I have been hearing a lot about some new encryption needed for submitting transactions to Authorize.net but cannot find anything that explains it.
The AIM instructions for 2015 describe what I am already using except the post address has changed.
When I just submitted a transaction to the new address it was rejected.
Here is my code:
<cflock timeout="30" throwontimeout="No" name="12345">
<cfhttp url="https://secure.anetsgateway.net/gateway/transact.dll" method="post">
<cfoutput>
<cfhttpparam type="Formfield" name="x_login" value="myclient12345">
<cfhttpparam type="Formfield" name="x_tran_key" value="myxtrankey12345">
<cfhttpparam type="Formfield" name="x_version" value="3.1">
<cfhttpparam type="Formfield" name="x_test_request" value="TRUE">
The "x_tran_key" and "x_login" are hard-coded in my submission page.
Can someone explain where the issue is and examples of what special encryption I need.
It looks like you are using the wrong URL to talk to Authorize.Net. You should consult the documentation for the correct URL and proper method for integrating.
I would also like to add that placing your transaction key in the form is not a very good idea. It should be treated like a password.
Related
I'm trying to download a .csv file on a remote server location using ColdFusion (version 2016). I used the cfhttp tag to perform this operation but I keep getting the following error:
401 UNAUTHORIZED
I checked with the server admin of the remote server to verify that I have the right domain name, userid and password and the admin confirmed it. I couldn't find anything similar on SO, hence posting this question. Hoping someone can help me out.
PS: I don't have access to the ColdFusion Administrator since it is hosted by a separate team.
Below is my code (actual values replaced with dummy data for security):
<cfhttp url="https://xxx.yyy.com/abcd/xyz/myfolder/myFile.csv">
<cfhttpparam type="header" name="Authorization"
value="Basic #ToBase64("MydomainName\Myuserid:Mypassword")#" />
</cfhttp>
<cfdump var="#cfhttp.filecontent#" label="CSV file content">
<cfabort>
It might be that your auth string is wrong. To avoid confusion and while debugging, I would suggest something like this:
<cfset myDomainName = "MydomainName" />
<cfset myUserId = "Myuserid" />
<cfset myPassword = "Mypassword" />
<cfset authString = "Basic " & ToBase64('#myDomainName#' & '\' & '#myUserId#' & ':' & '#myPassword#') />
<cfhttp url="https://xxx.yyy.com/abcd/xyz/myfolder/myFile.csv">
<cfhttpparam type="header" name="Authorization"
value="#authString#" />
</cfhttp>
<cfdump var="#cfhttp.filecontent#" label="CSV file content">
<cfabort>
I hope this helps.
Afraid to ask this question as I'm not able to create a jsfiddle for it, but hope someone will be able help.
I'm trying to create a cfc in ColdFusion for an instagram login. That part is done. I'm using postman (google app) and by my credentials I can see the user's data in json, but when I'm converting this into ColdFusion it's giving an error. I tried to change the data-type, header and a lot of lines but am still getting the same error again and again.
My code (replaced ids with xxx for security)
<cftry>
<cfhttp url="https://api.instagram.com/oauth/access_token" method="post" resolveurl="yes">
<cfhttpparam type="header" name="Content-Type" value="application/x-www-form-urlencoded" />
<cfhttpparam type="formfield" name="client_id" value="14faxxxxxdc5440f86x6cdd8xxxxf78" />
<cfhttpparam type="formField" name="client_secret" value="40xa78220cfb" />
<cfhttpparam type="formField" name="grant_type" value="authorization_code" />
<cfhttpparam type="formField" name="redirect_uri" value="#URLEncodedFormat('http://example.com/demo/instagramAPI/success.cfm')#" />
<cfhttpparam type="formField" name="code" value="#url.code#" />
</cfhttp>
<cfdump var="#cfhttp#"><cfabort>
<cfcatch type="any">
<cfdump var="#cfcatch#">
</cfcatch>
</cftry>
I'm following this code from this answer. For more info check this . You can see that I'm getting data by using the same login details, but when doing the same via a cfc I'm getting error.
