Sample code for 30+ languages & platforms
JavaScript

Payeezy HMAC Computation

See more HTTP Misc Examples

Demonstrates how to calculate the HMAC for a Payeezy REST request.
Note
This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.
JavaScript
var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

var crypt = new CkCrypt2();
var prng = new CkPrng();

// An API key such as y6pWAJNyJyjGv66IsVuWnklkKUPFbb0a
var apiKey = "my_api_key";
// An API secret such as 86fbae7030253af3cd15faef2a1f4b67353e41fb6799f576b5093ae52901e6f7
var apiSecret = "my_api_secret";
// A token such as fdoa-a480ce8951daa73262734cf102641994c1e55e7cdf4c02b6
var token = "my_merchant_token";

// The nonce is a random number (bytes), something like "6057786719490086000"
var nonce = prng.GenRandom(8,"decimal");
console.log("nonce = " + nonce);

var dtNow = new CkDateTime();
dtNow.SetFromCurrentSystemTime();
var sbTimestamp = new CkStringBuilder();
// Get the epoch timestamp in seconds
sbTimestamp.Append(dtNow.GetAsUnixTimeStr(false));
// Change it to milliseconds
sbTimestamp.Append("000");
// The timestamp is a number similar to this: 1546011905000 (which is a timestamp taken on 28-Dec-2018).
var timestamp = sbTimestamp.GetAsString();
console.log("timestamp = " + timestamp);

// Generate the following JSON request body:
// 	{
// 	  "merchant_ref": "Astonishing-Sale",
// 	  "transaction_type": "authorize",
// 	  "method": "token",
// 	  "amount": "200",
// 	  "currency_code": "USD",
// 	  "token": {
// 	    "token_type": "FDToken",
// 	    "token_data": {
// 	      "type": "visa",
// 	      "value": "2537446225198291",
// 	      "cardholder_name": "JohnSmith",
// 	      "exp_date": "1030",
// 	      "special_payment": "B"
// 	    }
// 	  }
// 	}

var json = new CkJsonObject();
json.UpdateString("merchant_ref","Astonishing-Sale");
json.UpdateString("transaction_type","authorize");
json.UpdateString("method","token");
json.UpdateString("amount","200");
json.UpdateString("currency_code","USD");
json.UpdateString("token.token_type","FDToken");
json.UpdateString("token.token_data.type","visa");
json.UpdateString("token.token_data.value","2537446225198291");
json.UpdateString("token.token_data.cardholder_name","JohnSmith");
json.UpdateString("token.token_data.exp_date","1030");
json.UpdateString("token.token_data.special_payment","B");

// string hashData = apiKey + nonce + timestamp + token + jsonString;
var sbHmacData = new CkStringBuilder();
sbHmacData.Append(apiKey);
sbHmacData.Append(nonce);
sbHmacData.Append(timestamp);
sbHmacData.Append(token);
sbHmacData.Append(json.Emit());

// HMAC the data to produce a hex string.
crypt.EncodingMode = "hexlower";
crypt.MacAlgorithm = "hmac";
crypt.SetMacKeyString(apiSecret);
crypt.HashAlgorithm = "sha256";
crypt.Charset = "utf-8";
var hexHash = crypt.MacStringENC(sbHmacData.GetAsString());

// Now base64 encode the hex string:
var sbBase64Hash = new CkStringBuilder();
sbBase64Hash.Append(hexHash);
sbBase64Hash.Encode("base64","utf-8");

console.log("This is the Authorization header to be sent with the payeezy request:");
console.log("Authorization: " + sbBase64Hash.GetAsString());