- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are using Python with DPM post option. Followed the hash upgrade link instructions from here:
https://developer.authorize.net/support/hash_upgrade/
DPM post fails with "This transaction cannot be accepted." Not getting additional clues and the failed transaction is not visible in Sandbox.
I am stuck and don't know how to proceed. Need a clear example for the following:
1. How to generate the SHA512 hash in Python
2. How to verify the returned hash in Python
Here is what I tried for #1 above that results in failure:
fingerprint = hmac.new(binascii.unhexlify(security_tokens["SIGNATURE_KEY"]),
"^"+security_tokens["LOGIN_ID"]+"^"+self.seq+"^"+ts+"^"+self.amount+"^", digestmod=hashlib.sha512).hexdigest()
When I do a DPM post with this generated hash in x_fp_hash, I get "This transaction cannot be accepted."
Still don't know the exact python code to verify the returned SHA512 hash (#2).
Example code snippets in Python is much appreciated.
Also when I copied the signature key to clipboard, I noticed an extra carriage return in the beginning. However, I used the characters after the carriage return. Not sure if that has any impact?
Thanks
Solved! Go to Solution.
โ01-11-2019 03:29 PM - edited โ01-11-2019 03:33 PM
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your string begins with โ^โ. For DPM the first value in the string doesnโt start with a ^. Take out that caret and you have the correct version of the string, unless you submit the currency in your request, in which case you would append the currency to the end of the string, without a terminating caret.
โ02-27-2019 02:27 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I wish I knew python but thatโs on my to do list and not knowledge I currently have.
โ01-20-2019 09:30 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Any update. I am not able to proceed.
โ02-25-2019 08:41 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your string begins with โ^โ. For DPM the first value in the string doesnโt start with a ^. Take out that caret and you have the correct version of the string, unless you submit the currency in your request, in which case you would append the currency to the end of the string, without a terminating caret.
โ02-27-2019 02:27 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you very much for this useful input. Got confused by this post:
https://developer.authorize.net/support/hash_upgrade/
Now transaction succeeds. But the auth response hash 'x_SHA2_Hash' does not match the generated hash as suggested in the above article. I generate the hash at my end as follows from the DPM response:
generated_hash = hmac.new(security_tokens["SIGNATURE_KEY"].decode("hex"),
"^"+security_tokens["LOGIN_ID"]+"^"+request.POST.get('x_trans_id')+"^"+request.POST.get('x_amount')+"^", hashlib.sha512).hexdigest().upper()
I tried with the intial ^ and without that also. But my generated hash does not match the hash in response 'x_SHA2_Hash'. What am I missing?
I also saw this post suggesting using all fields in response:
https://stackoverflow.com/questions/54256127/updating-md5-to-sha512-authorizenet
Very confused!!!
Thanks
โ03-02-2019 04:23 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I saw conversation regarding amount with decimals, having to use all the fields in the response for the hash and still don't have a definitive answer on how to compare the hash in response. The amount fields in my cas has decimals already. Stuck.
โ03-02-2019 04:37 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Next I tried the following (all 30 fields) as suggested in the forum. Still NO SUCCESS!! Very frustrating!!!!
str_to_hash=("^" + request.POST.get('x_trans_id', '') +
"^" + request.POST.get('x_test_request', '') +
"^" + request.POST.get('x_response_code ', '') +
"^" + request.POST.get('x_auth_code', '') +
"^" + request.POST.get('x_cvv2_resp_code', '') +
"^" + request.POST.get('x_cavv_response', '') +
"^" + request.POST.get('x_avs_code', '') +
"^" + request.POST.get('x_method', '') +
"^" + request.POST.get('x_account_number', '') +
"^" + request.POST.get('x_amount', '') +
"^" + request.POST.get('x_company', '') +
"^" + request.POST.get('x_first_name', '') +
"^" + request.POST.get('x_last_name', '') +
"^" + request.POST.get('x_address', '') +
"^" + request.POST.get('x_city', '') +
"^" + request.POST.get('x_state', '') +
"^" + request.POST.get('x_zip', '') +
"^" + request.POST.get('x_country', '') +
"^" + request.POST.get('x_phone', '') +
"^" + request.POST.get('x_fax', '') +
"^" + request.POST.get('x_email', '') +
"^" + request.POST.get('x_ship_to_company', '') +
"^" + request.POST.get('x_ship_to_first_name', '') +
"^" + request.POST.get('x_ship_to_last_name', '') +
"^" + request.POST.get('x_ship_to_address', '') +
"^" + request.POST.get('x_ship_to_city', '') +
"^" + request.POST.get('x_ship_to_state', '') +
"^" + request.POST.get('x_ship_to_zip', '') +
"^" + request.POST.get('x_ship_to_country', '') +
"^" + request.POST.get('x_invoice_num', '') +
"^")
#generated_hash = hmac.new(security_tokens["SIGNATURE_KEY"].decode("hex"),
#"^"+security_tokens["LOGIN_ID"]+"^"+request.POST.get('x_trans_id')+"^"+request.POST.get('x_amount')+"^", hashlib.sha512).hexdigest().upper()
generated_hash = hmac.new(security_tokens["SIGNATURE_KEY"].decode("hex"),
str_to_hash, hashlib.sha512).hexdigest().upper()
โ03-02-2019 05:17 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This also did not work:
generated_hash = hmac.new(security_tokens["SIGNATURE_KEY"].decode("hex"),
security_tokens["LOGIN_ID"]+request.POST.get('x_trans_id')+request.POST.get('x_amount'), hashlib.sha512).hexdigest().upper()
Frustrating!!! Why is there a simple definitive post like this: If you are using DPM here is how you will generate sha512 hash to compare????
โ03-02-2019 05:32 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
โ03-03-2019 12:23 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please post the authoritative sha512 verification code from the DPM response in php and I will take it from there. Thanks
โ03-03-2019 02:40 PM