我正在尝试构建一个与Firstdata的api集成的付款方式。我需要将XML字符串发布到他们的服务器。它们还需要客户端证书和http身份验证。我的CURL设置目前看起来像这样:
function firstdata_send($config_param, $data) {
$config_default = array(
'test' => FALSE,
);
// settings in $config_param will overwrite settings in $config_default
$config = (object)array_merge($config_default, $config_param);
if($config->test) {
$url = 'https://ws.merchanttest.firstdataglobalgateway.com/fdggwsapi/services/order.wsdl';
}
else {
$url = 'https://ws.firstdataglobalgateway.com/fdggwsapi/services/order.wsdl';
}
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "{$config->username}:{$config->password}");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSLCERT, $config->pemfile);
curl_setopt($ch, CURLOPT_SSLKEY, $config->keyfile);
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $config->keypass);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
$result = curl_exec($ch);
$result .= curl_error($ch);
return $result;
}
他们的服务器以HTTP/1.1 401 Unauthorized回复。但如果我评论出帖子选项:
//curl_setopt($ch, CURLOPT_POST, TRUE);
//curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
我得到HTTP/1.1 200 OK。除非我完全误解了最新情况,否则似乎使用post会以某种方式干扰auth标头。我不知道我错过了什么。
解决:
原来测试帐户生成的ssl证书不好。我不得不打电话给他们的技术支持,他们必须在系统接受之前重新生成证书3次。抱歉浪费你的时间。我应该先打电话给他们。如果有人对我所称的技术支持号码感兴趣,请致电(888)477-3611。我认为NomikOS最接近正确,所以我会将他标记为答案并向其他人投票。再次感谢。
答案 0 :(得分:2)
表单我认为您需要使用certificate pem格式才能使用此服务....
一个。下载API https://www.firstdata.com/downloads/customerservice/30006_api_php.zip
B中。你会看到很多例子
销售信息示例
include"lphp.php";
$mylphp=new lphp;
$myorder["host"] = "secure.linkpt.net";
$myorder["port"] = "1129";
$myorder["keyfile"] = "./YOURCERT.pem"; # Change this to the name and location of your certificate file
$myorder["configfile"] = "1234567"; # Change this to your store number
$myorder["ordertype"] = "SALE";
$myorder["result"] = "LIVE"; # For a test, set result to GOOD, DECLINE, or DUPLICATE
$myorder["cardnumber"] = "4111-1111-1111-1111";
$myorder["cardexpmonth"] = "01";
$myorder["cardexpyear"] = "05";
$myorder["chargetotal"] = "9.99";
$myorder["addrnum"] = "123"; # Required for AVS. If not provided, transactions will downgrade.
$myorder["zip"] = "12345"; # Required for AVS. If not provided, transactions will downgrade.
// $myorder["debugging"] = "true"; # for development only - not intended for production use
# Send transaction. Use one of two possible methods #
// $result = $mylphp->process($myorder); # use shared library model
$result = $mylphp->curl_process($myorder); # use curl methods
if ($result["r_approved"] != "APPROVED") // transaction failed, print the reason
{
print "Status: $result[r_approved]\n";
print "Error: $result[r_error]\n";
}
else
{ // success
print "Status: $result[r_approved]\n";
print "Code: $result[r_code]\n";
print "OID: $result[r_ordernum]\n\n";
}
答案 1 :(得分:1)
检查您是否访问凭据(用户名,密码)
401未经授权
请求需要用户身份验证。响应必须包括一个 包含挑战的WWW-Authenticate头字段(第14.47节) 适用于所请求的资源。客户可以重复 请求具有合适的授权标头字段(第14.8节)。 如果 请求已包含授权凭据,然后是401 回复表明授权已被拒绝 凭证即可。如果401响应包含与之相同的挑战 先前的响应,用户代理已经尝试过 验证至少一次,然后用户应该出现 响应中给出的实体,因为该实体可能包含 相关诊断信息。 HTTP访问身份验证是 在“HTTP身份验证:基本和摘要访问”中进行了解释 身份验证“[43]。
来源:http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2
==
OBS:我建议您使用此代码检查错误
// check for errors before close
$result = curl_exec($ch);
if ($result === false)
{
echo curl_error($ch);
}
curl_close($ch);
答案 2 :(得分:1)