So I've been looking into Braintree Payments for a couple of days now. I love the architecture, concept, etc. After looking through the documentation and the .NET walk-throughs I've noticed that all of the examples for .NET are in MVC3. I am trying to integrate Braintree into my current .NET Web Application using regular web forms.
My goal is to have a normal web form post back to the payment page with both customer data and card data. The card data should be encrypted using their Braintree.js. That way I can send everything over to Braintree for processing including the encrypted card data.
The form would look something like this:
<p>
<label>Card Number</label>
<asp:TextBox ID="number" AutoCompleteType="Disabled" MaxLength="20" Width="150" data-encrypted-name="number" runat="server" />
</p>
<p>
<label>CVV</label>
<asp:TextBox ID="cvv" AutoCompleteType="Disabled" MaxLength="4" Width="50" data-encrypted-name="cvv" runat="server" />
</p>
<p>
<label>Expiration (MM/YYYY)</label>
<asp:TextBox ID="month" AutoCompleteType="Disabled" MaxLength="2" data-encrypted-name="month" runat="server" />
/
<asp:TextBox ID="year" AutoCompleteType="Disabled" MaxLength="4" data-encrypted-name="year" runat="server" />
</p>
<asp:Button ID="btnSubmit" Text="SUBMIT" runat="server" />
<script type="text/javascript" src="https://js.braintreegateway.com/v1/braintree.js"></script>
<script type="text/javascript">
var braintree = Braintree.create("MyClientSideKey");
braintree.onSubmitEncryptForm('braintree-payment-form');
</script>
Then in the code-behind I would set the Form.Action, Form.Method and Form.ID as follows:
protected void Page_Load(object sender, EventArgs e)
{
Form.Action = "CreateTransaction()";
Form.Method = "POST";
Form.ID = "braintree-payment-form";
}
So then hopefully when the user submits the form it hits the "CreateTransaction()" member along with the encrypted card data in the "collection" parameter like this:
[HttpPost]
public ActionResult CreateTransaction(FormCollection collection)
{
TransactionRequest request = new TransactionRequest
{
Amount = 1000.0M,
CreditCard = new TransactionCreditCardRequest
{
Number = collection["number"],
CVV = collection["cvv"],
ExpirationMonth = collection["month"],
ExpirationYear = collection["year"]
},
Options = new TransactionOptionsRequest
{
SubmitForSettlement = true
}
};
Result<Transaction> result = Constants.Gateway.Transaction.Sale(request);
return null;
}
When I take this approach the form never posts back to the "CreateTransaction()" member. What am I missing? Can this be done using regular old web forms?
OK, so after LOTS of experimenting and shooting in the dark for a bit I was able to get this the Braintree.js to encrypt the data before passing it to my server. From there I am able to us the code behind to handle the payment processing.
Here is the ASP.NET web form that I'm using:
Card Number
<p>
<label>CVV</label>
<asp:TextBox ID="txtCVV" AutoCompleteType="Disabled" MaxLength="4" Width="50" data-encrypted-name="cvv" runat="server" />
</p>
<p>
<label>Expiration (MM/YYYY)</label>
<asp:TextBox ID="txtMonth" AutoCompleteType="Disabled" MaxLength="2" data-encrypted-name="month" runat="server" />
/
<asp:TextBox ID="txtYear" AutoCompleteType="Disabled" MaxLength="4" data-encrypted-name="year" runat="server" />
</p>
<asp:Button ID="btnSubmit" Text="SUBMIT" runat="server" />
<script type="text/javascript" src="https://js.braintreegateway.com/v1/braintree.js"></script>
<script type="text/javascript">
var braintree = Braintree.create("YOURKEYHERE");
braintree.onSubmitEncryptForm('braintree-payment-form');
</script>
Please take note of a few key details here:
I am using server controls. Not simple HTML tags.
braintree.js will encrypt any field that has the "data-encrypted-name" attribute.
The "data-encrypted-name" attribute does NOT need to be the same
as the control's ID attribute.
The braintree.js script is posting to the
"braintree-payment-form" form.
So when I click Submit button this form will naturally post back. The particular form that I'm using has a master page, so I need to alter the Form.ID in the Page_Load:
protected void Page_Load(object sender, EventArgs e)
{
//Adjust the properties of the form itself as this
//form has a master page.
Form.ID = "braintree-payment-form";
//Wire up the click event
btnSubmit.Click += btnSubmit_Click;
}
In the click event handler I am then able to extract the encrypted values from the Request.Form object and then submit the transaction request to the Braintree Gateway:
void btnSubmit_Click(object sender, EventArgs e)
{
//--------------------------------------------------------------------------------------------------
//Extract encrypted values from the Request.Form object
//braintree.js has encrypted these values before placing them in
//the Request object.
//--------------------------------------------------------------------------------------------------
string number = Request.Form["number"].ToString();
string cvv = Request.Form["cvv"].ToString();
string month = Request.Form["month"].ToString();
string year = Request.Form["year"].ToString();
//--------------------------------------------------------------------------------------------------
//Gateway
//This is the Braintree Gateway that we will use to post the transaction
//to. This is included here in the example but should be extracted out
//into some static class somewhere. Possibly in another layer.
//--------------------------------------------------------------------------------------------------
BraintreeGateway Gateway = new BraintreeGateway
{
Environment = Braintree.Environment.SANDBOX,
PublicKey = "YOURPUBLICKEYHERE",
PrivateKey = "YOURPRIVATEKEYHERE",
MerchantId = "YOURMERCHANTIDHERE"
};
//--------------------------------------------------------------------------------------------------
//Transaction Request
//This is the actual transaction request that we are posting to the
//Braintree gateway. The values for number, cvv, month and year have
//been encrypted above using the braintree.js. If you were to put a
//watch on the actual server controls their ".Text" property is blank
//at this point in the process.
//--------------------------------------------------------------------------------------------------
TransactionRequest transactionRequest = new TransactionRequest
{
Amount = 100.00M,
CreditCard = new TransactionCreditCardRequest
{
Number = number,
CVV = cvv,
ExpirationMonth = month,
ExpirationYear = year,
}
};
//--------------------------------------------------------------------------------------------------
//Transaction Result
//Here we are going to post our information, including the encrypted
//values to Braintree.
//--------------------------------------------------------------------------------------------------
Result<Transaction> result = Gateway.Transaction.Sale(transactionRequest);
}
OK, so this is a very basic example of how to post a transaction to Braintree. However it solves the first big hurdle that I have with getting the card data to be encrypted before it gets to my server. Hope this helps...