cancel
Showing results for 
Search instead for 
Did you mean: 

Accept.JS and Integration Testing

I am trying to set up an integration test for a workflow that uses Accept.JS but have run into an issue. Since the dataDescriptor and dataValue are retrieved using Accept.JS, I can't seem to figure out how to run a test transaction to our sandbox strictly using PHP. 

 

Has anyone had any success settong up testing for an Accept.JS workflow?

greckers
Member
1 ACCEPTED SOLUTION

Accepted Solutions

Hi @greckers,

 

You've got a couple of options here. For a complete end to end test running in PHP, you could look into something like v8js, which is an extension to access the Chrome V8 interpreter from within PHP. Your test scripts could run independent of the browser, and get the dataDescriptor and dataValue by interacting with our accept.js script.

 

I can't promise this would work as I've not tried it myself. Our script does some checking to make sure it's being called from a page served from a secure connection, so you'd have to set up the v8js environment to make sure the protocol and window.location and everything looked right to our script.

 

Option 2: If you step through the Accept.js script and the AcceptCore.js script, you can see what they're actually doing is making a call to our API with the card data and getting a payment token back. This API request isn't documented anywhere, but if you follow every step through the scripts, and reference the schema XSD, you can see how it's constructed. I'll save a step and just post a sample request here:

<securePaymentContainerRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
    <merchantAuthentication>
        <name>{{loginId}}</name>
        <clientKey>{{clientKey}}</clientKey>
    </merchantAuthentication>
    <refId>12345</refId>
    <data>
    	<type>TOKEN</type>
    	<id>{{$guid}}</id>
    	<token>
    		<cardNumber>5424000000000015</cardNumber>
    		<expirationDate>122020</expirationDate>
    		<cardCode>900</cardCode>
    		<fullName>Testy McTesterson</fullName>
    	</token>
    </data>
</securePaymentContainerRequest>

Sending a request like this gets a response like so:

<?xml version="1.0" encoding="utf-8"?>
<securePaymentContainerResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
    <messages>
        <resultCode>Ok</resultCode>
        <message>
            <code>I00001</code>
            <text>Successful.</text>
        </message>
    </messages>
    <opaqueData>
        <dataDescriptor>COMMON.ACCEPT.INAPP.PAYMENT</dataDescriptor>
        <dataValue>eyJjb2RlIjoiNTBfMl8wNjAwMDUzRUE2QkJENEIzRUE2QzEyRDFEODFFQUZFQjYzMkRENUZCQkFEQzAwQTUyRjgxRUY2NDM1QTk2RDBEQTg2RjI3QkExQjY5MTJBRjFGMzRBMzI3MDQ2QjI2RDEwNURDNERBIiwidG9rZW4iOiI5NDg5NDM0NDk5MTExMzA0NzA0NjA0IiwidiI6IjEuMSJ9</dataValue>
    </opaqueData>
</securePaymentContainerResponse>

Using this format, you could write a script to get the payment nonce/token for your tests without interacting with JavaScript at all.

 

There's no guarantee that this would continue to work. It would be a hack on your part with no official support from us. But, it's what our scripts are doing currently.

 

View solution in original post

Aaron
All Star
10 REPLIES 10

Hi @greckers,

 

You've got a couple of options here. For a complete end to end test running in PHP, you could look into something like v8js, which is an extension to access the Chrome V8 interpreter from within PHP. Your test scripts could run independent of the browser, and get the dataDescriptor and dataValue by interacting with our accept.js script.

 

I can't promise this would work as I've not tried it myself. Our script does some checking to make sure it's being called from a page served from a secure connection, so you'd have to set up the v8js environment to make sure the protocol and window.location and everything looked right to our script.

