christiaangoossens/informaticaD4P-2017
Archived
1
0
Fork 0
Code Releases Activity

Finalized IDOB + small changes concerning redirects

Browse Source
This commit is contained in:
Christiaan Goossens
2017-04-02 11:50:45 +02:00
parent d982b97455
commit fe9d31a076
11 changed files with 434 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

141
src/Application/API/Handler.php
View File

@ -15,6 +15,8 @@
namespace Inforbank\Application\API;
use \Slim\App;
use Inforbank\Application\Helper\Idob\Client;
use Inforbank\Application\Helper\Idob\Transactie;
class Handler
{
@ -38,37 +40,64 @@ class Handler
$this->post('/transactionRequest', function ($request, $response, $args) {
$parsedBody = $request->getParsedBody();
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['amount']) && isset($parsedBody['description']) && isset($parsedBody['returnUrl']) && isset($parsedBody['sha1'])) {
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['amount']) && isset($parsedBody['description']) && isset($parsedBody['returnUrl']) && isset($parsedBody['hash'])) {
// Correct request
try {
$client = new Client($parsedBody['clientId']);
$clientSecret = $client->getClientSecret();
if ($parsedBody['clientId'] !== Handler::getClientId()) {
$sha = hash("sha256", $parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret);
if ($sha === $parsedBody['hash']) {
if ($parsedBody['returnUrl'] === $client->getClientRedirectURI()) {
// Voeg de transactie toe aan de lijst en stuur een response
try {
$reference = $parsedBody['transactionId'];
$amount = ((double) $parsedBody['amount']) / 100;
$description = $parsedBody['description'];
$clientId = $parsedBody['clientId'];
$transactie = Transactie::createTransactie($reference, $clientId, $amount, $description);
$uri = $request->getUri();
$responseJSON = array(
"success" => true,
"redirect" => $uri->getBaseUrl() . "/idob/betalen?trxid=" . $transactie
);
} catch (\Exception $e) {
$response = $response->withStatus(500);
$responseJSON = array(
"success" => false,
"error" => $e->getMessage()
);
}
} else {
$response = $response->withStatus(400);
$responseJSON = array(
"success" => false,
"error" => "Unknown return URI."
);
}
} else {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect verification hash."
);
}
} catch (\Exception $e) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
$responseJSON = array(
"success" => true,
"redirect" => "https://example.com"
);
} else {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect sha1 verification hash."
);
}
}
} else {
$response = $response->withStatus(400);
$responseJSON = array(
"success" => false,
"error" => "Missing one of the following attributes: [clientId, transactionId, amount, description, returnUrl, sha1]"
"error" => "Missing one of the following attributes: [clientId, transactionId, amount, description, returnUrl, hash]"
);
}
@ -88,41 +117,59 @@ class Handler
$this->post('/statusRequest', function ($request, $response, $args) {
$parsedBody = $request->getParsedBody();
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['sha1'])) {
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['hash'])) {
// Correct request
try {
$client = new Client($parsedBody['clientId']);
$clientSecret = $client->getClientSecret();
if ($parsedBody['clientId'] !== Handler::getClientId()) {
$sha = hash("sha256", $parsedBody['transactionId'] . $clientSecret);
if ($sha === $parsedBody['hash']) {
try {
$transactie = Transactie::getTransactie($parsedBody['transactionId']);
if ($transactie['clientId'] === $parsedBody['clientId']) {
$responseJSON = array(
"success" => true,
"transaction" => array(
"reference" => $transactie['reference'],
"status" => $transactie['status']
)
);
} else {
$response = $response->withStatus(500);
$responseJSON = array(
"success" => false,
"error" => "Transaction not found."
);
}
} catch (\Exception $e) {
$response = $response->withStatus(500);
$responseJSON = array(
"success" => false,
"error" => $e->getMessage()
);
}
} else {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect verification hash."
);
}
} catch (\Exception $e) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
$responseJSON = array(
"success" => true,
"transaction" => array(
"status" => "Success",
"transactionId" => "notyetfromdb",
"someotherrandomkey" => "changethis"
)
);
} else {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect sha1 verification hash."
);
}
}
} else {
$response = $response->withStatus(400);
$responseJSON = array(
"success" => false,
"error" => "Missing one of the following attributes: [clientId, transactionId, sha1]"
"error" => "Missing one of the following attributes: [clientId, transactionId, hash]"
);
}
@ -138,14 +185,4 @@ class Handler
return $next($request, $response);
});
}
public static function getClientId()
{
return 'de-webshop';
}
public static function getClientSecret()
{
return '42';
}
}