=== Interpay Payments ===
Contributors: pranavj, interpay
Tags: woocommerce, payment gateway, interpay, credit card, refunds
Requires at least: 6.0
Tested up to: 7.0
Requires PHP: 7.4
Stable tag: 1.0.0
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

WooCommerce payment gateway integration for Interpay. Accept credit and wallets payments securely via the Interpay hosted payment fields.

== Description ==

Interpay Payments is a WooCommerce payment gateway that lets your store accept credit and wallet payments through Interpay's secure hosted payment fields.

Features:

* Accept creditcard and wallet payments through the Interpay hosted payment form (card data never touches your server).
* Test (sandbox) and Live (production) modes with separate API keys.
* HPOS (High-Performance Order Storage) compatible.
* Refund processing directly from the WooCommerce order screen.
* Stores transaction reference, approval code, exchange rate, and SAR-converted amount on the order for reconciliation.

== Installation ==

1. Upload the `interpay` folder to the `/wp-content/plugins/` directory, or install the plugin through the WordPress Plugins screen.
2. Activate the plugin through the 'Plugins' screen in WordPress.
3. Go to WooCommerce -> Settings -> Payments and enable 'Interpay Payments'.
4. Click 'Manage' to enter your Interpay Public Key and Secret Key (sandbox or live).
5. Copy the Callback URL shown in the settings screen and configure it in your Interpay merchant dashboard.
6. Save changes and place a test order to verify the integration.

== Frequently Asked Questions ==

= Where do I get my Interpay API keys? =

You can obtain your test and live API keys by signing up at https://interpay.sa and contacting Interpay support to be issued merchant credentials.

= Does the plugin support refunds? =

Yes. Refunds initiated from the WooCommerce order screen are sent to the Interpay refund API and recorded on the order.

= Is card data stored on my server? =

No. Card details are entered directly into Interpay's hosted payment fields, which load from Interpay's domain inside an iframe. Your server never sees the cardholder data.

== External services ==

This plugin relies on the following third-party / external services. By using this plugin, you agree that these services may receive data from your site as described below.

= 1. Interpay Payment Gateway API (interpayapimanagement.azure-api.net) =

This plugin connects to the Interpay payment gateway API (hosted at `https://interpayapimanagement.azure-api.net`) to create payment orders, process card transactions, and issue refunds. Without this connection the plugin cannot accept payments.

It sends the order amount, currency code, a unique order or session identifier, the customer name, and the customer email every time a customer initiates a payment with Interpay or a store administrator issues a refund. For logged-in customers it additionally sends the billing address line 1, address line 2, city, and country code so the gateway can perform address verification.

Endpoints contacted: `https://interpayapimanagement.azure-api.net/api/v1/Order/Create` and `https://interpayapimanagement.azure-api.net/api/v1/Transaction/Refund`.

This service is provided by Interpay: [Terms and Conditions](https://www.interpay.sa/terms-conditions) and [Privacy Policy](https://www.interpay.sa/privacy-and-policy).

= 2. Interpay Hosted Payment Page JavaScript (softpos-ksa.com) =

This plugin loads a JavaScript file from Interpay's hosted payment page service (hosted at `https://ecomspghostedpage.softpos-ksa.com` in test mode and `https://prodhpg.softpos-ksa.com` in live mode). This file renders the secure card-input iframe on the checkout page so that the customer's card details are captured by Interpay directly and never reach your server.

The script is requested by the customer's browser every time the customer reaches the Interpay checkout step. Card details (number, expiry, CVV) entered into the iframe are submitted from the customer's browser directly to Interpay; your server only receives a tokenized reference.

Endpoints contacted: `https://ecomspghostedpage.softpos-ksa.com/js/interpay.js` (sandbox) and `https://prodhpg.softpos-ksa.com/js/interpay.js` (production).

This service is provided by Interpay: [Terms and Conditions](https://www.interpay.sa/terms-conditions) and [Privacy Policy](https://www.interpay.sa/privacy-and-policy).

= 3. ExchangeRate-API public endpoint (open.er-api.com) =

When the WooCommerce store currency is not SAR, this plugin calls the public ExchangeRate-API endpoint at `https://open.er-api.com/v6/latest/{CURRENCY_CODE}` to obtain the conversion rate from the store currency to SAR. Interpay only settles payments in SAR, so non-SAR stores require this conversion.

It sends only the source currency code (for example "USD" or "EUR") as part of the URL path. No order data, no customer data, and no store-identifying information is transmitted. The retrieved rate is cached for 12 hours per currency via the WordPress transients API, so a call is made at most once every 12 hours per source currency.

Endpoint contacted: `https://open.er-api.com/v6/latest/{CURRENCY_CODE}`.

This service is provided by ExchangeRate-API (AYR Tech (Pty) Ltd): [Terms of Service](https://www.exchangerate-api.com/terms) and [Privacy Policy](https://www.exchangerate-api.com/privacy).

== Changelog ==

= 1.0.0 =
* Initial release.