a helper method aimed to create a http request adding</span> <span class="c">// the Authorization Bearer header with the access token for the Mpesa app.</span> <span class="k">func</span> <span class="p">(</span><span class="n">m</span> <span class="o">*</span><span class="n">Mpesa</span><span class="p">)</span> <span class="n">setupHttpRequestWithAuth</span><span class="p">(</span><span class="n">method</span><span class="p">,</span> <span class="n">url</span> <span class="kt">string</span><span class="p">,</span> <span class="n">body</span> <span class="p">[]</span><span class="kt">byte</span><span class="p">)</span> <span class="p">(</span><span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">req</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">NewRequest</span><span class="p">(</span><span class="n">method</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="n">bytes</span><span class="o">.</span><span class="n">NewBuffer</span><span class="p">(</span><span class="n">body</span><span class="p">))</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">accessTokenResponse</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">m</span><span class="o">.</span><span class="n">generateAccessToken</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">req</span><span class="o">.</span><span class="n">Header</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="s">"Content-Type"</span><span class="p">,</span> <span class="s">"application/json"</span><span class="p">)</span> <span class="n">req</span><span class="o">.</span><span class="n">Header</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="s">"Authorization"</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="s">"Bearer %s"</span><span class="p">,</span> <span class="n">accessTokenResponse</span><span class="o">.</span><span class="n">AccessToken</span><span class="p">))</span> <span class="k">return</span> <span class="n">req</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> <span class="c">// InitiateB2CRequest makes a http request performing a B2C payment request.</span> <span class="k">func</span> <span class="p">(</span><span class="n">m</span> <span class="o">*</span><span class="n">Mpesa</span><span class="p">)</span> <span class="n">InitiateB2CRequest</span><span class="p">(</span><span class="n">body</span> <span class="o">*</span><span class="n">B2CRequestBody</span><span class="p">)</span> <span class="p">(</span><span class="o">*</span><span class="n">B2CRequestResponse</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">url</span> <span class="o">:=</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="s">"%s/mpesa/b2c/v1/paymentrequest"</span><span class="p">,</span> <span class="n">m</span><span class="o">.</span><span class="n">baseURL</span><span class="p">)</span> <span class="n">requestBody</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Marshal</span><span class="p">(</span><span class="n">body</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">req</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">m</span><span class="o">.</span><span class="n">setupHttpRequestWithAuth</span><span class="p">(</span><span class="n">http</span><span class="o">.</span><span class="n">MethodPost</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="n">requestBody</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">resp</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">m</span><span class="o">.</span><span class="n">makeRequest</span><span class="p">(</span><span class="n">req</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">b2cResponse</span> <span class="o">:=</span> <span class="nb">new</span><span class="p">(</span><span class="n">B2CRequestResponse</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Unmarshal</span><span class="p">(</span><span class="n">resp</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">b2cResponse</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">return</span> <span class="n">b2cResponse</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <code>setupHttpRequestWithAuth</code> set ups and returns a http request with the authorization set up.</li> <li> <code>InitiateB2CRequest</code> makes a http request with the generated access token. After a successful request is made, we unmarshal the response body to create a new <code>B2CRequestResponse</code> </li> </ul> <p>In order to test if we can make the request successfully, we will update our main method as follows. The test credentials can be found <a href="https://developer.safaricom.co.ke/APIs/BusinessToCustomer">here</a>.</p> <p>Select an app on the simulator, then scroll down and click on the icon on the bottom left to open a modal with the test credentials.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">mpesa</span> <span class="o">:=</span> <span class="n">NewMpesa</span><span class="p">(</span><span class="o">&amp;</span><span class="n">MpesaOpts</span><span class="p">{</span> <span class="n">ConsumerKey</span><span class="o">:</span> <span class="s">"your-consumer-key-goes-here"</span><span class="p">,</span> <span class="n">ConsumerSecret</span><span class="o">:</span> <span class="s">"your-consumer-secret-goes-here"</span><span class="p">,</span> <span class="n">BaseURL</span><span class="o">:</span> <span class="s">"https://sandbox.safaricom.co.ke"</span><span class="p">,</span> <span class="p">})</span> <span class="n">securityCredentials</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">GenerateSecurityCredentials</span><span class="p">(</span><span class="s">"your-initiator-password"</span><span class="p">,</span> <span class="no">false</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalln</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">response</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">mpesa</span><span class="o">.