Tricks to get Cybersource Credit card processing post to work

JeffH · April 23, 2026, 3:00pm

MAP
CyberSource:GenerateSignatureFromParams PROCEDURE (STRING signatureParams,STRING secretKey),STRING
END

MAP
CyberSource:GenerateHeader PROCEDURE (*typCCRetailMsg ccMsg, *NetWebClient pWeb, STRING PostString)
END

CyberSource:GenerateSignatureFromParams PROCEDURE (STRING signatureParams,STRING secretKey)

strParams StringTheory
strKey StringTheory

CODE

strParams.SetValue(signatureParams,st:clip)
strKey.SetValue(secretKey,st:clip)
strKey.Base64Decode()
! strParams.ToUnicode()
strParams.SetValue(NetMakeHMAC(strParams.GetValuePtr(), strParams.Length(), strKey.GetValue(), net:CALG_SHA_256))
strParams.Base64Encode()
return strParams.GetValue()

CyberSource:GenerateHeader PROCEDURE (*typCCRetailMsg ccMsg, *NetWebClient pWeb, STRING PostString)

lSecretKey STRING(100)
KeyId STRING(100)
MerchantId STRING(100)
HostName STRING(100)
HostTarget STRING(100)

strPost StringTheory
strHost StringTheory

strURL StringTheory

sGMTDate STRING(64)

lstart LONG
lend LONG

CODE

  MerchantId             = ccMsg.AcctNo
  KeyId                  = ccMsg.Key
  lSecretKey             = ccMsg.PW

  strURL.SetValue(ccMsg.TxnURL)
  
  lstart = 0
  lend = 0
  
  HostName = CLIP(strURL.FindBetween('https://', '.com', lstart, lend)) & '.com'
  lstart = 0
  lend = 0

  HostTarget = 'post /' & CLIP(strURL.FindBetween('.com/', '', lstart, lend))

  strPost.SetValue(CLIP(PostString))
  strPost.SetValue(NetMakeHash(strPost.GetValuePtr(),strPost.Length(),net:CALG_SHA_256))
  strPost.Base64Encode()

  sGMTDate = pWeb.CreateGMTDate()  

  strHost.SetValue('host: ' & CLIP(HostName) & '<10>' &|
                               'v-c-date: '        & CLIP(sGMTDate)   & '<10>' & |
                               'request-target: ' & CLIP(HostTarget) & '<10>' &|
                               'digest: SHA-256=' & strPost.GetValue() & '<10>' &|
                               'v-c-merchant-id: ' & CLIP(MerchantId) & '')

  pWeb.CustomHeader = |
                               'v-c-merchant-id: ' & CLIP(MerchantId) & '<13,10>' &|
                               'v-c-date: ' & CLIP(sGMTDate) & '' & '<13,10>' &|
                               'digest: SHA-256=' & strPost.GetValue() & '<13,10>' &|
                               'Signature: keyid="' & CLIP(KeyId) & '", algorithm="HmacSHA256",' &|
                               ' headers="host v-c-date request-target digest v-c-merchant-id", signature="' &|
                               CyberSource:GenerateSignatureFromParams(strHost.GetValue(), lSecretKey) & '"'