0

I am in the middle of integration zuora apis with my application. These are the below 3 three apis I am using through following steps -

Step 1 Requesting for auth token

        Service api (Test)-  https://rest.apisandbox.zuora.com/oauth/token

            Request Headers - Content-Type:application/x-www-form-urlencoded
               Authorization:Basic YWYzNTg5ZWMtNTFmMC00YTc2LWFlZjEtYjk0YzZmYWE0Y2ViOlJDdGV5OGlTWFFUc00xQytTPTFYWD1POE9tRWM1c0FBWVBaaE5vV24=

Request Body - grant_type:client_credentials
Response Body - { "access_token": "41947f41d664437a98a9da38a293c89d", "token_type": "bearer", "expires_in": 3598, "scope": "entity.a083d63b-b3f5-8626-f793-65cec903f9ca platform.write service.events.read service.events.write service.genesis.read service.genesis.write service.notifications.read service.notifications.write service.usage.delete service.usage.update service.usage.write tenant.41231 user.2c92c094738e5b090173902066c201ba", "jti": "41947f41d664437a98a9da38a293c89d" }

Use access_token or jti value from auth token response and pass it on to the headers parameters as Authorization: Bearer

Step 2 : - Request for hmac-signatures for making payment

        Service api (Test) - https://rest.apisandbox.zuora.com/v1/hmac-signatures

            Request Headers - Content-Type:application/json
Authorization:Bearer 41947f41d664437a98a9da38a293c89d

        Request Body - {
                                            "accountKey": "A00000485",
                                            "method": "POST",
                                            "uri": "https://rest.apisandbox.zuora.com/v1/payment-methods/credit-cards"

}

            Response Body - {
                                  "signature": "MDgzN2ZkYjAzOTQ5NmQ5NDQyZjc5YTU3NjUwMDgxOGIxNTY3YWM2Mw==",
                                    "token": "C41mzDTudB2uc0Jc6vwrhQGvwq3JTxsF",
                                   "success": true
                                    }

The signature needs to be added in Make Payment header asSignature:MDgzN2ZkYjAzOTQ5NmQ5NDQyZjc5YTU3NjUwMDgxOGIxNTY3YWM2Mw== The token needs to be added in Make Payment header as Token:C41mzDTudB2uc0Jc6vwrhQGvwq3JTxsF

Step 3:- Make payment request –

Service Api - https://apisandbox-api.zuora.com/rest/v1/payment-methods/credit-cards

Headers Parameters – Host:apisandbox-api.zuora.com Signature:MDgzN2ZkYjAzOTQ5NmQ5NDQyZjc5YTU3NjUwMDgxOGIxNTY3YWM2Mw== Token:C41mzDTudB2uc0Jc6vwrhQGvwq3JTxsF Content-Type:application/json Origin:www.test.gov.uk Cache-Control:no-cache

            Request Parameters – {
                    "defaultPaymentMethod": true,

"cardHolderInfo": {"addressLine1": "77 Fallon Glen", "addressLine2": "", "zipCode": "94020", "state": "California", "phone": "4155551234", "country": "USA", "cardHolderName": "Bill Thiebault", "city": "Fremont", "email": "bill@testaddress.com"}, "expirationMonth": "10", "accountKey": "A00000485", "creditCardType": "Visa", "expirationYear": "2021", "creditCardNumber": "4012888888881121", "securityCode": "123" }

        Response Body – {
                     "success": true,
"**paymentMethodId": "2c92c0fb73ad855c0173b8c3316b36a1"**

}

When I use the same steps using postman I am able to get a success response. And the Payment Method id is also getting generated. Using java client the first two services are being executed. But the issue appears when I hit the request for Payment-Method / credit cards, It always returns - { "success" : false, "processId" : "84AD9CF25EC6623A", "reasons" : [ { "code" : 90000011, "message" : "this resource is protected, please sign in first" } ] }

Please suggest me if I missed anything here.

Sougato Majumdar
  • 1
  • Welcome to Stack Overflow! Please take the [tour](https://stackoverflow.com/tour) and read through the [help center](http://stackoverflow.com/help), in particular [how to ask](https://stackoverflow.com/help/how-to-ask). Your best bet here is to do your research, search for related topics on SO, and give it a go. After doing more research and searching, post a [Minimal, Complete, and Verifiable example](https://stackoverflow.com/help/mcve) of your attempt and say specifically where you're stuck, which can help you get better answers. – help-info.de Aug 26 '20 at 09:07
  • Please note the conventions for formatting [How do I format my posts using Markdown or HTML](http://stackoverflow.com/help/formatting). – help-info.de Aug 26 '20 at 09:07

1 Answers1

0

I missed to set the header value. Here I am posting the method that I used - It consists Oauth token generation -> generation hmac signature -> making request for payment-method / credit card. It worked for me.

