Building links into SmartCMS reservations

Summary

How to build links into reservations on the SmartCMS booking engine. In order to build a deep link into the smartCMS booking engine a payload parameter must be generated. The payload parameter must be encrypted with AES-256-CBC and base64 encoded as well as url encoded.

Endpoint

https://www.site.com/reservations/reservationlookup

Sample endpoint

https://www.site.com/reservations/reservationlookup?payload=encrypted&iv=123

Query parameters and specification

The smartCMS booking engine endpoint takes two parameters payload and iv. The payload parameter is encrypted, the resulting string is then base64 encoded and then url encoded using RFC 1738.

Parameters

payload - a JSON encrypted and encoded string

• Contains two properties

  • confirmation (reservation confirmation number)

  • lastname - (last name on the reservation)

iv - 16 byte randomly generated string used as the initialization vector when encoding the payload. iv must also be url encoded using RFC 1738.

Security

• Security/Encryption

  • The string value of the payload parameter should be encrypted using the following specifications:

    • Algorithm: AES 256

      • https://en.wikipedia.org/wiki/Advanced_Encryption_Standard​

    • Encryption Mode: cbc

      • https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Block_Chaining_.28CBC.29​

    • Encryption Key:

      • Should be randomly generated and sent to [email protected], please see https://docs.hebsdigital.com/hebsdigital/securely-sending-private-data to send you encryption key.

      • Or will be provided by HeBSDigital

• Encoding

  • base64

    • https://en.wikipedia.org/wiki/Base64

  • url

    • https://www.ietf.org/rfc/rfc1738.txt

Example

sample JSON

Example secret

Sample iv parameter

Resulting AES 256 encrypted string

Resulting URL encoded string