payment.ERROR: Signature is invalid. #7
Comments
|
I noticed one thing. Here, the ipn routing: lexik_paybox_ipn:
pattern: /payment-ipn/{time}
defaults: { _controller: LexikPayboxBundle:Default:ipn }
requirements:
_method: GET|POSTAnd here, the ipnAction: public function ipnAction()
{
$payboxResponse = $this->container->get('lexik_paybox.response_handler');
$result = $payboxResponse->verifySignature();
return new Response($result ? 'OK' : 'KO');;
}The time parameter is not needed, so what is it ? It's maybe in relation with this issue... |
|
The "time" parameter in the ipn route is actually not used, but it doesn't really matter. This was implemented in vue of a security feature. It is not causing bug since it's only a non used get parameter. For the signature verification problem, the only thing i see that can cause trouble is the paybox public key changed, but the travis test still pass properly. Do you tried remove the dash "-" on your "PBX_CMD" parameter. I don't remember exactly the format expected by Paybox but i'm wondering they wait for a string composed of alphanumerics characters. |
|
I will test it. In the stringified return data, I saw this : The |
|
Yes |
|
I remove the |
|
I changed a little bit your code in Response.php by following the example code given by Paybox and adding ssl error log. And I found this error when I tried to get the public key: This can help you a little more ? |
|
I haven't been able to reproduce this error. It look like an environment issue. Any news about it ? |
|
The error is not resolved yet, I ignore it for the moment... OS: Linux 3.6.11-gentoo x86_64 |
|
One advice not really about your topic : be really carefull with "CB,VISA,EUROCARD_MASTERCARD", if you try real mastercard you'll see that it doesn't work ! You should use "CB" value which works with all kind of CARD |
|
I think I already did using only "CB", will retry... |
|
got same error the key is good, i check it with my PROD key on another project |
|
i found it ! here how i solve this one in Response.php |
|
@ibasaw, can you send us a PR for exactly see the difference and merge the fix ? Thanks ! :) |
|
@soullivaneuh , i will try, never do a PR before |
|
The initSignature method normally do this job. see https://github.com/lexik/LexikPayboxBundle/blob/master/Paybox/System/Base/Response.php#L80 what is the ouput of the request method is POST or GET ? |
|
@fabienpomerol , without the fix, the ouput of the sign is broken chars with triangle, bad chars... the request method is GET, param is in the url send by paybox ipn response |
|
... ... i had changed on this part of the file |
|
All things has a beginning @ibasaw ! https://help.github.com/articles/fork-a-repo ;) |
|
@soullivaneuh , i had already read it, i just wondering where to clone the fork. |
|
You can use VCS repositories with composer: http://getcomposer.org/doc/05-repositories.md#vcs After that, you can go to the vendor folder of the bundle, create a new branch and do your modification. ;) |
|
no news ? |
|
I had the same issue. It's related to the ways paybox generate the signature. If you use the PXB_REPONDRE_A option, the signature must be validated again the PBX_RETOUR option. I'm working on a fix. |
|
I finished the fix in PR #27 . Please tell me if it work for you. |
|
@nykopol : don't work; got always signature is invalid |
|
@nykopol i try with your pr #28 and always got an invalid signature check (I had fixed a typo in your PR28, don't know if i dit it well by submitting a new PR) for this error: I do a payment, and on the response ipn url, i got an invalid signature check with KO Signature verification : KO [2014-05-05 14:17:21] payment.INFO: New IPN call. [] [] |
|
it seems that paybox had changed their code, they encode the ref parameter...it wasn't before |
|
now: is someone got a valid signature in DEV ? |
|
I had the same error lately. I contacted the support but their answer whas not very usefull... In substance it was something like "I don't know. Do not verify the answer and just check if you have a payment reference or not."... |
|
lol...i am with support too and try to find why ! The problem is: the url call the ipn response with encoded characters for the ref parameter ans this is why the signature is invalid, if i modify the encoded characters to normal, and call it in my webbrowser: the signature is valid ! So i had encoded the PBX_CMD but it change nothing...always got an invalid signature. @Olineuve : do you use this bundle in PROD ? |
