Sage Pay Reporting API-生成的签名哈希无效

时间:2018-07-04 15:26:04

标签: php sagepay

我正在尝试调用sagepay报告api(https://www.sagepay.co.uk/file/6946/download-document/Reporting_and_Admin_API_Integration_Guideline_31012014.pdf)上的 getTransactionDetail 端点和我按照以下说明进行的签名:

enter image description here

似乎不起作用,我收到了无效的签名响应。

这是我到目前为止尝试过的:

<?php

$vendor = 'myvendername';
$username = 'my-username';
$password = 'my-password';
$vpstxid = '{my-vpstxid-guid-here}';

$request = [
    'command' => 'getTransactionDetail',
    'vendor' => $vendor,
    'user' => $username,
    'vpstxid' => $vpstxid,
];
$signature = _calculate_request_signature($request);
$request_xml = _build_sagepay_request($request, $signature);

$result = _call_sagepay_server('https://test.sagepay.com/access/access.htm', $request_xml);
$xml = simplexml_load_string($result);
$json = json_encode($xml);
$array = json_decode($json,TRUE);

echo '<pre>'; print_r($array); exit;

function _calculate_request_signature($data) {
    global $password;
    $req = '';
    foreach ($data as $key => $value) {
        $req .= '<' . $key . '>' . $value . '</' . $key . '>' . PHP_EOL;
    }
    $req .= '<password>' . $password . '</password>';
    return md5($req);
}

function _build_sagepay_request($data, $signature) {
    $result = '<vspaccess>' . PHP_EOL;
    foreach ($data as $key => $value) {
        $result .= "\t" . '<' . $key . '>' . $value . '</' . $key . '>' . PHP_EOL;
    }
    $result .= "\t" . '<signature>' . $signature . '</signature>' . PHP_EOL;
    $result .= '</vspaccess>';
    return $result;
}

function _call_sagepay_server($url, $request_xml)
{ ... snipped ... }

有什么想法吗?

1 个答案:

答案 0 :(得分:0)

好吧,我知道了:

  

请求/签名calc中没有选项卡/ PHP_EOL,将它平放到一行xml中就可以了。

function _calculate_request_signature($data) {
    global $password;
    $req = '';
    foreach ($data as $key => $value) {
        $req .= '<' . $key . '>' . $value . '</' . $key . '>';
    }
    $req .= '<password>' . $password . '</password>';
    return strtoupper(md5($req));
}

function _build_sagepay_request($data, $signature) {
    $result = '<vspaccess>';
    foreach ($data as $key => $value) {
        $result .= '<' . $key . '>' . $value . '</' . $key . '>';
    }
    $result .= '<signature>' . $signature . '</signature>';
    $result .= '</vspaccess>';
    return $result;
}

function _call_sagepay_server($url, $request_xml)
{
    global $lastCurlError;

    $curl = curl_init();

    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_HEADER, 0);
    curl_setopt($curl, CURLOPT_POST, 1);
    curl_setopt($curl, CURLOPT_POSTFIELDS, 'XML=' . $request_xml);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_TIMEOUT, 45);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

    $result = curl_exec($curl);
    $lastCurlError = curl_errno($curl);

    curl_close($curl);
    return $result;
}
相关问题
最新问题