/** * Kontrola parametru predavanych ve zpetnem volani po potvrzeni/zruseni platby - verifikace podpisu. * * @param float $returnedPaymentSessionId - paymentSessionId vracene v redirectu * @param string $returnedEncryptedSignature - kontrolni podpis vraceny v redirectu * @param float $paymentResult - vysledek volani * @param float $paymentSessionId - identifikator platby na GoPay * @param string $secureKey - kryptovaci klic prideleny eshopu / uzivateli, urceny k podepisovani komunikace * * @throws \Exception */ public static function checkPaymentResult($returnedPaymentSessionId, $returnedEncryptedSignature, $paymentResult, $paymentSessionId, $secureKey) { if ($returnedPaymentSessionId != $paymentSessionId) { throw new \Exception("PaymentResult invalid PSID"); } $hashedSignature = GopayHelper::hash(GopayHelper::concatPaymentResult((double) $paymentSessionId, $paymentResult, $secureKey)); $decryptedHash = GopayHelper::decrypt($returnedEncryptedSignature, $secureKey); if ($decryptedHash != $hashedSignature) { throw new \Exception("PaymentResult invalid signature"); } }
/** * Kontrola vysledku vytvoreni platby proti internim udajum objednavky - verifikace podpisu. * * @param mixed $payment_result - vysledek volani createPayment * @param string $session_state - ocekavany stav paymentSession (WAITING, PAYMENT_DONE) * @param float $buyerGoId - identifikace uzivatele - GoId uzivatele pridelene GoPay * @param string $variableSymbol - identifikace akt. objednavky * @param float $totalPriceInCents - cena objednavky v halerich * @param string $productName - nazev objednavky / zbozi * @param string $secret - kryptovaci heslo pridelene uzivateli, urcene k podepisovani komunikace * * @return true * @return false */ public static function checkBuyerPaymentResult($payment_result, $session_state, $buyerGoId, $variableSymbol, $totalPriceInCents, $productName, $secret) { $valid = true; /* * Kontrola parametru objednavky */ $valid = GopayHelper::checkPaymentResultCommon($payment_result, $session_state, $buyerGoId, null, $variableSymbol, $totalPriceInCents, $productName, $secret); if ($valid) { /* * Kontrola podpisu objednavky */ $hashedSignature = GopayHelper::hash(GopayHelper::concatPaymentResult($payment_result->buyerGoId, $payment_result->productName, $payment_result->totalPrice, $payment_result->variableSymbol, $payment_result->result, $payment_result->sessionState, $secret)); $decryptedHash = GopayHelper::decrypt($payment_result->encryptedSignature, $secret); if ($decryptedHash != $hashedSignature) { $valid = false; // echo "PS invalid signature <br>"; } } return $valid; }