0

I am trying to integrate Telenor EasyPay payment gateway with my online store but no matter what I do I get "Invalid Request" error on EasyPay server. Here is a snapshot of the problem. Picture of the error

Here is my code request code for staging account:

<form id="easypay" target="_blank" name="easypay" method="post" action="https://easypaystg.easypaisa.com.pk/easypay/Index.jsf">
        <input type="hidden" name="storeId" value="my_store_id_here" />
        <input type="hidden" name="amount" value="10" />
        <input type="hidden" name="postBackURL" value="https://my-store.com/post-back.php" />
        <input type="hidden" name="orderRefNum" value="5555"/>
        <input type="hidden" name="expiryDate" value="20201115 05:10:00" /> 
        <input type="hidden" name="autoRedirect" value="1" />
        <input type="hidden" name="paymentMethod" value="MA_PAYMENT_METHOD" />
        <input type="hidden" name="emailAddr" value="client_email@gmail.com" />
        <input type="hidden" name="mobileNum" value="client_mob_num" />
        <input type="hidden" name="merchantHashedReq" value="<?php echo $hashedRequest;?>" />
                        
        <input type = "submit" value="Pay With EasyPay">
    </form>

Another piece of code in PHP that I use for hashing my request parameters is:

function getHashedRequest($hKey, $orderId, $amt, $autoRed, $expiryDate, $storeId, $merchantConfirmPage,$paymentMode,$phone,$email) {
    $hashRequest = '';
    if(strlen($hKey) > 0 && (strlen($hKey) == 16 || strlen($hKey) == 24 || strlen($hKey) == 32 )) {
        // Create Parameter map
        //error_log('Order INFO: '. $orderId);
        $paramMap = array();
        $paramMap['amount']  = $amt ;
        $paramMap['autoRedirect']  = $autoRed ;
        $paramMap['expiryDate'] = $expiryDate;
        $paramMap['mobileNum']  = $phone ;
                    $paramMap['emailAddr']  = $email ;
        $paramMap['orderRefNum']  = $orderId;
        $paramMap['paymentMethod']  = $paymentMode;
        $paramMap['postBackURL'] = $merchantConfirmPage;
        $paramMap['storeId']  = $storeId;
        //Creating string to be encoded
        $mapString = '';
        foreach ($paramMap as $key => $val) {
            $mapString .=  $key.'='.$val.'&';
        }
        $mapString  = substr($mapString , 0, -1);
        // error_log('MAPString: '.$mapString);

        // Encrypting mapString
        function pkcs5_pad($text, $blocksize) {

            $pad = $blocksize - (strlen($text) % $blocksize);
            return $text . str_repeat(chr($pad), $pad);

        }

        $alg = 'MCRYPT_RIJNDAEL_128'; // AES
        $mode = 'MCRYPT_MODE_ECB'; // ECB
        
        
        //////////////////////////////////////////
        //$key previously generated safely, ie: openssl_random_pseudo_bytes
        $ivlen = openssl_cipher_iv_length($cipher="AES-128-CBC");
        $iv = openssl_random_pseudo_bytes($ivlen);
        $ciphertext_raw = openssl_encrypt($mapString, 'aes-256-ctr', $hKey, $options=OPENSSL_RAW_DATA, $iv);
        $hmac = hash_hmac('sha256', $ciphertext_raw, $hKey, $as_binary=true);
        $hashRequest = base64_encode( $iv.$hmac.$ciphertext_raw);
        
    }
    return $hashRequest;
}

I don't know what I am doing wrong. Any help would be appreciated. Thanks

Ismail
  • 331
  • 3
  • 10
  • Did you find a solution? – Abdul Rafay Jan 19 '21 at 14:08
  • 1
    I talked to the gateway engineer from EasyPaisa and we had a live meeting too. He checked my code out and pointed where I was mistaken. He asked me to change the order of the parameters in request URL and in the encrypted string. I did exactly the way he told me to but didn't work and was showing the same error. Eventually my client cancelled the whole project at the very last stage. I have stopped looking for a solution for now. – Ismail Jan 27 '21 at 01:42

0 Answers0