public void testSpringZuorPaymentCreditCardDifferent() {
        HTTPHelper httpHelper = null;
        String urlOAuthToken = "https://rest.apisandbox.zuora.com/oauth/token";
        String resp = null;
        try {
            
            
            String userNameAndPassword ="c59b646b-53c6-45fb-b9c3-d3ea0978033d" + ":" +"6VLNxA=Fbaorb7yqXO3YRaiS2a+WUfLtwOiVugLqQ";
            String authorizationHeaderValue = "Basic " + new String(Base64.encode(userNameAndPassword.getBytes()));
            
            
             httpHelper = new HTTPHelper(new URL(urlOAuthToken));
             Map<String, String> hdmp = new HashMap<String, String>();
                
            hdmp.put("Authorization", authorizationHeaderValue);
            hdmp.put("Content-Type", "application/x-www-form-urlencoded");
            httpHelper.setHeaders(hdmp);
            
            String req = "grant_type=client_credentials";
            
            System.out.println("REQUEST: " + req);
            resp = httpHelper.post(req, 60000, 60000);
            System.out.println("OAuth token response : " + resp);
                
             
        }catch(Exception e) {
            e.printStackTrace();
        }
        
        String[] arrOfStr = resp.split("\\W+");
        System.out.println("Bearer token---------" + arrOfStr[2]);
        
        
        String urlHmacSignatureUrl = "https://rest.apisandbox.zuora.com/v1/hmac-signatures";
    
        try {    
            
             httpHelper = new HTTPHelper(new URL(urlHmacSignatureUrl));
             Map<String, String> hdmp = new HashMap<String, String>();
                
            hdmp.put("Authorization", "Bearer " + new String(Base64.encode(arrOfStr[2].getBytes())));
            hdmp.put("Content-Type", "application/json");
            hdmp.put("cache-control", "no-cache");
            httpHelper.setHeaders(hdmp);
            String req = "{\n    \"accountKey\": \"A00000194\", \n    \"method\": \"POST\", \n    \"uri\": \"https://rest.apisandbox.zuora.com/v1/payment-methods/credit-cards\"\n}";
            
            System.out.println("REQUEST: " + req);
            resp = httpHelper.post(req, 60000, 60000);
            System.out.println("Hmac Signature  response : " + resp);
                
             
        }catch(Exception e) {
            e.printStackTrace();
        }
        
        
        arrOfStr = resp.split("\\W+");
        System.out.println("signature : - "+arrOfStr[2]);
           
        System.out.println("token : - "+arrOfStr[4]);
        
        
        String serverURI = "https://apisandbox-api.zuora.com/rest/v1/payment-methods/credit-cards";
        
        try {
            java.util.Map<String, String> headers = new java.util.HashMap<String, String>();
             httpHelper = new HTTPHelper(new URL(serverURI));
              headers.put("Content-Type", "application/json");
//            headers.put("Signature", arrOfStr[2]+"==");
              headers.put("Signature", new String(Base64.encode("YjM4MDY5MDliZmVkYmZiOGFkNmQ1YzFhYzFmNzMyOGI3NjExM2JlNQ==".getBytes())));
              headers.put("Token", new String(Base64.encode(arrOfStr[4].getBytes())));
              httpHelper.setHeaders(headers);
             
            String req = "{\r\n" + 
                    "   \"defaultPaymentMethod\":true,\r\n" + 
                    "   \"cardHolderInfo\":{\r\n" + 
                    "      \"addressLine1\":\"77 Fallon Glen\",\r\n" + 
                    "      \"addressLine2\":\"\",\r\n" + 
                    "      \"zipCode\":\"94020\",\r\n" + 
                    "      \"state\":\"California\",\r\n" + 
                    "      \"phone\":\"4155551234\",\r\n" + 
                    "      \"country\":\"USA\",\r\n" + 
                    "      \"cardHolderName\":\"Bill Thiebault\",\r\n" + 
                    "      \"city\":\"Fremont\",\r\n" + 
                    "      \"email\":\"bill@testaddress.com\"\r\n" + 
                    "   },\r\n" + 
                    "   \"expirationMonth\":\"10\",\r\n" + 
                    "   \"accountKey\":\"A00000485\",\r\n" + 
                    "   \"creditCardType\":\"Visa\",\r\n" + 
                    "   \"expirationYear\":\"2021\",\r\n" + 
                    "   \"creditCardNumber\":\"4012888888881121\",\r\n" + 
                    "   \"securityCode\":\"123\"\r\n" + 
                    "}";
        
            System.out.println("Req: " + req);  
            resp = httpHelper.post(req, 60000, 60000);
            System.out.println("Payment Method - Credit Cards: " + resp);
            
        }catch(Exception e) {
            e.printStackTrace();
        }
    }
Sougato Majumdar
  • 1