'response checksum or hash not matching in payumoney?

When notification is passed to the app after payumoney processing it sends response hash and we need to compute the hash and match it with the passed in response hash.

I use the following code to compute the expected response hash.

Digest::SHA512.hexdigest([
  PAYU_SALT,
  notification.transaction_status,
  notification.user_defined,
  notification.customer_email,
  notification.customer_first_name,
  notification.product_info,
  notification.gross,
  notification.invoice,
  PAYU_KEY].join("|"))  

The hash of the following string is computed

"salt|success|||||||||||||Payment|100.0|1|key"

When I print the following hash it gives

Digest::SHA512.hexdigest([
  PAYU_SALT,
  notification.transaction_status,
  notification.user_defined,
  notification.customer_email,
  notification.customer_first_name,
  notification.product_info,
  notification.gross,
  notification.invoice,
  PAYU_KEY].join("|"))  

  #⇒ e7b3c5ba00b98aad9186a5e6eea65028a[...]

whereas notification.checksum gives

  #⇒ 546f5d23e0cadad2d4158911ef72f095d[...] 

So the two hashes don’t match.

I am using the following gem: https://github.com/payu-india/payuindia

I appreciate any help as to why the response hash is not matching. Is there any error in my logic to compute the response hash? Thanks!



Solution 1:[1]

ok this was a silly mistake i made. The reason the hash didn't match was beacuse i had a typo with the PAYU test key. At the end i typed small 'u' when it was 'U'. The library is fine and the logic is right. The error was in my side with using wrong key.

Solution 2:[2]

Where did you come up with that order for the fields in the array?

Looking at PayU's Developer FAQ it seems like the order is the following:

key|txnid|amount|productinfo|firstname|email|||||||||||salt

Please make sure that the hash is calculated in the following format - hashSequence= key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||salt

Please make sure that in the above sequence please use the UDFs which have also been posted to our server. In case you haven't posted any UDFs, the hash sequence should look like this - hashSequence= key|txnid|amount|productinfo|firstname|email|||||||||||salt.

Keep in mind that when computing the hash even a single character out of place will result in a completely different checksum.

Solution 3:[3]

little late but Actual Sequence is:

SALT|status||||||udf5|udf4|udf3|udf2|udf1|email|firstname|productinfo|amount|txnid|key

Thanks to Ravi Kant Singh

but additionalCharges| are removed

Tested with live environment

Check your hash in above order and if its match you can process request

Solution 4:[4]

Actual Sequence for hash is : additionalCharges|SALT|status||||||udf5|udf4|udf3|udf2|udf1|email|firstname|productinfo|amount|txnid|key

Solution 5:[5]

Actual hash generation for additional charges:

additionalCharges|SALT|status||||||udf5|udf4|udf3|udf2|udf1|email|firstname|productinfo|amount|txnid|key

Without additional charges:

SALT|status||||||udf5|udf4|udf3|udf2|udf1|email|firstname|productinfo|amount|txnid|key

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 kofhearts
Solution 2 Stefan R
Solution 3 General Grievance
Solution 4 Ravi Kant Singh
Solution 5 Tyler2P