</span><span class="n">InitiateB2CRequest</span><span class="p">(</span><span class="o">&amp;</span><span class="n">B2CRequestBody</span><span class="p">{</span> <span class="n">InitiatorName</span><span class="o">:</span> <span class="s">"your-initiator-name-goes-here"</span><span class="p">,</span> <span class="n">SecurityCredential</span><span class="o">:</span> <span class="n">securityCredentials</span><span class="p">,</span> <span class="n">CommandID</span><span class="o">:</span> <span class="s">"BusinessPayment"</span><span class="p">,</span> <span class="n">Amount</span><span class="o">:</span> <span class="s">"10"</span><span class="p">,</span> <span class="n">PartyA</span><span class="o">:</span> <span class="s">"your-business-short-code-goes-here"</span><span class="p">,</span> <span class="n">PartyB</span><span class="o">:</span> <span class="s">"your-phone-number-goes-here"</span><span class="p">,</span> <span class="n">Remarks</span><span class="o">:</span> <span class="s">"your-remarks-go-here"</span><span class="p">,</span> <span class="n">QueueTimeOutURL</span><span class="o">:</span> <span class="s">"your-endpoint-to-receive-notifications-in-case-request-times-out"</span><span class="p">,</span> <span class="n">ResultURL</span><span class="o">:</span> <span class="s">"your-endpoint-to-receive-the-notifications"</span><span class="p">,</span> <span class="n">Occassion</span><span class="o">:</span> <span class="s">"your-occasion-goes-here"</span><span class="p">,</span> <span class="p">})</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalln</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"%+v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">response</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <ul> <li>We are using the <code>GenerateSecurityCredentials</code> to get the security credentials using the <strong>InitiatorPassword</strong> from the test credentials. The second parameter <code>isOnProduction</code> is then set to false since we are on sandbox.</li> <li>We then build our request body then make the request. If the request was successfully, you will receive an output similar to the one below. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="err">&amp;</span><span class="p">{</span><span class="err">ConversationID:AG_</span><span class="mi">20211014</span><span class="err">_</span><span class="mi">00007410</span><span class="err">b</span><span class="mi">1727</span><span class="err">ef</span><span class="mi">09241</span><span class="w"> </span><span class="err">OriginatorConversationID:</span><span class="mi">46629-16123460-2</span><span class="w"> </span><span class="err">ResponseCode:</span><span class="mi">0</span><span class="w"> </span><span class="err">ResponseDescription:Accept</span><span class="w"> </span><span class="err">the</span><span class="w"> </span><span class="err">service</span><span class="w"> </span><span class="err">request</span><span class="w"> </span><span class="err">successfully.</span><span class="w"> </span><span class="err">RequestID:</span><span class="w"> </span><span class="err">ErrorCode:</span><span class="w"> </span><span class="err">ErrorMessage:</span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>To get more insights on the error messages, please refer to the <a href="https://developer.safaricom.co.ke/APIs/BusinessToCustomer">documentation</a>.</p> <p>Since the request is asynchronous, we pass <code>ResultURL</code> webhook for receiving notifications upon processing of the payment request. The <code>QueueTimeOutURL</code> is a webhook used when the payment request has timed out while awaiting processing.</p> <p>To test if we can process the callback, we will create a new handler on the <code>httpServer</code> function and add a new struct <code>B2CCallbackResponse</code> as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// B2CCallbackResponse has the results of the callback data sent once we successfully make a B2C request.</span> <span class="k">type</span> <span class="n">B2CCallbackResponse</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Result</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">ResultType</span> <span class="kt">int</span> <span class="s">`json:"ResultType"`</span> <span class="n">ResultCode</span> <span class="kt">int</span> <span class="s">`json:"ResultCode"`</span> <span class="n">ResultDesc</span> <span class="kt">string</span> <span class="s">`json:"ResultDesc"`</span> <span class="n">OriginatorConversationID</span> <span class="kt">string</span> <span class="s">`json:"OriginatorConversationID"`</span> <span class="n">ConversationID</span> <span class="kt">string</span> <span class="s">`json:"ConversationID"`</span> <span class="n">TransactionID</span> <span class="kt">string</span> <span class="s">`json:"TransactionID"`</span> <span class="n">ResultParameters</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">ResultParameter</span> <span class="p">[]</span><span class="k">struct</span> <span class="p">{</span> <span class="n">Key</span> <span class="kt">string</span> <span class="s">`json:"Key"`</span> <span class="n">Value</span> <span class="k">interface</span><span class="p">{}</span> <span class="s">`json:"Value"`</span> <span class="p">}</span> <span class="s">`json:"ResultParameter"`</span> <span class="p">}</span> <span class="s">`json:"ResultParameters"`</span> <span class="n">ReferenceData</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">ReferenceItem</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Key</span> <span class="kt">string</span> <span class="s">`json:"Key"`</span> <span class="n">Value</span> <span class="kt">string</span> <span class="s">`json:"Value"`</span> <span class="p">}</span> <span class="s">`json:"ReferenceItem"`</span> <span class="p">}</span> <span class="s">`json:"ReferenceData"`</span> <span class="p">}</span> <span class="s">`json:"Result"`</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">httpServer</span><span class="p">()</span> <span class="p">{</span> <span class="n">b2cRequestCallbackHandler</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">payload</span> <span class="o">:=</span> <span class="nb">new</span><span class="p">(</span><span class="n">B2CCallbackResponse</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">NewDecoder</span><span class="p">(</span><span class="n">req</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span><span class="o">.</span><span class="n">Decode</span><span class="p">(</span><span class="o">&amp;</span><span class="n">payload</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalln</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"%+v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">payload</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Result Code: %d</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">payload</span><span class="o">.