Error which I'm getting after running the url :
I've read a lot of articles and blogs, but still haven't been able to resolve the error. Can anyone help me understand what I'm doing wrong? If you have any other suggestions, please do let me know.
If any additional information is required, just let me know.
Finally i got the answer of my question after days.. Thanx Miguel-F and Mark A Kruger however Mark your link wasn't good for me as that was out of my issue so..
What i did is to update my SSL certificate. I tried before but was not having much information like Organization unit etc but then i followed the steps given in this Link, provided by Miguel and tested then i got expiration code error.
After that i tried to refresh with ?reinit=1 as i made changes in my cfc but forget to reinitialize after updating the certificate, and then i got the result :)
SO final answer is Update your SSL certificate with proper authorization and cfc can fetch data from Instagram..
Link useful for me One, CFC demo. In cfc demo you can download the cfc for instagram which is also useful (even in case you don't have to update the SSL certificate).
If anyone having issue with Instagram cfc then do let me know.. I spent days on this and can help you.. :)
We are trying to interact with a RESTful web service that expects a file.
I set the name of the field to data (as required by the API) and then specify the file as an absolute path. When the file makes it to the server, the filename in the HTTP transaction is the complete absolute path.
This causes a problem with the API as the full path is then recorded as the "FileName".
How do I get ColdFusion to report only the file name rather than the full path?
We are using ColdFusion 9.
Here is the CFML:
<cfhttp url="http://server/testcode"
port="9876"
method="post"
result="Content">
<cfhttpparam type="file"
name="data"
file="c:\temp\testfile.txt">
</cfhttp>
Here are some examples of the HTTP interactions with different browsers:
CFHTTP 9
-------------------------------7d0d117230764
Content-Disposition: form-data; name="data"; filename="c:\temp\testfile.txt"
Content-Type: text/plain
This is the text, really long, well, not really.
-------------------------------7d0d117230764--
IE8
-----------------------------7db370d80e0a
Content-Disposition: form-data; name="FileField"; filename="C:\temp\testfile.txt"
Content-Type: text/plain
This is the text, really long, well, not really.
-----------------------------7db370d80e0a--
Chrome 13
------WebKitFormBoundaryDnpFVJwCsZkzTGDc
Content-Disposition: form-data; name="FileField"; filename="testfile.txt"
Content-Type: text/plain
This is the text, really long, well, not really.
Firefox 6
-----------------------------22798303036224
Content-Disposition: form-data; name="FileField"; filename="testfile.txt"
Content-Type: text/plain
This is the text, really long, well, not really.
-----------------------------22798303036224--
Apparently IE8 and CFHTTP both do the same thing (add "c:\temp" to the file name). I'm not sure what the spec for HTTP is, but it would be nice if there was a way to get CFHTTP to leave the path off.
Is there any way to do this?
I ran into a problem similar to yours, once. I didn't care about excluding the path, but I wanted to send a different filename than the name of the file on my server's filesystem. I could not find a way to do it using CF tags at all, but I was able to get it to work by dropping into Java. I used org.apache.commons.httpclient, which ships with CF9 IIRC. It goes something like this (pardon any typos, I'm transposing from more complicated code):
oach = 'org.apache.commons.httpclient';
oachmm = '#oach#.methods.multipart';
method = createObject('java', '#oach#.methods.PostMethod').init(post_uri);
filePart = createObject('java', '#oachmm#.FilePart').init(
'fieldname',
'filename',
createObject('java', 'java.io.File').init('filepath')
);
method.setRequestEntity(
createObject('java', '#oachmm#.MultipartRequestEntity').init(
[ filePart ],
method.getParams()
)
);
status = createObject('java', '#oach#.HttpClient').init().executeMethod(method);
method.releaseConnection();
I see that the content type is text/plain so first I think that you need to add the multipart property on the CFHTTP
<cfhttp url="http://server/testcode"
port="9876"
method="post"
result="Content"
multipart = "yes">
<cfhttpparam type="file"
name="data"
file="c:\temp\testfile.txt">
</cfhttp>
Could solve your issue.
