topic Re: Iframe or Hosted Redirect - invalid or missing token in Integration and Testing

Iframe or Hosted Redirect - invalid or missing token

Fundamental — Tue, 25 Sep 2012 22:38:59 GMT

Hello all,

I'm very happy there's such a great developer's community here!

I'm implementing the CIM solution. I've spent a few days going over the sample code and felt that I understood the big picture. I've been able to send an XML request for a profile ID - successfully - and a subsequent XML request for a token apparently successfully; I get a token that looks similar to this (all this output being echoed in the browser window: 5qUQDuuBL4deq6N7W3DBBuSEsA9oPZOY91S6f76p/wS1EU2v8EPQks8kC78FV1qkML3MuWzMO/Cl6b5Fq4hDlcXkG1hb3JC3lbrRgTdPHBRGZf2GQ6tiAqa8TfPkYvap8voN922BncMgP/++pmqtIeVPA3GV9UDmUCHckEcYnha3ytdzvEhZxskcB6/KKen0

I've got a form named "tokenform" which has a hidden field with the token in it, and targets the iframe name. The iframe opens up and displays a message "Powered by Authorize.net" & "Missing or invalid token."

Here's the section of code I think is having an issue:

[code]

[/code]

If someone could point out what must be the obvious, I'd be eternally grateful!

Thanks so much. Looking forward to your assistance!

Re: Iframe or Hosted Redirect - invalid or missing token

Fundamental — Tue, 25 Sep 2012 23:27:28 GMT

I'll point out that I've tried several ways of passing that token variable (all within the php tags)

echo $token

$token

htmlspecialchars($token)

htmlspecialchars($parsedresponse->token)

$response

$parsedresponse

... and I've increased the form field size to 255 to make certain all of the token characters are making it in the form field.

I also have the exact same problem with the redirect code, for which I've copied the sample code in the CIM guide with the exception of using the current token ID instead of the sample.

Re: Iframe or Hosted Redirect - invalid or missing token

RaynorC1emen7 — Tue, 25 Sep 2012 23:37:42 GMT

<input type="hidden" name="Token" value="..." />
other then that, not sure as I don't work with php.

Re: Iframe or Hosted Redirect - invalid or missing token

RaynorC1emen7 — Tue, 25 Sep 2012 23:41:23 GMT

wouldn't it be easier if you set the type as text until you can get it to work?

Re: Iframe or Hosted Redirect - invalid or missing token

Fundamental — Tue, 25 Sep 2012 23:45:11 GMT

Thanks for your quick reply.

Yes, I tried doing that, and that's what prompted me to set the field size to 255 characters because it seemed that the default field length was too short to hold the entire token value. I copied the working solution from http://community.developer.authorize.net/t5/Integration-and-Testing/CIM-timed-out-on-redirect/td-p/23685 and tried that, but also to no avail.

I still get the same message.

Re: Iframe or Hosted Redirect - invalid or missing token

RaynorC1emen7 — Wed, 26 Sep 2012 00:06:42 GMT

I think it is name sensitive, change it to just like the sample

change the form id="formAuthorizeNetPage"

and the iframe to iframeAuthorizeNet

Re: Iframe or Hosted Redirect - invalid or missing token

Fundamental — Wed, 26 Sep 2012 13:29:53 GMT

Thanks for the suggestion - I just tried it and still not working.

Same error message, and though it shouldn't matter, I've even tried it with multiple browsers.

Re: Iframe or Hosted Redirect - invalid or missing token

Fundamental — Wed, 26 Sep 2012 13:34:05 GMT

Here's the rest of the surrounding code:

[code]

include_once ("vars.php");
include_once ("util.php");

//echo "create profile...<br><br>";

$email = $_POST["email"];

//build xml to post
$content =
   "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
   "<createCustomerProfileRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" .
      MerchantAuthenticationBlock().
      "<profile>".
        "<merchantCustomerId></merchantCustomerId>". // Your own identifier for the customer.
         "<description></description>".
        "<email>" . $email . "</email>".
      "</profile>".
   "</createCustomerProfileRequest>";

// echo "Raw request: " . htmlspecialchars($content) . "<br><br>";
$response = send_xml_request($content);
// echo "Raw response: " . htmlspecialchars($response) . "<br><br>";
$parsedresponse = parse_api_response($response);
if ("Ok" == $parsedresponse->messages->resultCode)
{

