Invalid timestamp on Dwolla payment form - dwolla

My form is currently like this:
<form action="https://www.dwolla.com/payment/pay" method="POST" class="form-horizontal">
<input type="hidden" name="_csrf" value="[redacted]">
<input type="hidden" name="key" value="[redacted]">
<input type="hidden" name="signature" value="[redacted]">
<input type="hidden" name="timestamp" value="1347696587496">
<input type="hidden" name="callback" value="http://127.0.0.1:3000/donate/dwolla">
<input type="hidden" name="redirect" value="http://127.0.0.1:3000/credits">
<input type="hidden" name="test" value="1">
<input type="hidden" name="destinationId" value="812-726-7978">
<input type="hidden" name="shipping" value="0.25">
<input type="hidden" name="tax" value="0">
<input type="hidden" name="name" value="donation credit">
<input type="hidden" name="description" value="donation credit">
<!-- amount input and submit button -->
</form>
Using node.js, I create my signature like so (note that I do not use any order ids):
dwolla.signature.create = function(timestamp) {
return crypto
.createHmac('sha1', dwolla.secret)
.update(dwolla.key)
.update('&')
.update(timestamp.getTime().toString())
.update('&')
.digest('hex')
}
var timestamp = new Date()
var signature = dwolla.signature.create(timestamp)
Now when I click submit, I get a callback at the following address: http://127.0.0.1:3000/credits?error=failure&error_description=Invalid+timestamp. This means that at least my key/secret is valid and so is my signature, but my timestamp isn't.
What is wrong with my timestamp?

Javascript time is in milliseconds not seconds -_-

Related

Paypal BuyNow - GET instead of POST with params for returnUrl

I´m running into an issue that I detected today. I have the following paypal button config :
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" i d="paypalFormId">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="mybusinessID">
<input type="hidden" name="lc" value="DE">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="no_shipping" value="2">
<input type="hidden" name="item_name" value="MyProductName">
<input type="hidden" name="amount" value="1.00">
<input type="hidden" name="custom" value="somecustom infos needed in the redirection">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="return" value="https://myreturnurl.com">
<input type="hidden" name="cancel_return" value="https://mycancelurl.com">
<input type="hidden" name="currency_code" value="EUR">
<input type="hidden" name="notify_url" value="myIPNUrl">
<input type="hidden" name="bn" value="PP-BuyNowBF:btn_buynowCC_LG.gif:NonHosted">
<div class="row">
<button type="submit" class="btn btn-submit-next pull-right">Bestellung abschließen</button>
</div>
I didn´t change anything that could impact this code in the last days, nevertheless, redirection POST parameters are missing and redirection is a GET now and not a POST method anymore, even with the rm=2 !
Any idea, what´s going on ?
Best regards,
Antoine
Edited :
I was able to isolate the issue on JSFiddle : if I remove the item_name input then it works. I have no clue why but maybe it helps you guy telling me what I do wrong !
We had the same problem.
You need to enable "PDT", then the custom field will be returned in the "cm" variable of the return url post.
"Auto Return" also needs to be enabled to use "PDT", but you can still set the return URL in the button form post instead of in the "Auto Return" config if you need it to be dynamic.
https://developer.paypal.com/docs/classic/products/payment-data-transfer/
Try out this sandbox pay button and see what the response looks like when it is recorded on our return URL.
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick"><input type="hidden" name="amount" value="0.67">
<input type="hidden" name="cancel_return" value="http://test.smsportal.co.za/onlinePaymentv2/Testing3rdPartyResponse.aspx">
<input type="hidden" name="custom" value="this is the custom variable. it is named 'cm' in the returned Url.">
<input type="hidden" name="return" value="http://test.smsportal.co.za/onlinePaymentv2/Testing3rdPartyResponse.aspx">
<input type="hidden" name="rm" value="2">
<input type="hidden" name="cbt" value="Return to Merchant"> <input type="hidden" name="business" value="paypalmerchant#smsportal.com">
<input type="hidden" name="item_name" value="Credit Purchase">
<input type="hidden" name="currency_code" value="EUR">
<input type="hidden" name="button_subtype" value="services"><input type="hidden" name="bn" value="PP-BuyNowBF:btn_buynowCC_LG.gif:NonHostedGuest">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="Pay now"><img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"></form>

