Pesapal.com
  • Noton
  • PCI/DSS Compliant
Home / Forum

Forum

Welcome, Guest
Username
Password:
 
Forgot your password? Forgot your username? Create an account
Forum
Main Forum
Pesapal Integration

Help! Problem: signature_invalid | Advice: > |
(1 viewing) (1) Guest
Welcome to the Pesapal integration forum!

This forum discusses everything about Pesapal integration on your web site. Having any problems? This is the right place to post a question and we are sure you will get an answer
Reply Topic
New Topic
  • Page:
  • 1

TOPIC: Help! Problem: signature_invalid | Advice: > |

Help! Problem: signature_invalid | Advice: > | 12 years, 10 months ago #398

I'm seeing this message when I try to make a request to either the sandbox or the live API.

Problem: signature_invalid | Advice: > |


Here's an example of the URL I'm requesting:

"https://demo.pesapal.com/api/PostPesapalDirectOrderV4?oauth_consumer_key=UJG8%2BrbTFnf2T9ZkP3Lb0Z3n4FQOXnrl&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1369151097&oauth_nonce=xMrjP6PrnZc1iP9sZbSdZUvrY1wJK9wE4GXqtMEuVo&oauth_version=1.0&oauth_signature=jywJjK6dd8q4fBpWp0CS89EOw6c%3D&oauth_callback=http://localhost:3000&pesapal_request_data=%3C?xml%20version=%221.0%22%20encoding=%22utf-8%22?%3E%0A%3CPesapalDirectOrderInfo%20xmlns:xsi=%22http://www.w3.org/2001/XMLSchemainstance%22%20xmlns:xsd=%22http://www.w3.org/2001/XMLSchema%22%20Amount=%2212.34%22%20Description=%22Bob%20Test%201%22%20Type=%22MERCHANT%22%20Reference=%22808%22%20FirstName=%22Bob%22%20LastName=%22Tester%22%20Email=%22b[email protected]%22%20xmlns=%22http://www.pesapal.com%22%20/%3E%0A"


Can anyone see where I'm going wrong? This is driving me crazy!
Last Edit: 12 years, 10 months ago by bodacious.
Reply Quote

Re: Help! Problem: signature_invalid | Advice: > | 12 years, 10 months ago #399

Here's a gist with an example of the code I've used (in Ruby)

gist.github.com/Bodacious/5621252
Reply Quote

Re: Help! Problem: signature_invalid | Advice: > | 12 years, 10 months ago #400

  • lazro
  • OFFLINE
  • Administrator
  • Pesapal
  • Posts: 404
Hi,

The URL you have provided throws an error "Consumer key unknown". You are either using a consumer code for a demo merchant on the live API or vice versa. See these links on how to fix it:

1. developer.pesapal.com/forum/6-announceme...andbox-is-introduced
2. developer.pesapal.com/forum/2-pesapal-in...eyunknown--advice-g-

Due to the above error, i was not able to replicate the "Problem: signature_invalid | Advice: > |" error. Would you provide a link to your application's form ? The URL generated by pesapal is timestamped hence giving the full URL as given before will result to errors.

Generally, the Problem: signature_invalid | Advice: > |" error usually appears if your Oauth file generates an incorrect signature hence authentication fails. If possible try using a different Oauth version.

Regards,
Lazaro
Regards,

Lazaro Ong'ele
Web Developer

Skype: Lazrotep
+254-020-249-5438 ; +254-706-191-729
Dagoretti Lane, Off Naivasha Road.

Facebook: www.facebook.com/pesapal
Twitter: twitter.com/PesaPal
Helpdesk: support.pesapal.com
This e-mail address is being protected from spambots. You need JavaScript enabled to view it.
Reply Quote

Re: Help! Problem: signature_invalid | Advice: > | 12 years, 10 months ago #401

Hi Lazro, thanks for your reply

I changed the comsumer key part of the URL I pasted in my question because I didn't want to expose it on an open Internet forum

The rest of the URL is exactly the same though and, with the correct key I do get an invalid signature error.

Does the URL format look valid to you?

Which version of OAuth are you using?
Reply Quote

Re: Help! Problem: signature_invalid | Advice: > | 12 years, 10 months ago #402

  • lazro
  • OFFLINE
  • Administrator
  • Pesapal
  • Posts: 404
Hi Bodacious,

The URL format is correct. I have tested the URL on my PHP application and it has worked. We are using OAuth version 1.0 . Is it the same one that you are using?

Regards,
Lazaro
Regards,

Lazaro Ong'ele
Web Developer

Skype: Lazrotep
+254-020-249-5438 ; +254-706-191-729
Dagoretti Lane, Off Naivasha Road.

Facebook: www.facebook.com/pesapal
Twitter: twitter.com/PesaPal
Helpdesk: support.pesapal.com
This e-mail address is being protected from spambots. You need JavaScript enabled to view it.
Reply Quote

Re: Help! Problem: signature_invalid | Advice: > | 12 years, 10 months ago #403

I'm using OAuth version 1.0

Here's a fresh URL generated by my code - I haven't changed anything this time.

demo.pesapal.com/API/PostPesapalDirectOr...om%2522%2520%2F%253E

You'll probably find that it's still returning the same error.

