1
0

Added secrets

This commit is contained in:
Christiaan Goossens 2017-03-30 19:42:22 +02:00
parent 516ced5152
commit 819c91e319

View File

@ -41,7 +41,14 @@ class Handler
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['amount']) && isset($parsedBody['description']) && isset($parsedBody['returnUrl']) && isset($parsedBody['sha1'])) {
// Correct request
$clientSecret = Handler::getClientSecret($parsedBody['clientId']);
if ($parsedBody['clientId'] !== Handler::getClientId()) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
@ -56,6 +63,7 @@ class Handler
"error" => "Incorrect sha1 verification hash."
);
}
}
} else {
$response = $response->withStatus(400);
$responseJSON = array(
@ -83,7 +91,14 @@ class Handler
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['sha1'])) {
// Correct request
$clientSecret = Handler::getClientSecret($parsedBody['clientId']);
if ($parsedBody['clientId'] !== Handler::getClientId()) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
@ -102,6 +117,7 @@ class Handler
"error" => "Incorrect sha1 verification hash."
);
}
}
} else {
$response = $response->withStatus(400);
$responseJSON = array(
@ -123,8 +139,13 @@ class Handler
});
}
public static function getClientSecret($clientId)
public static function getClientId()
{
return '3';
return 'de-webshop';
}
public static function getClientSecret()
{
return '42';
}
}