SagePa 3DS2 3377:ACS 提供了错误消息。 thephpleague/omnipay-sagepay 的 CReq 验证失败
我正在使用 thephpleague/omnipay-sagepay https://github.com/thephpleague/omnipay-sagepay
收到 3DS 通知的响应后,我正在运行以下代码:
$gateway = $this->fetchGateway();
$completeRequest = $gateway->completeAuthorize([
'transactionId' => $payment->transaction_id
]);
$completeResponse = $completeRequest->send();
print "<pre>";
print_r($completeResponse);
并收到以下消息:
[data:protected] => Array (
[VPSProtocol] => 3.00
[Status] => ERROR
[StatusDetail] => 3377 : The ACS has provided an Erro message. CReq validation failure. )
我也尝试在 $gateway->completeAuthorize() 函数中包含 CRes 和 CReq,但没有成功。
有人对此有任何线索吗?
协议 4 文档指出:
此 POST 需要包含 VPSTxId(或 MD)和 CRes(或 PARes)。 但如上所述,它似乎不起作用并返回 CReq 验证错误
不确定这是否相关? https://dijitul.uk/ payment -gateway-3d-secure-timing-out-huge-issue/#comment-121740
我在某处读到, ThreeDSSessionData 周围的 {} 可能会导致问题,但是删除它们没有任何效果。
有点担心截止日期是 3 月 14 日:(
编辑:
我也尝试过同样的响应:
$gateway = $this->fetchGateway();
$completeRequest = $gateway->completeAuthorize([
'VPSTxId' => str_replace("{", "", str_replace("}", "", $payment->vpsTxId)),
'CRes' => $cres,
'CreateToken' => '1',
]);
$completeResponse = $completeRequest->send();
发送的 $ payment->vpsTxId 等于: 923DD024-8E55-A543-AA6F-4E76AECB67D8
$cres 等于 ewogICJtZXNzYWdlVHlwZSIgOiAiRXJybyIsCiAgIm1lc3NhZ2VWZXJzaW9uIiA6ICIyLjEuMCIsCiAgImFjc1RyYW5zSUQiIDogIjZjOGE2MzQy LTI2OTUNDAZMI04NDVkLTBmZGU2MDBiYmFhMyIsCiAgImVycm9yQ29kZSIgOiAiMjAzIiwKICAiZXJyb3JDb21wb25lbnQiIDogIkEiLAogICJlcnJvckR lc2NyaXB0aW9uIiA6ICJEYXRhIGVsZW1lbnQgbm90IGluIHRoZSByZXF1aXJlZCBmb3JtYXQgb3IgdmFsdWUgaXMgaW52YWxpZCBhcyBkZWZpbmVkIGluIF RhYmxlIEeuMS4iLAogICJlcnJvckRldGFpbCIgOiAidGhyZWVEU1Nlc3Npb25EYXRhIiwKICAiZXJyb3JNZXNzYWdlVHlwZSIgOiAiQ1JlcSIKfQ
不担心通过 testMode 发布的安全性
I'm using thephpleague/omnipay-sagepay
https://github.com/thephpleague/omnipay-sagepay
After receiving response from the 3DS Notification, I am running the following code:
$gateway = $this->fetchGateway();
$completeRequest = $gateway->completeAuthorize([
'transactionId' => $payment->transaction_id
]);
$completeResponse = $completeRequest->send();
print "<pre>";
print_r($completeResponse);
and receiving the following message:
[data:protected] => Array (
[VPSProtocol] => 3.00
[Status] => ERROR
[StatusDetail] => 3377 : The ACS has provided an Erro message. CReq validation failure. )
I've tried also including a CRes and CReq in the $gateway->completeAuthorize() function with no luck.
Anyone have any clue on this?
The protocol 4 documentation states:
This POST needs to contain the VPSTxId (or MD) and CRes (or PARes).
but as above, it doesn't seem to work and returns a CReq validation error
Not sure if this could be relevant?
https://dijitul.uk/payment-gateway-3d-secure-timing-out-huge-issue/#comment-121740
I read somewhere that the {} around the threeDSSessionData could be causing a problem but removing them has no effect.
