Search code examples
paypalpayment-gatewaypaymentpayment-servicesamazon-pay

Create Alias using barclaycard payment epdq - unknown order/1/s/


Below is the code used for creating the Alias which does not work and throw an error "unknown order/1/s/". The same code works for payment if I remove the code for Alias. Not sure what am I missing? I could log into the epdq barclaycard account and see the error which is "unknown order/1/s/". I can also create Alias manually through the epdq account, but just cant get to the orderstandard.asp page without error (when alias hidden fields and code used).

I would be glad if someone could help me.

<body>
<form id="OrderForm" action="https://payments.epdq.co.uk/ncol/prod/orderstandard.asp" method="post" runat="server">
    <div>
        <asp:HiddenField ID="AMOUNT" runat="server" />
        <asp:HiddenField ID="CN" runat="server" />
...
        <asp:HiddenField ID="ALIAS" runat="server" />
        <asp:HiddenField ID="ALIASUSAGE" runat="server" />
        <asp:HiddenField ID="ALIASOPERATION" runat="server" />
        <asp:HiddenField ID="SHASign" runat="server" />



using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

using System.Text; //for Encoding
using System.Security.Cryptography; //for SHA1



    public partial class _DefaultAliasTest : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            //-- Set Values (these would be pulled from DB or a previous page). -- //
            bool isAlias = true;
            //- Customer/Order Details - //
            string strUserTitle = "Mr";                         // Customer details
            string strUserFirstname = "Edward";
            string strUserSurname = "Shopper";
            string strBillHouseNumber = "123";                  // Address Details
            string strAd1 = "Penny Lane";
            string strAd2 = "Central Areas";
            string strBillTown = "Middlehampton";               // Bill Town
            string strBillCountry = "England";                  // Bill Country
            string strPcde = "NN4 7SG";                         // Postcode
            string strContactTel = "01604 567 890";             // Contact Telephone number
            string strShopperEmail = "[email protected]";  // shopper Email
            string strShopperLocale = "en_GB";                  // shopper locale
            string strCurrencyCode = "GBP";                     // CurrecncyCode

            string strAddressline1n2 = strBillHouseNumber + " " + strAd1 + ", " + strAd2;           // Concatenated Address eg 123 Penny Lane Central Areas
            string strCustomerName = strUserTitle + " " + strUserFirstname + " " + strUserSurname;  // Concatenated Customer Name eg Mr Edward Shopper

            string strPaymentAmount = "100";                    // This is 1 pound (100p)
            string strOrderDataRaw = "HDTV - AVTV3000";         // Order description
            string strOrderID = "ORD1234556Y";                  // Order Id     - **needs to be unique**

            //- integration user details - //
            string strPW = "xxxxxx!?";               // Update with the details you entered into back office
            string strPSPID = "epdqxxxxxxx";                      // update with the details of the PSPID you were supplied with


            //- payment design options - '//
            string strTXTCOLOR = "#005588";                             // Page Text Colour
            string strTBLTXTCOLOR = "#005588";                          // Table Text Colour
            string strFONTTYPE = "Helvetica, Arial";                    // fonttype
            string strBUTTONTXTCOLOR = "#005588";                       // Button Text Colour
            string strBGCOLOR = "#d1ecf3";                              // Page Background Colour
            string strTBLBGCOLOR = "#ffffff";                           // Table BG Colour
            string strBUTTONBGCOLOR = "#cccccc";                        // Button Colour
            string strTITLE = "Testing - Secure Payment Page";    // Title
            string strLOGO = "https://www.site.com/logo.png";    // logo location
            string strPMLISTTYPE = "1";                                 // Payment Method List type

            string strALIAS = System.Guid.NewGuid().ToString();
            string strALIASUSAGE = "usage";                                 // ALIAS USAGE
            string strALIASOPERATION = "BYMERCHANT";                                 // ALIAS Operation

