1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
/* |
4
|
|
|
* Paxum plugin for PHP merchant library |
5
|
|
|
* |
6
|
|
|
* @link https://github.com/hiqdev/omnipay-paxum |
7
|
|
|
* @package omnipay-paxum |
8
|
|
|
* @license MIT |
9
|
|
|
* @copyright Copyright (c) 2015, HiQDev (http://hiqdev.com/) |
10
|
|
|
*/ |
11
|
|
|
|
12
|
|
|
namespace Omnipay\Paxum\Message; |
13
|
|
|
|
14
|
|
|
use Omnipay\Common\Exception\InvalidResponseException; |
15
|
|
|
use Omnipay\Common\Message\AbstractResponse; |
16
|
|
|
use Omnipay\Common\Message\RequestInterface; |
17
|
|
|
|
18
|
|
|
/** |
19
|
|
|
* Paxum Complete Purchase Response. |
20
|
|
|
*/ |
21
|
|
|
class CompletePurchaseResponse extends AbstractResponse |
22
|
|
|
{ |
23
|
|
|
/** |
24
|
|
|
* @param RequestInterface $request |
25
|
|
|
* @param array $data |
26
|
|
|
*/ |
27
|
|
|
public function __construct(RequestInterface $request, $data) |
28
|
|
|
{ |
29
|
|
|
$this->request = $request; |
30
|
|
|
$this->data = $data; |
31
|
|
|
|
32
|
|
|
if ($this->getTransactionStatus() !== 'done') { |
33
|
|
|
throw new InvalidResponseException('Transaction not done'); |
34
|
|
|
} |
35
|
|
|
|
36
|
|
|
if ($this->getHash() !== $this->calculateHash()) { |
37
|
|
|
throw new InvalidResponseException('Invalid hash'); |
38
|
|
|
} |
39
|
|
|
|
40
|
|
|
if ($this->request->getTestMode() !== $this->getTestMode()) { |
41
|
|
|
throw new InvalidResponseException('Invalid test mode'); |
42
|
|
|
} |
43
|
|
|
} |
44
|
|
|
|
45
|
|
|
/** |
46
|
|
|
* {@inheritdoc} |
47
|
|
|
*/ |
48
|
|
|
public function isSuccessful() |
49
|
|
|
{ |
50
|
|
|
return true; |
51
|
|
|
} |
52
|
|
|
|
53
|
|
|
/** |
54
|
|
|
* {@inheritdoc} |
55
|
|
|
* @return string |
56
|
|
|
*/ |
57
|
|
|
public function getTransactionId() |
58
|
|
|
{ |
59
|
|
|
return $this->data['item_id']; |
60
|
|
|
} |
61
|
|
|
|
62
|
|
|
/** |
63
|
|
|
* {@inheritdoc} |
64
|
|
|
* @return string |
65
|
|
|
*/ |
66
|
|
|
public function getTransactionReference() |
67
|
|
|
{ |
68
|
|
|
return $this->data['transaction_id']; |
69
|
|
|
} |
70
|
|
|
|
71
|
|
|
public function getTransactionStatus() |
72
|
|
|
{ |
73
|
|
|
return $this->data['transaction_status']; |
74
|
|
|
} |
75
|
|
|
|
76
|
|
|
/** |
77
|
|
|
* {@inheritdoc} |
78
|
|
|
* @return string |
79
|
|
|
*/ |
80
|
|
|
public function getAmount() |
81
|
|
|
{ |
82
|
|
|
return $this->data['transaction_amount']; |
83
|
|
|
} |
84
|
|
|
|
85
|
|
|
/** |
86
|
|
|
* Get payment time. |
87
|
|
|
* |
88
|
|
|
* @return string |
89
|
|
|
*/ |
90
|
|
|
public function getTime() |
91
|
|
|
{ |
92
|
|
|
return Helper::isotime($this->data['transaction_date'] . ' EST'); |
93
|
|
|
} |
94
|
|
|
|
95
|
|
|
/** |
96
|
|
|
* Get test mode. |
97
|
|
|
* |
98
|
|
|
* @return string |
99
|
|
|
*/ |
100
|
|
|
public function getTestMode() |
101
|
|
|
{ |
102
|
|
|
return $this->data['sandbox'] === 'ON'; |
103
|
|
|
} |
104
|
|
|
|
105
|
|
|
/** |
106
|
|
|
* Get payer info - name, username and id. |
107
|
|
|
* |
108
|
|
|
* @return string |
109
|
|
|
*/ |
110
|
|
|
public function getPayer() |
111
|
|
|
{ |
112
|
|
|
return $this->data['buyer_name'] . '/' . $this->data['buyer_username'] . '/' . $this->data['buyer_id']; |
113
|
|
|
} |
114
|
|
|
|
115
|
|
|
/** |
116
|
|
|
* Get hash from request. |
117
|
|
|
* |
118
|
|
|
* @return string |
119
|
|
|
*/ |
120
|
|
|
public function getHash() |
121
|
|
|
{ |
122
|
|
|
return $this->data['key']; |
123
|
|
|
} |
124
|
|
|
|
125
|
|
|
/** |
126
|
|
|
* Calculate hash to validate incoming IPN notifications. |
127
|
|
|
* |
128
|
|
|
* @return string |
129
|
|
|
*/ |
130
|
|
|
public function calculateHash() |
131
|
|
|
{ |
132
|
|
|
// raw POST request |
133
|
|
|
$raw = file_get_contents('php://input'); |
134
|
|
|
// removing trailing '&key=...' |
135
|
|
|
$fields = substr($raw, 0, strpos($raw, '&key=')); |
136
|
|
|
// this is the documentation way |
137
|
|
|
$supposed_hash = md5($fields . $this->request->getSecret()); |
|
|
|
|
138
|
|
|
|
139
|
|
|
// this is how they actually get it |
140
|
|
|
$kvs = ''; |
141
|
|
|
foreach ($this->data as $k=>$v) { |
142
|
|
|
if ($k !== 'key' && $k !== 'username') { |
143
|
|
|
$kvs .= ($kvs ? '&' : '') . "$k=$v"; |
144
|
|
|
} |
145
|
|
|
} |
146
|
|
|
$hash = md5($kvs); |
147
|
|
|
|
148
|
|
|
/* Testing facility |
|
|
|
|
149
|
|
|
throw new \Exception( |
150
|
|
|
var_export([ |
151
|
|
|
'key' => $this->getHash(), |
152
|
|
|
'fields' => $fields, |
153
|
|
|
'secret' => $this->request->getSecret(), |
154
|
|
|
'hash' => $hash, |
155
|
|
|
'h2' => md5($fields), |
156
|
|
|
'h3' => md5($fields . $this->request->getSecret()), |
157
|
|
|
'kvs' => $kvs, |
158
|
|
|
'kh3' => md5($kvs), |
159
|
|
|
'kh4' => md5($kvs . $this->request->getSecret()), |
160
|
|
|
], true) |
161
|
|
|
);*/ |
162
|
|
|
|
163
|
|
|
return $hash; |
164
|
|
|
} |
165
|
|
|
} |
166
|
|
|
|
Let’s take a look at an example:
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break.
Available Fixes
Change the type-hint for the parameter:
Add an additional type-check:
Add the method to the interface: