I plan on answering my own question as there is a shortage of support for Global Payments.

I'm following this guide: https://developer.globalpay.com/docs/browser-auth-3DS and when working on the challenge notification url and following the example code verbatim it's ultimately resulting in an error being displayed in the ThreeDSecure iframe:

Invalid Base64 string

Here's the example from their documentation:

var cres = Request.Form["cres"];


try
{
   byte[] data = Convert.FromBase64String(cres); <-- THIS FAILS
   string challengeUrlResponseString = Encoding.UTF8.GetString(data);
   ...
}

catch (Exception exce)
{
   ...
}

CodePudding user response：

The reason for this issue is because it's not a valid base64 string. There are potentially invalid characters that will need to be replaced as well as proper padding:

var cres = payload["cres"].ToString();
var padded = cres.Replace("-", " ").Replace("_", "/").PadRight(cres.Length   (4 - cres.Length % 4) % 4, '=');
var data = Convert.FromBase64String(padded);

While I'm at it, in case you get stumped on the next portion... which is returning the result, you literally have to write the script in the response:

HttpContext.Current.Response.Write($"<script src=\"actual-path-to/globalpayments-3ds.min.js\"></script><script>GlobalPayments.ThreeDSecure.handleChallengeNotification({challengeUrlResponseString});</script>");

Or, in my case I'm using action result, so I just return it within:

return Ok($"<script src=\"actual-path-to/globalpayments-3ds.min.js\"></script><script>GlobalPayments.ThreeDSecure.handleChallengeNotification({challengeUrlResponseString});</script>");

This works for me, but if anyone knows of a better proper way, please share, as the docs are lacking.