$profileID = htmlspecialchars($parsedresponse->customerProfileId);

echo "customerProfileID" . $profileID . "\n\n";

// build XML content to post getHostedProfilePageRequest
$content =
      "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
      "<getHostedProfilePageRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" .
        MerchantAuthenticationBlock() .
        "<customerProfileId>" . $profileID . "</customerProfileId>" .
        "<hostedProfileSettings>" .
// optional settings to change later. This is the action to take when leaving the authorize.net site.
//          "<setting>" .
//            "<settingName>hostedProfileReturnUrl</settingName>" .
//            "<settingValue>https://somesitehere.com/somepage.php</settingValue>" .
//          "</setting>" .
//          "<setting>" .
//            "<setting Name>hostedProfileReturnUrlText</settingName>" .
//            "<settingValue>Continue to somepage</settingValue>" .
//          "</setting>" .
      "</hostedProfileSettings>" .
      "</getHostedProfilePageRequest>";

$response = send_xml_request($content);
$parsedresponse = parse_api_response($response);

if("Ok"==$parsedresponse->messages->resultCode)
{
   $token = htmlspecialchars($parsedresponse->token);
   echo $token . "\n\n";

<form method="post" name="formAuthorizeNetPage" target="iframeAuthorizeNet">
<input type="text" size="255" name="Token" value="<?php echo $token; ?>" />

</form>

<iframe id="iframeAuthorizeNet" name="iframeAuthorizeNet" src="https://test.authorize.net/profile/manage"></iframe>

<?php

}

[/code]

... and I'm just using the sample index.php page provided with the email form targeting this file. All output is correct until the iframe.

Re: Iframe or Hosted Redirect - invalid or missing token

RaynorC1emen7 — Wed, 26 Sep 2012 13:37:42 GMT

Can you download the sample code and start from there.I don't think the iframe work that way.

Re: Iframe or Hosted Redirect - invalid or missing token

Fundamental — Wed, 26 Sep 2012 13:48:13 GMT

Also tried hard-coding it within the PHP tags:

[code]

echo '<form method="POST" name="formAuthorizeNetPage" target "iframeAuthorizeNet">
<input type="text" size="255" name="Token" value="'.$token.'"></form>';
echo '<iframe id="iframeAuthorizeNet" name="iframeAuthorizeNet" src="https://test.authorize.net/profile/manage"></iframe>';

[/code]

but same error message. Capitalized POST as well.

Re: Iframe or Hosted Redirect - invalid or missing token

Fundamental — Wed, 26 Sep 2012 13:50:04 GMT

I suppose I could try it. It seemed like there was quite a bit of extra fluff in it and I just wanted to strip it down to the basics. But at this point I'm willing to give anything a try. I'll post back later :) Thanks for all the suggestions.

Re: Iframe or Hosted Redirect - invalid or missing token

RaynorC1emen7 — Wed, 26 Sep 2012 13:53:24 GMT

Now that I'm awake. the problem is that the <form /> is not posting anything, it doesn't have a button, there is no javascript that post the form. So basically, you are just try to open https://test.authorize.net/profile/manage on a iframe which will fail because it not getting any token. Download the sample code and see how it work and change it to work with php.

Re: Iframe or Hosted Redirect - invalid or missing token

Fundamental — Wed, 26 Sep 2012 15:02:04 GMT

It had to be the button since as far as I could see, the js file simply managed the behavior of the popup. However, since I do like the way it makes the popup look I might just keep it. However I'm now getting a new error message: CIM is not enabled, but I'm using the sandbox and everything should be enabled, am I right? At least I'm getting a different error message! I'll doublecheck the API login info.

Re: Iframe or Hosted Redirect - invalid or missing token

RaynorC1emen7 — Wed, 26 Sep 2012 15:05:04 GMT

There is a line in the examplePage.html

// Uncomment this line to use test.authorize.net instead of secure.authorize.net.
//AuthorizeNetPopup.options.useTestEnvironment = true;

Re: Iframe or Hosted Redirect - invalid or missing token

Fundamental — Wed, 26 Sep 2012 15:51:14 GMT

For some reason it just wasn't working in the sandbox, with or without the test account enabled. I did use the "real" account credentials and that worked just fine. Thanks for working with me on this!!