/** * Kontrola parametru predavanych ve zpetnem volani po potvrzeni/zruseni platby - verifikace podpisu. * * @param float $returnedGoId - goId vracene v redirectu * @param float $returnedPaymentSessionId - paymentSessionId vracene v redirectu * @param float $returnedParentPaymentSessionId - id puvodni platby pri opakovane platbe * @param string $returnedOrderNumber - identifikace objednavky vracena v redirectu - identifikator platby na eshopu * @param string $returnedEncryptedSignature - kontrolni podpis vraceny v redirectu * @param float $targetGoId - identifikace prijemce - GoId pridelene GoPay * @param string $orderNumber - identifikace akt. objednavky * @param string $secureKey - kryptovaci klic prideleny eshopu / uzivateli, urceny k podepisovani komunikace * * @throws Exception */ public static function checkPaymentIdentity($returnedGoId, $returnedPaymentSessionId, $returnedParentPaymentSessionId, $returnedOrderNumber, $returnedEncryptedSignature, $targetGoId, $orderNumber, $secureKey) { if (trim($returnedOrderNumber) != trim($orderNumber)) { throw new Exception("PI invalid VS"); } if ($returnedGoId != $targetGoId) { throw new Exception("PI invalid GoID"); } $hashedSignature = GopayHelper::hash(GopayHelper::concatPaymentIdentity((double) $returnedGoId, (double) $returnedPaymentSessionId, (double) $returnedParentPaymentSessionId, $returnedOrderNumber, $secureKey)); $decryptedHash = GopayHelper::decrypt($returnedEncryptedSignature, $secureKey); if ($decryptedHash != $hashedSignature) { throw new Exception("PS invalid signature"); } }