I just saw the email for the new Direct Post Method, and it looks really interesting (esp. due to customizable checkout flow & no PCI hassles). But the SDK is not available for Python yet.
Is there a python library available that I somehow missed?
If not, are there any docs that show what we need to post in order to use DPM in other languages? From what little I've seen, it looks like the parts we need info for are the Fingerprint generation, and then the response validation.
Any news on when this will be available? I'd love to dump my current processor and start using DPM, but I can't without python support (or info so I can write my own code). Thanks!
Solved! Go to Solution.
โ10-28-2010 09:37 AM
Hi jumpfroggy,
Currently, no we do not have a Python library or SDK out for DPM. But I've passed on your feedback to our development teams regarding both Python samples and generic examples as well.
Thanks,
Michelle
Developer Community Manager
โ11-04-2010 11:55 AM
Hi jumpfroggy,
Currently, no we do not have a Python library or SDK out for DPM. But I've passed on your feedback to our development teams regarding both Python samples and generic examples as well.
Thanks,
Michelle
Developer Community Manager
โ11-04-2010 11:55 AM
Thanks for the reply! Since this method is new, I understand that many languages are not yet supported.
But it would be very helpful to have a "generic example" - one that just spells out what the spec is. This would be things like "How to create a hash of the order" and "What URL to submit to", then I (and others) could at least write our own code to utilize this method.
DPM seems to be the most convenient method yet, and I'd love to convert from Google Checkout and Paypal to this. But without this spec, I'll just have to wait.
โ11-04-2010 12:05 PM
Hey jumpfroggy,
I agree. A generic example would help a lot. And since we don't have any generic examples in either the DPM guide or the sample code, I asked our developers to help us out a bit. So here you go:
In a Direct Post Method implementation at a minimum you need to implement two pages.
The first page is a simple form that posts directly to Authorize.Net (https://test.authorize.net/gateway/transact.dll for the test environment). This form contains fields for your customer to input their credit card information as well as some hidden fields that provide instructions to Authorize.Net.
The required hidden fields are listed below. You can learn more about each one in the SIM Guide.
You will need to use a server side scripting language to create the value for x_fp_hash. Besides that, the form can be created using standard HTML.
A very basic generic HTML Form for the DPM Method:
<form method="post" action="https://test.authorize.net/gateway/transact.dll"> <input type="hidden" name="x_amount" value="4.99" />
<input type="hidden" name="x_fp_sequence" value="123" />
<input type="hidden" name="x_fp_timestamp" value="1288912808" />
<input type="hidden" name="x_login" value="your login" />
<input type="hidden" name="x_fp_hash" value="ced28698424a7089818e8f5239cc8976" />
<input type="hidden" name="x_version" value="3.1" />
<input type="hidden" name="x_delim_char" value="," />
<input type="hidden" name="x_delim_data" value="TRUE" />
<input type="hidden" name="x_relay_response" value="TRUE" />
<input type="hidden" name="x_relay_url" value="https://yourdomain.com/relay_url" />
<input type="hidden" name="x_show_form" value="FALSE" />
Credit Card Number: <input type="text" class="text" size="15" name="x_card_num" /><br />
Expiration Date: <input type="text" class="text" size="4" name="x_exp_date" /><br />
<input type="submit" value="Complete Purchase." /> </form>
The second required page for DPM is a page to receive and handle the relay response from Authorize.Net (this page should be accessible at the relay_url you specified in your checkout form).
In a very, very basic implementation, you could simply record the transaction results that Authorize.Net will send to you and return a custom HTML receipt page that Authorize.Net will show to your user.
A more popular method is to execute some business logic (or save the results to execute shortly) and send a code snippet back to Authorize.Net which redirects the user to your site where you can then show your own receipt page to your customer.
Code snippet to send back to Authorize.Net during the relay response step which will redirect the user back to the merchant's site:
<!doctype html> <html> <head> <script language="javascript"> <!-- window.location="http://yourdomain.com/receipt_url"; //--> </script> </head> <body> <noscript><meta http-equiv="refresh" content="1;url=http://yourdomain.com/receipt_url"></noscript> </body> </html>
Whether you execute your business logic before sending a response to Authorize.Net or you wait until the user is back on your site, you'll want to validate that the transaction results you received came from Authorize.Net. To validate this, you'll need to generate an MD5 hash like this psuedocode:
md5(md5_setting + api_login_id + transaction_id + amount)
and compare that to the hash you received from Authorize.Net. If they match, the transaction message came from Authorize.Net and you can execute any business logic.
Hope that helps,
Michelle
Developer Community Manager
โ11-09-2010 03:07 PM - edited โ11-09-2010 03:15 PM
Also, and this is something we pretty much never do (we are unable to write code in every language and for every developer), but again, since we don't have any generic guides or sample code to work from, here's an example for you in Python.
How to create the fingerprint (x_fp_hash) for a DPM checkout form in Python:
import hmac import time transaction_key = "your trans key" api_login_id = "your login id" fp_sequence = "12345" fp_timestamp = str(int(time.time())) amount = "4.99" fingerprint = hmac.new(transaction_key,api_login_id+"^"+fp_sequence+"^"+fp_timestamp+"^"+amount+"^").hexdigest()
How to validate the MD5 Hash received from Authorize.Net during the Relay Response Step in Python:
import md5 # Set the following 3 variables from the Authorize.Net POST received_md5_hash = 123 amount = "0.00" transaction_id = "12345" # Fill in your credentials md5_setting = "yourSecretMd5Setting" api_login_id = "yourApiLoginId" # Generate the hash generated_md5_hash = md5.new(md5_setting + api_login_id + transaction_id + amount).hexdigest() # Compare your hash to the one received. If they match, it's Authorize.Net valid = received_md5_hash == generated_md5_hash
See if that works.
Thanks,
Michelle
Developer Community Manager
โ11-09-2010 03:20 PM
Hi Guys,
I have ported SIM & DPM methods into python, also tested them, used in Django framework also..
Here i posted the code to Google Code Base, feel free to use it, its direct port from Authorize.NET PHP libraries
to Python, with some little changes to make sure it works in Python
http://code.google.com/p/authorizepy/
Enjoy
Cem
โ11-24-2010 12:09 PM
Hi,
Your code is not available anymore. I've reached a brick wall and I can't seem to make my code work. I would love to have some help from you.
โ02-01-2012 05:32 AM
Hi cemkozinoglu,
Seems your link is broken.We are really looking for your code as it would be great help for us.
We wil appreciate if you provide some other URL of same code.
Thanks
โ02-21-2012 11:02 PM
Was this code moved elsewhere? Would like to use a python DPM, or at the very least see an example using curl or some other generic http library.
โ06-19-2013 12:45 PM
I logged in for the first time in years just to give kudos to Michelle's post. Thanks for the code!
โ03-08-2014 08:55 PM