如何接收 Google Pay 的加密支付令牌数据
How to receive encrypted payment token data of Google Pay
我正尝试在我的网站上使用 Google 付款。一旦我确认付款 Google returns 这个数据结构:
但我需要这样的东西:
{
"signature":"MEYCIQDTe92wpG6OUgxJ/8Qnr36XzSgjGGCM7R3LwxjgwPYMTAIhAJDrjHG9wEm1BxVM6MMMB+jGTGpi3VScEMVbHIUsObFi",
"protocolVersion":"ECv2",
"signedMessage":"{\"encryptedMessage\":\"FY8w/U3IbdsZQovX8ufNGFDOePgc/genRiMjHyvuIBqLY4a6uPz7wI0ra31K6YbFJlAnCjFhTwSvDxAYXw6hlmI8sESO5eM1eZlzfP3+NoKV80OXKvOM/xI/qOQEqpEQEVXx6Bw2EpMMFW8yBaA8XPUNee3EJlUk+/f8lRdRcNmI65QKPLAzUnySo75HzBkSc5It/8/oXdYwR93/K6HRKGZuD+bIaxy3SUvC9ehQqhBoP+A34yQX1knfJ1qjBMhhVVcPZHi+Bg6LXA4ms/lfDdim6D1Epr6XQhc2h4RZ/dT+6Enn81s/8ym+jMMs8kqsW9ib8vkdTARv9AbUu7zeGPrKTCAxwc1n6joRR72dSnNCI9j9sxd9tkuC9wuRyDmjbWT+hRZgLc1v/xzzNImo3NxdKdaPzKBE3t9XQZY5fp3lZELaoXAuxAZYtZ7bX64Mz9c28wD8EM+krvfbmGMiBjIt8EfeH48/SjeaUKfDu+yQnjPJAKbDZPhKJ1jqlY/ChP0Om7spQacT86QUVK/DwfzukwvwwRJkWydNEac5fgfS2T6ToZ+PW4VHbxkDnY/h+B0uwdlNQIL2a3Ar5Q\u003d\u003d\",\"ephemeralPublicKey\":\"BGkK4bSvob+e7ZgaNV/4vSJYYa10OJzd3aUk9yPEP6iNBRcfHiD/NTvhKjN4P24l0tEzH3L8TrySl6AczPJpCkw\u003d\",\"tag\":\"xGEhEfJESIyBSfq2fExWiZxNWelnm3m4i8P7cgsarqg\u003d\"}"
}
请问我应该怎么做才能得到第二个数据结构。谢谢!
您想要的回复可在 paymentMethodData.tokenizationData.token 下找到。但是,该字段的内容由您传递给 loadPaymentData 的请求参数决定。您能否包含用于生成上述响应的请求?
仅供参考,以下 JSFiddle 将产生类似于您所追求的结果:
const tokenizationSpecification = {
type: 'DIRECT',
parameters: {
'protocolVersion': 'ECv2',
'publicKey': 'BMzk6xvwPgU8vjB...7KRu4tuRmhm6nv8=',
}
};
/*
{
"signature":"MEUCI...TougPg",
"protocolVersion":"ECv2",
"signedMessage": "{\"encryptedMessage\":\"VhQuaN...5o0Ny6Y\u003d\"}"
}
*/
我通过使用 DIRECT 标记化规范实现了这一点,该规范是 discouraged:
Key Point: The Direct integration allows merchants to decrypt the Google Pay response on their servers. To qualify, you must be Payments Card Industry (PCI) Data Security Standard (DSS) Level 1 compliant. Your servers also need to have the required infrastructure to securely handle users' payment credentials.
Third parties that supply gateway or processing services on behalf of actual merchants aren't eligible to use the Direct integration. For questions about your integration as a payment service provider, contact us.
If you don't meet the necessary prerequisites, we recommend that you use a supported gateway to receive a payment token.
