我一直收到拒绝卡的日志并显示错误："Execution of Hmac-authentication Failed with error:Exception thrown from JavaScript : HMACERROR (hmac_helper#196)"

此处描述的所有内容：http://developer.payeezy.com/faqs/i-am-getting-403-hmac-validation-failure-response-how-do-i-resolve 都很好。

这是在同一台服务器中的相同代码，但是，它对大多数客户端有效，但对其他客户端无效。

支付服务在 .Net Core 3.1 中，如下所示：

...
(removed for brevity)
...
            Random random = new Random();
            string nonce = (random.Next(0,1000000)).ToString();
            string time = DateTimeOffset.Now.ToUnixTimeMilliseconds().ToString(); // <- EPOCH UTC

            string token = _configOptions.MerchandToken;
            string apiKey = _configOptions.ApiKey; // <- I'm sure it has no spaces and it's the correct key
            string apiSecret = _configOptions.ApiSecret; // <- Again,no spaces and I'm sure it's the correct secret
            string hashData = apiKey + nonce + time + token + payloadJson;
            string base64Hash = Convert.ToBase64String(CalculateHMAC(hashData,apiSecret));
            string url = _configOptions.EndPoint;

            ServicePointManager.SecurityProtocol = (SecurityProtocolType) 3072;
            HttpWebRequest webRequest = (HttpWebRequest) WebRequest.Create(url);

            webRequest.Method = "POST";
            webRequest.Accept = "*/*";
            
            // Now all values that have to go in the header
            webRequest.Headers.Add("timestamp",time);
            webRequest.Headers.Add("nonce",nonce);
            webRequest.Headers.Add("token",token);
            webRequest.Headers.Add("apikey",apiKey);
            webRequest.Headers.Add("Authorization",base64Hash);
            webRequest.ContentLength = payload.Length;
            webRequest.ContentType = "application/json";

            StreamWriter writer = null;
            writer = new StreamWriter(webRequest.GetRequestStream());
            writer.Write(payloadJson);
            writer.Close();
                    
            using (HttpWebResponse webResponse = (HttpWebResponse) webRequest.GetResponse())
            {
                 using (StreamReader responseStream = new StreamReader(webResponse.GetResponseStream()))
                 {
                      responseString = responseStream.ReadToEnd();
                 }
            }
...
(removed for brevity)
...


        private byte[] CalculateHMAC(string data,string secret)
        {
            HMAC hmacSha256 = new HMACSHA256(Encoding.UTF8.GetBytes(secret));
            byte[] dataBytes = Encoding.UTF8.GetBytes(data);
            byte[] hmac2Hex = hmacSha256.ComputeHash(Encoding.UTF8.GetBytes(data));

            string hex = BitConverter.ToString(hmac2Hex);
            hex = hex.Replace("-","").ToLower();
            byte[] hexArray = Encoding.UTF8.GetBytes(hex);
            return hexArray;
        }

我了解某些卡片会因多种因素而被拒绝。我只想知道正确的原因。

但在这种情况下......同一台服务器中的相同代码怎么可能会为某些客户引发 Hmac-authentication 错误，而对其他客户却不会？

我的代码有问题吗？你有过这样的经历吗？

解决方法

暂无找到可以解决该程序问题的有效方法，小编努力寻找整理中！

如果你已经找到好的解决方法，欢迎将解决方案带上本链接一起发送给小编。

小编邮箱:dio#foxmail.com (将#修改为@）