christiaangoossens
/
informaticaD4P-2017
Archived
1
0
Fork 0
Code Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
master
18-feb
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '819c91e319'
${ noResults }
informaticaD4P-2017/src/Application/API/Handler.php

152 lines
5.5 KiB
PHP
Raw Blame History

<?php
/**
* Informatica Eindproject D4p
* 6in3, Stedelijk Gymnasium Nijmegen
* Docent: Hans de Wolf
*
* ==================
*
* Daniel Boutros,
* Christiaan Goossens,
* Jelmer Hinssen
*/
namespace Inforbank\Application\API;
use \Slim\App;
class Handler
{
public function __construct(App $app)
{
/**
* Create the API route group
*/
$app->group('/api', function () {
/**
* TransactionRequest API Endpoint
*
* Requires the following POST arguments:
* - clientId
* - transactionId
* - amount
* - description
* - returnUrl
* - sha1
*/
$this->post('/transactionRequest', function ($request, $response, $args) {
$parsedBody = $request->getParsedBody();
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['amount']) && isset($parsedBody['description']) && isset($parsedBody['returnUrl']) && isset($parsedBody['sha1'])) {
// Correct request
if ($parsedBody['clientId'] !== Handler::getClientId()) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
$responseJSON = array(
"success" => true,
"redirect" => "https://example.com"
);
} else {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect sha1 verification hash."
);
}
}
} else {
$response = $response->withStatus(400);
$responseJSON = array(
"success" => false,
"error" => "Missing one of the following attributes: [clientId, transactionId, amount, description, returnUrl, sha1]"
);
}
$body = $response->getBody();
$body->write(json_encode($responseJSON));
return $response->withBody($body);
});
/**
* StatusRequest API Endpoint
*
* Requires the following POST arguments:
* - clientId
* - transactionId
* - sha1
*/
$this->post('/statusRequest', function ($request, $response, $args) {
$parsedBody = $request->getParsedBody();
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['sha1'])) {
// Correct request
if ($parsedBody['clientId'] !== Handler::getClientId()) {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect client id."
);
} else {
$clientSecret = Handler::getClientSecret();
$sha = sha1($parsedBody['transactionId'] . $clientSecret);
if ($sha === $parsedBody['sha1']) {
$responseJSON = array(
"success" => true,
"transaction" => array(
"status" => "Success",
"transactionId" => "notyetfromdb",
"someotherrandomkey" => "changethis"
)
);
} else {
$response = $response->withStatus(403);
$responseJSON = array(
"success" => false,
"error" => "Incorrect sha1 verification hash."
);
}
}
} else {
$response = $response->withStatus(400);
$responseJSON = array(
"success" => false,
"error" => "Missing one of the following attributes: [clientId, transactionId, sha1]"
);
}
$body = $response->getBody();
$body->write(json_encode($responseJSON));
return $response->withBody($body);
});
})->add(function ($request, $response, $next) {
/**
* Add the correct JSON headers to the responses
*/
$response = $response->withHeader('Content-type', 'application/json');
return $next($request, $response);
});
}
public static function getClientId()
{
return 'de-webshop';
}
public static function getClientSecret()
{
return '42';
}
}
View Git Blame Copy Permalink