Sample code for 30+ languages & platforms
SQL Server

Payeezy HMAC Computation

See more HTTP Misc Examples

Demonstrates how to calculate the HMAC for a Payeezy REST request.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @crypt int
    EXEC @hr = sp_OACreate 'Chilkat.Crypt2', @crypt OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @prng int
    EXEC @hr = sp_OACreate 'Chilkat.Prng', @prng OUT

    -- An API key such as y6pWAJNyJyjGv66IsVuWnklkKUPFbb0a
    DECLARE @apiKey nvarchar(4000)
    SELECT @apiKey = 'my_api_key'
    -- An API secret such as 86fbae7030253af3cd15faef2a1f4b67353e41fb6799f576b5093ae52901e6f7
    DECLARE @apiSecret nvarchar(4000)
    SELECT @apiSecret = 'my_api_secret'
    -- A token such as fdoa-a480ce8951daa73262734cf102641994c1e55e7cdf4c02b6
    DECLARE @token nvarchar(4000)
    SELECT @token = 'my_merchant_token'

    -- The nonce is a random number (bytes), something like "6057786719490086000"
    DECLARE @nonce nvarchar(4000)
    EXEC sp_OAMethod @prng, 'GenRandom', @nonce OUT, 8, 'decimal'

    PRINT 'nonce = ' + @nonce

    DECLARE @dtNow int
    EXEC @hr = sp_OACreate 'Chilkat.CkDateTime', @dtNow OUT

    EXEC sp_OAMethod @dtNow, 'SetFromCurrentSystemTime', @success OUT
    DECLARE @sbTimestamp int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbTimestamp OUT

    -- Get the epoch timestamp in seconds
    EXEC sp_OAMethod @dtNow, 'GetAsUnixTimeStr', @sTmp0 OUT, 0
    EXEC sp_OAMethod @sbTimestamp, 'Append', @success OUT, @sTmp0
    -- Change it to milliseconds
    EXEC sp_OAMethod @sbTimestamp, 'Append', @success OUT, '000'
    -- The timestamp is a number similar to this: 1546011905000 (which is a timestamp taken on 28-Dec-2018).
    DECLARE @timestamp nvarchar(4000)
    EXEC sp_OAMethod @sbTimestamp, 'GetAsString', @timestamp OUT

    PRINT 'timestamp = ' + @timestamp

    -- Generate the following JSON request body:
    -- 	{
    -- 	  "merchant_ref": "Astonishing-Sale",
    -- 	  "transaction_type": "authorize",
    -- 	  "method": "token",
    -- 	  "amount": "200",
    -- 	  "currency_code": "USD",
    -- 	  "token": {
    -- 	    "token_type": "FDToken",
    -- 	    "token_data": {
    -- 	      "type": "visa",
    -- 	      "value": "2537446225198291",
    -- 	      "cardholder_name": "JohnSmith",
    -- 	      "exp_date": "1030",
    -- 	      "special_payment": "B"
    -- 	    }
    -- 	  }
    -- 	}

    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT

    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'merchant_ref', 'Astonishing-Sale'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'transaction_type', 'authorize'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'method', 'token'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'amount', '200'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'currency_code', 'USD'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'token.token_type', 'FDToken'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'token.token_data.type', 'visa'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'token.token_data.value', '2537446225198291'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'token.token_data.cardholder_name', 'JohnSmith'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'token.token_data.exp_date', '1030'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'token.token_data.special_payment', 'B'

    -- string hashData = apiKey + nonce + timestamp + token + jsonString;
    DECLARE @sbHmacData int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbHmacData OUT

    EXEC sp_OAMethod @sbHmacData, 'Append', @success OUT, @apiKey
    EXEC sp_OAMethod @sbHmacData, 'Append', @success OUT, @nonce
    EXEC sp_OAMethod @sbHmacData, 'Append', @success OUT, @timestamp
    EXEC sp_OAMethod @sbHmacData, 'Append', @success OUT, @token
    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @sbHmacData, 'Append', @success OUT, @sTmp0

    -- HMAC the data to produce a hex string.
    EXEC sp_OASetProperty @crypt, 'EncodingMode', 'hexlower'
    EXEC sp_OASetProperty @crypt, 'MacAlgorithm', 'hmac'
    EXEC sp_OAMethod @crypt, 'SetMacKeyString', @success OUT, @apiSecret
    EXEC sp_OASetProperty @crypt, 'HashAlgorithm', 'sha256'
    EXEC sp_OASetProperty @crypt, 'Charset', 'utf-8'
    DECLARE @hexHash nvarchar(4000)
    EXEC sp_OAMethod @sbHmacData, 'GetAsString', @sTmp0 OUT
    EXEC sp_OAMethod @crypt, 'MacStringENC', @hexHash OUT, @sTmp0

    -- Now base64 encode the hex string:
    DECLARE @sbBase64Hash int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbBase64Hash OUT

    EXEC sp_OAMethod @sbBase64Hash, 'Append', @success OUT, @hexHash
    EXEC sp_OAMethod @sbBase64Hash, 'Encode', @success OUT, 'base64', 'utf-8'


    PRINT 'This is the Authorization header to be sent with the payeezy request:'

    EXEC sp_OAMethod @sbBase64Hash, 'GetAsString', @sTmp0 OUT
    PRINT 'Authorization: ' + @sTmp0

    EXEC @hr = sp_OADestroy @crypt
    EXEC @hr = sp_OADestroy @prng
    EXEC @hr = sp_OADestroy @dtNow
    EXEC @hr = sp_OADestroy @sbTimestamp
    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @sbHmacData
    EXEC @hr = sp_OADestroy @sbBase64Hash


END
GO