</span><span class="n">Result</span><span class="o">.</span><span class="n">ResultCode</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Result Description: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">payload</span><span class="o">.</span><span class="n">Result</span><span class="o">.</span><span class="n">ResultDesc</span><span class="p">)</span> <span class="p">}</span> <span class="n">addr</span> <span class="o">:=</span> <span class="s">":8080"</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/b2c-callback"</span><span class="p">,</span> <span class="n">b2cRequestCallbackHandler</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[*] Server started and running on port %s"</span><span class="p">,</span> <span class="n">addr</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">http</span><span class="o">.</span><span class="n">ListenAndServe</span><span class="p">(</span><span class="n">addr</span><span class="p">,</span> <span class="no">nil</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <ul> <li> <code>httpServer</code> creates and starts a http server on port <code>8080</code>. </li> <li> <code>b2cRequestCallbackHandler</code> attempts to read and decode the request body. Any successful transaction will have a <code>ResultCode</code> of <code>0</code>.</li> </ul> <p>To test if we can make process the callback, update the main method to the code below then run the application.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">httpServer</span><span class="p">()</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Open <a href="https://www.postman.com/downloads/">Postman</a> and create a new <code>POST</code> request to <code>http://localhost:8080/b2c-callback</code>.</li> <li>Click on the <code>BODY</code> tab then select the <code>raw</code> option then select <code>JSON</code> from the dropdown and paste the payload below.</li> <li>Click on the <strong>SEND</strong> button then check your terminal output for the printed response body. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Result"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"ResultType"</span><span class="p">:</span><span class="mi">0</span><span class="p">,</span><span class="w"> </span><span class="nl">"ResultCode"</span><span class="p">:</span><span class="mi">0</span><span class="p">,</span><span class="w"> </span><span class="nl">"ResultDesc"</span><span class="p">:</span><span class="s2">"The service request is processed successfully."</span><span class="p">,</span><span class="w"> </span><span class="nl">"OriginatorConversationID"</span><span class="p">:</span><span class="s2">"46629-16123460-2"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ConversationID"</span><span class="p">:</span><span class="s2">"AG_20211014_00007410b1727ef09241"</span><span class="p">,</span><span class="w"> </span><span class="nl">"TransactionID"</span><span class="p">:</span><span class="s2">"PJ14NE27PI"</span><span class="p">,</span><span class="w"> </span><span class="nl">"ResultParameters"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"ResultParameter"</span><span class="p">:[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="s2">"TransactionAmount"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="mi">10</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="s2">"TransactionReceipt"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="s2">"PJ14NE27PI"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="s2">"B2CRecipientIsRegisteredCustomer"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="s2">"Y"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="s2">"B2CChargesPaidAccountAvailableFunds"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="mf">120.00</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="s2">"ReceiverPartyPublicName"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="s2">"254700000000 - Go Gopher"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="s2">"TransactionCompletedDateTime"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="s2">"14.10.2021 10:26:50"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="s2">"B2CUtilityAccountAvailableFunds"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="mf">120.00</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="s2">"B2CWorkingAccountAvailableFunds"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="mf">120.00</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"ReferenceData"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"ReferenceItem"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"Key"</span><span class="p">:</span><span class="s2">"QueueTimeoutURL"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="s2">"https:</span><span class="se">\/\/</span><span class="s2">internalsandbox.safaricom.co.ke</span><span class="se">\/</span><span class="s2">mpesa</span><span class="se">\/</span><span class="s2">b2cresults</span><span class="se">\/</span><span class="s2">v1</span><span class="se">\/</span><span class="s2">submit"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>That's all for this part. Thank you for following along.</p> go mpesa tutorial api MPesa APIs Integration in Go Joram Wambugu Fri, 08 Oct 2021 10:00:23 +0000 https://dev.to/jwambugu/mpesa-apis-integration-in-go-180c https://dev.to/jwambugu/mpesa-apis-integration-in-go-180c <p><strong>What is MPesa?</strong><br> Mpesa is a mobile banking service launched by Safaricom, the largest mobile phone network in Kenya, in 2007 that allows users to send or save money through their mobile phones.</p> <p>Since the service is so much popular, Safaricom introduced a REST API that allows developers to integrate their apps with MPesa.</p> <h3> Requirements </h3> <ul> <li> <a href="https://go.dev/">Go</a> installed on your local computer.</li> <li> <a href="https://www.postman.com/downloads/">Postman</a> installed locally since we'll use it to test the APIs.</li> </ul> <p>The completed code can be found <a href="https://github.com/jwambugu/tutorials/tree/main/go/mpesa">here</a>.