Integration and Testing

Authorize.Net API questions and help with your payment integration.

Reply
Contributor
Posts: 13
Registered: ‎09-25-2012
Accepted Solution

Iframe or Hosted Redirect - invalid or missing token

Hello all,

 

I'm very happy there's such a great developer's community here!

I'm implementing the CIM solution. I've spent a few days going over the sample code and felt that I understood the big picture. I've been able to send an XML request for a profile ID - successfully - and a subsequent XML request for a token apparently successfully; I get a token that looks similar to this (all this output being echoed in the browser window: 5qUQDuuBL4deq6N7W3DBBuSEsA9oPZOY91S6f76p/wS1EU2v8EPQks8kC78FV1qkML3MuWzMO/Cl6b5Fq4hDlcXkG1hb3JC3lbrRgTdPHBRGZf2GQ6tiAqa8TfPkYvap8voN922BncMgP/++pmqtIeVPA3GV9UDmUCHckEcYnha3ytdzvEhZxskcB6/KKen0

 

I've got a form named "tokenform" which has a hidden field with the token in it, and targets the iframe name. The iframe opens up and displays a message "Powered by Authorize.net" & "Missing or invalid token."

Here's the section of code I think is having an issue:

 

[code]

<form name="tokenform" target="authnetpopup">
<input type="hidden" name="tokenfield" value=<?php echo htmlspecialchars($token); ?> />
</form>

<iframe id="authnetpopup" name="authnetpopup" src="https://test.authorize.net/profile/manage"></iframe>

[/code]

 

If someone could point out what must be the obvious, I'd be eternally grateful!

 

Thanks so much. Looking forward to your assistance!

 

 

 


Accepted Solutions
Solution
Accepted by topic author Fundamental
‎08-21-2015 01:58 AM
Expert
Posts: 4,525
Registered: ‎03-08-2010

Re: Iframe or Hosted Redirect - invalid or missing token

Now that I'm awake. the problem is that the <form /> is not posting anything, it doesn't have a button, there is no javascript that post the form. So basically, you are just try to open https://test.authorize.net/profile/manage on a iframe which will fail because it not getting any token. Download the sample code and see how it work and change it to work with php.

View solution in original post


All Replies
Contributor
Posts: 13
Registered: ‎09-25-2012

Re: Iframe or Hosted Redirect - invalid or missing token

I'll point out that I've tried several ways of passing that token variable (all within the php tags)

echo $token

$token

htmlspecialchars($token)

htmlspecialchars($parsedresponse->token)

$response

$parsedresponse

 

 

... and I've increased the form field size to 255 to make certain all of the token characters are making it in the form field.

 

I also have the exact same problem with the redirect code, for which I've copied the sample code in the CIM guide with the exception of using the current token ID instead of the sample.

Expert
Posts: 4,525
Registered: ‎03-08-2010

Re: Iframe or Hosted Redirect - invalid or missing token

[ Edited ]

 <input type="hidden" name="Token" value="..." />
other then that, not sure as I don't work with php.

Expert
Posts: 4,525
Registered: ‎03-08-2010

Re: Iframe or Hosted Redirect - invalid or missing token

wouldn't it be easier if you set the type as text until you can get it to work?

Contributor
Posts: 13
Registered: ‎09-25-2012

Re: Iframe or Hosted Redirect - invalid or missing token

Thanks for your quick reply.

 

Yes, I tried doing that, and that's what prompted me to set the field size to 255 characters because it seemed that the default field length was too short to hold the entire token value. I copied the working solution from http://community.developer.authorize.net/t5/Integration-and-Testing/CIM-timed-out-on-redirect/td-p/2... and tried that, but also to no avail.

 

<form method="post" name="tokenform" target="authnetpopup">
<input type="text" name="Token" value="<?php echo $token; ?>" />

</form>

<iframe id="authnetpopup" name="authnetpopup" src="https://test.authorize.net/profile/manage"></iframe>

 

I still get the same message.

