/**
* validation de la signature de la post-sale reçu
* @param Response $response
* @return boolean true when signatire is valid
* @throws UnauthorizedPostSaleException If signature is not valid
*/
protected function validate(Response $response)
{
$sha1outkey = $this->sha1Out;
$keys = $response->jsonSerialize();
ksort($keys);
$hashKey = '';
foreach ($keys as $key => $val) {
if ($val != '' && $key != 'SHASIGN') {
$hashKey .= $key . '=' . $val . $sha1outkey;
}
}
$this->logger->debug('signature calculé :' . hash('sha1', $hashKey));
$this->logger->debug('signature reçu :' . $response->getShasign());
if (strtoupper(hash('sha1', $hashKey)) === strtoupper($response->getShasign())) {
return true;
}
throw new UnauthorizedPostSaleException();
}