不确定这是否仍然是一个悬而未决的问题。但这是我的 2 美分,可能是您解决方案的答案。
请注意:如果您仅使用 WorldPay/Vantiv,这是一个答案。
根据您在上面对令牌的第一反应,我相信您正在使用网关作为“vantiv”
"gateway": "vantiv"
"vantiv:merchantPayPageId": "YOUR_PAY_PAGE_ID"
"vantiv:merchantOrderId": "YOUR_ORDER_ID"
"vantiv:merchantTransactionId": "YOUR_TRANSACTION_ID"
"vantiv:merchantReportGroup": "*web"
如果您想获得带有签名和 signedMessage 的第二个响应,那么您所要做的就是将网关更改为“worldpay”,您应该会得到相同的响应:
"gateway": "worldpay"
"gatewayMerchantId": "YOUR_WORLDPAY_MERCHANT_ID"
您可以找到请求here
我正尝试在我的网站上使用 Google 付款。一旦我确认付款 Google returns 这个数据结构:
但我需要这样的东西:
{
"signature":"MEYCIQDTe92wpG6OUgxJ/8Qnr36XzSgjGGCM7R3LwxjgwPYMTAIhAJDrjHG9wEm1BxVM6MMMB+jGTGpi3VScEMVbHIUsObFi",
"protocolVersion":"ECv2",
"signedMessage":"{\"encryptedMessage\":\"FY8w/U3IbdsZQovX8ufNGFDOePgc/genRiMjHyvuIBqLY4a6uPz7wI0ra31K6YbFJlAnCjFhTwSvDxAYXw6hlmI8sESO5eM1eZlzfP3+NoKV80OXKvOM/xI/qOQEqpEQEVXx6Bw2EpMMFW8yBaA8XPUNee3EJlUk+/f8lRdRcNmI65QKPLAzUnySo75HzBkSc5It/8/oXdYwR93/K6HRKGZuD+bIaxy3SUvC9ehQqhBoP+A34yQX1knfJ1qjBMhhVVcPZHi+Bg6LXA4ms/lfDdim6D1Epr6XQhc2h4RZ/dT+6Enn81s/8ym+jMMs8kqsW9ib8vkdTARv9AbUu7zeGPrKTCAxwc1n6joRR72dSnNCI9j9sxd9tkuC9wuRyDmjbWT+hRZgLc1v/xzzNImo3NxdKdaPzKBE3t9XQZY5fp3lZELaoXAuxAZYtZ7bX64Mz9c28wD8EM+krvfbmGMiBjIt8EfeH48/SjeaUKfDu+yQnjPJAKbDZPhKJ1jqlY/ChP0Om7spQacT86QUVK/DwfzukwvwwRJkWydNEac5fgfS2T6ToZ+PW4VHbxkDnY/h+B0uwdlNQIL2a3Ar5Q\u003d\u003d\",\"ephemeralPublicKey\":\"BGkK4bSvob+e7ZgaNV/4vSJYYa10OJzd3aUk9yPEP6iNBRcfHiD/NTvhKjN4P24l0tEzH3L8TrySl6AczPJpCkw\u003d\",\"tag\":\"xGEhEfJESIyBSfq2fExWiZxNWelnm3m4i8P7cgsarqg\u003d\"}"
}
请问我应该怎么做才能得到第二个数据结构。谢谢!
您想要的回复可在 paymentMethodData.tokenizationData.token 下找到。但是,该字段的内容由您传递给 loadPaymentData 的请求参数决定。您能否包含用于生成上述响应的请求?
仅供参考,以下 JSFiddle 将产生类似于您所追求的结果:
const tokenizationSpecification = {
type: 'DIRECT',
parameters: {
'protocolVersion': 'ECv2',
'publicKey': 'BMzk6xvwPgU8vjB...7KRu4tuRmhm6nv8=',
}
};
/*
{
"signature":"MEUCI...TougPg",
"protocolVersion":"ECv2",
"signedMessage": "{\"encryptedMessage\":\"VhQuaN...5o0Ny6Y\u003d\"}"
}
*/
我通过使用 DIRECT 标记化规范实现了这一点,该规范是 discouraged:
Key Point: The Direct integration allows merchants to decrypt the Google Pay response on their servers. To qualify, you must be Payments Card Industry (PCI) Data Security Standard (DSS) Level 1 compliant. Your servers also need to have the required infrastructure to securely handle users' payment credentials.
Third parties that supply gateway or processing services on behalf of actual merchants aren't eligible to use the Direct integration. For questions about your integration as a payment service provider, contact us.
If you don't meet the necessary prerequisites, we recommend that you use a supported gateway to receive a payment token.
不确定这是否仍然是一个悬而未决的问题。但这是我的 2 美分,可能是您解决方案的答案。
请注意:如果您仅使用 WorldPay/Vantiv,这是一个答案。
根据您在上面对令牌的第一反应,我相信您正在使用网关作为“vantiv”
"gateway": "vantiv"
"vantiv:merchantPayPageId": "YOUR_PAY_PAGE_ID"
"vantiv:merchantOrderId": "YOUR_ORDER_ID"
"vantiv:merchantTransactionId": "YOUR_TRANSACTION_ID"
"vantiv:merchantReportGroup": "*web"
如果您想获得带有签名和 signedMessage 的第二个响应,那么您所要做的就是将网关更改为“worldpay”,您应该会得到相同的响应:
"gateway": "worldpay"
"gatewayMerchantId": "YOUR_WORLDPAY_MERCHANT_ID"
您可以找到请求here