Skip to content

marci-cyber/medusa-plugin-payu

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

npm version Medusa v2 payment plugin license

@sam-ael/medusa-plugin-payu

Production-focused PayU India payment provider for Medusa v2 with redirect checkout flow, callback handling, and fraud-aware verification.

Highlights

  • Redirect-based PayU checkout integration for Medusa payment sessions
  • Hash generation and reverse-hash verification flow
  • Webhook/callback handling for asynchronous payment status
  • Hardened callback processing with replay protection
  • Constant-time hash comparison and amount discrepancy guards
  • Timeout configuration and retry-classification utilities

Install

yarn add @sam-ael/medusa-plugin-payu

Medusa Configuration

modules: [
  {
    resolve: "@medusajs/medusa/payment",
    options: {
      providers: [
        {
          resolve: "@sam-ael/medusa-plugin-payu/providers/payu",
          id: "payu",
          options: {
            merchantKey: process.env.PAYU_MERCHANT_KEY,
            merchantSalt: process.env.PAYU_MERCHANT_SALT,
            environment: process.env.PAYU_ENVIRONMENT || "test",
          },
        },
      ],
    },
  },
]

Environment Variables

PAYU_MERCHANT_KEY=your_merchant_key
PAYU_MERCHANT_SALT=your_merchant_salt
PAYU_ENVIRONMENT=test

STOREFRONT_URL=http://localhost:8000
PAYU_REDIRECT_URL=/order/confirmed
PAYU_REDIRECT_FAILURE_URL=/checkout
PAYU_API_TIMEOUT_MS=30000

Callback Endpoint

Method Endpoint Description
POST /hooks/payment/payu_payu PayU callback/webhook handling via Medusa payment provider

Security and Reliability Notes

  • Replay guard for repeated callback payloads
  • Constant-time hash comparison for webhook verification
  • Normalized callback parsing for structured and URL-encoded payload variants
  • Amount discrepancy path for underpaid callback reports
  • Timeout defaults centralized in provider config helpers

Quality Gates

yarn typecheck
yarn lint
yarn test
yarn build

Smoke tests are available under src/tests.

License

MIT

About

PayU India Payments for Medusa 2

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • TypeScript 100.0%