Invalid signature - Fondy payment gateway

Kostiantyn Lahutin

I am creating a bot (Python, aiogram) with a paid subscription using the Fondy payment gateway. I am using the principle of checking the payment status, but after sending the request, I receive the following error: "{'response': {'error_code': 1014, 'error_message': 'Invalid signature signature: 8dccc7a9e053c3cdc1efddb13f906bc866239ae6; response_signature_string: **********|1396424|85cceedc-e54a-43f5-a9fd-e39dc6f15c1a', 'request_id': 'ZKIukrDkwZDz9', 'response_status': 'failure'}}". Even though the order_id (85cceedc-e54a-43f5-a9fd-e39dc6f15c1a) is displayed correctly, the signature is still incorrect. Please help me find the error. Here is the payment code.

0 @dp.message_handler(commands ='FONDY')
async def order_fondy(message: types.Message):
people_id = message.chat.id
base = sqlite3.connect('users.db')
cursor = base.cursor()

order\_id = str(uuid.uuid4())
print(order\_id)
cursor.execute(f"UPDATE users\_id SET  order\_id == ? WHERE user\_id == ?",
               (order\_id, people\_id))
base.commit()

def generate\_signature( order\_id):
    params1 = {

        'merchant\_id': '1396424',
        'order\_desc': 'demo order',
        'currency': 'USD',
        'amount': '125',
        'order\_id': f'{order\_id}'
    }
    password = 'test'

    # Generating a list of values sorted by key
    values = \[\]
    for key in sorted(params1.keys()):
        value = params1\[key\]
        # Skipping empty values
        if value:
            values.append(str(value))

    # Adding a parameter named "password" with the value 'test' to the beginning of the list of values
    values.insert(0, password)

    # Generating a string of values separated by a delimiter "|"
    signature\_string = "|".join(values)
    print(signature\_string)
    # Applying the SHA1 function to a string and returning the result in the format of a hexadecimal string
    signature = hashlib.sha1(signature\_string.encode('utf-8')).hexdigest()

    return signature

signature = generate\_signature(order\_id)
print(signature)  # Displaying the signature

api = Api(merchant\_id=1396424,
          secret\_key='test')
checkout = Checkout(api=api)
data = {
    'order\_desc': 'demo order',
    'currency': 'USD',
    'amount': '125',
    'order\_id': f'{order\_id}'
}

payment\_url = checkout.url(data).get('check

Lost User

You need to ask Fondy, we cannot guess why their system rejects your input. [edit] Check Accept purchase - FONDY Documentation[^] [/edit]

jschell

Googling returns several results

fondy "1014" "invalid signature"

As a guess by briefly looking at the github example first page and from past experience with past services I am guessing the following. (Pretty strong guess.) 1. The 'signature' is generated based on the input that you are pushing in the request. 2. You are generating the signature incorrectly based on what you are actually sending. If my guess is correct then you need to more closely read what the 'signature' means and how to generate it. The github link in the above google search suggests and exact algorithm.

Kostiantyn Lahutin

Thanks.

Kostiantyn Lahutin

Thanks.

Maverick494

Based on Accept purchase - FONDY Documentation[^] I think you are not setting the signature correctly. based on your code you set signature wrong, I think, it's hard to read. They are expecting a sha1 hash of password|amount|currency|merchant_id|order_id|order_desc. Maybe I am not reading your post correctly because it is all lumped together, but it seems to me that the problem is the signature is not being set to a sha1 hash of those items based on result_2 = cursor.fetchone() and signature = str(result_2[0]) it is set to payment_id.