Paypal Hosted language bug. Based on 'country' instead of 'lc' for Paypal Express button

Create a paypal hosted form using the templateD option with lc="GB" but shipping country of another language than English (like NL)
When given the option to pay with Paypal Express or credit card, choose the Paypal express option.
When redirected to paypal, the paypal login form is shown in dutch because it is using the "country" value instead of the "lc" value. I've confirmed this by forcing "GB" in the country value.
Here's the html form:
<form action="https://securepayments.paypal.com/webapps/HostedSoleSolutionApp/webflow/sparta/hostedSoleSolutionProcess" method="post" id="checkout-form">
<input type="hidden" name="cmd" value="_hosted-payment">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="shipping" value="4.13">
<input type="hidden" name="tax" value="0.83">
<input type="hidden" name="subtotal" value="22.98">
<input type="hidden" name="business" value="xxx#xxx.com">
<input type="hidden" name="currency_code" value="GBP">
<input type="hidden" name="showShippingAddress" value="true">
<input type="hidden" name="first_name" value="test">
<input type="hidden" name="last_name" value="test">
<input type="hidden" name="address1" value="123 Test">
<input type="hidden" name="address2" value="">
<input type="hidden" name="city" value="Laren">
<input type="hidden" name="zip" value="1251TM">
<input type="hidden" name="country" value="NL">
<input type="hidden" name="state" value="Noord Holland">
<input type="hidden" name="night_phone_b" value="252525">
<input type="hidden" name="billing_first_name" value="test">
<input type="hidden" name="billing_last_name" value="test">
<input type="hidden" name="billing_address1" value="123 UK Street, Suite UK1">
<input type="hidden" name="billing_address2" value="">
<input type="hidden" name="billing_city" value="Aberdeen">
<input type="hidden" name="billing_zip" value="AB10">
<input type="hidden" name="billing_country" value="GB">
<input type="hidden" name="logoImage" value="https://www.specialistsupplements.com/image/data/specialist-supplements-logo.png">
<input type="hidden" name="billing_state" value="Aberdeen">
<input type="hidden" name="showBillingPhone" value="false">
<input type="hidden" name="showHostedThankyouPage" value="false">
<input type="hidden" name="buyer_email" value="test#test.com">
<input type="hidden" name="invoice" value="123">
<input type="hidden" name="lc" value="GB">
<input type="hidden" name="charset" value="utf-8">
<input type="hidden" name="address_override" value="false">
<input type="hidden" name="paymentaction" value="sale">
<input type="hidden" name="return" value="xxxx">
<input type="hidden" name="notify_url" value="xxxx">
<input type="hidden" name="cancel_return" value="xxxx">
<input type="hidden" name="custom" value="123">
<input type="hidden" name="template" value="templateD">
</form>
The "lc" code in this is "GB" which is what should force "English". The problem is a person who does not read dutch may want to send an item to a friend in another country and will not be able to read the payment options. At the very least it should be using the billing_country value, but ultimately use the lc code as that is its intended use.
I found that PayPal was ignoring the lc and billing_country fields.
In my case, both were set to CA, but upon arrival at PayPal, it would always show United States for the billing country, not Canada.
The workaround I found is to set:
<input name="landing_page" value="billing" type="hidden">
After I set this variable, PayPal stopped ignoring the billing_country field.

