# YSP Payment Gateway Simulator

🧪 **TEST MODE SIMULATOR** for Narada® SECURE-PG Integration

## Overview

This is a standalone Phoenix application that simulates a payment gateway for testing the Shukria Payment Widget integration. It implements the Narada® SECURE-PG protocol with OTP verification.

## Features

- ✅ **Payment Request Handling** (AR messages)
- ✅ **Random OTP Generation** and display
- ✅ **OTP Verification** with attempt tracking
- ✅ **Transaction Logging** (in-memory with Agent)
- ✅ **Response Generation** (AC messages)
- ✅ **Checksum Validation** (HMAC SHA-256 & RSA support)
- ✅ **Admin Dashboard** for viewing transactions

## Quick Start

1. **Start the simulator:**
   ```bash
   cd /var/www/internaltesting/meghana/prverification/yspSimulator
   mix phx.server
   ```

2. **Access the simulator:**
   - Home: http://demo.ctrmv.com:4055
   - Payment Gateway: POST http://demo.ctrmv.com:4055/pgpayments
   - Transaction Log: http://demo.ctrmv.com:4055/admin/transactions

## Configuration

**Port:** 4055  
**Merchant ID (test):** 840000008400001  
**Security:** Supports both IPGSECURE (RSA) and MERSECURE (HMAC SHA-256)

## Endpoints

| Method | Endpoint | Description |
|--------|----------|-------------|
| POST | `/pgpayments` | Receive payment requests from merchants |
| GET | `/otp/:transaction_id` | Display OTP verification page |
| POST | `/otp/:transaction_id/verify` | Verify submitted OTP |
| GET | `/admin/transactions` | View all transactions |
| POST | `/admin/transactions/clear` | Clear all transactions |

## Test Flow

1. Submit a payment from your merchant checkout page to `POST http://demo.ctrmv.com:4055/pgpayments`
2. Simulator generates a random 6-digit OTP and displays it on screen
3. Enter the OTP to complete the payment
4. Simulator returns an AC (Authorization Complete) message to your merchant return URL
5. View transaction logs at `/admin/transactions`

## OTP Behavior

- **Random Generation:** 6-digit OTP generated for each transaction
- **Display:** OTP is shown on screen (test mode indicator)
- **Validation:** Max 3 attempts, 5-minute validity
- **Test Mode:** All OTPs are visible for easy testing

## Response Codes

| Code | Description |
|------|-------------|
| 00 | Approved |
| N7 | Invalid OTP |
| 65 | OTP attempts exceeded |
| TO | OTP expired |
| 78 | Checksum validation failed |

## Project Structure

```
lib/
  ysp_simulator/
    transaction_store.ex      # In-memory transaction logging
    otp_generator.ex          # OTP generation and validation
    checksum_handler.ex       # Checksum validation (RSA/HMAC)
  ysp_simulator_web/
    controllers/
      payment_gateway_controller.ex  # Main payment flow
      admin_controller.ex            # Transaction viewer
    router.ex                        # Route definitions
```

## Integration Example

Update your merchant checkout to point to the simulator:

```javascript
// In shukria-payment-widget.js or your checkout code
const gatewayUrl = 'http://demo.ctrmv.com:4055';
```

## Notes

- ⚠️ **FOR TESTING ONLY** - Do not use in production
- 📝 Transactions are stored in-memory (lost on restart)
- 🔐 Checksum validation is simplified for testing
- 🎯 OTP is displayed on screen for easy testing

## Troubleshooting

**Port already in use?**
```bash
lsof -ti:4055 | xargs kill
```

**Dependencies missing?**
```bash
mix deps.get
```

**Compilation errors?**
```bash
mix clean && mix compile
```

## Version

**v1.0.0** - Initial release

---

For questions or issues, check the transaction logs at `/admin/transactions` to debug payment flows.