Adding (tokenizing) cards 401 (Unauthorized)
raidokulla opened this issue · 0 comments
Unable to get 301 redirect URL. Response: 401 (Unauthorized)
The documentation states that no signature header is needed, auth is done with form params.
I am working with Node.js.
My params to calculate the Hmac signature key.
const params = {
'checkout-account': process.env.PAYTRAIL_ID,
'checkout-algorithm': 'sha256',
'checkout-method': 'POST',
'checkout-nonce': '123456',
'checkout-redirect-success-url': 'http://localhost:3000',
'checkout-redirect-cancel-url': 'http://localhost:3000'
}
The key will be: 5c07c04aa2d97a6eb0f8a8240e47f5a1e838cdf0d88edc7a21e347f76d8f55c6
As the documentation states, it's a form data with method POST. My form:
const form = new FormData()
form.append('checkout-account', process.env.PAYTRAIL_ID)
form.append('checkout-algorithm', 'sha256')
form.append('checkout-method', 'post')
form.append('checkout-nonce', '123456')
form.append('checkout-redirect-success-url', 'http://localhost:3000')
form.append('checkout-redirect-cancel-url', 'http://localhost:3000')
form.append('signature', signature)
And then we send out the request:
form.submit(payTrail, function(err, res) {
console.log(res.statusCode)
console.log(res.statusMessage)
res.resume()
})
Response: 401 / Unauthorized
Let's console.log to check what was sent out
hmacPayload:
checkout-account:375917
checkout-algorithm:sha256
checkout-method:POST
checkout-nonce:123456
checkout-redirect-cancel-url:http://localhost:3000
checkout-redirect-success-url:http://localhost:3000
PAYTRAIL URL: https://services.paytrail.com/tokenization/addcard-form
PAYTRAIL SECRET: SAIPPUAKAUPPIAS
PAYTRAIL ID: 375917
Here is the full code from my controller:
const payTrail = 'https://services.paytrail.com/tokenization/addcard-form'
const params = {
'checkout-account': process.env.PAYTRAIL_ID,
'checkout-algorithm': 'sha256',
'checkout-method': 'POST',
'checkout-nonce': '123456',
'checkout-redirect-success-url': 'http://localhost:3000',
'checkout-redirect-cancel-url': 'http://localhost:3000'
}
const signature = await myFunc.calculateHmac(process.env.PAYTRAIL_KEY, params, undefined)
console.log('PAYTRAIL URL:', payTrail)
console.log('PAYTRAIL SECRET:', process.env.PAYTRAIL_KEY)
console.log('PAYTRAIL ID:', process.env.PAYTRAIL_ID)
console.log('Hmac:', signature)
const form = new FormData()
form.append('checkout-account', process.env.PAYTRAIL_ID)
form.append('checkout-algorithm', 'sha256')
form.append('checkout-method', 'post')
form.append('checkout-nonce', '123456')
form.append('checkout-redirect-success-url', 'http://localhost:3000')
form.append('checkout-redirect-cancel-url', 'http://localhost:3000')
form.append('signature', signature)
form.submit(payTrail, function(err, res) {
console.log(res.statusCode)
console.log(res.statusMessage)
res.resume()
})
Here is the Hmac function I use (copied from Paytrail example for Node.js)
// CALCULATE HMAC
const calculateHmac = (secret, params, body) => {
const hmacPayload = Object.keys(params)
.sort()
.map((key) => [key, params[key]].join(':'))
.concat(body ? JSON.stringify(body) : '')
.join('\n');
console.log('hmacPayload:')
console.log(hmacPayload)
return crypto.createHmac('sha256', secret).update(hmacPayload).digest('hex')
}