|
got news... In fact, we must not to urlencode the ref PBX_CMD in the form. In the response the ref PBX_CMD is urlencode, this is normal. paybox send in the url response ipn the PBX_BIN6, but i demand only BIN6, so i got twice this parameter in the response, so the signature can't be right ! Waiting for an answer from the support...to remove the PBX_BIN6 in the response url |
|
Hi, I have a same problem, "Signature is invalid", in prod environment. Have you solved the problem? [2014-11-20 17:25:45] security.INFO: Populated SecurityContext with an anonymous Token [] [] thnks |
|
i will try again soon... |
|
Ok, thnks. |
|
@ahmed77 : did you tried my fork ? |
|
@ibasaw : Yes, i tested with your fork and i still have the same problem. |
|
ok, i will try again today |
|
thnks. |
|
@ahmed77 : Do you got an htacces with password on your website ? if, yes, it doesn't work |
|
@ibasaw : No, i don't got an htacces with password on my website |
|
got an invalid signature too again...again with support of paybox, wait for an answer... |
|
got a valid sign today after a little commit on my fork, and i had modified the PBX_RETOUR value when you initialize the form i got Pays in it and the url-ipn don't send back this variable in the url, so your verification is KO today this is good: Signature verification : OK |
|
@ahmed77 : did you tried again ? |
|
@ibasaw : Thank you for your help. |
|
I think the problem is a response from 'file_get_contents' who return FALSE, because when i replace '$this->parameters['public_key']' by the absolute file path, i don't have problem, the signature is ok. |
|
In LexikPayboxExtension.php, $config['parameters']['public_key'] = DIR . '/../Resources/config/paybox_public_key.pem'; is not works but if i $config['parameters']['public_key'] = "/home/sites/project/vendor/lexik/paybox-bundle/Lexik/Bundle/PayboxBundle/Resources/config/paybox_public_key.pem", is ok. Do you know why? Edit: $this->parameters['public_key'] is always empty in Response.php file, if i want to signature is valid, i must to use |
|
Hi guys, I'm having the same kind of problem with my module. Sorry to write here it's not about the LexikPayboxBundle but it's the only one topic which seems nice to me. The signature from the ipn is always incorrect. In the same time i'm able to validate the signature from the redirection (effectue, refuse and annule). I know that the ipn signature is only built with params from PBX_RETOUR. The only difference i noted is that the ref has been encoded. Have you find a solution ? Does Paybox know what is the problem ? |
|
@ahmed77 : i got this in my config.yml public_key: "%kernel.root_dir%/config/paybox_public_key.pem" i put the publick key in my app/config/ folder i was aware about this problem with the key ;) |
|
@fjouatte : check that your parameter went back form paybox as the same and in the same order as you pass in your PBX_RETOUR parameter: |
|
Hi, Sorry for answering so late. Thought my problem was solved but actually it wasn't. The problem remains and I noticed something weird. The IPN requests sent from Paybox pre-production environment and prod environment are different. The 'Ref' param is encoded when using pre-production environment (&Ref=SAJ%2F2014%2F9446) and not when using production one (&Ref=SAJ/2014/9184). Does someone notice that before ? Regards |
|
So I wrote a mail to Paybox support and I finally get an answer ... The following platforms (pre-production and production) (https://preprod-tpeweb.paybox.com/cgi/MYchoix_pagepaiement.cgi and https://tpeweb1.paybox.com/cgi/MYchoix_pagepaiement.cgi) urlencode the ref param. BUT the main production platform (https://tpeweb.paybox.com/cgi/MYchoix_pagepaiement.cgi) DOES NOT. They say that the program managing IPN calls is not the same version but it will be updated soon ... Hope this can help. |
|
@fjouatte : ok, thank you for this detail |
I used fake paybox's card in dev env, and I have a invalid signature :
Here, my paybox form action :
Did you already have thir error ? How did you fix it ?
Thanks for help.
The text was updated successfully, but these errors were encountered: