search

CyberSource / cybersource-rest-samples-csharp

C# sample code for the CyberSource REST API
25 stars 40 forks source link

Howto Generate JWT Flex Token #71

Open sipsorcery opened 2 years ago

sipsorcery commented 2 years ago

I've spent a few days trying to work out how to use the CyberSource dotnet SDK to submit a tokenised payment authorisation. I'm able to achieve this with the a Flex Token from the Flex Microform javascript library. For testing I need to get the token using C#.

It seems like the answer should be to combine these two samples:

The payment example uses a hard coded JWT Flex Token. How can that be generated with C#?

brianmc commented 2 years ago

Take a look at this video and let us know if that helps. https://youtu.be/-qv7nzPvW-M

sipsorcery commented 2 years ago

Thanks a lot for the response.

I have been able to integrate my C# server with the Flex Microform javascript library, as shown in that video, and along the same lines as the CyberSource .NET Flex Sample.

What I'd like to be able to do is replicate the actions being taken in the Flex Microform javascript library, to get the JWT FLex Token, in C#. That way I can run integration tests without having to resort to hosting a browser.

brianmc commented 2 years ago

We should have a sample of that here : https://github.com/CyberSource/cybersource-flex-samples-dotnet/tree/master/flex-js-sample

I have a suspicion this sample may be slightly out of date although the comments do indicate it uses v11. Let us know if you have any issues with it.

sipsorcery commented 2 years ago

We should have a sample of that here : https://github.com/CyberSource/cybersource-flex-samples-dotnet/tree/master/flex-js-sample

I have a suspicion this sample may be slightly out of date although the comments do indicate it uses v11. Let us know if you have any issues with it.

I did spot that sample. The challenge is the encryption is being done in javascript using the FLEX object. The challenge is how to do that in C# (or any server side language) to avoid the need to reverse engineer what the javascript library is doing?

Does the answer to this SO post CyberSource card number encryption (RSA-OAEP-256) look about right? I can start down that track but I was hoping to avoid the trail and error approach.