Bit worried that the deadline for this is the 14th March :(
edit:
I have also tried this with the same response:
$gateway = $this->fetchGateway();
$completeRequest = $gateway->completeAuthorize([
'VPSTxId' => str_replace("{", "", str_replace("}", "", $payment->vpsTxId)),
'CRes' => $cres,
'CreateToken' => '1',
]);
$completeResponse = $completeRequest->send();
$payment->vpsTxId that's sent equals:923DD024-8E55-A543-AA6F-4E76AECB67D8
$cres equalsewogICJtZXNzYWdlVHlwZSIgOiAiRXJybyIsCiAgIm1lc3NhZ2VWZXJzaW9uIiA6ICIyLjEuMCIsCiAgImFjc1RyYW5zSUQiIDogIjZjOGE2MzQyLTI2OTUtNDAzMi04NDVkLTBmZGU2MDBiYmFhMyIsCiAgImVycm9yQ29kZSIgOiAiMjAzIiwKICAiZXJyb3JDb21wb25lbnQiIDogIkEiLAogICJlcnJvckRlc2NyaXB0aW9uIiA6ICJEYXRhIGVsZW1lbnQgbm90IGluIHRoZSByZXF1aXJlZCBmb3JtYXQgb3IgdmFsdWUgaXMgaW52YWxpZCBhcyBkZWZpbmVkIGluIFRhYmxlIEEuMS4iLAogICJlcnJvckRldGFpbCIgOiAidGhyZWVEU1Nlc3Npb25EYXRhIiwKICAiZXJyb3JNZXNzYWdlVHlwZSIgOiAiQ1JlcSIKfQ
Not worried about security as posting via testMode
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
我设法通过在返回表单之前从 vpsTxId 中去掉括号“{}”来解决此问题。
为了完整起见,我最终用于退货表单的代码是:
这里真正重要的一行是:
str_replace(array("{", "}"), "", $data['thirdDSSessionData'])我真的希望这可以帮助其他人!
I managed to fix this by stripping the parentheses "{}" from the vpsTxId before returning the form.
For completeness the code I ended up using for the return form was:
The really important line here is:
str_replace(array("{", "}"), "", $data['threeDSSessionData'])I really hope this helps somebody else out!
我们也遇到过同样的问题(但是使用我们自己的直接集成 pi 方法)。我们已经断断续续地发生了这个错误几周,客户付款看似随机,一个会起作用,一个会失败。我们确定这与特定的发卡机构以及我们通过 ThreeDSSessionData 表单值发送的值类型有关。
我们对此错误的解决方案是对 ThreeDSSessionData 值进行 Base64 编码,然后在从 ACS 返回时对 Base64 值进行解码。
We have been experiencing this exact same issue (but using our own direct integration pi method). We have had this error occurring on and off for a few weeks with seemingly random customer payments, one would work, and one would fail. We determined that it was to do with specific card issuers and the type of value that we were sending via the
threeDSSessionDataform value.Our solution to this error was to base64 encode the
threeDSSessionDatavalue and then decode the base64 value upon return from the ACS.此错误似乎是使用
VPSTxId作为thirdDSSessionData值导致的。我遇到了同样的问题,但能够通过更改我的thirdDSSessionData以使用数据库中的本地交易 ID(而不是 SagePay 的交易 ID)来解决该问题。我注意到的另一件事是,当使用
VPSTxId作为twoDSSessionData时,3DS 挑战模拟器实际上并未在 3DS 流程中显示。当我转而使用自己的交易 ID 时,它又恢复了。This error seems to be the result of using the
VPSTxIdas yourthreeDSSessionDatavalue. I had the same issue but was able to resolve it by changing mythreeDSSessionDatato use a local transaction ID from my database instead of SagePay's one.Another thing I noted was that while using the
VPSTxIdas thethreeDSSessionData, the 3DS challenge simulator wasn't actually being displayed during the 3DS flow. As soon as I switched to using my own transaction ID it kicked back in.为了扩展已接受的答案,我确实相信这通常与括号有关。因此,您可能会尝试提供
VPSTxId(如 OP 的情况),或者像我一样,您可能会尝试提供JSON对象,其中再次包含 括号。To expand on the accepted answer, I do believe this is to do with parenthesis in general. So, you may be trying to provide the
VPSTxIdas in the case of the OP, or like me you might be trying to provide aJSONobject, which again includes parenthesis.