Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 597
  • Last Modified:

How to submit HTTPS POSTs to external address and get response in XML

Hi Experts,

I'm trying to do an integration with the SagePay Reporting and Admin API but the documentation is pretty thin shall we say!

It 'sounds' like it should be easy but I've not done this before so any help much appreciated.  Basically the guide states:

"The API requests are HTTPS POSTs to the URLs above, containing a single FORM field called XML. It is important to note that these are not requests in XML format, but regular HTTPS POSTs with the content type “application/x-www-form-urlencoded” with the XML requests detailed below in a FORM field called XML.

The XML field will contain the XML message, which always takes the following format:
<vspaccess>
<command>whatever</command>
<vendor>Vendor Name</vendor>
<user>User name</user>
<other command specific parameters in here..../>
<signature>MD5 Hash Signature</signature>
</vspaccess>

The <signature> value is created by taking the rest of the contents of the <vspaccess> node, appending an element called <password> which contains the user account's password, and MD5 hashing the message. So in the above example:
MD5 Hash Signature =
MD5Hash(
"<command>whatever</command>
<vendor>VSP Vendor Name</vendor>
<user>User name</user>
<other command specific params in here..../>
<password>user password</password>")
The response format will always be a XML v1.0 ISO-8859-1 encoded document with a root node called <vspaccess>. i.e.:
<?xml version="1.0" encoding="ISO-8859-1" ?>
<vspaccess>
<errorcode>nnnn</errorcode>
<error>Text error message if errorocode is not 0000</error>
<other command specific results here..../>
<timestamp>DD/MM/YY HH:MM:SS GMT</timestamp>
</vspaccess>

And that is all we get!  If someone more enlightened than me could please explain how I use this to create a form in ASP.NET 2.0 (i.e. can't use LINQ), to query the SagePay interface and how to then interpret the result, it would be much appreciated.  

Classic ASP may also be a useful solution.

Regards,

Jay
0
jammy-d0dger
Asked:
jammy-d0dger
  • 2
2 Solutions
 
G_HCommented:
Hi Jay,

Classic ASP version...

 
<%
strPost =  _
	"VariableA=" & VariableAValue & _
	"&VariableB=" & VariableBValue

set httpRequest = CreateObject("WinHttp.WinHttprequest.5.1")
	httpRequest.Open "POST", CStr(strURL), false
	httpRequest.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
	httpRequest.send strPost
	strResponse = httpRequest.responseText
set httpRequest=nothing
%>

Open in new window


This generates a "posted form" to SagePay, you the get the response back, which you will have to deal with...

Hope this helps,

GH
0
 
G_HCommented:
Sorry, forgot to say...

The example shows 2 variables sent, even though you asked for 1 (just to show how it works).
You will need to populate strURL with the target they want you to use.
strResponse will be the entire XML returned to you, you will need to process-out what you want (That I guess you can handle!).

See also, two attached lines which may help...

XMLValue = _
	"<vspaccess>" & _
	"<command>whatever</command>" & _
	"<vendor>Vendor Name</vendor>" & _
	"<user>User name</user>" & _
	"<other command specific parameters in here..../>" & _
	"<signature>MD5 Hash Signature</signature>" & _
	"</vspaccess>"
	
strPost = "XML=" & XMLValue

Open in new window


GH

0
 
jammy-d0dgerAuthor Commented:
Nice one, much appreciated.  I will give this a go tomorrow when back in the office, and let you know.
0
 
Guy Hengel [angelIII / a3]Billing EngineerCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now