</p> <h3> What we will cover </h3> <ul> <li>Creating a developer's account</li> <li>Creating an app</li> <li>Project Set Up</li> <li>Generating Access Token</li> <li>Integrating Lipa na Mpesa (STK Push)</li> </ul> <h3> Creating a developer's account </h3> <p>In order to start consuming the APIs, you will need an account. To create one, please go to <a href="https://developer.safaricom.co.ke/">Daraja</a> and click on the <strong>Login/Sign Up</strong> button then choose <strong>Go to Sign Up</strong></p> <p>Please fill all the fields and select <strong>Individual</strong> for the <strong>Account Type</strong> since we will be using it for learning purposes. Once done, a confirmation email will be sent, and you can now access the portal.</p> <h3> Creating an app </h3> <p>All the MPesa APIs require a developer to have an app so let's create one.</p> <ul> <li>Step 1: Click on <strong>MY APPS</strong> tab</li> <li>Step 2: Click on <strong>CREATE NEW APP</strong> button</li> <li>Step 3: Fill in the <strong>App Name</strong> and select <strong>Lipa Na MPesa Sandbox</strong> and <strong>Mpesa Sandbox</strong> products</li> <li>Step 4: Finish by clicking <strong>CREATE APP</strong> button.</li> </ul> <p>Once done, you will see the newly added app on one of the cards with its name, consumer key and consumer secret.</p> <h3> Project Set Up </h3> <p>Create a new project then open it using your favorite IDE or editor then run the command below to initialize new module in current directory.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>go mod init mpesa-golang </code></pre> </div> <p>Once done, create a new file <code>main.go</code> and add the snippet below.</p> <blockquote> <p><strong>This project is for learning purposes. You should not store any credentials on your code</strong><br> </p> </blockquote> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"io"</span> <span class="s">"net/http"</span> <span class="s">"time"</span> <span class="p">)</span> <span class="c">// Mpesa is an application that will be making a transaction</span> <span class="k">type</span> <span class="n">Mpesa</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">consumerKey</span> <span class="kt">string</span> <span class="n">consumerSecret</span> <span class="kt">string</span> <span class="n">baseURL</span> <span class="kt">string</span> <span class="n">client</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Client</span> <span class="p">}</span> <span class="c">// MpesaOpts stores all the configuration keys we need to set up a Mpesa app,</span> <span class="k">type</span> <span class="n">MpesaOpts</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">ConsumerKey</span> <span class="kt">string</span> <span class="n">ConsumerSecret</span> <span class="kt">string</span> <span class="n">BaseURL</span> <span class="kt">string</span> <span class="p">}</span> <span class="c">// NewMpesa sets up and returns an instance of Mpesa</span> <span class="k">func</span> <span class="n">NewMpesa</span><span class="p">(</span><span class="n">m</span> <span class="o">*</span><span class="n">MpesaOpts</span><span class="p">)</span> <span class="o">*</span><span class="n">Mpesa</span> <span class="p">{</span> <span class="n">client</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">http</span><span class="o">.</span><span class="n">Client</span><span class="p">{</span> <span class="n">Timeout</span><span class="o">:</span> <span class="m">30</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Second</span><span class="p">,</span> <span class="p">}</span> <span class="k">return</span> <span class="o">&amp;</span><span class="n">Mpesa</span><span class="p">{</span> <span class="n">consumerKey</span><span class="o">:</span> <span class="n">m</span><span class="o">.</span><span class="n">ConsumerKey</span><span class="p">,</span> <span class="n">consumerSecret</span><span class="o">:</span> <span class="n">m</span><span class="o">.</span><span class="n">ConsumerSecret</span><span class="p">,</span> <span class="n">baseURL</span><span class="o">:</span> <span class="n">m</span><span class="o">.</span><span class="n">BaseURL</span><span class="p">,</span> <span class="n">client</span><span class="o">:</span> <span class="n">client</span><span class="p">,</span> <span class="p">}</span> <span class="p">}</span> <span class="c">// makeRequest performs all the http requests for the specific app</span> <span class="k">func</span> <span class="p">(</span><span class="n">m</span> <span class="o">*</span><span class="n">Mpesa</span><span class="p">)</span> <span class="n">makeRequest</span><span class="p">(</span><span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">([]</span><span class="kt">byte</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">resp</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">m</span><span class="o">.</span><span class="n">client</span><span class="o">.</span><span class="n">Do</span><span class="p">(</span><span class="n">req</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">defer</span> <span class="k">func</span><span class="p">(</span><span class="n">Body</span> <span class="n">io</span><span class="o">.</span><span class="n">ReadCloser</span><span class="p">)</span> <span class="p">{</span> <span class="n">_</span> <span class="o">=</span> <span class="n">Body</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="p">}(</span><span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span> <span class="n">body</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">io</span><span class="o">.</span><span class="n">ReadAll</span><span class="p">(</span><span class="n">resp</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">return</span> <span class="n">body</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <ul> <li><p>The <code>Mpesa</code> struct will store the details about an app and the base url to be used since it changes based on the environment. The fields are unexported since we will only be using them within the package.</p></li> <li><p>The <code>NewMpesa</code> function is a constructor that we'll set up and return an instance of <code>Mpesa</code>.</p></li> <li><p><code>makeRequest</code> will handle the sending of http requests for the app.