You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
152 lines
5.5 KiB
PHP
152 lines
5.5 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Informatica Eindproject D4p
|
|
* 6in3, Stedelijk Gymnasium Nijmegen
|
|
* Docent: Hans de Wolf
|
|
*
|
|
* ==================
|
|
*
|
|
* Daniel Boutros,
|
|
* Christiaan Goossens,
|
|
* Jelmer Hinssen
|
|
*/
|
|
|
|
namespace Inforbank\Application\API;
|
|
|
|
use \Slim\App;
|
|
|
|
class Handler
|
|
{
|
|
public function __construct(App $app)
|
|
{
|
|
/**
|
|
* Create the API route group
|
|
*/
|
|
$app->group('/api', function () {
|
|
/**
|
|
* TransactionRequest API Endpoint
|
|
*
|
|
* Requires the following POST arguments:
|
|
* - clientId
|
|
* - transactionId
|
|
* - amount
|
|
* - description
|
|
* - returnUrl
|
|
* - sha1
|
|
*/
|
|
$this->post('/transactionRequest', function ($request, $response, $args) {
|
|
$parsedBody = $request->getParsedBody();
|
|
|
|
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['amount']) && isset($parsedBody['description']) && isset($parsedBody['returnUrl']) && isset($parsedBody['sha1'])) {
|
|
// Correct request
|
|
|
|
if ($parsedBody['clientId'] !== Handler::getClientId()) {
|
|
$response = $response->withStatus(403);
|
|
$responseJSON = array(
|
|
"success" => false,
|
|
"error" => "Incorrect client id."
|
|
);
|
|
} else {
|
|
$clientSecret = Handler::getClientSecret();
|
|
$sha = sha1($parsedBody['transactionId'] . $parsedBody['amount'] . $clientSecret);
|
|
|
|
if ($sha === $parsedBody['sha1']) {
|
|
$responseJSON = array(
|
|
"success" => true,
|
|
"redirect" => "https://example.com"
|
|
);
|
|
} else {
|
|
$response = $response->withStatus(403);
|
|
$responseJSON = array(
|
|
"success" => false,
|
|
"error" => "Incorrect sha1 verification hash."
|
|
);
|
|
}
|
|
}
|
|
} else {
|
|
$response = $response->withStatus(400);
|
|
$responseJSON = array(
|
|
"success" => false,
|
|
"error" => "Missing one of the following attributes: [clientId, transactionId, amount, description, returnUrl, sha1]"
|
|
);
|
|
}
|
|
|
|
$body = $response->getBody();
|
|
$body->write(json_encode($responseJSON));
|
|
return $response->withBody($body);
|
|
});
|
|
|
|
/**
|
|
* StatusRequest API Endpoint
|
|
*
|
|
* Requires the following POST arguments:
|
|
* - clientId
|
|
* - transactionId
|
|
* - sha1
|
|
*/
|
|
$this->post('/statusRequest', function ($request, $response, $args) {
|
|
$parsedBody = $request->getParsedBody();
|
|
|
|
if (isset($parsedBody['clientId']) && isset($parsedBody['transactionId']) && isset($parsedBody['sha1'])) {
|
|
// Correct request
|
|
|
|
if ($parsedBody['clientId'] !== Handler::getClientId()) {
|
|
$response = $response->withStatus(403);
|
|
$responseJSON = array(
|
|
"success" => false,
|
|
"error" => "Incorrect client id."
|
|
);
|
|
} else {
|
|
$clientSecret = Handler::getClientSecret();
|
|
$sha = sha1($parsedBody['transactionId'] . $clientSecret);
|
|
|
|
if ($sha === $parsedBody['sha1']) {
|
|
$responseJSON = array(
|
|
"success" => true,
|
|
"transaction" => array(
|
|
"status" => "Success",
|
|
"transactionId" => "notyetfromdb",
|
|
"someotherrandomkey" => "changethis"
|
|
)
|
|
);
|
|
} else {
|
|
$response = $response->withStatus(403);
|
|
$responseJSON = array(
|
|
"success" => false,
|
|
"error" => "Incorrect sha1 verification hash."
|
|
);
|
|
}
|
|
}
|
|
} else {
|
|
$response = $response->withStatus(400);
|
|
$responseJSON = array(
|
|
"success" => false,
|
|
"error" => "Missing one of the following attributes: [clientId, transactionId, sha1]"
|
|
);
|
|
}
|
|
|
|
$body = $response->getBody();
|
|
$body->write(json_encode($responseJSON));
|
|
return $response->withBody($body);
|
|
});
|
|
})->add(function ($request, $response, $next) {
|
|
/**
|
|
* Add the correct JSON headers to the responses
|
|
*/
|
|
$response = $response->withHeader('Content-type', 'application/json');
|
|
return $next($request, $response);
|
|
});
|
|
}
|
|
|
|
public static function getClientId()
|
|
{
|
|
return 'de-webshop';
|
|
}
|
|
|
|
public static function getClientSecret()
|
|
{
|
|
return '42';
|
|
}
|
|
}
|