cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

How to use Direct Post Method with Python? (custom code?)

I just saw the email for the new Direct Post Method, and it looks really interesting (esp. due to customizable checkout flow & no PCI hassles).  But the SDK is not available for Python yet.

 

Is there a python library available that I somehow missed?

 

If not, are there any docs that show what we need to post in order to use DPM in other languages?  From what little I've seen, it looks like the parts we need info for are the Fingerprint generation, and then the response validation.

 

Any news on when this will be available?  I'd love to dump my current processor and start using DPM, but I can't without python support (or info so I can write my own code).  Thanks!

jumpfroggy
Member
1 ACCEPTED SOLUTION

Accepted Solutions

Hi jumpfroggy,

 

Currently, no we do not have a Python library or SDK out for DPM. But I've passed on your feedback to our development teams regarding both Python samples and generic examples as well.

 

Thanks,

 

Michelle

Developer Community Manager

View solution in original post

Michelle
All Star
9 REPLIES 9

Hi jumpfroggy,

 

Currently, no we do not have a Python library or SDK out for DPM. But I've passed on your feedback to our development teams regarding both Python samples and generic examples as well.

 

Thanks,

 

Michelle

Developer Community Manager

Michelle
All Star

Thanks for the reply!  Since this method is new, I understand that many languages are not yet supported.

 

But it would be very helpful to have a "generic example" - one that just spells out what the spec is.  This would be things like "How to create a hash of the order" and "What URL to submit to", then I (and others) could at least write our own code to utilize this method.

 

DPM seems to be the most convenient method yet, and I'd love to convert from Google Checkout and Paypal to this.  But without this spec, I'll just have to wait.

Hey jumpfroggy,

 

I agree. A generic example would help a lot. And since we don't have any generic examples in either the DPM guide or the sample code, I asked our developers to help us out a bit. So here you go:

 

In a Direct Post Method implementation at a minimum you need to implement two pages.

The first page is a simple form that posts directly to Authorize.Net (https://test.authorize.net/gateway/transact.dll for the test environment). This form contains fields for your customer to input their credit card information as well as some hidden fields that provide instructions to Authorize.Net.

The required hidden fields are listed below. You can learn more about each one in the SIM Guide.

 

  • x_amount (Amount to be charged)
  • x_fp_sequence (Any sequential number such as an invoice number)
  •  x_fp_hash (The fingerprint..see below)
  • x_fp_timestamp (Unix Timestamp)
  • x_relay_url (Your Relay Response URL)
  • x_login (Your API Login ID)
  • x_relay_response = true x_show_form = false x_version = 3.1 x_delim_char = ","x_delim_data = "TRUE"

You will need to use a server side scripting language to create the value for x_fp_hash. Besides that, the form can be created using standard HTML.

A very basic generic HTML Form for the DPM Method:

 

 

<form method="post" action="https://test.authorize.net/gateway/transact.dll">
<input type="hidden" name="x_amount" value="4.99" /> 
<input type="hidden" name="x_fp_sequence" value="123" />
<input type="hidden" name="x_fp_timestamp" value="1288912808" />
<input type="hidden" name="x_login" value="your login" />
<input type="hidden" name="x_fp_hash" value="ced28698424a7089818e8f5239cc8976" />
<input type="hidden" name="x_version" value="3.1" />
<input type="hidden" name="x_delim_char" value="," />
<input type="hidden" name="x_delim_data" value="TRUE" />
<input type="hidden" name="x_relay_response" value="TRUE" />
<input type="hidden" name="x_relay_url" value="https://yourdomain.com/relay_url" />
<input type="hidden" name="x_show_form" value="FALSE" />
Credit Card Number: <input type="text" class="text" size="15" name="x_card_num" /><br />
 Expiration Date: <input type="text" class="text" size="4" name="x_exp_date" /><br />
<input type="submit" value="Complete Purchase." /> </form>

 

The second required page for DPM is a page to receive and handle the relay response from Authorize.Net (this page should be accessible at the relay_url you specified in your checkout form).

In a very, very basic implementation, you could simply record the transaction results that Authorize.Net will send to you and return a custom HTML receipt page that Authorize.Net will show to your user.

A more popular method is to execute some business logic (or save the results to execute shortly) and send a code snippet back to Authorize.Net which redirects the user to your site where you can then show your own receipt page to your customer.

Code snippet to send back to Authorize.Net during the relay response step which will redirect the user back to the merchant's site:

 

 

 

<!doctype html>
<html>
    <head>
        <script language="javascript">
        <!--
        window.location="http://yourdomain.com/receipt_url";
        //-->
        </script>
    </head>
    <body>
        <noscript><meta http-equiv="refresh" content="1;url=http://yourdomain.com/receipt_url"></noscript>
    </body>
</html>

 

Whether you execute your business logic before sending a response to Authorize.Net or you wait until the user is back on your site, you'll want to validate that the transaction results you received came from Authorize.Net. To validate this, you'll need to generate an MD5 hash like this psuedocode:

 md5(md5_setting + api_login_id + transaction_id + amount)

and compare that to the hash you received from Authorize.Net. If they match, the transaction message came from Authorize.Net and you can execute any business logic.

 

 

Hope that helps,

 

Michelle

Developer Community Manager

Also, and this is something we pretty much never do (we are unable to write code in every language and for every developer), but again, since we don't have any generic guides or sample code to work from, here's an example for you in Python.

How to create the fingerprint (x_fp_hash) for a DPM checkout form in Python:

import hmac
import time
transaction_key = "your trans key"
api_login_id = "your login id"
fp_sequence = "12345"
fp_timestamp = str(int(time.time()))
amount = "4.99"
fingerprint = hmac.new(transaction_key,api_login_id+"^"+fp_sequence+"^"+fp_timestamp+"^"+amount+"^").hexdigest()

 

How to validate the MD5 Hash received from Authorize.Net during the Relay Response Step in Python:

 

 

 

import md5

# Set the following 3 variables from the Authorize.Net POST received_md5_hash = 123 amount = "0.00"
transaction_id = "12345"

# Fill in your credentials
md5_setting = "yourSecretMd5Setting"
api_login_id = "yourApiLoginId"

# Generate the hash
generated_md5_hash = md5.new(md5_setting + api_login_id + transaction_id + amount).hexdigest()

# Compare your hash to the one received. If they match, it's Authorize.Net valid = received_md5_hash == generated_md5_hash

 

 

See if that works.

 

Thanks,

 

Michelle

Developer Community Manager

Hi Guys,

 

I have ported SIM & DPM methods into python, also tested them, used in Django framework also.. 

Here i posted the code to Google Code Base, feel free to use it, its direct port from Authorize.NET PHP libraries

to Python, with some little changes to make sure it works in Python

 

http://code.google.com/p/authorizepy/

 

Enjoy

 

Cem

cemkozinoglu
Member

Hi,

 

Your code is not available anymore. I've reached a brick wall and I can't seem to make my code work. I would love to have some help from you.

 

 

Hi cemkozinoglu,

 

Seems your link is broken.We are really looking for your code as it would be great help for us.

We wil appreciate if you provide some other URL of same code.

 

Thanks

 

 

Was this code moved elsewhere? Would like to use a python DPM, or at the very least see an example using curl or some other generic http library.

I logged in for the first time in years just to give kudos to Michelle's post. Thanks for the code!