/**
* Validate input payload:
* - if it comes with a signature, validate signature,
* - parse it (JSON)
*
* @param $file payload source
*
* @return Array
*/
private function getValidPayload($file)
{
$this->headers = getallheaders();
$data = file_get_contents($file);
if (!array_key_exists('X-CashWay-Signature', $this->headers)) {
$this->terminateReply(400, 'A signature header is required.');
}
$signature = trim($this->headers['X-CashWay-Signature']);
if ($signature == 'none' || $signature == '') {
$this->terminateReply(400, 'A real signature is required.');
}
if (!\CashWay\API::isDataValid($data, Configuration::get('CASHWAY_SHARED_SECRET'), $signature)) {
$this->terminateReply(400, 'Payload signature does not match.');
}
$this->data = json_decode($data);
if (null === $this->data) {
$this->terminateReply(400, 'Could not parse JSON payload.');
}
return $this->data;
}
/**
* @dataProvider signaturesProvider
*/
public function testNotificationSignature($body, $secret, $expected_signature)
{
$this->assertTrue(\CashWay\API::isDataValid($body, $secret, $expected_signature));
}
