I’m trying to implement the DPM, using VB and .NET. The problem that I’m having is that after originating a transaction number on the merchant account and sending it to the Authorize.net, I end having two different numbers. The one originated by the merchant is different than the server x_trans_ID response value.
Example: Merchant server originates a transaction ID and I send it to the Authorize.net server like x_trans_ID = 235648971, however, after credit card is charged and all transactions take place on Authorize.net server, the response that I got for the x_trans_ID is different like: 8815489745, Why? Do anybody have a clue of why this? How could I fix this?
Thanks
Solved! Go to Solution.
04-10-2015 09:32 PM
Ok. I see what you are trying to do.
No. the x_trans_id is one of the post values return to you on the relay response.
You will use that to create the your MD5 hash to compare to the x_MD5_Hash that is also return from the relay response.
04-11-2015 01:26 PM
Which transaction Type did you use to capture? Should be using "Prior Authorization and Capture" if the "Authorization Only" is from authorize.net.
Or you might have to post your code so we can see what is going on.
04-11-2015 06:26 AM
Thanks a lot for your respond. Hmm, this is what I'm using: collections.Add("x_type", "AUTH_CAPTURE"). I'm going to check this part and play a little bit with this. I will notify about result later. Once again, thanks a lot.
04-11-2015 06:51 AM - edited 04-11-2015 06:53 AM
"AUTH_CAPTURE" create a new transaction, it doesn't use any auth_only info.
here the transaction type
04-11-2015 07:39 AM - edited 04-11-2015 07:40 AM
All of this is very confuse. The following is in the manual:
04-11-2015 07:51 AM
When you create a transaction on the merchant virtural terminal, you can select either "auth_only" or "auth_and_capture"
If you pick "auth_and_capture", you are done.
For DPM, you can only do auth_only or auth_and_capture
http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=Appendix%20A.html
If you create an auth_only transaction, search the unsettled transactions list on the merchant account and do a capture on it.
04-11-2015 08:35 AM
OK, I got you, I'm going to try again with your suggestions. The problem is Authorize.net and the stupid manual. They do not update things. If you check this link:
you wil see that instead of " auth_and_capture" they have "AUTH_CAPTURE". I don't know if this make a difference or is the same, I'm going to check now and will let you know.
Thanks for your help
04-11-2015 08:48 AM
OK, after test, this is the result:
1) For my DPM with collections.Add("x_type", "auth_and_capture"), transaction is not going thru and is giving me error.
2) With collections.Add("x_type", "AUTH_CAPTURE”"), transaction is done, etc but the x_trans_id assign by my server is different than the one returning from the Auth server.
What should I do now? And I do not want "auth_only", since I want to charge the cc inmediately during transactions.
Thanks
04-11-2015 09:02 AM - edited 04-11-2015 09:04 AM
Question what do you mean collections.add(.....
How are you posting to authorize.net?
2) With collections.Add("x_type", "AUTH_CAPTURE”"), transaction is done, etc but the x_trans_id assign by my server is different than the one returning from the Auth server.