Paypal Payments Standard Multi-Product Carts Failing - BADINPUTERROR

Having a very hard to explain issue. I have a custom cart implementation. Some of my cart forms go through fine, but some give back a bad input error with not much additional explanation.
For example, this form submits fine and the payment gateway appears:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="charset" value="utf-8">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="business" value="m-app#thezyx.com">
<input type="hidden" name="item_name_1" value="Power Long Sleeve L-Black">
<input type="hidden" name="item_number_1" value="06034">
<input type="hidden" name="amount_1" value="45.00">
<input type="hidden" name="shipping_1" value="4">
<input type="hidden" name="quantity_1" value="1">
<input type="hidden" name="item_name_2" value="Classic B1100 Beanie">
<input type="hidden" name="item_number_2" value="39856">
<input type="hidden" name="amount_2" value="40.00">
<input type="hidden" name="shipping_2" value="0">
<input type="hidden" name="quantity_2" value="1">
<input type="hidden" name="custom" value="custom_string">
<input type="hidden" name="tax_cart" value="0">
<input type="hidden" name="notify_url" value="http://mynotificationurl.com">
<input type="hidden" name="rm" value="1">
<input type="hidden" name="cbt" value="Back to Store">
<input type="hidden" name="bn" value="MY_ShoppingCart_WPS_US">
<input type="hidden" name="return" value="http://www.example.com">
<input type="hidden" name="cancel_return" value="http://www.example.com">
</form>
However this form, generated by the same script, continues to fail:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="charset" value="utf-8">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="business" value="m-app#thezyx.com">
<input type="hidden" name="item_name_1" value="Power Long Sleeve L-Black">
<input type="hidden" name="item_number_1" value="06034">
<input type="hidden" name="amount_1" value="45.00">
<input type="hidden" name="shipping_1" value="4">
<input type="hidden" name="quantity_1" value="1">
<input type="hidden" name="item_name_2" value="Classic B1100 Beanie">
<input type="hidden" name="item_number_2" value="39856">
<input type="hidden" name="amount_2" value="40.00">
<input type="hidden" name="shipping_2" value="0">
<input type="hidden" name="quantity_2" value="1">
<input type="hidden" name="item_name_3" value="EXS R1 Poster">
<input type="hidden" name="item_number_3" value="80069">
<input type="hidden" name="amount_3" value="25.00">
<input type="hidden" name="shipping_3" value="0">
<input type="hidden" name="quantity_3" value="1">
<input type="hidden" name="custom" value="custom_string">
<input type="hidden" name="tax_cart" value="0">
<input type="hidden" name="notify_url" value="https://mynotificationurl.com">
<input type="hidden" name="rm" value="1">
<input type="hidden" name="cbt" value="Back to Store">
<input type="hidden" name="bn" value="MY_ShoppingCart_WPS_US">
<input type="hidden" name="return" value="http://www.example.com">
<input type="hidden" name="cancel_return" value="http://www.example.com">
</form>`
These forms are identical with exception to the third product in the list. The first form works and the second does not. I see no issues with any of the input data.
Also important to note that I ONLY get this error with more than 1 item in the cart, and it has nothing to do with individual products. When the third product in the second form is the only item in the cart, it submits fine. All of the data is the same. Am I crazy or is this a Paypal bug, or are they doing maintenance?
Here is the url Paypal redirects to when it fails:
https://www.paypal.com/webapps/shoppingcart/error?flowlogging_id=4936eeb7c68aa&code=BAD_INPUT_ERROR&mfid=1493965871301_4936eeb7c68aa
Thank you in advance for any help!!
Got a response back from Paypal today. It seems that in recent updates to their platform, they set a character limit on the custom field to 256.
My custom fields would fill up with more data the more items that were added to the cart, so that's why the error was only on multi-item carts. There seems to be not a lot of documentation on this.
Here was another question I found useful: Paypal html button custom field limit

