public ActionResult SimResponse(FormCollection post)
{
var response = new SIMResponse(post);
//first order of business - validate that it was Auth.net that posted this using the
//MD5 Hash passed to use from Auth.net
var isValid = response.Validate(ConfigurationManager.AppSettings["MerchantHash"],
ConfigurationManager.AppSettings["ApiLogin"]);
//if it's not valid - just send them to the home page. Don't throw - that's how
//hackers figure out what's wrong :)
if (!isValid)
{
return(Redirect("/"));
}
//pull the order ID from the order
var orderId = new Guid(Request.Form["order_id"]);
//pull the order
var order = MvcApplication.FindOrder(orderId);
//the URL to redirect to
var redirectAction = Url.Action("details", "orders", new { id = orderId.ToString() });
var returnUrl = Url.SiteRoot() + redirectAction;
if (response.Approved)
{
order.AuthCode = response.ToString();
order.TransactionID = response.TransactionID;
order.OrderMessage = string.Format("Thank you! Order approved: {0}", response.AuthorizationCode);
}
else
{
//pin the message to the order so we can show it to the user
order.OrderMessage = response.Message;
redirectAction = Url.Action("error", "orders", new { id = orderId.ToString() });
returnUrl = Url.SiteRoot() + redirectAction;
}
//save the order somewhere
MvcApplication.SaveOrder(order);
//Direct Post method
return(Content(CheckoutFormBuilders.Redirecter(returnUrl)));
//or just return the page back to the AuthNet server if you don't want to bounce the return
//MAKE SURE it has absolute URLs
//return Redirect(redirectAction);
}
public static bool IsSIMValid(SIMResponse response, IPortalContext portal)
{
var context = portal.ServiceContext;
var apiLogin = context.GetSiteSettingValueByName(portal.Website, "Ecommerce/Authorize.Net/ApiLogin");
var merchantHash = context.GetSiteSettingValueByName(portal.Website, "Ecommerce/Authorize.Net/MerchantHash");
//first order of business - validate that it was Auth.net that posted this using the
//MD5 hash that was passed back to us
var isValid = response.Validate(merchantHash, apiLogin);
return(isValid);
}
public ActionResult AuthorizeNetSim(FormCollection post)
{
_logger.Info("keys: {0}", string.Join(", ", post.AllKeys));
var orderId = Convert.ToInt32(post["OrderId"]);
var userId = Convert.ToInt32(post["UserId"]);
var order = _orderService.FindOrder(orderId, userId);
_logger.Info("Authorizing SIM...");
//the URL to redirect to- this MUST be absolute
var successUrl = Url.RouteUrl("confirmation", new { orderId = order.Id }, SecureProtocol);
var failureUrl = Url.RouteUrl("billing-details", new { orderId = order.Id }, SecureProtocol);
var redirectUrl = successUrl;
var response = new SIMResponse(post);
_logger.Info("Approved: {0}", response.Approved);
_logger.Info("Code: {0}", response.ResponseCode);
_logger.Info("Message: {0}", response.Message);
_logger.Info("Authorization Code: {0}", response.AuthorizationCode);
_logger.Info("Card Number: {0}", response.CardNumber);
_logger.Info("Card Type: {0}", response.CardType);
_logger.Info("Invoice Number: {0}", response.InvoiceNumber);
_logger.Info("MD5 Hash: {0}", response.MD5Hash);
_logger.Info("Transaction ID: {0}", response.TransactionID);
//first order of business - validate that it was Authorize.Net that posted this using the
//MD5 hash that was passed back to us
var isValid = response.Validate(AuthorizeNetConfig.Md5HashValue, AuthorizeNetConfig.ApiLogin);
_logger.Info("Valid: {0}", isValid);
if (isValid && response.Approved)
{
_orderConfirmationMailer.SendOrderConfirmationEmail(order);
_orderService.CompleteOrder(order, response.TransactionID);
}
else
{
_orderService.FailOrder(order, response.Message);
redirectUrl = failureUrl;
}
return(Content(AuthorizeNet.Helpers.CheckoutFormBuilders.Redirecter(redirectUrl)));
}
public ActionResult TestCheckoutSim(FormCollection post)
{
var response = new SIMResponse(post);
var output = new StringBuilder();
//first order of business - validate that it was Authorize.Net that posted this using the
//MD5 hash that was passed back to us
var isValid = response.Validate(AuthorizeNetConfig.Md5HashValue, AuthorizeNetConfig.ApiLogin);
