问题
I'm fairly new to coding, this is one of my first bigger Python projects that I'm working on and I have a problem with Adyen payment submission.
I'm trying to make a payment on a website that uses an Adyen payment gateway. Adyen encrypts your payment data client side and only accepts encrypted requests otherwise they'll throw back a 400 bad request and the payment will not go through.
I'm stuck when it comes to ideas, I analyzed the traffic in Charles when I'm making a payment manually - before making a payment the phone will send a GET request to this link on the Adyen website and then the next request is a PUT request to the payment URL with the data already encrypted.
I have no idea how I can encrypt my details in a way that Adyen will accept them and the payment goes through successfully. Do I make a JS file on my computer with the code from the link before making a payment and then I can just call the JS in my Python script to encrypt the details?
I've tried sending unencrypted data to the payment URL but like I previously said it just throws back a 400 status code and the payment doesn't go through.
The encrypted data that a correct request sends looks something like this:
"encryptedData": "adyenjs_0_1_18$......"
def payment():
payParams = {
'api_key': 'websiteAPIKey',
'channel': 'iphone-mosaic',
'type': 'CARD'
}
payPayload = {
'number': cardN,
'expiryMonth': expM,
'expiryYear': expY,
'cvc': cvc,
'holderName': fName + ' ' + lName
}
pay = s.put('websiteUsingAdyenGateway', headers = payHeaders, params = payParams, data = json.dumps(payPayload))
The expected result should be a 200 status code with the payment actually going through but with no encryption, it always throws back a 400 status code.
回答1:
I think you are inserting yourself into the processes where you shouldn't. Adyen is purposefully encrypting the details for you on the client. This is required for PCI compliancy.
Only handle raw card data if you are PCI level 1 or 2. You need to be processing one million or more transactions annually to qualify.
Presuming not, you should be using a component (Adyen term for a bundled js shopper collection form) to collect the card details. You have two components to choose from:
- card component: more plug-and-play, insert a single div for all card collection fields
- secure fields component: more customizable, insert a div for each fields of a card (e.g. number, cvc, expiration)
Note: Both require you to create an origin key that has to match to the domain you are making a payment. e.g. if you are doing a test and hosting your server on localhost on port 8080, create an origin key for
http://localhost:8080.
In either case, both of these require you to implement a callback that will provide you the encrypted blobs you need to pass to Adyen.
function handleOnChange(state, component) {
if (state.isValid){
// All card fields pass formatting validation
fetch('localhost:8080/handleComponentData',{
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(state.data)
})
}
}
That state.data can be passed, as is, in the paymentMethod object as part of a /payments request
state.data's contents:
{
type: "scheme",
encryptedCardNumber: "adyenjs_0_1_18$MT6ppy0FAMVMLH...",
encryptedExpiryMonth: "adyenjs_0_1_18$MT6ppy0FAMVMLH...",
encryptedExpiryYear: "adyenjs_0_1_18$MT6ppy0FAMVMLH...",
encryptedSecurityCode: "adyenjs_0_1_18$MT6ppy0FAMVMLH..."
}
The /payment request:
curl https://checkout-test.adyen.com/v46/payments \
-H "x-API-key: YOUR_X-API-KEY" \
-H "content-type: application/json" \
-d '{
"amount":{
"currency":"EUR",
"value":1000
},
"reference":"YOUR_ORDER_NUMBER",
"paymentMethod":{
"type":"scheme",
"encryptedCardNumber":"adyenjs_0_1_18$MT6ppy0FAMVMLH...",
"encryptedExpiryMonth":"adyenjs_0_1_18$MT6ppy0FAMVMLH...",
"encryptedExpiryYear":"adyenjs_0_1_18$MT6ppy0FAMVMLH...",
"encryptedSecurityCode":"adyenjs_0_1_18$MT6ppy0FAMVMLH..."
},
"returnUrl":"https://your-company.com/checkout/",
"merchantAccount":"YOUR_MERCHANT_ACCOUNT"
}'
来源:https://stackoverflow.com/questions/56445791/how-to-encrypt-payload-in-python-to-make-a-payment-adyen-payment-gateway