Hi Everyone
I am using webhook after finishing the transactions and getting a key "x-anet-signature" in the header from webhook then after trying to create a hash using text "^" + apiLogin + "^" + transId + "^" + amount + "^" as given in his doc.Please look into my below code and give me suggestions what mistake i made ?
function generateSHA512(textToHash, signatureKey) {
var apiLoginId = "xxxxxxxxxxxx";
var transId = "xxxxxxxxx";
var amount = 10;
โ08-27-2019 10:58 AM
File log
Sep 11 10:51:35 bitlumebeta bitlume-beta: Info: in Authorize .net webhook
Sep 11 10:51:35 bitlumebeta bitlume-beta: typeof Authorize.net callback body object
Sep 11 10:51:35 bitlumebeta bitlume-beta: ----- body: { notificationId: 'eb52739e-15d6-4c30-b9a0-780d07f14f02',
Sep 11 10:51:35 bitlumebeta bitlume-beta: eventType: 'net.authorize.payment.authcapture.created',
Sep 11 10:51:35 bitlumebeta bitlume-beta: eventDate: '2019-09-11T17:51:27.9087307Z',
Sep 11 10:51:35 bitlumebeta bitlume-beta: webhookId: 'a92b9535-f456-4cc6-8b13-30d2a15296ba',
Sep 11 10:51:35 bitlumebeta bitlume-beta: payload:
Sep 11 10:51:35 bitlumebeta bitlume-beta: { responseCode: 1,
Sep 11 10:51:35 bitlumebeta bitlume-beta: authCode: 'Y9U9VL',
Sep 11 10:51:35 bitlumebeta bitlume-beta: avsResponse: 'Y',
Sep 11 10:51:35 bitlumebeta bitlume-beta: authAmount: 80,
Sep 11 10:51:35 bitlumebeta bitlume-beta: entityName: 'transaction',
Sep 11 10:51:35 bitlumebeta bitlume-beta: id: '60127083206' } }
In Rest APi we get request body in form of object so how should we create text to hash from object because function which hash the text only takes string.
โ09-11-2019 11:00 AM - edited โ09-11-2019 11:01 AM
I think your issue may be that you need to change how you are capturing the request body. I am not good with server side js, however. you should be able to just hash the body as received. Auth.net hashes the body just as they send it to you, I believe.
โ09-16-2019 04:21 PM
Just ran into the same issue, the following code worked for me in Node.JS using the built in crypto library:
function processNotification(req, res) { const signatureHash = req.headers['x-anet-signature'].substring(7).toLowerCase(); const verificationHash = crypto.createHmac('sha512', config.authorizeNet.signatureKey).update(JSON.stringify(req.body)).digest('hex'); if (signatureHash !== verificationHash) { res.sendStatus(403); } else { res.sendStatus(200); } }
โ01-26-2020 03:28 PM