This option is enabled by checking "Validate Relay Response HTML" in the "Relay Response" tab of the Administration console.
If enabled, First Data Payeezy Gateway performs an extra validation of the relay response passed back by the merchant server. In order to pass this validation, the merchant server must calculate an HMAC-MD5 digest of the response content and include the digest as part of the response header.
To calculate this HMAC-MD5 digest, the merchant server should use:
- key - the Transaction Key from the payment page configuration
- message - the HTML content to be returned for the relay response
To include this digest in the relay response, the merchant server should:
- add an HTTP header field called 'Signature'
- set the field value to be a concatenation of the x_login value of the payment page and the digest, separated by a colon
For example, using the values in the table below:
| Field | Value |
| x_login | WSP-GOODS-70 |
| Transaction Key | AL81Li7D4laXYDtpfgO_lInQ |
| relay response HTML content | <html><head></head><body>hello from merchant server</body></html> |
Following are snippets of the digest calculation in a few languages:
Ruby
require 'openssl'
OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('md5'), 'AL81Li7D4laXYDtpfgO_lInQ', '<html><head></head><body>hello from merchant server</body></html>')
Python
import hmac
import hashlib
h = hmac.new('AL81Li7D4laXYDtpfgO_lInQ','<html><head></head><body>hello from merchant server</body></html>',hashlib.md5)
h.hexdigest()
PHP
hash_hmac('md5','<html><head></head><body>hello from merchant server</body></html>', 'AL81Li7D4laXYDtpfgO_lInQ');
the resulting HMAC-MD5 digest would be
1ba55452cc7e799324c69af2b675346b
and the Signature header for the response would look like:
Signature: WSP-GOODS-70:1ba55452cc7e799324c69af2b675346b