</p></li> </ul> <h3> Generating Access Token </h3> <p>In order to interact with the MPesa APIs, we will need to provide an access token to authenticate our requests which is generated using <strong>Consumer Key</strong> and <strong>Consumer Secret</strong> generated when creating a new app.</p> <p>To get these credentials, click on <a href="https://developer.safaricom.co.ke/MyApps">MY APPS</a> tab to list all your apps and copy the <strong>Consumer Key</strong> and <strong>Consumer Secret</strong> keys for the app we created here.</p> <p>In order to generate the access token, we will add a new struct to handle the processing of the response so add the snippet below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// MpesaAccessTokenResponse is the response sent back by Safaricom when we make a request to generate a token</span> <span class="k">type</span> <span class="n">MpesaAccessTokenResponse</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">AccessToken</span> <span class="kt">string</span> <span class="s">`json:"access_token"`</span> <span class="n">ExpiresIn</span> <span class="kt">string</span> <span class="s">`json:"expires_in"`</span> <span class="n">RequestID</span> <span class="kt">string</span> <span class="s">`json:"requestId"`</span> <span class="n">ErrorCode</span> <span class="kt">string</span> <span class="s">`json:"errorCode"`</span> <span class="n">ErrorMessage</span> <span class="kt">string</span> <span class="s">`json:"errorMessage"`</span> <span class="p">}</span> </code></pre> </div> <p>The above fields found can be found <a href="https://developer.safaricom.co.ke/APIs/Authorization">here</a> on the developer's portal. We will then create a new method <code>generateAccessToken</code> for generating the access token.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// generateAccessToken sends a http request to generate new access token</span> <span class="k">func</span> <span class="p">(</span><span class="n">m</span> <span class="o">*</span><span class="n">Mpesa</span><span class="p">)</span> <span class="n">generateAccessToken</span><span class="p">()</span> <span class="p">(</span><span class="o">*</span><span class="n">MpesaAccessTokenResponse</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">url</span> <span class="o">:=</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="s">"%s/oauth/v1/generate?grant_type=client_credentials"</span><span class="p">,</span> <span class="n">m</span><span class="o">.</span><span class="n">baseURL</span><span class="p">)</span> <span class="n">req</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">NewRequest</span><span class="p">(</span><span class="n">http</span><span class="o">.</span><span class="n">MethodGet</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="no">nil</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">req</span><span class="o">.</span><span class="n">SetBasicAuth</span><span class="p">(</span><span class="n">m</span><span class="o">.</span><span class="n">consumerKey</span><span class="p">,</span> <span class="n">m</span><span class="o">.</span><span class="n">consumerSecret</span><span class="p">)</span> <span class="n">req</span><span class="o">.</span><span class="n">Header</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="s">"Content-Type"</span><span class="p">,</span> <span class="s">"application/json"</span><span class="p">)</span> <span class="n">resp</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">m</span><span class="o">.</span><span class="n">makeRequest</span><span class="p">(</span><span class="n">req</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">accessTokenResponse</span> <span class="o">:=</span> <span class="nb">new</span><span class="p">(</span><span class="n">MpesaAccessTokenResponse</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Unmarshal</span><span class="p">(</span><span class="n">resp</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">accessTokenResponse</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">return</span> <span class="n">accessTokenResponse</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <ul> <li>The above method creates a new http request then set uses <code>SetBasicAuth</code> method to set the request's Authorization header to use HTTP Basic Authentication with the provided <strong>consumer_key</strong> and <strong>consumer_secret</strong>.</li> <li>We then make a http request and unmarshal the response to <code>MpesaAccessTokenResponse</code> struct.</li> </ul> <p>We can then test if we can be able to generate an access token by adding the following block to our main method.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">mpesa</span> <span class="o">:=</span> <span class="n">NewMpesa</span><span class="p">(</span><span class="o">&amp;</span><span class="n">MpesaOpts</span><span class="p">{</span> <span class="n">ConsumerKey</span><span class="o">:</span> <span class="s">"your-consumer-key-goes-here"</span><span class="p">,</span> <span class="n">ConsumerSecret</span><span class="o">:</span> <span class="s">"your-consumer-secret-goes-here"</span><span class="p">,</span> <span class="n">BaseURL</span><span class="o">:</span> <span class="s">"https://sandbox.safaricom.co.ke"</span><span class="p">,</span> <span class="p">})</span> <span class="n">accessTokenResponse</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">mpesa</span><span class="o">.</span><span class="n">generateAccessToken</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalln</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"%+v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">accessTokenResponse</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>If the credentials are valid, you should get a response similar to this one.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="err">&amp;</span><span class="p">{</span><span class="err">AccessToken:TchBwjZgTIq</span><span class="mi">17</span><span class="err">dVbi</span><span class="mi">3</span><span class="err">SRo</span><span class="mi">2</span><span class="err">OsWvNB</span><span class="w"> </span><span class="err">ExpiresIn:</span><span class="mi">3599</span><span class="w"> </span><span class="err">RequestID:</span><span class="w"> </span><span class="err">ErrorCode:</span><span class="w"> </span><span class="err">ErrorMessage:</span><span class="p">}</span><span class="w"> </span></code></pre> </div> <blockquote> <p>If you are having any issues, you can refer to the <a href="https://developer.safaricom.co.ke/APIs/Authorization">documentation</a><br> for more details.