x_trans_id assign by my server what do you mean assign by your server? You don't pass in the x_trans_id, you recevied back from authorize.net
04-11-2015 09:56 AM
I better post the code to explain myself better. Here is everything:
Dim transactionKey = "5748……………." 'This is the one for the sandbox account Dim loginID = "7G2M…………." 'This is the one for the sandbox account 'A sequence number is randomly generated Dim random As New Random Dim sequence = random.Next(0, 1000) 'A time stamp is generated Dim timeStamp = CInt((DateTime.UtcNow - New DateTime(1970, 1, 1)).TotalSeconds) 'Generate a fingerprint Dim CreateFingerprint As New CCTransactionFingerprint() Dim fingerprint = CreateFingerprint.HMAC_MD5(transactionKey, loginID & "^" & sequence & "^" & timeStamp & "^" & TotalSalePrice & "^") 'This following value generate the MD5 Hash feature value on my server to validate the Authorize.net server MD5 Hash response. Dim MD5_Hash_Feature As String 'This hash feature is formed by the hash_value, the login, the transaction (ID) and the amount in dollars. Dim Hash_value = "New…." 'This value is saved on the Authorize.net server 'This part assign a Transaction(ID) at ramdom Dim TransactionID As String = sequence.ToString & timeStamp.ToString MD5_Hash_Feature = Hash_value.ToString & loginID.ToString & TransactionID.ToString & TotalSalePrice.ToString 'Generate Hash from class Dim CreateHash As New MD5HashGenerator() 'Here we create a sample of the class Dim HashTransKey = CreateHash.GetHash(MD5_Hash_Feature) 'Here several important information values are temporarily save to database in order to compare values with the ones returned from Authorize.net server cmd.Dispose() cmd.Parameters.Clear() con.Open() cmd = New SqlCommand("INSERT INTO AdProvisionalDataForCCardTrans (TUserName, TCompanyName, TTransactionID, TTransactionTotal, THashTransKey) VALUES (@UserName, @CompanyName, @TransactionID, @TransactionTotal, @HashTransKey)", con) cmd.Parameters.AddWithValue("@UserName", UserName) cmd.Parameters.AddWithValue("@CompanyName", CompanyName) cmd.Parameters.AddWithValue("@TransactionID", TransactionID) cmd.Parameters.AddWithValue("@TransactionTotal", TotalSalePrice.ToString) cmd.Parameters.AddWithValue("@HashTransKey", HashTransKey) cmd.ExecuteNonQuery() cmd.Parameters.Clear() con.Close() 'Here we create a HTML form in the code behind to POST the information to the credit card gateway Dim collections As New NameValueCollection() collections.Add("x_version", "3.1") collections.Add("x_login", loginID.ToString) collections.Add("x_fp_sequence", sequence) collections.Add("x_fp_timestamp", timeStamp) collections.Add("x_amount", TotalSalePrice.ToString) collections.Add("x_fp_hash", fingerprint) collections.Add("x_method", "CC") collections.Add("x_type", "auth_capture") collections.Add("x_relay_always", "True") 'This is only use with DPM collections.Add("x_card_num", CreditCardNumberTextBox.Text.ToString) 'This is only use with DPM collections.Add("x_exp_date", CreditCardExpirationDateTextBox.Text.ToString) 'This is only use with DPM collections.Add("x_card_code", CreditCardCodeTextBox.Text.ToString) 'This is only use with DPM ‘Here I pass the x_trans_id to the Authorize server in order for it to have the same value that I have to generate a MD5_Hash_Feature and after that get a x_MD5_Hash to compare to the one generate on my server. If I do not send the x_trans_id, they won’t be able to generate one with the same parameters as me and the x_MD5_Hask is going to be always different. Won’t be able to validate. collections.Add("x_trans_id", TransactionID.ToString) collections.Add("x_description", TypeOfSpaceToBuyInIssue.ToString) collections.Add("x_company", CompanyName.ToString) collections.Add("x_relay_url", "http://.......RelayPage.aspx") 'This is the URL for the page on my site that receive the relay massage from the credit card gateway Dim remoteUrl As String = "https://test.authorize.net/gateway/transact.dll" 'This URL is only for testing purposes ‘Here I prepare the form and send it to the remote URL Dim html As String = "<html><head>" html += "</head><body onload='document.forms[0].submit()'>" html += String.Format("<form name='SimForm' method='POST' action='{0}'>", remoteUrl) For Each key As String In collections.Keys html += String.Format("<input name='{0}' type='Hidden' value='{1}'>", key, collections(key)) Next html += "</form></body></html>" Response.Clear() Response.ContentEncoding = Encoding.GetEncoding("ISO-8859-1") Response.HeaderEncoding = Encoding.GetEncoding("ISO-8859-1") Response.Charset = "ISO-8859-1" Response.Write(html) Response.End()
The critical point here is, that in my understanding I must send the x_trans_ID generate on my server side to the Auth server, in order to both have the same number to generate the MD5_Hash_Feature with this formula = Hash_value.ToString & loginID.ToString & TransactionID.ToString & TotalSalePrice.ToString. If we do not have the same transactionID value for this formula, it is obvious that our x_MD5_Hash are never going to be the same, so validating this will be always false.
Thanks
04-11-2015 10:55 AM - edited 04-11-2015 11:03 AM