Payeezy信用卡付款始终保持" HMAC验证失败"错误回应

时间:2014-12-09 19:01:16

标签: php payment-gateway payment hmac

任何人都可以回答,为什么我总是得到“HMAC验证失败”错误响应。

我的代码:

$response_purchase_JSON = $payeezy - > purchase(array(

      "amount" => "420",
      "card_number" => "4012000033330026",
      "card_type" => "VISA",
      "card_holder_name" => "Test Account",
      "card_cvv" => "675",
      "card_expiry" => "1119",
      "merchant_ref" => "Transaction",
      "currency_code" => "USD",

));

print_r($response_purchase_JSON);

2 个答案:

答案 0 :(得分:2)

您需要构建HMAC值。请查看以下文档: https://developer.payeezy.com/content/hmac-validation-failure

您的JSON有效负载也不正确。

示例正确的有效负载(test.json):

{
    "transaction_type": "authorize",
    "method": "credit_card",
    "amount": "420",
    "currency_code": "USD",
    "credit_card": {
        "type": "visa",
        "cardholder_name": "Test Account",
        "card_number": "4012000033330026",
        "exp_date": "1119",
        "cvv": "675"
    }
}

以下是以下示例PHP代码:

<?php

$serviceURL = 'https://api-cert.payeezy.com/v1/transactions';
$apikey = 'yourapikey';
$token = 'yourapitoken';
$apisecret = 'yourapisecret';

list($usec, $sec) = explode(" ", microtime());
$timestamp = round(((float)$usec + (float)$sec) * 1000);
$timestamp = $timestamp - 5000;
$nonce = rand();

echo 'Timestamp is: '. $timestamp."\n";

$reqbody = file_get_contents('./test.json', true);

echo 'Request body: '.$reqbody."\n";

$summarize = "";
$summarize .= $apikey;
$summarize .= $nonce;
$summarize .= $timestamp;
$summarize .= $token;
$summarize .= $reqbody;


$hmac = hash_hmac('SHA256', $summarize, $apisecret);

echo "Hmac is: ".$hmac."\n";

$hmac_enc = base64_encode($hmac);


$curl = curl_init($serviceURL);
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $reqbody);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_VERBOSE, true);


$headers = array(
    'Content-type: application/json',
    "Authorization: ".$hmac_enc,
    "apikey: ".$apikey,
    "token: ".$token,
    "timestamp: ".$timestamp,
    "nonce: ".$nonce,
);


curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);

$json_response = curl_exec($curl);

$status = curl_getinfo($curl, CURLINFO_HTTP_CODE);

if ( $status != 201 ) {
    die("Error: call to URL $serviceURL failed with status $status, response $json_response, curl_error " . curl_error($curl) . ", curl_errno " . curl_errno($curl));
}


curl_close($curl);

$response = json_decode($json_response, true);

echo "Response is: ".$response."\n";
echo "JSON response is: ".$json_response."\n";

?>

答案 1 :(得分:0)

这些是“HMAC验证失败”的常见原因:

  1. API密钥和/或API密码不正确。
  2. API密钥中的前导或尾随空格,API密钥,商家令牌。
  3. HTTP标头中的时间戳不是以毫秒为单位。
  4. HTTP标头中的时间戳不代表EPOCH时间。
  5. 没有从UTC计算纪元时间。
  6. HTTP标头中的时间戳不在我们服务器时间的5分钟内
  7. 系统时间不准确。

    8. 如果您在本地计算机上测试付款并且您认为已正确执行了所有步骤,那么也会收到相同的错误,然后尝试在服务器上运行代码

相关问题
最新问题