Authorize.net Phasing Out MD5 transHash

Thanks for this information Nicolas.

Is the plug-in required in order to address this issue, or will the other file you posted work? Sorry, I'm not familiar with the differences (I read the description, but the technical aspects are beyond me, I'm afraid.)

Also, I'm wondering if others could post their experiences, either with the plug in or with the file that Nicolas posted? Did it work for you to still be able to use Authorize without difficulty? I'll be grateful for any guidance anyone can share.

Thank you!

We are running Hikashop v 4.0.2 dated JAN 16 2019.
We use Authorixze.net as our cc processor and payment gateway.

PLEASE tell us EXACTLY what steps we have to do to MAKE THIS WORK.
The drop-dead date on this is in MARCH, and we don't have a lot of time to screw around here.

For the PATCH, please provide EXACT location of the proper file to download,
and EXACT instructions about where to put the files that are in the .zip archive.

For the NEW PLUGIN, please TELL US if we have to PAY for it.
We hold a HikaSHop Business subscription now, we need to know if we have to pay Euro 40 for this.

WHAT is the NEW plugin called, and HOW do you set it up ?
We need exact instructions, please, and this thread SO FAR does not provide EXACT INSTRUCTIONS.

Finally, please estimate when the next version of Hikashop Business (that incorporates the AUTH.net paymetn plugin patch) will be released and TELL US when that will be ?

Thank you !
Kent Morrison - Satisfied Hikashop customer

We've setup the plugin and have been using it for about a week without any problems.

Thanks for this very complete reply.
We will be testing the new plugin and will provide some feedback to you regarding our degree of success.

I intend to make my client aware of the new plugin, and we will probably purchase and us that for a complete web site re-write that we are working on.

Again, I appreciate this very complete response that lays out all of the options very plainly.
Regards,
Kent Morrison

nicolas wrote: Hi,

@simplecms:
Thank you for your feedback ! Did you try without the "MD5 hash" and with the signature in the settings of the payment plugin or you just updated it without changing the settings ?

So, if I read the code correctly, as long as the new signature key is not entered, the new version of the plugin will use the old MD5 hash method; otherwise, it will use the new SHA 512 hash method. So, one could go ahead and install the new version of the Authorize.Net plugin and it would continue to work the same as the old plugin, until the new signature key is specified. Is that correct?

OK, we have a SUCCESSFUL TEST and Live Implementation of the revised Authorize.net payment plugin.

I did these steps:
1. Used FTP to BACKUP the files in the /plugins/hikashoppayment/authorize directory on our JOOMLA v 3.9.3 website.
2. Made a total site backup with Akeeba Backup Pro.
3. Made screen shots of ALL the parameters in the existing Authorize.net payment plugin in Hikashop.
4. Downloaded the revised plugin from here www.hikashop.com/media/kunena/attachments/63/authorize.zip .
5. Installed the revised plugin via normal Joomla menu Extensions/Manage/Install.
6. Created a new Payment Method in Hikashop System/Payment Methods using the revised plugin.
7. Entered the parameters in the new payment method fields SAME AS THE OLD ONE EXCEPT for the
Transaction key - AUTHORIZE_SIGNATURE_KEY and MD5 Hash.
For these, I generated a NEW trans key and a NEW auth key from the Authorize.net Merchant Interface (Account/API Credentials and Keys)
and used the new keys in these fields. AND omitted the MD5 Hash entirely.
8. SAVED the new payment method.
9. Disabled the old Authorize.net payment method.
10. TESTED and got ERROR - The following errors have occurred : (14) The referrer, relay response or receipt link URL is invalid.
11. Determined that the default Authorize.net submission URL - secure.authorize.net/gateway/transact.dll
in the revised plugin MAY BE INCORRECT and changed it to the one that I had in the old method - secure2.authorize.net/gateway/transact.dll
12. Determined that the relay response URL in my Authorize.net (on the left/ Settings/ Response/Receipt URLs) was set to generic, not to specific THank You page on our site - changed that to correct URL for Thank You For Your Order page.
13. TESTED and got ERROR : The following errors have occurred. (99) Unable to accept transaction
14. After some poking around FOUND one extra space had snuck into the FRONT of the AUTHORIZE_SIGNATURE_KEY when I copied/pasted it into that field. Removed it.
15 TESTED and got a GOOD transaction entry form at secure2.authorize.net/gateway/transact.dll
16. Completed entry of info required for CC transaction in this form.
17.CONFIRMED GOOD TRANSACTION by checking the order status in Hikashop, and the Unsettled Transactions list in Authorize.net Transaction Search.

We are calling this Good to Go !
I will follow-up if any problems arise, but this does appear to be a solid fix for the MD5 Hash depracation at Auth.net

THANKS to Nicolas and everyone involved.
Regards,
Kent Morrison

Finally got around to implementing this. I guess I was hoping that Authorize.Net would keep postponing this change.

Anyways, thanks to @kentmorrison for his detailed instructions.

I did run into a problem, however. Instead of being forwarded to the Authorize.Net payment page, only a blank page would be displayed. I traced it down to the authorize_end.php file. My site didn't like the this line:

hikaInput::get()->set('noform',1);

JRequest::setVar('noform',1);

$value = hikaInput::get()->getString($key);

$value = JRequest::getString($key);

Has the new plugin been released?

Has the new plugin been released?

Hi friends, I'm working my way through this process, but for some reason when I place the order I get this message:

Please wait while you are redirected to Authorize
If you are not redirected after 10 seconds, please click on the button below.

However, nothing happens and there is no button. Any ideas?