Paypal ipn catch payment cancel event

I am trying to do the following: When the user selects some items and click "Pay Now" button on our website, I mark the selected items status as "on hold" so no one else can select these items. If I receive "complete" from ipn I will mark the items as "purchased" and do other database change. If I receive "canceled" from ipn I will mark the "on hold" items back to "available".
It works fine when the user did make the payment (complete). However, if the user exit the payment flow (for example just close the browser tab) I didn't receive any messages. I am not sure why this is happening. Or the ipn just wouldn't give a message if the transaction is not complete?
Here is the code of the paypal button:
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="business" value="********-facilitator#gmail.com">
<input type="hidden" name="env" value="www.sandbox">
<input type="hidden" name="address_override" value="1">
<c:set var="index" value="${1}"/>
<c:forEach items="${items}" var="item">
<input type="hidden" name="item_name_${index}" value="${item.title}">
<input type="hidden" name="amount_${index}" value="${item.askPrice}">
<input type="hidden" name="tax_${index}" value="$<fmt:formatNumber type="number" maxFractionDigits="2" value="${item.askPrice * taxRate}" />">
<c:if test="${index == 1}">
<input type="hidden" name="shipping_${index}" value="$<fmt:formatNumber type="number" maxFractionDigits="2" value="${shipmentFee}" />">
</c:if>
<c:set var="index" value="${index + 1}"/>
</c:forEach>
<c:remove var="index"/>
<!-- Fill full name in the first_name field -->
<input type="hidden" name="first_name" value="${info.recipient}">
<input type="hidden" name="notify_url" value="<c:url value="https://********.localtunnel.me/payment/paypal/ipn"></c:url>">
<input type="hidden" name="address1" value="${info.addressLine1}">
<input type="hidden" name="address2" value="${info.addressLine2}">
<input type="hidden" name="city" value="${info.city}">
<input type="hidden" name="state" value="${info.state}">
<input type="hidden" name="zip" value="${info.zip}">
<input type="hidden" name="country" value="US">
<input type="hidden" name="email" value="${info.email}">
<input type="hidden" name="custom" value="${flowId}">
<input type="image" name="submit" border="0"
src="https://www.paypalobjects.com/webstatic/en_US/i/buttons/checkout-logo-large.png" alt="Check out with PayPal">
</form>

Please return to the payment page and correct the address

i have an problem with integration of paypal sandbox for Australia.
in back end i enabled all tab except billing_phone number. when i click pay now i get following error Please return to the payment page and correct the address. here i am attaching my code. thanks in advance
<iframe name="hss_iframe" width="600px" height="600px" style="margin-top:-5px"></iframe>
<form style="display:none" target="hss_iframe" name="form_iframe" method="post" action="https://securepayments.sandbox.paypal.com/acquiringweb">
<input type="hidden" name="cmd" value="_hosted-payment">
<input type="hidden" name="currency_code" value="AUD">
<input type name="subtotal" value="71">
<input type="hidden" name="business" value="FK4PGWANVUF9C">
<input type="hidden" name="shipping" value="0">
<input type name="paymentaction" value="sale">
<input type="hidden" name="template" value="templateD">
<input type="hidden" name="invoice" value="12345">
<input type="hidden" name="billing_first_name" value="John">
<input type="hidden" name="billing_last_name" value="Due">
<input type="hidden" name="billing_address1" value="5 Cromwell St">
<input type="hidden" name="billing_address2" value="Glen Iris">
<input type="hidden" name="billing_city" value="Glen Iris">
<input type="hidden" name="billing_state" value="VIC">
<input type="hidden" name="billing_zip" value="3146">
<input type="hidden" name="buyer_email" value="mark#bssound.com.au">
<input type="hidden" name="billing_country" value="AU">
<input type name="return" value="https://122.165.58.219/team2/wpp-hosted/receipt_page.html">
</form>
<script type="text/javascript">
document.form_iframe.submit();
</script>
My code wasn't working either, but I didn't have the billing fields which I have now added and it worked.
I didn't have:
<input type="hidden" name="currency_code" value="AUD">
<input type="hidden" name="shipping" value="0">
Hope this helps anyone
I had the same problem. I resolved it by adding the same bunch of fields but without "billing_". In your case it will be:
<input type="hidden" name="first_name" value="John">
<input type="hidden" name="last_name" value="Due">
<input type="hidden" name="address1" value="5 Cromwell St">
<input type="hidden" name="city" value="Glen Iris">
<input type="hidden" name="state" value="VIC">
<input type="hidden" name="zip" value="3146">
<input type="hidden" name="country" value="AU">
I don't know whether it's important or not but I also removed both "billing_address2" and "address2".