cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

I'am new to this, need help integrating DPM to my asp.net vb website

After reading and watching the videos for hours I can say that this site is not friendly at all. The Website that I'am working on have been done with VWD 2010 (asp.net) and VB. It is my understanding that in my case the best option is DPM. Now, how can I start implementing this? Could anybody list the steps in plain English for me to follow. I downloaded the SDK, but can not open it with VWD 2010. Can anybody help?

 

Thanks 

AuthComm25
Contributor
16 REPLIES 16

If you not afraid of coding

start with the SIM VB sample code here

http://developer.authorize.net/downloads/samplecode/

 

DPM is almost the same as SIM

and the doc is here

http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=Appendix%20C%20-%20...

RaynorC1emen7
Expert

Thanks for your response. By the way, if I was afraid of coding I wouldnโ€™t be here, lol. I read everything as you suggested and I still have questions.

 

When I compare the doc http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=Appendix%20C%20-%20...

With the SIM VB sample, http://developer.authorize.net/downloads/samplecode/

seen to be that the doc is kind of incomplete. It does not mention Web.config changes that I see in the coding samples relate to the form. Secondly there are vb files with classes related to the form too. So this is kind of confusing since the doc only talk about topics relate to the form.

Since this is the case I would like to ask two very stupid questions.

Questions:

1) Do I need to change the web.config file according to the samples provided?

2) Do I need to incorporate the additional vb files and classes as well?

 

This is kind of confusing since they are using asp classic and I am using asp.net

I will appreciate your help on this.

 

Thanks  

The doc is a generic for any lang.

DPM is just a form post to authorize.net url with the required field

 

You really don't need any of the sample code.remove x_show_form and add the x_card_num and x_exp_date

Then try it and see how it work and then just do your own code for your website. The code that you might want to copy is how they generate the x_fp_hash

 

The other thing to read is the Relay Response Basics and Troubleshooting for getting the response back from authorize.net after the post. And for asp.net either set machineKey in your web.config or set enableviewstatemac to false on the page.

OK, I have implemented some code from the SDK and from online samples and I am testing now. Just at my first shot I received Code 97 error. I search in the community board, and I read other post with similar problems. I tried all, but still receiving Code 97. I am pasting here my code for anybody to take a look and make any suggestion.

First of all I do have a class and a function that generate the fingerprint. It looks like this:

 

 

Public Class CCTransactionFingerprint Public Function HMAC_MD5(ByVal Key, ByVal Value)

' The first two lines take the input values and convert them from strings to Byte arrays

 

Dim HMACkey() As Byte = (New ASCIIEncoding()).GetBytes(Key)

Dim HMACdata() As Byte = (New ASCIIEncoding()).GetBytes(Value)

' create a HMACMD5 object with the key set Dim myhmacMD5 As New HMACMD5(HMACkey)

' calculate the hash (returns a byte array)

Dim HMAChash() As Byte = myhmacMD5.ComputeHash(HMACdata)

' loop through the byte array and add append each piece to a string to obtain a hash string

Dim fingerprint = "" For i = 0 To HMAChash.Length - 1 fingerprint &= HMAChash(i).ToString("x").PadLeft(2, "0") Next Return fingerprint

End Function

End Class

 

 

Since Iโ€™m using asp.net Iโ€™m sending the transaction data from an html in code behind, it looks like this:

 

  

 

 

Dim transactionKey = "TRANSACTION_KEY"

'A sequence number is randomly generated

Dim random As New Random

Dim sequence = random.Next(0, 1000)

'A time stamp is generated (using a function from simlib.asp)

Dim timeStamp = CInt((DateTime.UtcNow - New DateTime(1970, 1, 1)).TotalSeconds)

 

 

'Generate a fingerprint

Dim CreateFingerprint As New CCTransactionFingerprint()

Dim fingerprint = CreateFingerprint.HMAC_MD5(transactionKey, loginID & "^" & sequence & "^" & timeStamp & "^" & TotalSalePrice & "^")

'Here we create a HTML form in the code behind to POST the information to the credit card gateway

Dim collections As New NameValueCollection()

collections.Add("x_version", "3.1")

collections.Add("x_login", "7G2M922CpHxK7u")

collections.Add("x_show_form", "PAYMENT_FORM")

collections.Add("x_method", "CC")

collections.Add("x_type", "AUTH_CAPTURE")

collections.Add("x_fp_hash", fingerprint)

 

 

collections.Add("x_amount", TotalSalePrice)

Dim remoteUrl As String = "https://test.authorize.net/gateway/transact.dll"

Dim html As String = "" html += "" html += String.Format(" ", remoteUrl) For Each key As String In collections.Keys html += String.Format("", key, collections(key)) Next

html += "" Response.Clear() Response.ContentEncoding = Encoding.GetEncoding("ISO-8859-1") Response.HeaderEncoding = Encoding.GetEncoding("ISO-8859-1")

Response.Charset = "ISO-8859-1"

Response.Write(html)

Response.End()

 

 

 

Thanks for your help !

I'm not see where you passing all the required fields

http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=Appendix%20A.html

 

I see x_fp_hash, but not x_fp_sequence,x_fp_timestamp

I thought that I have everything according to this link:

http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=SIM_Submitting_tran...

However since you are mentioning this different link: http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=Appendix%20A.html

I checked it and I can see that I have everything here as well since in my understanding and according to this link the following fields, x_fp_hash, x_fp_sequence and x_fp_timestamp should be inside the fingerprint. But due to your comment I am not sure now. Do I have to send them in the fingerprint and as individual fields as well. Is this the case?

 

Thanks a lot for you time and help 

They are all sent as individual fields. The "fingerprint" is just a convenient way to talk about those fields, grouped by their fingerprinting function.

 

An SDK or library may also group those fields into a single class or API method, but behind that, it would still need to send those fields indivually to the gateway.

 

Not sure if that helps, as I'm not sure what level you are looking at (e.g. low-level POSTs or a higher level abstraction).

 

-- Jason

Example 4
Submitting a Request for the Hosted Payment Form

If I remember correctly that used an old PHP example

<% ret = InsertFP (APIloginid, sequence, amount, txnkey) %>

and that include all the required field.

 

I don't think you know how the fingerprint works. authorize.net only have your loginID and transationKey.

The fingerprint is useless without authorize.net knowing how the x_fp_sequence and x_fp_timestamp value, because they can't hash is a match the value. The only thing you don't pass is the transactionKey because they already have it.

 

Run to your page that you form post to authorize.net in a browswer. Then look at the page source, if it didn't have all the required field, it not going to work. Go back at look at the sample code(not the SDKs) and see what they are passing in the form.

Yes, you don't ever send the "transaction key". That is a shared secret - your site knows it and your Authoriize.Net account knows it, but nobody else should know it. It is used to generate the one-time hash (x_fp_hash) with your form. That hash is used with the other fields you send (which all comprise the "fingerprint" - x_fp_sequence and x_fp_timestamp) to allow Authorize.Net to check that it really is your site sending the transaction request.

 

So the fingerprint is made of these fields, send in the form as individual fields:

 

x_fp_sequence

x_fp_timestamp

x_fp_hash

 

The hash is generated from the shared secret "transaction key", and the sequence and timestamp effectively add salt to that key before it gets hashed.

 

A similar thing happens for relay messages that Authorise.net sends back to your site, using a different shared secret (the "md5 hash key"), so your merchant site can be sure it is really Authorize.Net sending it the relay message.

 

I hope that clears up what I meant, in case I didn't explain it properly. Those *individual* firelds need to do into the form, but the package or SDK used may put them all in in one go as a "fingerprint".

 

-- Jason