(Delphi ActiveX) Payeezy HMAC Computation

Demonstrates how to calculate the HMAC for a Payeezy REST request.

Chilkat for Delphi Downloads Chilkat ActiveX DLL for Delphi Chilkat non-ActiveX DLL for Delphi * The examples here use the ActiveX DLL.

uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
crypt: TChilkatCrypt2;
prng: TChilkatPrng;
success: Integer;
apiKey: WideString;
apiSecret: WideString;
token: WideString;
nonce: WideString;
dtNow: TCkDateTime;
sbTimestamp: TChilkatStringBuilder;
timestamp: WideString;
json: TChilkatJsonObject;
sbHmacData: TChilkatStringBuilder;
hexHash: WideString;
sbBase64Hash: TChilkatStringBuilder;

begin
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

crypt := TChilkatCrypt2.Create(Self);
prng := TChilkatPrng.Create(Self);

// An API key such as y6pWAJNyJyjGv66IsVuWnklkKUPFbb0a
apiKey := 'my_api_key';
// An API secret such as 86fbae7030253af3cd15faef2a1f4b67353e41fb6799f576b5093ae52901e6f7
apiSecret := 'my_api_secret';
// A token such as fdoa-a480ce8951daa73262734cf102641994c1e55e7cdf4c02b6
token := 'my_merchant_token';

// The nonce is a random number (bytes), something like "6057786719490086000"
nonce := prng.GenRandom(8,'decimal');
Memo1.Lines.Add('nonce = ' + nonce);

dtNow := TCkDateTime.Create(Self);
dtNow.SetFromCurrentSystemTime();
sbTimestamp := TChilkatStringBuilder.Create(Self);
// Get the epoch timestamp in seconds
sbTimestamp.Append(dtNow.GetAsUnixTimeStr(0));
// Change it to milliseconds
sbTimestamp.Append('000');
// The timestamp is a number similar to this: 1546011905000 (which is a timestamp taken on 28-Dec-2018).
timestamp := sbTimestamp.GetAsString();
Memo1.Lines.Add('timestamp = ' + timestamp);

// Generate the following JSON request body:
// 	{
// 	  "merchant_ref": "Astonishing-Sale",
// 	  "transaction_type": "authorize",
// 	  "method": "token",
// 	  "amount": "200",
// 	  "currency_code": "USD",
// 	  "token": {
// 	    "token_type": "FDToken",
// 	    "token_data": {
// 	      "type": "visa",
// 	      "value": "2537446225198291",
// 	      "cardholder_name": "JohnSmith",
// 	      "exp_date": "1030",
// 	      "special_payment": "B"
// 	    }
// 	  }
// 	}

json := TChilkatJsonObject.Create(Self);
json.UpdateString('merchant_ref','Astonishing-Sale');
json.UpdateString('transaction_type','authorize');
json.UpdateString('method','token');
json.UpdateString('amount','200');
json.UpdateString('currency_code','USD');
json.UpdateString('token.token_type','FDToken');
json.UpdateString('token.token_data.type','visa');
json.UpdateString('token.token_data.value','2537446225198291');
json.UpdateString('token.token_data.cardholder_name','JohnSmith');
json.UpdateString('token.token_data.exp_date','1030');
json.UpdateString('token.token_data.special_payment','B');

// string hashData = apiKey + nonce + timestamp + token + jsonString;
sbHmacData := TChilkatStringBuilder.Create(Self);
sbHmacData.Append(apiKey);
sbHmacData.Append(nonce);
sbHmacData.Append(timestamp);
sbHmacData.Append(token);
sbHmacData.Append(json.Emit());

// HMAC the data to produce a hex string.
crypt.EncodingMode := 'hexlower';
crypt.MacAlgorithm := 'hmac';
crypt.SetMacKeyString(apiSecret);
crypt.HashAlgorithm := 'sha256';
crypt.Charset := 'utf-8';
hexHash := crypt.MacStringENC(sbHmacData.GetAsString());

// Now base64 encode the hex string:
sbBase64Hash := TChilkatStringBuilder.Create(Self);
sbBase64Hash.Append(hexHash);
sbBase64Hash.Encode('base64','utf-8');

Memo1.Lines.Add('This is the Authorization header to be sent with the payeezy request:');
Memo1.Lines.Add('Authorization: ' + sbBase64Hash.GetAsString());
end;