I am integrating Payfort payment gateway in my android application. I am using FORT SDKv1.2. In the post url for creating token, I am getting error "signature mismatch" always.
Can anybody tell me which signature is to be used?
url - https://sbpaymentservices.payfort.com/FortAPI/paymentApi
On
I have faced same problem and found there is problem in integration settings.Just login into your payfort account and goto payment integration settings then your merchant reference id place check
SHA Type is SHA-256 and SHA Response Parse ,SHA Request Parse will same text.This same text added to your accesscode and sdk-token in the source code parameters.Please check below image once.
On
Here you can find how to generate signature.
I was facing this signature mismatch error due to concatenating wrong SHA Request Phrase to the start and end of the signature.
On
Use this code
String concatenatedString = SHA_REQUEST_PHRASE +
KEY_ACCESS_CODE + "=" + ACCESS_CODE +
KEY_DEVICE_ID + "=" + device_id +
KEY_LANGUAGE + "=" + LANGUAGE_TYPE +
KEY_MERCHANT_IDENTIFIER + "=" + MERCHANT_IDENTIFIER +
KEY_SERVICE_COMMAND + "=" + SDK_TOKEN +
SHA_REQUEST_PHRASE;
Then, pass this concatenated string in below method,
private static String getSignatureSHA256(String s) {
try {
// Create MD5 Hash
MessageDigest digest = MessageDigest.getInstance(SHA_TYPE);
digest.update(s.getBytes());
byte messageDigest[] = digest.digest();
return String.format("%0" + (messageDigest.length * 2) + 'x', new BigInteger(1, messageDigest));
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return "";
}
Use below code to get Signature,
String signature = getSignatureSHA256(concatenatedString);
Happy Coding :)
On
Let me guide you step by step:
NOTE: The following is an example for the Merchant Page 2.0 request signature generation:
Step 1: Add these variables on top of your file
private final static String KEY_MERCHANT_IDENTIFIER = "merchant_identifier";
private final static String KEY_SERVICE_COMMAND = "service_command";
private final static String KEY_LANGUAGE = "language";
private final static String KEY_ACCESS_CODE = "access_code";
private final static String KEY_MERCHANT_REFERENCE = "merchant_reference";
private final static String MERCHANT_IDENTIFIER = "YOUR_MERCHANT_IDENTIFIER";
private final static String ACCESS_CODE = "YOUR_ACCESS_CODE";
private final static String SHA_TYPE = "SHA-256";
private final static String SHA_REQUEST_PHRASE = "YOUR_SHA_REQUEST_PHRASE ";
private final static String LANGUAGE_TYPE = "en";
Make sure you are using your given MERCHANT_IDENTIFIER, ACCESS_CODE and SHA_REQUEST_PHRASE by Payfort.
Step 2: Create a string
String concatenatedString = SHA_REQUEST_PHRASE +
KEY_ACCESS_CODE + "=" + ACCESS_CODE +
KEY_LANGUAGE + "=" + LANGUAGE_TYPE +
KEY_MERCHANT_IDENTIFIER + "=" + MERCHANT_IDENTIFIER +
KEY_MERCHANT_REFERENCE + "=" + YOUR_MERCHANT_REFERENCE +
KEY_SERVICE_COMMAND + "=" + "TOKENIZATION" +
SHA_REQUEST_PHRASE;
Here YOUR_MERCHANT_REFERENCE is your unique merchant reference. It should be unique for every request
Step 3: Create a function to generate SHA-256 type signature from your concatenatedString in Step 2
private String createSignature(String s) {
try {
// Create MD5 Hash
MessageDigest digest = MessageDigest.getInstance(SHA_TYPE);
digest.update(s.getBytes());
byte messageDigest[] = digest.digest();
return String.format("%0" + (messageDigest.length * 2) + 'x', new BigInteger(1, messageDigest));
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return "";
}
Finally Call the createSignature function by passing your concatenatedString in Step 2.
String signature = createSignature(concatenatedString);
Change 'merchant_reference' value to one you didn't use before. It should be unique. I had the same trouble and it was fixed using it.
Sort your keys in array alphabetically, add before and after the secret phrases and then encrypt the string using your algorythm.
After it, you can use it in your requests.
I have faced same problem and found there is problem in algorithm i hvae used while generating signature. So plz check sequence of parameters while generating signature. and check for algorithm which u have setup in account and use same algorithm while generating signature