christiaangoossens/informaticaD4P-2017
Archived
1
0
Fork 0
Code Releases Activity

Added secrets

Browse Source
This commit is contained in:
Christiaan Goossens 2017-03-30 19:42:22 +02:00
parent 516ced5152
commit 819c91e319
1 changed files with 47 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/Application/API/Handler.php
View File

@ -41,7 +41,14 @@ class Handler
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['amount']) && isset($parsedBody['description']) && isset($parsedBody['returnUrl']) && isset($parsedBody['sha1'])) { if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['amount']) && isset($parsedBody['description']) && isset($parsedBody['returnUrl']) && isset($parsedBody['sha1'])) {
// Correct request // Correct request
$clientSecret = Handler::getClientSecret($parsedBody['clientId']); if ($parsedBody['clientId'] !== Handler::getClientId()) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret); $sha = sha1($parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret);
if ($sha === $parsedBody['sha1']) { if ($sha === $parsedBody['sha1']) {
@ -56,6 +63,7 @@ class Handler
"error" => "Incorrect sha1 verification hash." "error" => "Incorrect sha1 verification hash."
); );
} }
}
} else { } else {
$response = $response->withStatus(400); $response = $response->withStatus(400);
$responseJSON = array( $responseJSON = array(
@ -83,7 +91,14 @@ class Handler
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['sha1'])) { if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['sha1'])) {
// Correct request // Correct request
$clientSecret = Handler::getClientSecret($parsedBody['clientId']); if ($parsedBody['clientId'] !== Handler::getClientId()) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $clientSecret); $sha = sha1($parsedBody['transactionId'] . $clientSecret);
if ($sha === $parsedBody['sha1']) { if ($sha === $parsedBody['sha1']) {
@ -102,6 +117,7 @@ class Handler
"error" => "Incorrect sha1 verification hash." "error" => "Incorrect sha1 verification hash."
); );
} }
}
} else { } else {
$response = $response->withStatus(400); $response = $response->withStatus(400);
$responseJSON = array( $responseJSON = array(
@ -123,8 +139,13 @@ class Handler
}); });
} }
public static function getClientSecret($clientId) public static function getClientId()
{ {
return '3'; return 'de-webshop';
}
public static function getClientSecret()
{
return '42';
} }
} }