Sample code for 30+ languages & platforms
Delphi DLL

Payeezy HMAC Computation

See more HTTP Misc Examples

Demonstrates how to calculate the HMAC for a Payeezy REST request.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, JsonObject, StringBuilder, Prng, CkDateTime, Crypt2;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
crypt: HCkCrypt2;
prng: HCkPrng;
apiKey: PWideChar;
apiSecret: PWideChar;
token: PWideChar;
nonce: PWideChar;
dtNow: HCkDateTime;
sbTimestamp: HCkStringBuilder;
timestamp: PWideChar;
json: HCkJsonObject;
sbHmacData: HCkStringBuilder;
hexHash: PWideChar;
sbBase64Hash: HCkStringBuilder;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

crypt := CkCrypt2_Create();
prng := CkPrng_Create();

// An API key such as y6pWAJNyJyjGv66IsVuWnklkKUPFbb0a
apiKey := 'my_api_key';
// An API secret such as 86fbae7030253af3cd15faef2a1f4b67353e41fb6799f576b5093ae52901e6f7
apiSecret := 'my_api_secret';
// A token such as fdoa-a480ce8951daa73262734cf102641994c1e55e7cdf4c02b6
token := 'my_merchant_token';

// The nonce is a random number (bytes), something like "6057786719490086000"
nonce := CkPrng__genRandom(prng,8,'decimal');
Memo1.Lines.Add('nonce = ' + nonce);

dtNow := CkDateTime_Create();
CkDateTime_SetFromCurrentSystemTime(dtNow);
sbTimestamp := CkStringBuilder_Create();
// Get the epoch timestamp in seconds
CkStringBuilder_Append(sbTimestamp,CkDateTime__getAsUnixTimeStr(dtNow,False));
// Change it to milliseconds
CkStringBuilder_Append(sbTimestamp,'000');
// The timestamp is a number similar to this: 1546011905000 (which is a timestamp taken on 28-Dec-2018).
timestamp := CkStringBuilder__getAsString(sbTimestamp);
Memo1.Lines.Add('timestamp = ' + timestamp);

// Generate the following JSON request body:
// 	{
// 	  "merchant_ref": "Astonishing-Sale",
// 	  "transaction_type": "authorize",
// 	  "method": "token",
// 	  "amount": "200",
// 	  "currency_code": "USD",
// 	  "token": {
// 	    "token_type": "FDToken",
// 	    "token_data": {
// 	      "type": "visa",
// 	      "value": "2537446225198291",
// 	      "cardholder_name": "JohnSmith",
// 	      "exp_date": "1030",
// 	      "special_payment": "B"
// 	    }
// 	  }
// 	}

json := CkJsonObject_Create();
CkJsonObject_UpdateString(json,'merchant_ref','Astonishing-Sale');
CkJsonObject_UpdateString(json,'transaction_type','authorize');
CkJsonObject_UpdateString(json,'method','token');
CkJsonObject_UpdateString(json,'amount','200');
CkJsonObject_UpdateString(json,'currency_code','USD');
CkJsonObject_UpdateString(json,'token.token_type','FDToken');
CkJsonObject_UpdateString(json,'token.token_data.type','visa');
CkJsonObject_UpdateString(json,'token.token_data.value','2537446225198291');
CkJsonObject_UpdateString(json,'token.token_data.cardholder_name','JohnSmith');
CkJsonObject_UpdateString(json,'token.token_data.exp_date','1030');
CkJsonObject_UpdateString(json,'token.token_data.special_payment','B');

// string hashData = apiKey + nonce + timestamp + token + jsonString;
sbHmacData := CkStringBuilder_Create();
CkStringBuilder_Append(sbHmacData,apiKey);
CkStringBuilder_Append(sbHmacData,nonce);
CkStringBuilder_Append(sbHmacData,timestamp);
CkStringBuilder_Append(sbHmacData,token);
CkStringBuilder_Append(sbHmacData,CkJsonObject__emit(json));

// HMAC the data to produce a hex string.
CkCrypt2_putEncodingMode(crypt,'hexlower');
CkCrypt2_putMacAlgorithm(crypt,'hmac');
CkCrypt2_SetMacKeyString(crypt,apiSecret);
CkCrypt2_putHashAlgorithm(crypt,'sha256');
CkCrypt2_putCharset(crypt,'utf-8');
hexHash := CkCrypt2__macStringENC(crypt,CkStringBuilder__getAsString(sbHmacData));

// Now base64 encode the hex string:
sbBase64Hash := CkStringBuilder_Create();
CkStringBuilder_Append(sbBase64Hash,hexHash);
CkStringBuilder_Encode(sbBase64Hash,'base64','utf-8');

Memo1.Lines.Add('This is the Authorization header to be sent with the payeezy request:');
Memo1.Lines.Add('Authorization: ' + CkStringBuilder__getAsString(sbBase64Hash));

CkCrypt2_Dispose(crypt);
CkPrng_Dispose(prng);
CkDateTime_Dispose(dtNow);
CkStringBuilder_Dispose(sbTimestamp);
CkJsonObject_Dispose(json);
CkStringBuilder_Dispose(sbHmacData);
CkStringBuilder_Dispose(sbBase64Hash);

end;