The only difference I see between all of the posts is that CF is sending name="data" while everything else is sending name="FileField". If the other browser submissions are correct, then I would change your cfhttpparam:
<cfhttpparam type="file"
name="FileField"
file="c:\temp\testfile.txt">
or even try sending an additional FileName parameter:
<cfhttpparam type="file"
name="data"
file="c:\temp\testfile.txt" />
<cfhttpparam type="formField"
name="FileName"
value="testfile.txt" />
So I was able to get access to the API and made it work. Here is the code for this specific part (as I assume that you were able to login and get a document guid).
<!--- upload a document --->
<cfhttp method="post" url="<path to watchdox api upload>/#local.guid#/upload">
<cfhttpparam type="header" name="Content-type" value="multipart/form-data">
<cfhttpparam type="header" name="x-wdox-version" value="1.0">
<cfhttpparam type="header" name="x-wdox-ssid" value="#local.xwdoxssid#" >
<cfhttpparam type="formfield" name="filename" value="testfile.txt" >
<cfhttpparam type="file" file="c:\temp\testfile.txt" name="data" >
</cfhttp>
Hope it will help.
I'm searching for a way to create a new CouchDB user without using Futon or Curl... just a straight http request.
One way I found (http://stackoverflow.com/questions/3456256/error-creating-user-in-couchdb-1-0) puts a JSON doc to "http://localhost:5984/_users/org.couchdb.user:username" to create a user.
I have attempted the following:
<cfhttp url="http://127.0.0.1/_users/org.couchdb.user:xyz_company" port="5984" method="PUT" username="#variables.couch_username#" password="#variables.couch_password#">
<cfhttpparam type="header" name="Content-Type" value="application/json">
<cfhttpparam type='body' name='org.couchdb.user:xyz_company' value='{"roles":[],"name":"xyz_company","salt":"3B33BF09-26B9-D60A-8F469D01286E9590","id":"org.couchdb.user:xyz_company","password_sha":"096EA41A5A81EA1507F2C6F7EDC364C0B82694AC","type":"user"}'>
I keep receiving the following back from Couch:
cfhttp.statuscode = 405 Method Not Allowed
cfhttp.filecontent = Method Not Allowed; The requested method PUT is not allowed for the URL /_users/org.couchdb.user:xyz_company
Any thoughts or suggestions?
UPDATE:
I edited my code based on Marcello's suggestions. I still receive the same 405 Method Not Allowed error. Here is the code now:
<cfhttp url="http://127.0.0.1/_users/org.couchdb.user:xyz_company" port="5984" method="PUT" username="#variables.couch_username#" password="#variables.couch_password#"><cfhttpparam type="header" name="Content-Type" value="application/json;charset=UTF-8"><cfhttpparam type='body' value='{"roles":[],"name":"xyz_company","salt":"3B33BF09-26B9-D60A-8F469D01286E9590","_id":"org.couchdb.user:xyz_company","password_sha":"096EA41A5A81EA1507F2C6F7EDC364C0B82694AC","type":"user"}'></cfhttp>
Any more suggestions? Thank you!
curl is a straight http request. There are other ways to create such requests: you can craft them with your browser; you can use a different program (e.g. wget); or even write your own (e.g. in Python or in JavaScript with V8 or Rhino).
