PayU does not provide a way to generate links on their service, the only way to do it is through their API.


The REST API communication is done with a simple POST request along with some headers and a JSON body which has the order details. At first the API responses were not the ones described in the documentation, but a redirection link. It turned out that I had to disable follow redirects on the HttpURLConnection.

The Classic API communication uses a GET request with all the parameters as queries. The problem with this API is that to all requests there must be a signature attached. This signature is generated by URL encoding the whole query string and then using SHA-256 on it.

Because of security reasons PayU doesn’t keep the generated links on their server, so once a link is generated there is no way of getting it again from the API. Because of that I implemented a really simple file database that contains a concatenated order ID, the generated link, and also a timestamp which corresponds to the date the link was generated. If the user tries to generate a link for an order that is already in the database, the application checks if the link is expired, if not it returns that link to the user

For ease of use I also created a bookmarklet script that copies all the necessary order info from a site which can then be pasted to the application


This application was almost fully developed using TTD (Test Driven Development), without any UI tests. I used mockito for mocking some components, mostly on the API communication. For assertions, I used the Truth assertion library from Google.