Issues in NotificationsController.php - Failed Issues - Inspection of "Improved error message for HTTP 4xx and 500 respon..." - wp-pay-gateways/adyen - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — develop ( 27299e...c51b01 )

by Reüel

created 2019-09-28 10:36 UTC

src/NotificationsController.php (1 issue)

Labels

Bug 1

Severity

Major 1

<?php
/**
 * Notifications controller
 *
 * @author    Pronamic <[email protected]>
 * @copyright 2005-2019 Pronamic
 * @license   GPL-3.0-or-later
 * @package   Pronamic\WordPress\Pay\Gateways\Adyen
 */

namespace Pronamic\WordPress\Pay\Gateways\Adyen;

use JsonSchema\Exception\ValidationException;
use Pronamic\WordPress\Pay\Payments\PaymentStatus as PaymentStatus;
filter:
    dependency_paths: ["lib/*"]
use WP_Error;
use WP_REST_Request;

/**
 * Notification controller
 *
 * @link https://docs.adyen.com/developers/api-reference/notifications-api#notificationrequest
 *
 * @author  Remco Tolsma
 * @version 1.0.3
 * @since   1.0.0
 */
class NotificationsController {
	/**
	 * Setup.
	 *
	 * @return void
	 */
	public function setup() {
		add_action( 'rest_api_init', array( $this, 'rest_api_init' ) );
	}

	/**
	 * REST API init.
	 *
	 * @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/
	 * @link https://developer.wordpress.org/reference/hooks/rest_api_init/
	 *
	 * @return void
	 */
	public function rest_api_init() {
		register_rest_route(
			Integration::REST_ROUTE_NAMESPACE,
			'/notifications',
			array(
				'methods'             => 'POST',
				'callback'            => array( $this, 'rest_api_adyen_notifications' ),
				'permission_callback' => array( $this, 'rest_api_adyen_permissions_check' ),
			)
		);
	}

	/**
	 * REST API Adyen permissions check.
	 *
	 * @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/#permissions-callback
	 *
	 * @param WP_REST_Request $request Request.
	 * @return true|WP_Error
	 */
	public function rest_api_adyen_permissions_check( WP_REST_Request $request ) {
		$username = get_option( 'pronamic_pay_adyen_notification_authentication_username' );
		$password = get_option( 'pronamic_pay_adyen_notification_authentication_password' );

		if ( empty( $username ) && empty( $password ) ) {
			return true;
		}

		$authorization = $request->get_header( 'Authorization' );

		// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode -- Benign reason.
		if ( 'Basic ' . base64_encode( $username . ':' . $password ) === $authorization ) {
			return true;
		}

		return new WP_Error(
			'rest_forbidden_context',
			/* translators: Translate 'notification' the same as in the Adyen dashboard. */
			_x( 'Sorry, you are not allowed to post Adyen notifications.', 'Adyen', 'pronamic_ideal' ),
			array( 'status' => rest_authorization_required_code() )
		);
	}

	/**
	 * REST API Adyen notifications handler.
	 *
	 * @param WP_REST_Request $request Request.
	 * @return object
	 */
	public function rest_api_adyen_notifications( WP_REST_Request $request ) {
		$json = $request->get_body();

		$data = json_decode( $json );

		try {
			$notification_request = NotificationRequest::from_object( $data );
		} catch ( ValidationException $e ) {
			return new WP_Error(
				'adyen_invalid_notification',
				/* translators: Translate 'notification' the same as in the Adyen dashboard. */
				_x( 'Cannot parse JSON notification.', 'Adyen', 'pronamic_ideal' ),
				array( 'status' => 500 )
			);
		}

		foreach ( $notification_request->get_items() as $item ) {
			$payment = get_pronamic_payment( $item->get_merchant_reference() );

			if ( null === $payment ) {
				continue;
			}

			// Add note.
			$note = sprintf(
				'<p>%s</p>',
				sprintf(
					/* translators: %s: payment provider name */
					__( 'Webhook requested by %s.', 'pronamic_ideal' ),
					__( 'Adyen', 'pronamic_ideal' )
				)
			);

			$json = wp_json_encode( $item->get_json(), JSON_PRETTY_PRINT );

			if ( false !== $json ) {
				$note .= sprintf(
					'<pre>%s</pre>',
					$json
				);
			}

			$payment->add_note( $note );

			do_action( 'pronamic_pay_webhook_log_payment', $payment );

			// Authorization.
			if ( EventCode::AUTHORIZATION === $item->get_event_code() ) {
				$payment->set_status( $item->is_success() ? PaymentStatus::SUCCESS : PaymentStatus::FAILURE );