I'm trying to obtain credentials from ning network using Coldfusion 9, so first this is the curl syntax to test the api :
curl -k https://external.ningapis.com/xn/rest/mbdevsite/1.0/Token?xn_pretty=true -u devshare#megabase.tn:mbdev2011 -d "oauth_signature_method=PLAINTEXT&
oauth_consumer_key=741ab68b-63fb-4949-891c-9e88f5143034&oauth_signature=36da2ea8
-10fb-48cc-aaa4-c17c551c6b87%26"
and it returns :
{
"success" : true,
"entry" : {
"author" : "1o0butfek0b3p",
"oauthConsumerKey" : "741ab68b-63fb-4949-891c-9e88f5143034",
"oauthToken" : "46f1e137-549a-4d9d-ae05-62782debfd3d",
"oauthTokenSecret" : "9f778ab5-db8e-4f3e-b17f-61d249b91f0a"
},
"resources" : {
}
then i translated it to coldfusion like this :
<cfhttp
method="post"
url="https://external.ningapis.com/xn/rest/mbdevsite/1.0/Token"
username="devshare#megabase.tn"
password="mbdev2011">
<cfhttpparam type="header" name="content-type" value="application/x-www-form-urlencoded">
<cfhttpparam name="oauth_signature_method" type="FormField" value="PLAINTEXT"/>
<cfhttpparam name="oauth_consumer_key" type="FormField" value="741ab68b-63fb-4949-891c-9e88f5143034"/>
<cfhttpparam name="oauth_signature" type="FormField" value="36da2ea8-10fb-48cc-aaa4-c17c551c6b87%26"/>
</cfhttp>
<cfoutput>
#cfhttp.fileContent#
</cfoutput>
and the response is always :
{"success":false,"reason":"The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service Provider.","status":401,"code":1,"subcode":12,"trace":"3d874587-072b-4877-b27e-b84ee2e2b537"}
does somebody have idea about what could be this error ??
url and login info are real for who wants to help by testing
Thank you..
Don't disclose your username & password in public forums. Better you change this user name & password after this issue completion :)
Your oauth_signature is 36da2ea8-10fb-48cc-aaa4-c17c551c6b87& not "36da2ea8-10fb-48cc-aaa4-c17c551c6b87%26"
I got the success response & it is working perfectly.
<cfhttp
method="post"
url="https://external.ningapis.com/xn/rest/mbdevsite/1.0/Token"
username="devshare#megabase.tn"
password="mbdev2011">
<cfhttpparam type="header" name="content-type" value="application/x-www-form-urlencoded">
<cfhttpparam name="oauth_signature_method" type="FormField" value="PLAINTEXT"/>
<cfhttpparam name="oauth_consumer_key" type="FormField" value="741ab68b-63fb-4949-891c-9e88f5143034"/>
<cfhttpparam name="oauth_signature" type="FormField" value="36da2ea8-10fb-48cc-aaa4-c17c551c6b87&"/>
</cfhttp>
Any specific reason why you're using cURL instead of cfhttp?
There's a nice library on RIAForge:
OAuth
that will help you with dealing with OAuth. The issue is probably with the parameters encoding.
Oh - and you shouldn't be posting your OAuth credentials.
UPDATE:
I'm afraid using OAuth isn't as simple as just calling cfhttp with params.
The parameters need to be in certain order, you need to sign the whole request using appropriate method (plain text in your case). The signing process also includes time stamp so you can't test your code with the values from the example as they definitely won't work.
If you download the RIAForge libraries there's an "\examples_external" folder there and twitter.cfm - you'll find all that I've mentioned there.
A bit of code from there to show what I mean:
<!--- Create empty token --->
<cfset oReq = CreateObject("component", "oauth.oauthrequest").fromConsumerAndToken(
oConsumer = oConsumer,
oToken = oToken,
sHttpMethod = "GET",
sHttpURL = sTokenEndpoint,stparameters= Parameters )>
<!--- Sign the request --->
<cfset oReq.signRequest(
oSignatureMethod = oReqSigMethodSHA,
oConsumer = oConsumer,
oToken = oToken)>
<!--- Get the request token --->
<cfhttp url="#oREQ.getString()#" method="get" result="tokenResponse"/>
Of course there's lots of bits missing before and after it.
You might check out Ben Nadel's blog post on OAuth. He covers some of the things you may be running into.