            //= create string to hash (digest) using values of options/details above. MUST be in field alphabetical order!
            string plainDigest =
            "AMOUNT=" + strPaymentAmount + strPW +
            "BGCOLOR=" + strBGCOLOR + strPW +
            "BUTTONBGCOLOR=" + strBUTTONBGCOLOR + strPW +
            "BUTTONTXTCOLOR=" + strBUTTONTXTCOLOR + strPW +
            "CN=" + strCustomerName + strPW +
            "COM=" + strOrderDataRaw + strPW +
            "CURRENCY=" + strCurrencyCode + strPW +
            "EMAIL=" + strShopperEmail + strPW +
            "FONTTYPE=" + strFONTTYPE + strPW +
            "LANGUAGE=" + strShopperLocale + strPW +
            "LOGO=" + strLOGO + strPW +
            "ORDERID=" + strOrderID + strPW +
            "OWNERADDRESS=" + strAddressline1n2 + strPW +
            "OWNERCTY=" + strBillCountry + strPW +
            "OWNERTELNO=" + strContactTel + strPW +
            "OWNERTOWN=" + strBillTown + strPW +
            "OWNERZIP=" + strPcde + strPW +
            "PMLISTTYPE=" + strPMLISTTYPE + strPW +
            "PSPID=" + strPSPID + strPW +
            "TBLBGCOLOR=" + strTBLBGCOLOR + strPW +
            "TBLTXTCOLOR=" + strTBLTXTCOLOR + strPW +
            "TITLE=" + strTITLE + strPW +
            "TXTCOLOR=" + strTXTCOLOR + strPW +
            "";

            if (isAlias)
            {
                plainDigest =
                plainDigest +
                "ALIAS=" + strALIAS + strPW +
                "ALIASUSAGE=" + strALIASUSAGE + strPW +
                "ALIASOPERATION=" + strALIASOPERATION + strPW +
                "";
            }

            //Payment
            //-- insert payment details into hidden fields -- //
            AMOUNT.Value = strPaymentAmount;            // PaymentAmmount : (100 pence)
            CN.Value = strCustomerName;                 // Customer Name
            COM.Value = strOrderDataRaw;                // OrderDataRaw (order description)
            CURRENCY.Value = strCurrencyCode;           // CurrecncyCode
            EMAIL.Value = strShopperEmail;              // shopper Email
            FONTTYPE.Value = strFONTTYPE;               // fonttype
            LANGUAGE.Value = strShopperLocale;          // shopper locale
            LOGO.Value = strLOGO;                       // logo location
            ORDERID.Value = strOrderID;                 // *this ORDER ID*
            OWNERADDRESS.Value = strAddressline1n2;     // AddressLine2
            OWNERCTY.Value = strBillCountry;            // Bill Country
            OWNERTELNO.Value = strContactTel;           // Contact Telephone number
            OWNERTOWN.Value = strBillTown;              // Bill Town
            OWNERZIP.Value = strPcde;                   // Postcode
            PMLISTTYPE.Value = strPMLISTTYPE;           // Payment Method List type
            PSPID.Value = strPSPID;                     // *Your PSPID*
            BGCOLOR.Value = strBGCOLOR;                 // Page Background Colour
            BUTTONBGCOLOR.Value = strBUTTONBGCOLOR;     // Button Colour
            BUTTONTXTCOLOR.Value = strBUTTONTXTCOLOR;   // Button Text Colour
            TBLBGCOLOR.Value = strTBLBGCOLOR;           // Table BG Colour
            TBLTXTCOLOR.Value = strTBLTXTCOLOR;         // Table Text Colour
            TITLE.Value = strTITLE;                     // Title
            TXTCOLOR.Value = strTXTCOLOR;               // Page Text Colour

            if (isAlias)
            {
                ALIAS.Value = strALIAS;
                ALIASUSAGE.Value = strALIASUSAGE;
                ALIASOPERATION.Value = strALIASOPERATION;
            }

            SHASign.Value = SHA1HashData(plainDigest);  // Hashed String of plain digest put into sha sign using SHA1HashData function

        }

    }

Solution

  • I found the answer to my question via customer service to Barclaycard epdq. I hope this helps others. For me the answer is the point selected in bold below.

    Please see below details on how to rectify the error ‘unknown order/1/s/’:

    This error indicates that ePDQ has been unable to decrypt the SHASIGN HTML Form value sent with the customer when you redirect them from your website to the ePDQ Hosted Payment Page.

    The typical reasons for this error are:

    • The SHA-IN Passphrase value configured in the ePDQ back office does not match the value you used to encrypt the transaction data used to create the SHASIGN parameter (please also ensure you are sending transactions to the correct ePDQ environment – TEST or PRODUCTION)

    • You have not arranged the parameters in alphabetical order when calculating the SHASIGN in your server-side code

    • You have not correctly declared some of the parameters – all parameters and values are case sensitive (all parameter names must be upper case)

    • You have set a HASH ALGORITHM value that is different to the SHA method used in your server side script (for example, you have configured SHA-256 in the ePDQ Back Office Technical Information settings, but are using a SHA-1 method in your encryption process).

    • You have passed additional parameter/value pairs in the HTML Form that have not been included in the SHA-IN calculation

    For more information please refer to the Basic & Advanced e-Commerce integration guides located in the ePDQ Back Office under Support –> Integration & User Manuals.