(PHP ActiveX) Payeezy HMAC Computation

Demonstrates how to calculate the HMAC for a Payeezy REST request.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows Note: The php_com_dotnet.dll may need to be enabled inside of php.ini.

<?php

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Crypt2')
$crypt = new COM("Chilkat.Crypt2");
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Prng')
$prng = new COM("Chilkat.Prng");

// An API key such as y6pWAJNyJyjGv66IsVuWnklkKUPFbb0a
$apiKey = 'my_api_key';
// An API secret such as 86fbae7030253af3cd15faef2a1f4b67353e41fb6799f576b5093ae52901e6f7
$apiSecret = 'my_api_secret';
// A token such as fdoa-a480ce8951daa73262734cf102641994c1e55e7cdf4c02b6
$token = 'my_merchant_token';

// The nonce is a random number (bytes), something like "6057786719490086000"
$nonce = $prng->genRandom(8,'decimal');
print 'nonce = ' . $nonce . "\n";

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.CkDateTime')
$dtNow = new COM("Chilkat.CkDateTime");
$dtNow->SetFromCurrentSystemTime();
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder')
$sbTimestamp = new COM("Chilkat.StringBuilder");
// Get the epoch timestamp in seconds
$sbTimestamp->Append($dtNow->getAsUnixTimeStr(0));
// Change it to milliseconds
$sbTimestamp->Append('000');
// The timestamp is a number similar to this: 1546011905000 (which is a timestamp taken on 28-Dec-2018).
$timestamp = $sbTimestamp->getAsString();
print 'timestamp = ' . $timestamp . "\n";

// Generate the following JSON request body:
// 	{
// 	  "merchant_ref": "Astonishing-Sale",
// 	  "transaction_type": "authorize",
// 	  "method": "token",
// 	  "amount": "200",
// 	  "currency_code": "USD",
// 	  "token": {
// 	    "token_type": "FDToken",
// 	    "token_data": {
// 	      "type": "visa",
// 	      "value": "2537446225198291",
// 	      "cardholder_name": "JohnSmith",
// 	      "exp_date": "1030",
// 	      "special_payment": "B"
// 	    }
// 	  }
// 	}

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$json = new COM("Chilkat.JsonObject");
$json->UpdateString('merchant_ref','Astonishing-Sale');
$json->UpdateString('transaction_type','authorize');
$json->UpdateString('method','token');
$json->UpdateString('amount','200');
$json->UpdateString('currency_code','USD');
$json->UpdateString('token.token_type','FDToken');
$json->UpdateString('token.token_data.type','visa');
$json->UpdateString('token.token_data.value','2537446225198291');
$json->UpdateString('token.token_data.cardholder_name','JohnSmith');
$json->UpdateString('token.token_data.exp_date','1030');
$json->UpdateString('token.token_data.special_payment','B');

// string hashData = apiKey + nonce + timestamp + token + jsonString;
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder')
$sbHmacData = new COM("Chilkat.StringBuilder");
$sbHmacData->Append($apiKey);
$sbHmacData->Append($nonce);
$sbHmacData->Append($timestamp);
$sbHmacData->Append($token);
$sbHmacData->Append($json->emit());

// HMAC the data to produce a hex string.
$crypt->EncodingMode = 'hexlower';
$crypt->MacAlgorithm = 'hmac';
$crypt->SetMacKeyString($apiSecret);
$crypt->HashAlgorithm = 'sha256';
$crypt->Charset = 'utf-8';
$hexHash = $crypt->macStringENC($sbHmacData->getAsString());

// Now base64 encode the hex string:
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder')
$sbBase64Hash = new COM("Chilkat.StringBuilder");
$sbBase64Hash->Append($hexHash);
$sbBase64Hash->Encode('base64','utf-8');

print 'This is the Authorization header to be sent with the payeezy request:' . "\n";
print 'Authorization: ' . $sbBase64Hash->getAsString() . "\n";

?>