We are using Python with DPM post option. Followed the hash upgrade link instructions from here:
https://developer.authorize.net/support/hash_upgrade/
DPM post fails with "This transaction cannot be accepted." Not getting additional clues and the failed transaction is not visible in Sandbox.
I am stuck and don't know how to proceed. Need a clear example for the following:
1. How to generate the SHA512 hash in Python
2. How to verify the returned hash in Python
Here is what I tried for #1 above that results in failure:
fingerprint = hmac.new(binascii.unhexlify(security_tokens["SIGNATURE_KEY"]),
"^"+security_tokens["LOGIN_ID"]+"^"+self.seq+"^"+ts+"^"+self.amount+"^", digestmod=hashlib.sha512).hexdigest()
When I do a DPM post with this generated hash in x_fp_hash, I get "This transaction cannot be accepted."
Still don't know the exact python code to verify the returned SHA512 hash (#2).
Example code snippets in Python is much appreciated.
Also when I copied the signature key to clipboard, I noticed an extra carriage return in the beginning. However, I used the characters after the carriage return. Not sure if that has any impact?
Thanks
Solved! Go to Solution.
01-11-2019 03:29 PM - edited 01-11-2019 03:33 PM
Here is the string I am seeing to generate a hash and it does not compare to the in response:
^60117415595^false^^91KEK0^P^2^Y^CC^XXXX1111^2.00^^Jane^Doe^1540 W Blue Heron Blvd^Riviera Beach^FL^33404^^^^^^^^^^^^^4156^
Total 31 carets and here are the fields used to compute the hash:
str_to_hash=("^" + request.POST.get('x_trans_id', '') +
"^" + request.POST.get('x_test_request', '') +
"^" + request.POST.get('x_response_code ', '') +
"^" + request.POST.get('x_auth_code', '') +
"^" + request.POST.get('x_cvv2_resp_code', '') +
"^" + request.POST.get('x_cavv_response', '') +
"^" + request.POST.get('x_avs_code', '') +
"^" + request.POST.get('x_method', '') +
"^" + request.POST.get('x_account_number', '') +
"^" + request.POST.get('x_amount', '') +
"^" + request.POST.get('x_company', '') +
"^" + request.POST.get('x_first_name', '') +
"^" + request.POST.get('x_last_name', '') +
"^" + request.POST.get('x_address', '') +
"^" + request.POST.get('x_city', '') +
"^" + request.POST.get('x_state', '') +
"^" + request.POST.get('x_zip', '') +
"^" + request.POST.get('x_country', '') +
"^" + request.POST.get('x_phone', '') +
"^" + request.POST.get('x_fax', '') +
"^" + request.POST.get('x_email', '') +
"^" + request.POST.get('x_ship_to_company', '') +
"^" + request.POST.get('x_ship_to_first_name', '') +
"^" + request.POST.get('x_ship_to_last_name', '') +
"^" + request.POST.get('x_ship_to_address', '') +
"^" + request.POST.get('x_ship_to_city', '') +
"^" + request.POST.get('x_ship_to_state', '') +
"^" + request.POST.get('x_ship_to_zip', '') +
"^" + request.POST.get('x_ship_to_country', '') +
"^" + request.POST.get('x_invoice_num', '') +
"^")
Let me know what am I missing?
03-03-2019 03:01 PM
Here is python code that generates the hash using the string with 31 carets:
generated_hash = hmac.new(security_tokens["SIGNATURE_KEY"].decode("hex"),
str_to_hash, hashlib.sha512).hexdigest().upper()
The generated hash does not match the x_SHA2_Hash response.
Respnse has this:
088B6BA3BD05C000731F6B2564B580FFA3611E56AC6CE632333F4EC5B2E4B64D74225D38BEA29C305F7C30DE7D25EF5F15E05917CF318B9362C116BA7F66F784
My generated hash is:
7A4BFF15533642A882CAC23B9FE5B04F62354BA4A4D1E13098BA7FD845BA6017785768CD7F0912ED23003E6323614D5AEBC05B47E892CD7518FD989213BE7C9E
Legnths are identical but sizes are different?
03-03-2019 03:27 PM
content is different not size like I wrote earlier.
03-03-2019 03:28 PM
Still stuck and don't know what else to do?
03-03-2019 03:28 PM
03-03-2019 03:58 PM
Can you post a sample DPM html form submission? I just need one that works 100%. You can mark out your credentials and I will use mine. If you can get me that then I will be able to post the php code, and if you want, send me the exact same request you use in a test. Python is not my strength, but I can post you a string with values and what you should get. The hash will be the same regardless of the programming language.
03-03-2019 04:37 PM - edited 03-03-2019 04:38 PM
Here is a thread where I give the details of what I need. Do you get responses in silent post with DPM?
03-03-2019 04:39 PM
Yes. The transaction gets processed successfully. In the html I sent, you will find the needed details when you search for x_fp_sequence. I admit it is not nicely formatted. I really am confused and disappointed how authorize.net support their paying customers.
03-03-2019 06:16 PM
I am aware it gets posted successfully. What I wanted was a dummy form that I could copy and paste. I do not use DPM. I went ahead and made a form from the SIM version I had before. Just a few tweaks. Will post the working code when I have time. I also replied to your message.
03-03-2019 07:12 PM
See my post on that page.
03-04-2019 09:45 AM