Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Code : 1005,"Security Data : UsernameToken authentication failed" #2

Open
zdivyesh opened this issue Mar 16, 2020 · 7 comments
Open

Code : 1005,"Security Data : UsernameToken authentication failed" #2

zdivyesh opened this issue Mar 16, 2020 · 7 comments

Comments

@zdivyesh
Copy link

Screenshot_1584348058

I am facing this issue while encrypting card detail while running this sample.

Any help with this will be appreciated. Thank you.
@frantoqui
Copy link

You need to add the SOAP key in the encryption

@ravi-python-mss
Copy link

Facing same issue, can you please check? or guide where I need to update what

@ratiebareeng
Copy link

ratiebareeng commented Dec 13, 2020
edited
Loading

You need to add the SOAP key in the encryption

I am using the SOAP transaction key and getting the same error. Any idea what I should use for api_login_id field?
as found here: https://github.com/CyberSource/cybersource-android-sdk

@ratiebareeng
Copy link

You need to add the SOAP key in the encryption

I am using the SOAP transaction key and getting the same error. Any idea what I should use for api_login_id field?
as found here: https://github.com/CyberSource/cybersource-android-sdk

Managed to successfully encrypt card details.
The api_login_id is your Merchant ID which you can get from the business center

@priya-inx
Copy link

I am getting same error when I am adding amount variable in 'MessageSignature'.
I checked out this repo and just performed basic transaction using this code. In the transaction dashboard, I can see the transaction details but not able to see amount and currency. So in the 'generateSignature' method, while creating string 'signatureComponents' I added amount. On clicking 'Encrypt' its giving this Error Code 1005

 ```
    String signatureComponents = stringHmacSha1
            + loginId + transactionObject.getMerchantReferenceCode()   
            + amount    // ----------------- Adding this is giving error 1005 --------------------------------------
            + timeStamp;


Kindly let me know, if this is correct way to see amount in transactions.

@ratiebareeng
Copy link

ratiebareeng commented Apr 25, 2021
edited
Loading

I am getting same error when I am adding amount variable in 'MessageSignature'.
I checked out this repo and just performed basic transaction using this code. In the transaction dashboard, I can see the transaction details but not able to see amount and currency. So in the 'generateSignature' method, while creating string 'signatureComponents' I added amount. On clicking 'Encrypt' its giving this Error Code 1005

String signatureComponents = stringHmacSha1
        + loginId + transactionObject.getMerchantReferenceCode()   
        + amount    // ----------------- Adding this is giving error 1005 --------------------------------------
        + timeStamp;

Kindly let me know, if this is correct way to see amount in transactions.

This is an authentication error. In order to make a successful call to the api you have to generate a signature to sign your call to the api.

After getting user card and billing data, use the inapp sdk to encrypt the user data before passing it to your server for transaction processing, this will help reduce your PCI burden.

To encrypt the data you have to create a message signature (server side) using:

  1. Your soap transaction key, get this from your sandbox/live environment
  2. Merchant ID/API Login Id,
  3. Merchant reference code (this can be any significant string like project name)
  4. UTC timestamp of the transaction.

First create a HMAC-SHA1 of the soap transaction key. Then create a string concatenation of the HMAC-SHA1, your Merchant ID, a Merchant reference code and UTC timestamp:

String signatureComponents = transactionKeySha1 + Merchant Id + Merchant reference code + timestamp;

Next create a HMAC-SHA256 of the signatureComponents String. The result is your message signature.

The MessageSignature class in the inapp sdk samples shows you how to generate the signature in java so you can transform the code to whichever language you need for your server. In my case I did it in PHP.

After generating a signature you can make a call to the api to encrypt card data passing in your signature:

apiClient.performApi(InAppSDKApiClient.Api.API_ENCRYPTION,
transactionObject, signature);

If your signature is valid your call will be authenticated and processed.

I hope this helps.

@ratiebareeng
Copy link

ratiebareeng commented Apr 27, 2021
edited
Loading

I am getting same error when I am adding amount variable in 'MessageSignature'.
I checked out this repo and just performed basic transaction using this code. In the transaction dashboard, I can see the transaction details but not able to see amount and currency. So in the 'generateSignature' method, while creating string 'signatureComponents' I added amount. On clicking 'Encrypt' its giving this Error Code 1005

String signatureComponents = stringHmacSha1
        + loginId + transactionObject.getMerchantReferenceCode()   
        + amount    // ----------------- Adding this is giving error 1005 --------------------------------------
        + timeStamp;

Kindly let me know, if this is correct way to see amount in transactions.

You don't need to add amount. If you look carefully in the MessageSignature.java, you will see that they did not use amount.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@frantoqui @ratiebareeng @zdivyesh @ravi-python-mss @priya-inx