public function __construct(RequestInterface $request, $data) { parent::__construct($request, $data); $requestParams = $request->getParameters(); $secureKey = $requestParams['secureKey']; $hashedSignature = GopayHelper::hash(GopayHelper::concatPaymentStatus($data, $secureKey)); $decryptedHash = GopayHelper::decrypt($data->encryptedSignature, $secureKey); if ($decryptedHash != $hashedSignature) { throw new InvalidResponseException("Invalid response signature"); } }
public static function paymentStatusWithState($sessionState) { $data = new stdClass(); $data->targetGoId = 12345; $data->productName = 'Product Description'; $data->totalPrice = 1000; $data->currency = 'CZK'; $data->orderNumber = '1234'; $data->recurrentPayment = ''; $data->parentPaymentSessionId = ''; $data->preAuthorization = ''; $data->result = GopayHelper::CALL_COMPLETED; $data->sessionState = $sessionState; $data->sessionSubState = ''; $data->paymentChannel = ''; $data->paymentSessionId = 11112222; $data->encryptedSignature = GopayHelper::encrypt(GopayHelper::hash(GopayHelper::concatPaymentStatus($data, self::SECURE_KEY)), self::SECURE_KEY); return $data; }
/** * Kontrola stavu platby proti internim udajum objednavky - verifikace podpisu. * * @param mixed $paymentStatus - vysledek volani paymentStatus * @param string $sessionState - ocekavany stav paymentSession (WAITING, PAYMENT_DONE) * @param float $goId - identifikator prijemce prideleny GoPay * @param string $orderNumber - identifikace akt. objednavky u prijemce * @param float $totalPriceInCents - cena objednavky v halerich * @param string $currency - identifikator meny platby * @param string $productName - nazev objednavky / zbozi * @param string $secureKey - kryptovaci klic prideleny prijemci, urceny k podepisovani komunikace * * @throws Exception */ public static function checkPaymentStatus($paymentStatus, $sessionState, $goId, $orderNumber, $totalPriceInCents, $currency, $productName, $secureKey) { if (!empty($paymentStatus)) { if ($paymentStatus->result != GopayHelper::CALL_COMPLETED) { throw new Exception("PS invalid call state state"); } if ($paymentStatus->sessionState != $sessionState) { throw new Exception("PS invalid session state"); } if (trim($paymentStatus->orderNumber) != trim($orderNumber)) { throw new Exception("PS invalid VS"); } if (trim($paymentStatus->productName) != trim($productName)) { throw new Exception("PS invalid PN"); } if ($paymentStatus->targetGoId != $goId) { throw new Exception("PS invalid GoID"); } if ($paymentStatus->totalPrice != $totalPriceInCents) { throw new Exception("PS invalid price"); } if ($paymentStatus->currency != $currency) { throw new Exception("PS invalid currency"); } } else { throw new Exception("None payment status"); } /* * Kontrola podpisu objednavky */ $hashedSignature = GopayHelper::hash(GopayHelper::concatPaymentStatus($paymentStatus, $secureKey)); $decryptedHash = GopayHelper::decrypt($paymentStatus->encryptedSignature, $secureKey); if ($decryptedHash != $hashedSignature) { throw new Exception("PS invalid signature"); } }