1
0

Added secrets

This commit is contained in:
Christiaan Goossens 2017-03-30 19:42:22 +02:00
parent 516ced5152
commit 819c91e319

View File

@ -41,20 +41,28 @@ class Handler
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['amount']) && isset($parsedBody['description']) && isset($parsedBody['returnUrl']) && isset($parsedBody['sha1'])) {
// Correct request
$clientSecret = Handler::getClientSecret($parsedBody['clientId']);
$sha = sha1($parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
$responseJSON = array(
"success" => true,
"redirect" => "https://example.com"
);
} else {
if ($parsedBody['clientId'] !== Handler::getClientId()) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect sha1 verification hash."
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
$responseJSON = array(
"success" => true,
"redirect" => "https://example.com"
);
} else {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect sha1 verification hash."
);
}
}
} else {
$response = $response->withStatus(400);
@ -83,24 +91,32 @@ class Handler
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['sha1'])) {
// Correct request
$clientSecret = Handler::getClientSecret($parsedBody['clientId']);
$sha = sha1($parsedBody['transactionId'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
$responseJSON = array(
"success" => true,
"transaction" => array(
"status" => "Success",
"transactionId" => "notyetfromdb",
"someotherrandomkey" => "changethis"
)
);
} else {
if ($parsedBody['clientId'] !== Handler::getClientId()) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect sha1 verification hash."
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
$responseJSON = array(
"success" => true,
"transaction" => array(
"status" => "Success",
"transactionId" => "notyetfromdb",
"someotherrandomkey" => "changethis"
)
);
} else {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect sha1 verification hash."
);
}
}
} else {
$response = $response->withStatus(400);
@ -123,8 +139,13 @@ class Handler
});
}
public static function getClientSecret($clientId)
public static function getClientId()
{
return '3';
return 'de-webshop';
}
public static function getClientSecret()
{
return '42';
}
}