TLDR: post IS successful. PayTrace, by design, returns a 400 error, which sets off exceptions in httpresponse. Solution: catch the exception and then continue deserializing your response.
I coded a few weeks ago a .NET post to the PayTrace API which helps me demo and test payment by credit card using client side encryption. The process more or less went like this:
- Create demo account as a merchant on Paytrace
- Download PEM key
- On submit of form with credit card information, an imported PayTraceJS library encrypts the card number and csc code
- Use the demo account’s username and password to submit a request for a token
- Submit transaction (which includes encrypted info as well as other required fields) using token and await response
A successful http response returns a status code of 200. I read it via stream, deserialize it using json into my CardResponse object (both successful and failure responses have the same design). Everything went great until I began testing rejected cards.
This year I am re-writing my previous payment solution (from PHP to .NET) and first on the project list is credit cards. We are using PayTrace and their client-side encryption as to not have to worry about PCI Compliance.
I’m to the point where I have a Pre-Payment model with all the fields needed to send via JSON. I also have a method to request a token for sending (uses demo username and pass) and a test PEM file I downloaded from the PayTrace site. I also got the webpage scanning credit cards, and I hit submit and.. I get this:
XML Parsing Error: no element found
This is appearing in the console of Inspector in Firefox. Turns out this a generic error Firefox throws out when it’s expending a file but gets nothing.
My path’s are correct, but the “public_key.pem” file is not attaching to my post. The problem? MIME-type.
This is a quick for-developers-only guide of how to get your PHP/JS code (Windows) talking to PayTrace’s API. I chose the Client Side Encryption as being our first time out, I wanted the least amount of strictness in PCI compliance. This guide assumes you know PHP, JS, JQuery, a little of what an API does, enough to paste some JSON together and of course your HTML, CSS, etc. You’re a developer, you have all the code provided open source, but this is a quick A-B-C of what code I used and how I got it working on Windows (IIS7) and hurdles I ran into.
All code here is readily available on GitHub, but if you’d like my version of it, download it on my Gist.