 

Option 2: If you step through the Accept.js script and the AcceptCore.js script, you can see what they're actually doing is making a call to our API with the card data and getting a payment token back. This API request isn't documented anywhere, but if you follow every step through the scripts, and reference the schema XSD, you can see how it's constructed. I'll save a step and just post a sample request here:

<securePaymentContainerRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
    <merchantAuthentication>
        <name>{{loginId}}</name>
        <clientKey>{{clientKey}}</clientKey>
    </merchantAuthentication>
    <refId>12345</refId>
    <data>
    	<type>TOKEN</type>
    	<id>{{$guid}}</id>
    	<token>
    		<cardNumber>5424000000000015</cardNumber>
    		<expirationDate>122020</expirationDate>
    		<cardCode>900</cardCode>
    		<fullName>Testy McTesterson</fullName>
    	</token>
    </data>
</securePaymentContainerRequest>

Sending a request like this gets a response like so:

<?xml version="1.0" encoding="utf-8"?>
<securePaymentContainerResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
    <messages>
        <resultCode>Ok</resultCode>
        <message>
            <code>I00001</code>
            <text>Successful.</text>
        </message>
    </messages>
    <opaqueData>
        <dataDescriptor>COMMON.ACCEPT.INAPP.PAYMENT</dataDescriptor>
        <dataValue>eyJjb2RlIjoiNTBfMl8wNjAwMDUzRUE2QkJENEIzRUE2QzEyRDFEODFFQUZFQjYzMkRENUZCQkFEQzAwQTUyRjgxRUY2NDM1QTk2RDBEQTg2RjI3QkExQjY5MTJBRjFGMzRBMzI3MDQ2QjI2RDEwNURDNERBIiwidG9rZW4iOiI5NDg5NDM0NDk5MTExMzA0NzA0NjA0IiwidiI6IjEuMSJ9</dataValue>
    </opaqueData>
</securePaymentContainerResponse>

Using this format, you could write a script to get the payment nonce/token for your tests without interacting with JavaScript at all.

 

There's no guarantee that this would continue to work. It would be a hack on your part with no official support from us. But, it's what our scripts are doing currently.

 

Aaron
All Star

Hi Aaron,

 

This is perfect. Option 2 was exactly what I was hoping for. I tried to read through the scripts but figured somebody may have already figured out what the request would need to be and I didn't need to bang my head against the wall for hours figuring out the right request info.

 

I'm sure I will get some failed tests if the script changes but I think I can live with that for now and I'm sure its not going to change too often (hopefully).

@greckers, did you have any luck with this, or do you have any advice to share on your experience or things to keep an eye out for?  I'm trying to do the same thing.  Thanks!

What's the API endpoint that you are calling to retrieve the nonce?

Hi @hatboyzero1,

API endpoints are listed in the “API endpoint” tab here: https://developer.authorize.net/api/reference/#authentication

Maybe I'm missing something here and it's going completely over my head, but to quote you in a previous post, "This API request isn't documented anywhere".  I need to generate a payment nonce in a sandbox account for unit tests - I see the request and response in your post, but I don't see any mention of the specific endpoint to which you make the RESTful call.

Hi @hatboyzero1,

 

Sorry if it's not clear. The sample code I gave in my first response is what the request to our API would look like. That particular method (securePaymentContainerRequest) is not documented anywhere, and is not officially supported. But, it's what Accept.js itself uses to get a nonce, so it's the only programmatic way to get a nonce at this time, short of controlling Accept.js directly in some sort of headless browser.

 

To use this API request, you'd send the request just like any other request to our API. The endpoints for our API are listed in the "API Endpoints" tab here: https://developer.authorize.net/api/reference/#authentication. If you click on that tab, you'll see the endpoints, but I'll list them here for convenience:

 

Sandbox URL: https://apitest.authorize.net/xml/v1/request.api

Production URL: https://api.authorize.net/xml/v1/request.api

 

If you want to send the request to the sandbox in an XML format (like in my example above), you'd do a HTTP POST to https://apitest.authorize.net/xml/v1/request.api, with the Content-type: header set to text/xml. The body of the post would be the XML from my example above, with your sandbox login ID and transaction key inserted, and a GUID of your choice inserted between the <id> tags.

 

When you do that post you'll receive a response like my response example containing the nonce.

Awesome, thanks.  That cleared everything up.

how do  i get trasnasction response int that?i got what u mentioned.. but not transactionid and merchantemail