PayPal Express Checkout 返回 - 安全标头无效
这可能已经被问过一千次了......但我确信我拥有正确的所有端点和凭据。昨天还在工作。
Security error:
Error no: 10002
Error message: Security header is not valid
现在我正在沙箱服务器上进行测试。
每当我在浏览器中尝试 testURL 时,我都会收到带有令牌的 ACK=Success,但是当它运行代码时,我会收到“安全标头无效”错误。
它在几个小时前工作,但是由于某种原因,我现在不断收到相同的错误。
使用沙箱帐户中的用户/密码和签名
https://api-3t.sandbox.paypal.com/nvp
USER=xxxxxxxxxxxxxxxxxxxx
PWD=XXXXXXXXXXXXX
SIGNATURE=XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
我有以下测试代码:
String testURL = "https://api-3t.sandbox.paypal.com/nvp?USER=xxxxxxxxxxxxxxxxxxxx&PWD=XXXXXXXXXXXXX&SIGNATURE=XXXXXXXXXXXXXXXXXXXXXXXXXXXXX&VERSION=84.0-2276209&PAYMENTREQUEST_0_PAYMENTACTION=Sale&PAYMENTREQUEST_0_AMT=15&RETURNURL=https%3a%2f%2fdomain.com%2fCheckout.aspx&CANCELURL=https%3a%2f%2fdomain.com%2fCheckout.aspx&METHOD=SetExpressCheckout";
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(testURL);
req.Method = "POST";
req.ContentType = "application/x-www-form-urlencoded";
//Send the request to PayPal and get the response
StreamWriter streamOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII);
streamOut.Write(testURL);
streamOut.Close();
// get resposne
StreamReader streamIn = new StreamReader(req.GetResponse().GetResponseStream());
string strResponse = HttpUtility.UrlDecode(streamIn.ReadToEnd());
streamIn.Close();
HTTPREsponse 当代码发送它时
TIMESTAMP=2011-11-22T23:25:34Z&CORRELATIONID=392047cb78388&ACK=Failure&VERSION=84.000000&BUILD=2271164&L_ERRORCODE0=10002&L_SHORTMESSAGE0=Security error&L_LONGMESSAGE0=Security header is not valid&L_SEVERITYCODE0=Error
HttpResponse 如果我只是在浏览器中复制粘贴 testURL
TOKEN=EC%2d4JW15968AV8121546&TIMESTAMP=2011%2d11%2d22T22%3a59%3a27Z&CORRELATIONID=c790299fd9ac7&ACK=Success&VERSION=84%2e000000&BUILD=2271164
我尝试不对测试网址中的变量进行 UrlEncode...同样的问题
提前致谢
This has probably been asked a thousand times... But i'm sure i have all the endpoints and credentials right. It was working yesterday.
Security error:
Error no: 10002
Error message: Security header is not valid
Right now i'm testing against the sandbox server.
Whenever i try the testURL in my browser i get ACK=Success with a token, but i get "Security header is not valid" error when it runs through the code.
It was working a few hours ago but for some reason i keep getting the same error now.
using user/pwd and signature from a sandbox account
https://api-3t.sandbox.paypal.com/nvp
USER=xxxxxxxxxxxxxxxxxxxx
PWD=XXXXXXXXXXXXX
SIGNATURE=XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
I have the following test code:
String testURL = "https://api-3t.sandbox.paypal.com/nvp?USER=xxxxxxxxxxxxxxxxxxxx&PWD=XXXXXXXXXXXXX&SIGNATURE=XXXXXXXXXXXXXXXXXXXXXXXXXXXXX&VERSION=84.0-2276209&PAYMENTREQUEST_0_PAYMENTACTION=Sale&PAYMENTREQUEST_0_AMT=15&RETURNURL=https%3a%2f%2fdomain.com%2fCheckout.aspx&CANCELURL=https%3a%2f%2fdomain.com%2fCheckout.aspx&METHOD=SetExpressCheckout";
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(testURL);
req.Method = "POST";
req.ContentType = "application/x-www-form-urlencoded";
//Send the request to PayPal and get the response
StreamWriter streamOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII);
streamOut.Write(testURL);
streamOut.Close();
// get resposne
StreamReader streamIn = new StreamReader(req.GetResponse().GetResponseStream());
string strResponse = HttpUtility.UrlDecode(streamIn.ReadToEnd());
streamIn.Close();
HTTPREsponse when code sends it
TIMESTAMP=2011-11-22T23:25:34Z&CORRELATIONID=392047cb78388&ACK=Failure&VERSION=84.000000&BUILD=2271164&L_ERRORCODE0=10002&L_SHORTMESSAGE0=Security error&L_LONGMESSAGE0=Security header is not valid&L_SEVERITYCODE0=Error
HttpResponse if i just copy paste the testURL in the browser
TOKEN=EC%2d4JW15968AV8121546&TIMESTAMP=2011%2d11%2d22T22%3a59%3a27Z&CORRELATIONID=c790299fd9ac7&ACK=Success&VERSION=84%2e000000&BUILD=2271164
I've tried not to UrlEncode the variables in the test url... same problem
thanks in advance
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
好吧,这可能是 Paypal 方面的一个错误。
如果我将 testUrl 从
String testURL = "https://api-3t.sandbox.paypal.com/nvp?USER=XXX&PWD=YYY&SIGNATURE=ZZZ&VERSION=.......&METHOD 更改=设置快速结账";
字符串
testURL = "https://api-3t.sandbox.paypal.com/nvp?&x=y&USER=XXX&PWD=YYY&SIGNATURE=ZZZ&VERSION=. ......&METHOD=SetExpressCheckout";
它有效
请参阅带有随机第一个查询字符串变量的粗体部分。
当从代码隐藏发送时,PayPal 似乎会忽略第一个查询字符串参数(如果前面没有 x=y,则该参数将为 user=xxx)。
OK this might be a bug on Paypal's side.
if i change the testUrl from
String testURL = "https://api-3t.sandbox.paypal.com/nvp?USER=XXX&PWD=YYY&SIGNATURE=ZZZ&VERSION=.......&METHOD=SetExpressCheckout";
to
String testURL = "https://api-3t.sandbox.paypal.com/nvp?&x=y&USER=XXX&PWD=YYY&SIGNATURE=ZZZ&VERSION=.......&METHOD=SetExpressCheckout";
it works
See the bolded part with random first querystring variable.
PayPal seems to ignore the first querystring parameter when it's sent from codebehind (which would be user=xxx if there wasn’t x=y before it).