topic Re: ASP.net DPM Validate Issue in Integration and Testing

ASP.net DPM Validate Issue

wingra2005 — Mon, 19 Jan 2015 21:33:11 GMT

So, I followed the instructions on 15 Minute Quick Start Guide and was able to successfully post to my Authorize.net sandbox account. However, whenever I try to handle Authorize.net's response using:

SIMResponse authNetResponse = new SIMResponse(form);

bool valid = authNetResponse.Validate(authNetMd5, apiLoginId);

valid always returns false.

At first I was passing an empty string for authNetMd5 since it was not set in the Merchant profile. But then I created a new MD5, and set it in the merchant profile and passed it into the Validate function using the authNetMd5 variable. Still no luck.

Despite the fact that it always returns false, the rest of the values in the SIMResponse look okay.

The only thing is that the authNetResponse.MD5Hash property does not match the x_fp_hash value that is generated by the DPMFormGenerator.OpenForm helper, or the MD5 value I set in the merchant profile.

Re: ASP.net DPM Validate Issue

wingra2005 — Mon, 19 Jan 2015 22:02:23 GMT

Another tidbit...

I just went through the code on GitHub and found the Crypto.IsMatch function and tested it with known values. The hash value never matches what Authorize.net returns with the transaction.

https://raw.githubusercontent.com/AuthorizeNet/sdk-dotnet/master/Authorize.NET/Utility/Crypto.cs

I don't know if the number being generated on the Authorize.net side is wrong, or the Crypto.IsMatch function is not building the unencrypted string correctly???

Re: ASP.net DPM Validate Issue

RaynorC1emen7 — Tue, 20 Jan 2015 00:30:16 GMT

The only thing is that the authNetResponse.MD5Hash property does not match the x_fp_hash value that is generated by the DPMFormGenerator.OpenForm helper, or the MD5 value I set in the merchant profile.

they are the the same, the x_fp_hash is for authorize.net to know if it is truly from you.

authNetResponse.MD5Hash is for you to test if it is truly from authorize.net

Here the doc

http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=SIM_Trans_response.09.3.html

did you have space? the amount should be 2 decimal.

Re: ASP.net DPM Validate Issue

wingra2005 — Tue, 20 Jan 2015 03:24:07 GMT

As mentioned in the second post, IsMatch keeps returning false. It concatenates the MD5 hash from the merchant profile, the user id, transaction id (not to be confused with the transaction key), and order value (with two decimal places) and computes a MD5 hash that is supposed to match the MD5Hash returned in the SIMResponse. The problem is that it never does.

Is there a maximum length to the MD5 hash in the admin profile? Since it said md5, I assumed it wanted an actual md5. But I see the value in the link you provided is much shorter and is just a plain string.

Re: ASP.net DPM Validate Issue

RaynorC1emen7 — Tue, 20 Jan 2015 12:09:13 GMT

s there a maximum length to the MD5 hash in the admin profile?

Since it said md5, I assumed it wanted an actual md5.

I remember reading somewhere on the forum that it max out on somthing like 32 chars might be less.

Re: ASP.net DPM Validate Issue

wingra2005 — Tue, 20 Jan 2015 14:12:34 GMT

I took it from an actual MD5 down to a random 10 character string and it started working properly. That was a slight waste of time. Seriously, why would you call something MD5-Hash and then not utilize a string long enough to hold an actual MD5 hash?

Re: ASP.net DPM Validate Issue

RaynorC1emen7 — Tue, 20 Jan 2015 14:22:56 GMT

I think that part of the input, the output is the MD5 hash.