Question about PaySimple http request

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Question about PaySimple http request

4D Tech mailing list
Hi,

I have set up a test account with PaySimple but I am having trouble sending a test request to add a customer. I get a 500 error returned by the server on the Http request. It may have to do with an improperly prepared authorization header. I use php calls to prepare the hashes required.

If anyone could provide an example creation and http request call to PaySimple, I’d appreciate it.

$l_Status:=HTTP Request(HTTP post method;"https://sandbox-api.paysimple.com/v4/customer";t_Request;t_Response;headernames_at;headervalues_at)

t_Request is properly formatted JSON text
headernames_at{1} := “Authorization”
$headervalues_at{1}:=Authorization: PSSERVER access id=myUserID;timestamp=$t_ISO_TimeStamp;signature=hashed t_API_Signature



Thanks,

Michael Ferguson
**********************************************************************
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:[hidden email]
**********************************************************************
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question about PaySimple http request

4D Tech mailing list
> 2017/08/03 7:02、Michael Ferguson via 4D_Tech <[hidden email]> のメール:
> t_Request is properly formatted JSON text

by the way if the JSON is an object (not array) you can directly pass C_OBJECT to HTTP Get/Request

> headernames_at{1} := “Authorization”
> $headervalues_at{1}:=Authorization: PSSERVER access

I get that this is pseudo code but is the header name being duplicated in value?




**********************************************************************
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:[hidden email]
**********************************************************************
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question about PaySimple http request

4D Tech mailing list
In reply to this post by 4D Tech mailing list
Hi,

I haven't done  paysimple but I have done similar web service auth in the past.

I would advise you not to use php unless you can't avoid it for this purpose (because php fast cgi is not always playing well when running several instances of 4D because of port issues).

For the CRC_hmacSha2_256Blob and HTTP_timestampIso8601 functions, take a look at this component :
        https://github.com/blegay/aws_component


I think the code should look like this :

  C_TEXT($vt_endpoint)
  // sandbox
$vt_endpoint:="https://sandbox-api.paysimple.com"
$vt_username:="<USER NAME HERE>"
$vt_secretCode:="<CODE HERE>"

  // production
  //$vt_endpoint:="https://api.paysimple.com"
  //$vt_username:=""
  //$vt_secretCode:=""

ARRAY TEXT($tt_headerKeys;0)
ARRAY TEXT($tt_headerValues;0)

APPEND TO ARRAY($tt_headerKeys;"Authorization")
APPEND TO ARRAY($tt_headerValues;paySimpleAuth($vt_username;$vt_secretCode))

C_BLOB($vx_request;$vx_response)
C_LONGINT($vl_httpStatus)
$vl_httpStatus:=HTTP Request(HTTP post method;$vt_endpoint;$vx_request;$vx_response;$tt_headerKeys;$tt_headerValues)



  //================================================================================
  //@4ddoc-start : en
  //@name : paySimpleAuth
  //@scope : public
  //@deprecated : no
  //@description : This function return the auth string for paysimple service
  //@parameter[0-OUT-authString-TEXT] : auth string for paysimple service (e.g. "PSSERVER AccessId... ")
  //@parameter[1-IN-username-TEXT] : paysimple user name
  //@parameter[2-IN-secretCode-TEXT] : paysimple secret code
  //@parameter[3-IN-timestampIso8601-TEXT] : timestamp in ISO-8601, for unit testing only (optional, default value : current time timestamp)
  //@notes :
  // https://developer.paysimple.com/documentation.html#certification
  //@example : paySimpleAuth
  //@see :
  //@version : 1.00.00
  //@author : Bruno LEGAY (BLE) - Copyrights A&C Consulting - 2008
  //@history : CREATION : Bruno LEGAY (BLE) - 03/08/2017, 06:34:46 - v1.00.00
  //@4ddoc-end
  //================================================================================

C_TEXT($0;$vt_authString)  // auth string for paysimple service (e.g. "PSSERVER AccessId... ")
C_TEXT($1;$vt_username)  // paysimple user name
C_TEXT($2;$vt_secretCode)  // paysimple secret code
C_TEXT($3;$vt_timestampIso8601)  // for unit testing (e.g. "20150321T075240Z")

$vt_authString:=""

C_LONGINT($vl_nbParam)
$vl_nbParam:=Count parameters
If ($vl_nbParam>1)
$vt_username:=$1
$vt_secretCode:=$2

  // get a timestamp in ISO-8601 format
Case of
: ($vl_nbParam=2)
$vt_timestampIso8601:=HTTP_timestampIso8601
Else
$vt_timestampIso8601:=$3
End case

  // generate a hmac sha2 256 with timestamp as "data" and secret code as "key"
  // get the hmac into base 64
C_BLOB($vx_data;$vx_key)
SET BLOB SIZE($vx_data;0)
SET BLOB SIZE($vx_key;0)
CONVERT FROM TEXT($vt_timestampIso8601;"UTF-8";$vx_data)
CONVERT FROM TEXT($vt_secretCode;"UTF-8";$vx_key)

  // generate hmac => 32 bytes
C_BLOB($vx_hmac)
SET BLOB SIZE($vx_hmac;0)
$vx_hmac:=CRC_hmacSha2_256Blob (->$vx_data;->$vx_key)
SET BLOB SIZE($vx_data;0)
SET BLOB SIZE($vx_key;0)

  // convert binary hmac into base64 => 44 chars
C_TEXT($vt_hmacBase64)
BASE64 ENCODE($vx_hmac;$vt_hmacBase64)  // $vt_md5Base64 is 24 base64 char long e.g. "zjOP5omXeKrPwoQU8tlJiw=="
SET BLOB SIZE($vx_hmac;0)

  //TXT_base64Clean (->$vt_hmacBase64)

$vt_authString:="PSSERVER AccessId = "+$vt_username+"; Timestamp = "+$vt_timestampIso8601+"; Signature = "+$vt_hmacBase64
End if

$0:=$vt_authString



// Unit test :

ASSERT(paySimpleAuth ("<USER NAME HERE>";"<CODE HERE>";"20150321T075240Z")="PSSERVER AccessId = <USER NAME HERE>; Timestamp = 20150321T075240Z; Signature = 8MBIsWosagCVIMoehR2FE4ay66hmyqDFoANgvBFx3+4=")


You can contact me privately if you need more help

HTH

**********************************************************************
4D Internet Users Group (4D iNUG)
FAQ:  http://lists.4d.com/faqnug.html
Archive:  http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:[hidden email]
**********************************************************************
Loading...