</p> </blockquote> <h4> Integrating Lipa na Mpesa </h4> <p>Lipa na M-Pesa Online Payment API is used to initiate an MPesa transaction on behalf of a customer using STK Push. This API simplifies the checkout process since the customer doesn't need to enter the account number or the paybill (shortcode) they're paying to.</p> <p>In order to make the request, we will add two new structs as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// STKPushRequestBody is the body with the parameters to be used to initiate an STK push request</span> <span class="k">type</span> <span class="n">STKPushRequestBody</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">BusinessShortCode</span> <span class="kt">string</span> <span class="s">`json:"BusinessShortCode"`</span> <span class="n">Password</span> <span class="kt">string</span> <span class="s">`json:"Password"`</span> <span class="n">Timestamp</span> <span class="kt">string</span> <span class="s">`json:"Timestamp"`</span> <span class="n">TransactionType</span> <span class="kt">string</span> <span class="s">`json:"TransactionType"`</span> <span class="n">Amount</span> <span class="kt">string</span> <span class="s">`json:"Amount"`</span> <span class="n">PartyA</span> <span class="kt">string</span> <span class="s">`json:"PartyA"`</span> <span class="n">PartyB</span> <span class="kt">string</span> <span class="s">`json:"PartyB"`</span> <span class="n">PhoneNumber</span> <span class="kt">string</span> <span class="s">`json:"PhoneNumber"`</span> <span class="n">CallBackURL</span> <span class="kt">string</span> <span class="s">`json:"CallBackURL"`</span> <span class="n">AccountReference</span> <span class="kt">string</span> <span class="s">`json:"AccountReference"`</span> <span class="n">TransactionDesc</span> <span class="kt">string</span> <span class="s">`json:"TransactionDesc"`</span> <span class="p">}</span> <span class="c">// STKPushRequestResponse is the response sent back after initiating an STK push request.</span> <span class="k">type</span> <span class="n">STKPushRequestResponse</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">MerchantRequestID</span> <span class="kt">string</span> <span class="s">`json:"MerchantRequestID"`</span> <span class="n">CheckoutRequestID</span> <span class="kt">string</span> <span class="s">`json:"CheckoutRequestID"`</span> <span class="n">ResponseCode</span> <span class="kt">string</span> <span class="s">`json:"ResponseCode"`</span> <span class="n">ResponseDescription</span> <span class="kt">string</span> <span class="s">`json:"ResponseDescription"`</span> <span class="n">CustomerMessage</span> <span class="kt">string</span> <span class="s">`json:"CustomerMessage"`</span> <span class="n">RequestID</span> <span class="kt">string</span> <span class="s">`json:"requestId"`</span> <span class="n">ErrorCode</span> <span class="kt">string</span> <span class="s">`json:"errorCode"`</span> <span class="n">ErrorMessage</span> <span class="kt">string</span> <span class="s">`json:"errorMessage"`</span> <span class="p">}</span> </code></pre> </div> <ul> <li><p><code>STKPushRequestBody</code> struct has the values required to build the request body. To learn more about the parameters,<br> please check out <a href="https://developer.safaricom.co.ke/APIs/MpesaExpressSimulate">this link</a>.</p></li> <li><p><code>STKPushRequestResponse</code> struct is used to process the response after initiating a request.</p></li> </ul> <p>To make the request, we will create a new method <code>InitiateSTKPushRequest</code> as follows<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// InitiateSTKPushRequest makes a http request performing an STK push request</span> <span class="k">func</span> <span class="p">(</span><span class="n">m</span> <span class="o">*</span><span class="n">Mpesa</span><span class="p">)</span> <span class="n">InitiateSTKPushRequest</span><span class="p">(</span><span class="n">body</span> <span class="o">*</span><span class="n">STKPushRequestBody</span><span class="p">)</span> <span class="p">(</span><span class="o">*</span><span class="n">STKPushRequestResponse</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">url</span> <span class="o">:=</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="s">"%s/mpesa/stkpush/v1/processrequest"</span><span class="p">,</span> <span class="n">m</span><span class="o">.</span><span class="n">baseURL</span><span class="p">)</span> <span class="n">requestBody</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Marshal</span><span class="p">(</span><span class="n">body</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">req</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">NewRequest</span><span class="p">(</span><span class="n">http</span><span class="o">.</span><span class="n">MethodPost</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="n">bytes</span><span class="o">.</span><span class="n">NewBuffer</span><span class="p">(</span><span class="n">requestBody</span><span class="p">))</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">accessTokenResponse</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">m</span><span class="o">.</span><span class="n">generateAccessToken</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">req</span><span class="o">.</span><span class="n">Header</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="s">"Content-Type"</span><span class="p">,</span> <span class="s">"application/json"</span><span class="p">)</span> <span class="n">req</span><span class="o">.</span><span class="n">Header</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="s">"Authorization"</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="s">"Bearer %s"</span><span class="p">,</span> <span class="n">accessTokenResponse</span><span class="o">.</span><span class="n">AccessToken</span><span class="p">))</span> <span class="n">resp</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">m</span><span class="o">.