				$payment->save();
			}
		}

		$response = (object) array(
			'notificationResponse' => '[accepted]',
		);

		return $response;
	}
}


1		<?php
2		/**
3		* Notifications controller
4		*
5		* @author Pronamic <[email protected]>
6		* @copyright 2005-2019 Pronamic
7		* @license GPL-3.0-or-later
8		* @package Pronamic\WordPress\Pay\Gateways\Adyen
9		*/
10
11		namespace Pronamic\WordPress\Pay\Gateways\Adyen;
12
13		use JsonSchema\Exception\ValidationException;
14		use Pronamic\WordPress\Pay\Payments\PaymentStatus as PaymentStatus;
		0 ignored issues – show Bug introduced 2019-09-27 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The type `Pronamic\WordPress\Pay\Payments\PaymentStatus` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
15		use WP_Error;
16		use WP_REST_Request;
17
18		/**
19		* Notification controller
20		*
21		* @link https://docs.adyen.com/developers/api-reference/notifications-api#notificationrequest
22		*
23		* @author Remco Tolsma
24		* @version 1.0.3
25		* @since 1.0.0
26		*/
27		class NotificationsController {
28		/**
29		* Setup.
30		*
31		* @return void
32		*/
33	11	public function setup() {
34	11	add_action( 'rest_api_init', array( $this, 'rest_api_init' ) );
35	11	}
36
37		/**
38		* REST API init.
39		*
40		* @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/
41		* @link https://developer.wordpress.org/reference/hooks/rest_api_init/
42		*
43		* @return void
44		*/
45	10	public function rest_api_init() {
46	10	register_rest_route(
47	10	Integration::REST_ROUTE_NAMESPACE,
48	10	'/notifications',
49		array(
50	10	'methods' => 'POST',
51	10	'callback' => array( $this, 'rest_api_adyen_notifications' ),
52	10	'permission_callback' => array( $this, 'rest_api_adyen_permissions_check' ),
53		)
54		);
55	10	}
56
57		/**
58		* REST API Adyen permissions check.
59		*
60		* @link https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/#permissions-callback
61		*
62		* @param WP_REST_Request $request Request.
63		* @return true\|WP_Error
64		*/
65	6	public function rest_api_adyen_permissions_check( WP_REST_Request $request ) {
66	6	$username = get_option( 'pronamic_pay_adyen_notification_authentication_username' );
67	6	$password = get_option( 'pronamic_pay_adyen_notification_authentication_password' );
68
69	6	if ( empty( $username ) && empty( $password ) ) {
70	4	return true;
71		}
72
73	2	$authorization = $request->get_header( 'Authorization' );
74
75		// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode -- Benign reason.
76	2	if ( 'Basic ' . base64_encode( $username . ':' . $password ) === $authorization ) {
77	1	return true;
78		}
79
80	1	return new WP_Error(
81	1	'rest_forbidden_context',
82		/* translators: Translate 'notification' the same as in the Adyen dashboard. */
83	1	_x( 'Sorry, you are not allowed to post Adyen notifications.', 'Adyen', 'pronamic_ideal' ),
84	1	array( 'status' => rest_authorization_required_code() )
85		);
86		}
87
88		/**
89		* REST API Adyen notifications handler.
90		*
91		* @param WP_REST_Request $request Request.
92		* @return object
93		*/
94	5	public function rest_api_adyen_notifications( WP_REST_Request $request ) {
95	5	$json = $request->get_body();
96
97	5	$data = json_decode( $json );
98
99		try {
100	5	$notification_request = NotificationRequest::from_object( $data );
101	2	} catch ( ValidationException $e ) {
102	2	return new WP_Error(
103	2	'adyen_invalid_notification',
104		/* translators: Translate 'notification' the same as in the Adyen dashboard. */
105	2	_x( 'Cannot parse JSON notification.', 'Adyen', 'pronamic_ideal' ),
106	2	array( 'status' => 500 )
107		);
108		}
109
110	3	foreach ( $notification_request->get_items() as $item ) {
111	3	$payment = get_pronamic_payment( $item->get_merchant_reference() );
112
113	3	if ( null === $payment ) {
114	2	continue;
115		}
116
117		// Add note.
118	1	$note = sprintf(
119	1	'<p>%s</p>',
120	1	sprintf(
121		/* translators: %s: payment provider name */
122	1	__( 'Webhook requested by %s.', 'pronamic_ideal' ),
123	1	__( 'Adyen', 'pronamic_ideal' )
124		)
125		);
126
127	1	$json = wp_json_encode( $item->get_json(), JSON_PRETTY_PRINT );
128
129	1	if ( false !== $json ) {
130	1	$note .= sprintf(
131	1	'<pre>%s</pre>',
132		$json
133		);
134		}
135
136	1	$payment->add_note( $note );
137
138	1	do_action( 'pronamic_pay_webhook_log_payment', $payment );
139
140		// Authorization.
141	1	if ( EventCode::AUTHORIZATION === $item->get_event_code() ) {
142	1	$payment->set_status( $item->is_success() ? PaymentStatus::SUCCESS : PaymentStatus::FAILURE );
143
144	1	$payment->save();
145		}
146		}
147
148		$response = (object) array(
149	3	'notificationResponse' => '[accepted]',
150		);
151
152	3	return $response;
153		}
154		}
155

wp-pay-gateways / adyen

Push — develop ( 27299e...c51b01 )

src/NotificationsController.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like