if (isValid && response.Approved)
{
output.AppendFormat("Completed Test Checkout<br/>");
}
else
{
output.AppendFormat("Failed Test Checkout<br/>");
}
output.AppendFormat("<br/>Valid: {0}", isValid);
output.AppendFormat("<br/>Approved: {0}", response.Approved);
output.AppendFormat("<br/>Code: {0}", response.ResponseCode);
output.AppendFormat("<br/>Message: {0}", response.Message);
output.AppendFormat("<br/>Authorization Code: {0}", response.AuthorizationCode);
output.AppendFormat("<br/>Card Number: {0}", response.CardNumber);
output.AppendFormat("<br/>Card Type: {0}", response.CardType);
output.AppendFormat("<br/>Invoice Number: {0}", response.InvoiceNumber);
output.AppendFormat("<br/>MD5 Hash: {0}", response.MD5Hash);
output.AppendFormat("<br/>Transaction ID: {0}", response.TransactionID);
var appData = HttpContext.Server.MapPath("~/App_Data/");
var outputFile = string.Format("{0}.txt", response.InvoiceNumber);
System.IO.File.WriteAllText(Path.Combine(appData, outputFile), output.ToString());
//the URL to redirect to- this MUST be absolute
var redirectUrl = Url.RouteUrl("test-checkout-confirmation", new { invoiceNumber = response.InvoiceNumber }, SecureProtocol);
return(Content(AuthorizeNet.Helpers.CheckoutFormBuilders.Redirecter(redirectUrl)));
}
public ActionResult AuthorizeNetSimGift(FormCollection post)
{
_logger.Info("keys: {0}", string.Join(", ", post.AllKeys));
var orderId = Convert.ToInt32(post["GiftOrderId"]);
var userId = Convert.ToInt32(post["UserId"]);
var order = _giftCardOrderService.FindOrder(orderId, userId);
_logger.Info("Authorizing SIM...");
//the URL to redirect to- this MUST be absolute
var successUrl = Url.RouteUrl("giftconfirmation", new { orderId = order.Id }, SecureProtocol);
var failureUrl = Url.RouteUrl("billing-giftdetails", new { orderId = order.Id }, SecureProtocol);
var redirectUrl = successUrl;
var response = new SIMResponse(post);
_logger.Info("Approved: {0}", response.Approved);
_logger.Info("Code: {0}", response.ResponseCode);
_logger.Info("Message: {0}", response.Message);
_logger.Info("Authorization Code: {0}", response.AuthorizationCode);
_logger.Info("Card Number: {0}", response.CardNumber);
_logger.Info("Card Type: {0}", response.CardType);
_logger.Info("Invoice Number: {0}", response.InvoiceNumber);
_logger.Info("MD5 Hash: {0}", response.MD5Hash);
_logger.Info("Transaction ID: {0}", response.TransactionID);
//first order of business - validate that it was Authorize.Net that posted this using the
//MD5 hash that was passed back to us
var isValid = response.Validate(AuthorizeNetConfig.Md5HashValue, AuthorizeNetConfig.ApiLogin);
_logger.Info("Valid: {0}", isValid);
if (isValid && response.Approved)
{
_giftorderConfirmationMailer.SendGiftOrderConfirmationEmail(order);
_giftCardOrderService.CompleteOrder(order, response.TransactionID);
//Campaign Monitor -Adding subscriber to Gift card recipients List
AuthenticationDetails auth = new ApiKeyAuthenticationDetails(ConfigurationManager.AppSettings["CampaignMonitorAPI_key"]);
Subscriber objSubscriber = new Subscriber(auth, ConfigurationManager.AppSettings["CampaignMonitorListID"]);
for (int i = 0; i < order.GiftOrderDetail.Count; i++)
{
List <SubscriberCustomField> customFields = new List <SubscriberCustomField>();
customFields.Add(new SubscriberCustomField()
{
Key = "Amount", Value = order.GiftOrderDetail[i].Amount.ToString()
});
customFields.Add(new SubscriberCustomField()
{
Key = "Your Name", Value = order.GiftOrderDetail[i].YourName.ToString()
});
customFields.Add(new SubscriberCustomField()
{
Key = "Gift Code", Value = order.GiftOrderDetail[i].RecipientGiftCode.ToString()
});
customFields.Add(new SubscriberCustomField()
{
Key = "Message", Value = order.GiftOrderDetail[i].Message.ToString()
});
string newSubscriberID = objSubscriber.Add(order.GiftOrderDetail[i].RecipientEmail.ToString(), null, customFields, false);
}
}
else
{
_giftCardOrderService.FailOrder(order, response.Message);
redirectUrl = failureUrl;
}
return(Content(AuthorizeNet.Helpers.CheckoutFormBuilders.Redirecter(redirectUrl)));
}
