/** * Method to send the request to the zaakpay api * identified by the endpoint (url) */ public function send() { $config = $this->getZaakpayConfig(); $this->_params = array_merge($this->_params, array('merchantIdentifier' => $config['merchant_id'], 'mode' => $config['sandbox_mode'] ? '0' : '1')); $fields = $this->_params; #ksort($fields); $all = Checksum::getAllParams($fields); $checksum = Checksum::calculateChecksum($config['secret_key'], $all); $fields['checksum'] = $checksum; $query_string = http_build_query($fields); // Mage::log('Update Request sent:'.$query_string); // var_dump($fields); exit; //open connection $ch = curl_init(); //set the url, number of POST vars, POST data curl_setopt($ch, CURLOPT_URL, $this->getUrl()); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); //execute post $result = curl_exec($ch); // incase of an error, log it if (curl_errno($ch)) { Mage::log('Curl error: ' . curl_error($ch)); Mage::throwException('Request not completed because of an error connecting to zaakpay server for transaction update. See exception logs'); } else { //close connection curl_close($ch); $this->_processResponse($result); $this->_sentFlag = true; } }
/** * Constructor * * @param var value */ public function __construct($value) { if (is_int($value)) { parent::__construct(sprintf('%04x', $value)); } else { parent::__construct($value); } }
function verifyChecksum($checksum, $all, $secret) { $cal_checksum = Checksum::calculateChecksum($secret, $all); $bool = 0; if($checksum == $cal_checksum) { $bool = 1; } return $bool; }
public function responseAction() { // actual processing $postdata = Mage::app()->getRequest()->getPost(); $session = Mage::getSingleton('checkout/session'); $session->setQuoteId($session->getZaakpayQuoteId(true)); $zaakpayConfig = Mage::getStoreConfig('payment/zaakpay'); // Checksum Verification // Proceed only if checksum matches. Else redirect to error page. $checksumReceived = $postdata['checksum']; $allParamsReceived = Checksum::getAllParams($postdata); $checksumCalculated = Checksum::calculateChecksum($zaakpayConfig['secret_key'], $allParamsReceived); if ($checksumReceived !== $checksumCalculated) { if ($session->getLastRealOrderId()) { $order = Mage::getModel('sales/order')->loadByIncrementId($session->getLastRealOrderId()); if ($order->getId()) { $order->cancel()->save(); } } $er = 'Checksum does not match. This response has been compromised. However, transaction might have been successful.'; $session->addError($er); $this->_redirect('zaakpay/transact/failure'); return; } // success if ($this->_validateResponse()) { Mage::getSingleton('checkout/session')->getQuote()->setIsActive(false)->save(); // load the order and change the order status $zaakpay = Mage::getModel('zaakpay/transact'); $state = $zaakpay->zaakpaySuccessOrderState(); $order = Mage::getModel('sales/order')->loadByIncrementId($postdata['orderId'])->setState($state, true); // also do something similar to capturing the payment here $payment = $order->getPayment(); $transaction = Mage::getModel('sales/order_payment_transaction'); $dummy_txn_id = 'ZP_' . $postdata['orderId']; $transaction->setOrderPaymentObject($payment)->setTxnId($dummy_txn_id)->setTxnType(Mage_Sales_Model_Order_Payment_Transaction::TYPE_AUTH)->setIsClosed(0)->save(); $order->save(); $order->sendNewOrderEmail(); $this->_redirect('checkout/onepage/success', array('_secure' => true)); } else { // failure/cancel if ($session->getLastRealOrderId()) { $order = Mage::getModel('sales/order')->loadByIncrementId($session->getLastRealOrderId()); if ($order->getId()) { $order->cancel()->save(); } } $er = 'Zaakpay could not process your request because of the error "' . $postdata['responseDescription'] . '"'; $session->addError($er); $this->_redirect('zaakpay/transact/failure'); } }
/** * This will just spit out the html without loading any other magento stuff * and the form will be submitted right away. */ protected function _toHtml() { $zaakpay = Mage::getModel('zaakpay/transact'); $fields = $zaakpay->getCheckoutFormFields(); $form = '<form id="zaakpay_checkout" method="POST" action="' . $zaakpay->getZaakpayTransactAction() . '">'; foreach ($fields as $key => $value) { $form .= '<input type="hidden" name="' . $key . '" value="' . Checksum::sanitizedParam($value) . '" />' . "\n"; #$form .= '<input type="hidden" name="'.$key.'" value="'.$value.'" />'."\n"; } $form .= '</form>'; $html = '<html><body>'; $html .= $this->__('You will be redirected to the Zaakpay website in a few seconds.'); $html .= $form; $html .= '<script type="text/javascript">document.getElementById("zaakpay_checkout").submit();</script>'; $html .= '</body></html>'; return $html; }
/** * @dataProvider getMatchesContentData */ public function testMatchesContent($checksum, $content, $expected) { $this->assertEquals($expected, Checksum::matchesContent($checksum, $content)); }
