/** * Kontrola parametru predavanych ve zpetnem volani po potvrzeni/zruseni platby - verifikace podpisu. * * @param float $returnedPaymentSessionId - paymentSessionId vracene v redirectu * @param string $returnedEncryptedSignature - kontrolni podpis vraceny v redirectu * @param float $paymentResult - vysledek volani * @param float $paymentSessionId - identifikator platby na GoPay * @param string $secureKey - kryptovaci klic prideleny eshopu / uzivateli, urceny k podepisovani komunikace * * @throws Exception */ public static function checkPaymentResult($returnedPaymentSessionId, $returnedEncryptedSignature, $paymentResult, $paymentSessionId, $secureKey) { if ($returnedPaymentSessionId != $paymentSessionId) { throw new Exception("PaymentResult invalid PSID"); } $hashedSignature = GopayHelper::hash(GopayHelper::concatPaymentResult((double) $paymentSessionId, $paymentResult, $secureKey)); $decryptedHash = GopayHelper::decrypt($returnedEncryptedSignature, $secureKey); if ($decryptedHash != $hashedSignature) { throw new Exception("PaymentResult invalid signature"); } }