Is there any way I can reset my consumer key and secret?

Any other reasons you can think of that I might be generating the wrong signature code?
Reply Quote

Re: Help! Problem: signature_invalid | Advice: > | 12 years, 10 months ago #404

Here are the default options for creating an OAuth Consumer with the Ruby lib that I'm using

 
@@default_options =
{
  # Signature method used by server. Defaults to HMAC-SHA1
  :signature_method   => 'HMAC-SHA1',
   # default paths on site. These are the same as the defaults set up by the generators
  :request_token_path => '/oauth/request_token',
  :authorize_path     => '/oauth/authorize',
  :access_token_path  => '/oauth/access_token',
   :proxy              => nil,
  # How do we send the oauth values to the server see
  # http://oauth.net/core/1.0/#consumer_req_param for more info
  #
  # Possible values:
  #
  #   :header - via the Authorize header (Default) ( option 1. in spec)
  #   :body - url form encoded in body of POST request ( option 2. in spec)
  #   :query_string - via the query part of the url ( option 3. in spec)
  :scheme        => :header,
   # Default http method used for OAuth Token Requests (defaults to :post)
  :http_method   => :post,
   # Add a custom ca_file for consumer
  # :ca_file       => '/etc/certs.pem'
   :oauth_version => "1.0"
}
 


Can I confirm that I should be using:

  • signature_method => 'HMAC-SHA1'
  • scheme => :query_string (params are in the URL, not the post DATA or Headers)
  • http_method => :get


Thanks!
Reply Quote

Re: Help! Problem: signature_invalid | Advice: > | 12 years, 10 months ago #405

Can you (or someone) please paste me an example of a valid URL so I can compare and make sure there are no issues?

Thanks
Reply Quote

Re: Help! Problem: signature_invalid | Advice: > | 12 years, 10 months ago #410

I've fixed this problem now

The signature was invalid because the url params I was signing with were not all there.

Here's my Ruby solution in case any other Ruby developers hit the same problem:

 
module PesaPal
  require 'active_support'
  include ActiveSupport::Configurable
 
  self.configure do |config|
    config.test_mode       = true
    config.consumer_key    = "<my key>"
    config.consumer_secret = "<consumer secret>"
  end
 
end
 
class TransactionUrl
 
  require 'oauth'
  require 'uri'
  require 'active_support/core_ext/object/to_query'
  require 'htmlentities'
 
  attr_reader :post_data_xml, :callback_url, :token
 
  HTTP_METHOD = 'get'
  API_ACTION = '/API/PostPesapalDirectOrderV4'
 
  def initialize(post_data_xml, callback_url)
    @post_data_xml   = post_data_xml
    @callback_url    = callback_url
    @token           = nil
  end
 
  def api_domain
    PesaPal.config[:test_mode] ? 'http://demo.pesapal.com' : 'https://www.pesapal.com'
  end
 
  def url
    "#{api_domain}#{signed_request.path}"
  end
 
  def consumer
    @consumer ||= begin
      OAuth::Consumer.new(consumer_key, consumer_secret, {
        site: api_domain,
        http_method: HTTP_METHOD,
        scheme: :query_string
      })
    end
  end
 
  def consumer_key
    PesaPal.config[:consumer_key]
  end
 
  def consumer_secret
    PesaPal.config[:consumer_secret]
  end
 
  def signed_request
    consumer.create_signed_request HTTP_METHOD, request_url, nil, {}, params
  end
 
  def request_url
    API_ACTION + "?" + params_to_string
  end
 
 
  def params
    @params ||= {      
      'oauth_callback'       => callback_url,
      'pesapal_request_data' => escaped_xml,
    }
  end
 
  def params_to_string
    strings = []
    for key, value in params
      strings << "#{key}=#{CGI::escape(value)}"
    end
    strings.join('&')
  end
 
  def escaped_xml
    html_escaped_xml = HTMLEntities.new.encode(post_data_xml)
  end
 
end
 
@amount      = 12.34;
@desc        = "Bob Description";
@type        = "MERCHANT"; # default value = MERCHANT
@reference   = 808; # unique order id of the transaction, generated by merchant
@first_name  = "bob"; # [optional]
@last_name   = "mck"; # [optional]
@email       = "[email protected]";
@phonenumber = '"
 
XML = "<put your XML here>"
CALLBACK = "http://katanacode.com"
 
t = TransactionUrl.new(XML, CALLBACK)
puts t.url
Last Edit: 12 years, 10 months ago by bodacious.
Reply Quote

Re: Help! Problem: signature_invalid | Advice: > | 12 years, 6 months ago #567

  • jobkingori
Guys ... please have a look at this and even try it out if you have time.

https://gist.github.com/itsmrwave/6733866#file-readme-md
Reply Quote
Reply Topic
New Topic
  • Page:
  • 1
Forum
Main Forum
Pesapal Integration