public function getRequestFields() { $fields = $this->_buildRequestFields(); // pass it through validate so that an exception is thrown $this->_validateFields($fields); $all = Checksum::getAllParams($fields); #error_log("Logging stripped params : " . $all); $zaakpayConfig = $this->getZaakpayConfig(); $checksum = Checksum::calculateChecksum($zaakpayConfig['secret_key'], $all); #error_log('Logging key used to produce checksum : ' . $zaakpayConfig['secret_key']); #error_log('Logging checksum : ' . $checksum); $this->_checksum = $checksum; // var_dump($all, $checksum); #ksort($fields); // first sort by key and then append checksum in the end $fields['checksum'] = $checksum; return $fields; }
/** * @dataProvider getFromContentData */ public function testFromContent($content, $expected) { $this->assertEquals($expected, Checksum::fromContent($content)); }
public function getRequestFields() { $fields = $this->_buildRequestFields(); // pass it through validate so that an exception is thrown $this->_validateFields($fields); $airpCheckfields = Checksum::sanitizedParam($fields['buyerEmail']) . Checksum::sanitizedParam($fields['buyerFirstName']) . Checksum::sanitizedParam($fields['buyerLastName']) . Checksum::sanitizedParam($fields['buyerAddress']) . Checksum::sanitizedParam($fields['buyerCity']) . Checksum::sanitizedParam($fields['buyerState']) . Checksum::sanitizedParam($fields['buyerCountry']) . Checksum::sanitizedParam($fields['amount']) . Checksum::sanitizedParam($fields['orderid']); $all = $airpCheckfields; error_log("Logging stripped params : " . $all); $airpayConfig = $this->getAirpayConfig(); $privatekey = Checksum::encrypt($airpayConfig['username'] . ":|:" . $airpayConfig['password'], $airpayConfig['secret_key']); $checksum = Checksum::calculateChecksum($all . date('Y-m-d'), $privatekey); error_log("Logging stripped params : " . $all); error_log('Logging key used to produce checksum : ' . $airpayConfig['secret_key']); error_log('Logging checksum : ' . $checksum); $this->_checksum = $checksum; // var_dump($all, $checksum); #ksort($fields); // first sort by key and then append checksum in the end $fields['checksum'] = $checksum; $fields['privatekey'] = $privatekey; $fields['mercid'] = $airpayConfig['merchant_id']; return $fields; }
public function responseAction() { // actual processing $postdata = Mage::app()->getRequest()->getPost(); $session = Mage::getSingleton('checkout/session'); $session->setQuoteId($session->getAirpayQuoteId(true)); $airpayConfig = Mage::getStoreConfig('payment/airpay'); // Checksum Verification // Proceed only if checksum matches. Else redirect to error page. $checksumReceived = $postdata['ap_SecureHash']; $TRANSACTIONID = $postdata['TRANSACTIONID']; $APTRANSACTIONID = $postdata['APTRANSACTIONID']; $AMOUNT = $postdata['AMOUNT']; $TRANSACTIONSTATUS = $postdata['TRANSACTIONSTATUS']; $MESSAGE = $postdata['MESSAGE']; $mercid = $airpayConfig['merchant_id']; $username = $airpayConfig['username']; $allParamsReceived = Checksum::getAllParams($postdata); //$checksumCalculated = Checksum::calculateChecksum($airpayConfig['secret_key'], $allParamsReceived); $checksumCalculated = sprintf("%u", crc32($TRANSACTIONID . ':' . $APTRANSACTIONID . ':' . $AMOUNT . ':' . $TRANSACTIONSTATUS . ':' . $MESSAGE . ':' . $mercid . ':' . $username)); error_log("Logging response params : " . $allParamsReceived); error_log('Logging checksum : ' . $checksumCalculated); if ($checksumReceived !== $checksumCalculated) { if ($session->getLastRealOrderId()) { $order = Mage::getModel('sales/order')->loadByIncrementId($session->getLastRealOrderId()); if ($order->getId()) { $order->cancel()->save(); } } $er = 'Checksum does not match. This response has been compromised. However, transaction might have been successful.'; $session->addError($er); $this->_redirect('airpay/transact/failure'); return; } // success if ($this->_validateResponse()) { Mage::getSingleton('checkout/session')->getQuote()->setIsActive(false)->save(); // load the order and change the order status $airpay = Mage::getModel('airpay/transact'); //$state = $airpay->airpaySuccessOrderState(); $order = Mage::getModel('sales/order')->loadByIncrementId($postdata['TRANSACTIONID'])->setState(Mage_Sales_Model_Order::STATE_PROCESSING, true); $payment = $order->getPayment(); $transaction = Mage::getModel('sales/order_payment_transaction'); $dummy_txn_id = 'AP_' . $postdata['TRANSACTIONID']; $transaction->setOrderPaymentObject($payment)->setTxnId($dummy_txn_id)->setTxnType(Mage_Sales_Model_Order_Payment_Transaction::TYPE_AUTH)->setIsClosed(0)->save(); $order->save(); try { $order->sendNewOrderEmail(); } catch (Exception $ex) { } $this->_redirect('checkout/onepage/success', array('_secure' => true)); } else { // failure/cancel if ($session->getLastRealOrderId()) { $order = Mage::getModel('sales/order')->loadByIncrementId($session->getLastRealOrderId()); if ($order->getId()) { $order->cancel()->save(); } } $er = 'Airpay could not process your request because of the error "' . $postdata['MESSAGE'] . '"'; $session->addError($er); $this->_redirect('airpay/transact/failure'); } }