Expert
Posts: 4,525
Registered: ‎03-08-2010

Re: Iframe or Hosted Redirect - invalid or missing token

I think it is name sensitive, change it to just like the sample

change the form id="formAuthorizeNetPage"

and the iframe to iframeAuthorizeNet

Contributor
Posts: 13
Registered: ‎09-25-2012

Re: Iframe or Hosted Redirect - invalid or missing token

Thanks for the suggestion - I just tried it and still not working.

 


<form method="post" name="formAuthorizeNetPage" target="iframeAuthorizeNet">
<input type="text" size="255" name="Token" value="<?php echo $token; ?>" />
</form>

<iframe id="iframeAuthorizeNet" name="iframeAuthorizeNet" src="https://test.authorize.net/profile/manage"></iframe>

 

 

Same error message, and though it shouldn't matter, I've even tried it with multiple browsers.

Contributor
Posts: 13
Registered: ‎09-25-2012

Re: Iframe or Hosted Redirect - invalid or missing token

Here's the rest of the surrounding code:

 

[code]

include_once ("vars.php");
include_once ("util.php");

//echo "create profile...<br><br>";

$email = $_POST["email"];

//build xml to post
$content =
    "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
    "<createCustomerProfileRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" .
      MerchantAuthenticationBlock().
      "<profile>".
        "<merchantCustomerId></merchantCustomerId>". // Your own identifier for the customer.
         "<description></description>".
        "<email>" . $email . "</email>".
      "</profile>".
    "</createCustomerProfileRequest>";

// echo "Raw request: " . htmlspecialchars($content) . "<br><br>";
$response = send_xml_request($content);
// echo "Raw response: " . htmlspecialchars($response) . "<br><br>";
$parsedresponse = parse_api_response($response);
if ("Ok" == $parsedresponse->messages->resultCode)
{

  $profileID = htmlspecialchars($parsedresponse->customerProfileId);

  echo "customerProfileID" . $profileID . "\n\n";

  // build XML content to post getHostedProfilePageRequest
  $content =
      "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
      "<getHostedProfilePageRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" .
        MerchantAuthenticationBlock() .
        "<customerProfileId>" . $profileID . "</customerProfileId>" .
        "<hostedProfileSettings>" .
// optional settings to change later. This is the action to take when leaving the authorize.net site.
//          "<setting>" .
//            "<settingName>hostedProfileReturnUrl</settingName>" .
//            "<settingValue>https://somesitehere.com/somepage.php</settingValue>" .
//          "</setting>" .
//          "<setting>" .
//            "<setting Name>hostedProfileReturnUrlText</settingName>" .
//            "<settingValue>Continue to somepage</settingValue>" .
//          "</setting>" .
      "</hostedProfileSettings>" .              
      "</getHostedProfilePageRequest>";
    
  $response = send_xml_request($content);
  $parsedresponse = parse_api_response($response);

  if("Ok"==$parsedresponse->messages->resultCode)
  {
    $token = htmlspecialchars($parsedresponse->token);
    echo $token . "\n\n";

 

?>



<form method="post" name="formAuthorizeNetPage" target="iframeAuthorizeNet">
<input type="text" size="255" name="Token" value="<?php echo $token; ?>" />

</form>

<iframe id="iframeAuthorizeNet" name="iframeAuthorizeNet" src="https://test.authorize.net/profile/manage"></iframe>


<?php


}


?>

[/code]

 

... and I'm just using the sample index.php page provided with the email form targeting this file. All output is correct until the iframe.

Expert
Posts: 4,525
Registered: ‎03-08-2010

Re: Iframe or Hosted Redirect - invalid or missing token

Can you download the sample code and start from there.I don't think the iframe work that way.

Contributor
Posts: 13
Registered: ‎09-25-2012

Re: Iframe or Hosted Redirect - invalid or missing token

Also tried hard-coding it within the PHP tags:

 

[code]

 

echo '<form method="POST" name="formAuthorizeNetPage" target "iframeAuthorizeNet">
<input type="text" size="255" name="Token" value="'.$token.'"></form>';
echo '<iframe id="iframeAuthorizeNet" name="iframeAuthorizeNet" src="https://test.authorize.net/profile/manage"></iframe>';

 

[/code]

 

but same error message. Capitalized POST as well.