</span><span class="n">makeRequest</span><span class="p">(</span><span class="n">req</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">stkPushResponse</span> <span class="o">:=</span> <span class="nb">new</span><span class="p">(</span><span class="n">STKPushRequestResponse</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">Unmarshal</span><span class="p">(</span><span class="n">resp</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">stkPushResponse</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="no">nil</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">return</span> <span class="n">stkPushResponse</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <ul> <li>The above method handles the task of making the request to initiate the STK push request. After building the request, we call <code>generateAccessToken</code> method to attempt to generate an access token before making the request then set a new <code>Authorization: Bearer</code> header with our access token.</li> <li>After making the request, we unmarshal our response body to create a new <code>STKPushRequestResponse</code>.</li> </ul> <p>In order to test if we can make the request successfully and receive the STK push on our phone, we will update our main method as follows. The test credentials can be found <a href="https://developer.safaricom.co.ke/APIs/MpesaExpressSimulate">here</a>.</p> <p>Select an app on the simulator, then scroll down and click on the icon on the bottom left to open a modal with the test credentials.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">mpesa</span> <span class="o">:=</span> <span class="n">NewMpesa</span><span class="p">(</span><span class="o">&amp;</span><span class="n">MpesaOpts</span><span class="p">{</span> <span class="n">ConsumerKey</span><span class="o">:</span> <span class="s">"your-consumer-key-goes-here"</span><span class="p">,</span> <span class="n">ConsumerSecret</span><span class="o">:</span> <span class="s">"your-consumer-secret-goes-here"</span><span class="p">,</span> <span class="n">BaseURL</span><span class="o">:</span> <span class="s">"https://sandbox.safaricom.co.ke"</span><span class="p">,</span> <span class="p">})</span> <span class="c">// The expected format is YYYYMMDDHHmmss</span> <span class="n">timestamp</span> <span class="o">:=</span> <span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">()</span><span class="o">.</span><span class="n">Format</span><span class="p">(</span><span class="s">"20060102150405"</span><span class="p">)</span> <span class="n">shortcode</span><span class="p">,</span> <span class="n">passkey</span> <span class="o">:=</span> <span class="s">"your-business-short-code-goes-here"</span><span class="p">,</span> <span class="s">"your-pass-key-goes-here"</span> <span class="c">// base64 encoding of the shortcode + passkey + timestamp</span> <span class="n">passwordToEncode</span> <span class="o">:=</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="s">"%s%s%s"</span><span class="p">,</span> <span class="n">shortcode</span><span class="p">,</span> <span class="n">passkey</span><span class="p">,</span> <span class="n">timestamp</span><span class="p">)</span> <span class="n">password</span> <span class="o">:=</span> <span class="n">base64</span><span class="o">.</span><span class="n">StdEncoding</span><span class="o">.</span><span class="n">EncodeToString</span><span class="p">([]</span><span class="kt">byte</span><span class="p">(</span><span class="n">passwordToEncode</span><span class="p">))</span> <span class="n">response</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">mpesa</span><span class="o">.</span><span class="n">InitiateSTKPushRequest</span><span class="p">(</span><span class="o">&amp;</span><span class="n">STKPushRequestBody</span><span class="p">{</span> <span class="n">BusinessShortCode</span><span class="o">:</span> <span class="n">shortcode</span><span class="p">,</span> <span class="n">Password</span><span class="o">:</span> <span class="n">password</span><span class="p">,</span> <span class="n">Timestamp</span><span class="o">:</span> <span class="n">timestamp</span><span class="p">,</span> <span class="n">TransactionType</span><span class="o">:</span> <span class="s">"CustomerPayBillOnline"</span><span class="p">,</span> <span class="n">Amount</span><span class="o">:</span> <span class="s">"10"</span><span class="p">,</span> <span class="c">// Amount to be charged when checking out</span> <span class="n">PartyA</span><span class="o">:</span> <span class="s">"your-phone-number-goes-here"</span><span class="p">,</span> <span class="c">// 2547XXXXXXXX</span> <span class="n">PartyB</span><span class="o">:</span> <span class="n">shortcode</span><span class="p">,</span> <span class="n">PhoneNumber</span><span class="o">:</span> <span class="s">"your-phone-number-goes-here"</span><span class="p">,</span> <span class="c">// 2547XXXXXXXX</span> <span class="n">CallBackURL</span><span class="o">:</span> <span class="s">"your-endpoint-to-receive-the-callback-on"</span><span class="p">,</span> <span class="c">// https://</span> <span class="n">AccountReference</span><span class="o">:</span> <span class="s">"TEST"</span><span class="p">,</span> <span class="n">TransactionDesc</span><span class="o">:</span> <span class="s">"Payment via STK push."</span><span class="p">,</span> <span class="p">})</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalln</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"%+v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">response</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <ul> <li>We are getting the current timestamp then we concatenate the <code>shortcode + passkey + timestamp</code> to create the password used for encrypting the request sent which is <code>base64</code> encoded string.</li> <li>We then build our request body then make the request. If the request was successfully, you will receive an output similar to the one below. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> &amp;{MerchantRequestID:32690-4496353-2 CheckoutRequestID:ws_CO_081020211030225587 ResponseCode:0 ResponseDescription:Success. Request accepted for processing CustomerMessage:Success. Request accepted for processing RequestID: ErrorCode: ErrorMessage:} </code></pre> </div> <p>If the request failed, you will receive the response similar to this.