问题描述
我一直收到拒绝卡的日志并显示错误:"Execution of Hmac-authentication Failed with error:Exception thrown from JavaScript : HMACERROR (hmac_helper#196)"
此处描述的所有内容:http://developer.payeezy.com/faqs/i-am-getting-403-hmac-validation-failure-response-how-do-i-resolve 都很好。
这是在同一台服务器中的相同代码,但是,它对大多数客户端有效,但对其他客户端无效。
支付服务在 .Net Core 3.1 中,如下所示:
...
(removed for brevity)
...
Random random = new Random();
string nonce = (random.Next(0,1000000)).ToString();
string time = DateTimeOffset.Now.ToUnixTimeMilliseconds().ToString(); // <- EPOCH UTC
string token = _configOptions.MerchandToken;
string apiKey = _configOptions.ApiKey; // <- I'm sure it has no spaces and it's the correct key
string apiSecret = _configOptions.ApiSecret; // <- Again,no spaces and I'm sure it's the correct secret
string hashData = apiKey + nonce + time + token + payloadJson;
string base64Hash = Convert.ToBase64String(CalculateHMAC(hashData,apiSecret));
string url = _configOptions.EndPoint;
ServicePointManager.SecurityProtocol = (SecurityProtocolType) 3072;
HttpWebRequest webRequest = (HttpWebRequest) WebRequest.Create(url);
webRequest.Method = "POST";
webRequest.Accept = "*/*";
// Now all values that have to go in the header
webRequest.Headers.Add("timestamp",time);
webRequest.Headers.Add("nonce",nonce);
webRequest.Headers.Add("token",token);
webRequest.Headers.Add("apikey",apiKey);
webRequest.Headers.Add("Authorization",base64Hash);
webRequest.ContentLength = payload.Length;
webRequest.ContentType = "application/json";
StreamWriter writer = null;
writer = new StreamWriter(webRequest.GetRequestStream());
writer.Write(payloadJson);
writer.Close();
using (HttpWebResponse webResponse = (HttpWebResponse) webRequest.GetResponse())
{
using (StreamReader responseStream = new StreamReader(webResponse.GetResponseStream()))
{
responseString = responseStream.ReadToEnd();
}
}
...
(removed for brevity)
...
private byte[] CalculateHMAC(string data,string secret)
{
HMAC hmacSha256 = new HMACSHA256(Encoding.UTF8.GetBytes(secret));
byte[] dataBytes = Encoding.UTF8.GetBytes(data);
byte[] hmac2Hex = hmacSha256.ComputeHash(Encoding.UTF8.GetBytes(data));
string hex = BitConverter.ToString(hmac2Hex);
hex = hex.Replace("-","").ToLower();
byte[] hexArray = Encoding.UTF8.GetBytes(hex);
return hexArray;
}
我了解某些卡片会因多种因素而被拒绝。我只想知道正确的原因。
但在这种情况下......同一台服务器中的相同代码怎么可能会为某些客户引发 Hmac-authentication 错误,而对其他客户却不会?
我的代码有问题吗?你有过这样的经历吗?
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)