From 500223390d354d9a431350c815b198c32adeac66 Mon Sep 17 00:00:00 2001 From: Christiaan Goossens Date: Sun, 19 Feb 2017 11:57:38 +0100 Subject: [PATCH] Added the first API handler for external payments (to use with the Omnipay plugin) --- src/Application/API/Handler.php | 130 ++++++++++++++++++++++++++++++++ src/Application/Main.php | 10 ++- 2 files changed, 138 insertions(+), 2 deletions(-) create mode 100644 src/Application/API/Handler.php diff --git a/src/Application/API/Handler.php b/src/Application/API/Handler.php new file mode 100644 index 0000000..ec18634 --- /dev/null +++ b/src/Application/API/Handler.php @@ -0,0 +1,130 @@ +group('/api', function () { + /** + * TransactionRequest API Endpoint + * + * Requires the following POST arguments: + * - clientId + * - transactionId + * - amount + * - description + * - returnUrl + * - sha1 + */ + $this->post('/transactionRequest', function ($request, $response, $args) { + $parsedBody = $request->getParsedBody(); + + if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['amount']) && isset($parsedBody['description']) && isset($parsedBody['returnUrl']) && isset($parsedBody['sha1'])) { + // Correct request + + $clientSecret = Handler::getClientSecret($parsedBody['clientId']); + $sha = sha1($parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret); + + if ($sha === $parsedBody['sha1']) { + $responseJSON = array( + "success" => true, + "redirect" => "https://example.com" + ); + } else { + $response = $response->withStatus(403); + $responseJSON = array( + "success" => false, + "error" => "Incorrect sha1 verification hash." + ); + } + } else { + $response = $response->withStatus(400); + $responseJSON = array( + "success" => false, + "error" => "Missing one of the following attributes: [clientId, transactionId, amount, description, returnUrl, sha1]" + ); + } + + $body = $response->getBody(); + $body->write(json_encode($responseJSON)); + return $response->withBody($body); + }); + + /** + * StatusRequest API Endpoint + * + * Requires the following POST arguments: + * - clientId + * - transactionId + * - sha1 + */ + $this->post('/statusRequest', function ($request, $response, $args) { + $parsedBody = $request->getParsedBody(); + + if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['sha1'])) { + // Correct request + + $clientSecret = Handler::getClientSecret($parsedBody['clientId']); + $sha = sha1($parsedBody['transactionId'] . $clientSecret); + + if ($sha === $parsedBody['sha1']) { + $responseJSON = array( + "success" => true, + "transaction" => array( + "status" => "Success", + "transactionId" => "notyetfromdb", + "someotherrandomkey" => "changethis" + ) + ); + } else { + $response = $response->withStatus(403); + $responseJSON = array( + "success" => false, + "error" => "Incorrect sha1 verification hash." + ); + } + } else { + $response = $response->withStatus(400); + $responseJSON = array( + "success" => false, + "error" => "Missing one of the following attributes: [clientId, transactionId, sha1]" + ); + } + + $body = $response->getBody(); + $body->write(json_encode($responseJSON)); + return $response->withBody($body); + }); + })->add(function ($request, $response, $next) { + /** + * Add the correct JSON headers to the responses + */ + $response = $response->withHeader('Content-type', 'application/json'); + return $next($request, $response); + }); + } + + public static function getClientSecret($clientId) + { + return '42'; + } +} diff --git a/src/Application/Main.php b/src/Application/Main.php index 33129b8..4a7bdf1 100644 --- a/src/Application/Main.php +++ b/src/Application/Main.php @@ -16,7 +16,8 @@ namespace InfD4p\Application; use \Slim\App; -class Main { +class Main +{ /** * Constructor function @@ -29,7 +30,12 @@ class Main { * Hier wordt onze applicatie gestart. De functie hieronder wordt aangeroepen bij het starten van de app. Hier kun je dus routes toevoegen. * */ - public function __construct(App $app) { + public function __construct(App $app) + { + // Load the API handler for the Omnipay plugin + new API\Handler($app); + + // Add the default view routes $app->get('/[{name}]', function ($request, $response, $args) { // Render index view return $this->renderer->render($response, 'index.phtml', $args);