[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 796
  • Last Modified:

Google Checkout CFC from riaforge

Hi, In morning.

I was working wth the checkout CFC by Scott Pinkston,

Now the issue i am facing is "Bad Signture on cart" I am working with Sandboc Account!

here is the Basic layout of my cart


<form action="<cfoutput>#cgi.script_name#</cfoutput>" method="post">
<table width="600">
            <tr>
                  <td align="center">Quantity</td>
                  <td>Item</td>
                  <td align="right">Price</td>
                  <td align="right">Total</td>
                  <td>Actions</td>
            </tr>      

      <cfoutput query="Cart">
            <tr>
                  <td align="center"><input type="text" name="#itemname#" value="#itemquantity#" size="2"></td>
                  <td>#ITEMDESC#</td>
                  <td align="right">#dollarformat(itemprice)#</td>
                  <td align="right">#dollarformat(total)#</td>
                  <td>(<a href="#cgi.script_name#?removeitem=#itemname#">remove</a>)</td>
            </tr>      
      </cfoutput>
</table>
      <cfif cart.recordcount>
            <input type="submit" name="Update" value="Update Quantity">
      </cfif>      
</form>
<br>

      <cfif cart.recordcount>
            <div align="right" style="width:600;">
                  <cfoutput>#session.googleCart.CreateForm()#</cfoutput>      
            </div>
      </cfif>      


Now the Underlying code in the CFC is:

<form action="https://sandbox.google.com/checkout/api/checkout/v2/checkoutForm/Merchant/#myID#" method="post" accept-charset="utf-8">
                          <input type="hidden" name="cart" value="#toBase64(cartXML)#">
                          <input type="hidden" name="signature" value="#signature#">
                          <input type="image" name="Google Checkout" alt="Fast checkout through Google" src="http://checkout.google.com/buttons/checkout.gif?merchant_id=#myID#&w=180&h=46&style=white&variant=text&loc=#variables.LocaleCode#" height="46" width="180">
                        </form>


Now when i submit this to google Checkout Page i get the above error!

Also in Settings Tab of Google Checkout, i have unchecked the checkbox of following:

My company will only post digitally signed carts. [?]

Please Guide
0
Gurpreet Singh Randhawa
Asked:
Gurpreet Singh Randhawa
  • 9
  • 7
  • 4
2 Solutions
 
srikanthmadishettiCommented:
0
 
srikanthmadishettiCommented:
First check out

HMAC-SHA-1 signature function specify that you want the result in binary format.

signature, contains the base64-encoded HMAC-SHA-1 signature

cart contains the base64-encoded Checkout API XML request.

0
 
Brijesh ChauhanStaff IT EngineerCommented:
Are you using HTTPS url while testing ? if NOT then go to your sandbox account -> Settings -> Integration and uncheck the checkbox which says 'My company will only post digitally signed carts'.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
i am using XML way
0
 
Brijesh ChauhanStaff IT EngineerCommented:
I meant, while testing what is your cart checkout URL, is it http or https ...??? You are posting information to Google using https or http...

if you are testing from your local system or using http, then you would need to uncheck the checkbox above.
0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
am using https for local testing
0
 
Brijesh ChauhanStaff IT EngineerCommented:
Go to go to your sandbox account -> Settings -> Integration and uncheck the checkbox which says 'My company will only post digitally signed carts' and see if the orders work

This is what google says ..

Digital signatures allow Google to authenticate the shopping cart you send and verify that your cart hasn't been tampered with during transmission. Google will reject unsigned carts by default unless you edit your account security settings.
 
You can change your security settings so Google doesn't automatically reject carts without digital signatures. However, if you choose not to have Google reject carts without digital signatures, we recommend that you review the item prices in your orders to ensure the validity of your carts.
 
To change your settings:
 1.Sign in to Google Checkout.
 2.Click the Settings tab.
 3.Click Integration center.
 4.Under 'Shopping cart post security,' uncheck the 'For extra security, my company will only post digitally signed XML shopping carts. (Google should reject all others)' option.
 5.Click Save.
 
0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
I tried it disabling the checkbox also but it does not seems to work any how, reason i am still lost why!
0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
i am getting this if i use: your Configration like uncheck the checkbox and make the request to sandbox using: http://

https://sandbox.google.com/checkout/sell/settings?section=IntegrationConsole&returnURL=https%3A%2F%2Fsandbox.google.com%2Fcheckout%2Fsell%2Fsettings%3Fsection%3DIntegrationConsole&serialNumber=0b8f1781-690e-4075-8a56-e2b981806c8e 

I think there is some other isssue because i tried the vice versa case also but not working
0
 
srikanthmadishettiCommented:
@brijesh

myselfrandhawa has already mentioned in his question it self that  he has unchecked the checkbox which says 'My company will only post digitally signed carts'.

and also

The 'Bad signature on cart'  can be a error message means the HMAC-SHA1 signature generated for shopping cart XML doesn't match the signature expected by Google Checkout.

If you've incorrectly entered your Google Checkout Merchant Key in your system, you'll receive this error message. The Merchant Key you use must match the Merchant Key in the Google Checkout Merchant Center. Also, if you're performing your own API integration, remove any leading or trailing white space in the Merchant Key string when you assign your Merchant Key to a variable in your code.

If you've confirmed that you're using the correct Merchant Key, and if you aren't using a third party shopping cart provider, you may have implemented the signature generation incorrectl.

Please make sure that the values are sending in these two fields are correct

<input type="hidden" name="cart" value="#toBase64(cartXML)#">
                          <input type="hidden" name="signature" value="#signature#">



0
 
srikanthmadishettiCommented:
Make sure that your merchant key and ID are correct in the ini file.

Add rtrims to the variables to clean up the trailing spaces

some times  cutting and pasting from google provides the extra space .

Most of  them  face this Issue of trailing spaces .

0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
I am sure you have the Checked the Code of Checkout CFC in riaforge.

I am using the same sample code and doing fancy here, just using it and it is throughing this Error! i am confused on this part where it is using the MerchantKey Part as i see no such information in the form tag

0
 
srikanthmadishettiCommented:
Did you checked the checkout.ini.cfm  and changed values there

with your merchantid and key  you can find them on line number 11 and line number 14


0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
yes i Did Chnaged over there
0
 
Brijesh ChauhanStaff IT EngineerCommented:
Well 2 other things apart from what has already been suggested

the error might happen if the cart has some html characters which are not XML compliant.   and secondly, check the posting URL and make sure it is correct one...
0
 
srikanthmadishettiCommented:
0
 
srikanthmadishettiCommented:
@brijesh
Good Point  as the function CreateCartXML has return type set to string better to check if the XML generated is good one using some thing like  isXML function .

0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
Hey Guys!

I just Changed the Post URL to this

https://sandbox.google.com/checkout/api/checkout/v2/merchantCheckout/Merchant/#myID#

and got the following Error now!

You must use HTTP Basic Authentication for API calls (username=Seller ID, password=Merchant Key)

now again i Chnaged the url to:

https://checkout.google.com/api/checkout/v2/checkoutForm/Merchant/#myID#


i get another issue!

OOPs! Something went wrong

This Google Checkout is so exhausly used the diffrent URL's @ different places and i am really confused which is the best one and the correct one used
0
 
Gurpreet Singh RandhawaWeb DeveloperAuthor Commented:
hey do not what i did, but it worked

Thanks for the help Guys!
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 9
  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now