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> &amp;{MerchantRequestID: CheckoutRequestID: ResponseCode: ResponseDescription: CustomerMessage: RequestID:1469-4474264-2 ErrorCode:400.002.02 ErrorMessage:Bad Request - Invalid BusinessShortCode} </code></pre> </div> <p>To get more insights on the error messages, please refer to the <a href="https://developer.safaricom.co.ke/APIs/MpesaExpressSimulate">documentation</a>.</p> <p>Since the request is asynchronous, we pass the <code>CallBackURL</code> on the request body where we will receive the results of the transaction showing if it was processed successfully or not. Let's see how we can process the results on our callback URL.</p> <p>We will use the default http server to process the payment response so let's create one. Add a new function called <code>httpServer</code> and update is as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">httpServer</span><span class="p">()</span> <span class="p">{</span> <span class="n">stkPushCallbackHandler</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">payload</span> <span class="o">:=</span> <span class="nb">new</span><span class="p">(</span><span class="n">STKPushCallbackResponse</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">json</span><span class="o">.</span><span class="n">NewDecoder</span><span class="p">(</span><span class="n">req</span><span class="o">.</span><span class="n">Body</span><span class="p">)</span><span class="o">.</span><span class="n">Decode</span><span class="p">(</span><span class="o">&amp;</span><span class="n">payload</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatalln</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"%+v</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">payload</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Result Code: %d</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">payload</span><span class="o">.</span><span class="n">Body</span><span class="o">.</span><span class="n">StkCallback</span><span class="o">.</span><span class="n">ResultCode</span><span class="p">)</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"Result Description: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">payload</span><span class="o">.</span><span class="n">Body</span><span class="o">.</span><span class="n">StkCallback</span><span class="o">.</span><span class="n">ResultDesc</span><span class="p">)</span> <span class="c">// TODO PROCESS THE RESPONSE</span> <span class="p">}</span> <span class="n">addr</span> <span class="o">:=</span> <span class="s">":8080"</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/stk-push-callback"</span><span class="p">,</span> <span class="n">stkPushCallbackHandler</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"[*] Server started and running on port %s"</span><span class="p">,</span> <span class="n">addr</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">http</span><span class="o">.</span><span class="n">ListenAndServe</span><span class="p">(</span><span class="n">addr</span><span class="p">,</span> <span class="no">nil</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <ul> <li>The above function creates and starts a http server on port <code>8080</code>.</li> <li>We then add <code>stkPushCallbackHandler</code> which attempts to read and decode the request body. Any successful transaction will have a <code>ResultCode</code> of <code>0</code>.</li> </ul> <blockquote> <p>Remember to perform validation of the <code>MpesaReceiptNumber</code> against the <code>CheckoutRequestID</code> and <code>MerchantRequestID</code> which you can store after making the STK push request.</p> </blockquote> <p>To test if we can make process the callback, update the main method to the code below then run the application.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">httpServer</span><span class="p">()</span> <span class="p">}</span> </code></pre> </div> <p>Open <a href="https://www.postman.com/downloads/">Postman</a> and create a new <code>POST</code> request to <code>http://localhost:8080/stk-push-callback</code>. Click on the <code>BODY</code> tab then select the <code>raw</code> option then select <code>JSON</code> from the dropdown and paste the payload below then click on the SEND button then check your terminal output.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Body"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"stkCallback"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"ResultCode"</span><span class="p">:</span><span class="mi">0</span><span class="p">,</span><span class="w"> </span><span class="nl">"ResultDesc"</span><span class="p">:</span><span class="s2">"The service request is processed successfully."</span><span class="p">,</span><span class="w"> </span><span class="nl">"CallbackMetadata"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"Item"</span><span class="p">:[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Name"</span><span class="p">:</span><span class="s2">"Amount"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="mi">1</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Name"</span><span class="p">:</span><span class="s2">"MpesaReceiptNumber"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="s2">"PJ14NE27PI"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Name"</span><span class="p">:</span><span class="s2">"Balance"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Name"</span><span class="p">:</span><span class="s2">"TransactionDate"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="mi">20211009115859</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Name"</span><span class="p">:</span><span class="s2">"PhoneNumber"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Value"</span><span class="p">:</span><span class="mi">254700000000</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"CheckoutRequestID"</span><span class="p">:</span><span class="s2">"ws_CO_01102021191752608272"</span><span class="p">,</span><span class="w"> </span><span class="nl">"MerchantRequestID"</span><span class="p">:</span><span class="s2">"96131-41939755-1"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Thank you for following along. Next we will implement the <a href="https://developer.safaricom.co.ke/APIs/BusinessToCustomer">B2C API</a>.</p> go mpesa tutorial api