/**
* Tests validateAndParseData method
*/
public function testValidateAndParseData()
{
$request = array('data' => 'abcdef', 'sign' => 'qwerty');
$parsed = array('projectid' => 123, 'someparam' => 'qwerty123', 'type' => 'micro');
$this->signer->expects($this->once())->method('checkSign')->with($request)->will($this->returnValue(true));
$this->util->expects($this->at(0))->method('decodeSafeUrlBase64')->with('abcdef')->will($this->returnValue('zxc'));
$this->util->expects($this->at(1))->method('parseHttpQuery')->with('zxc')->will($this->returnValue($parsed));
$this->assertEquals($parsed, $this->validator->validateAndParseData($request));
}
/**
* Checks signature
*
* @param array $request
*
* @return boolean
*
* @throws WebToPay_Exception_Callback
*/
public function checkSign(array $request)
{
if (!isset($request['data']) || !isset($request['ss2'])) {
throw new WebToPay_Exception_Callback('Not enough parameters in callback. Possible version mismatch');
}
$ss2 = $this->util->decodeSafeUrlBase64($request['ss2']);
$ok = openssl_verify($request['data'], $ss2, $this->publicKey);
return $ok === 1;
}
/**
* Parses callback parameters from query parameters and checks if sign is correct.
* Request has parameter "data", which is signed and holds all callback parameters
*
* @param array $requestData
*
* @return array Parsed callback parameters
*
* @throws WebToPayException
* @throws WebToPay_Exception_Callback
*/
public function validateAndParseData(array $requestData)
{
if (!$this->signer->checkSign($requestData)) {
throw new WebToPay_Exception_Callback('Invalid sign parameters, check $_GET length limit');
}
if (!isset($requestData['data'])) {
throw new WebToPay_Exception_Callback('"data" parameter not found');
}
$data = $requestData['data'];
$queryString = $this->util->decodeSafeUrlBase64($data);
$request = $this->util->parseHttpQuery($queryString);
if (!isset($request['projectid'])) {
throw new WebToPay_Exception_Callback('Project ID not provided in callback', WebToPayException::E_INVALID);
}
if ((string) $request['projectid'] !== (string) $this->projectId) {
throw new WebToPay_Exception_Callback(sprintf('Bad projectid: %s, should be: %s', $request['projectid'], $this->projectId), WebToPayException::E_INVALID);
}
if (!isset($request['type']) || !in_array($request['type'], array('micro', 'macro'))) {
$micro = isset($request['to']) && isset($request['from']) && isset($request['sms']);
$request['type'] = $micro ? 'micro' : 'macro';
}
return $request;
}
/**
* Tests parseHttpQuery. Must work with and without gpc_magic_quotes
*/
public function testParseHttpQuery()
{
$this->assertEquals(array('param1' => 'some string', 'param2' => 'special symbols !!%(@_-+/=', 'param3' => 'slashes \\\'"'), $this->util->parseHttpQuery('param1=some+string¶m2=special+symbols+%21%21%25%28%40_-%2B%2F%3D¶m3=slashes+%5C%27%22'));
}
/**
* Makes request data array from parameters, also generates signature
*
* @param array $request
*
* @return array
*/
protected function createRequest(array $request)
{
$data = $this->util->encodeSafeUrlBase64(http_build_query($request));
return array('data' => $data, 'sign' => md5($data . $this->projectPassword));
}
/**
* Tests checkSign with incorrect ss2
*/
public function testCheckSignWithBadSignature()
{
$this->util->expects($this->once())->method('decodeSafeUrlBase64')->with('encoded-ss2')->will($this->returnValue('bad-ss2'));
$this->assertFalse($this->signChecker->checkSign(array('data' => 'encodedData', 'ss1' => 'bad-ss1', 'ss2' => 'encoded-ss2')));
}
/**
* Tests buildRepeatRequest method
*/
public function testBuildRepeatRequest()
{
$this->util->expects($this->once())->method('encodeSafeUrlBase64')->with('orderid=123&version=1.6&projectid=123&repeat_request=1')->will($this->returnValue('encoded'));
$this->assertEquals(array('data' => 'encoded', 'sign' => md5('encodedsecret')), $this->builder->buildRepeatRequest(123));
}
