/** * validation de la signature de la post-sale reçu * @param Response $response * @return boolean true when signatire is valid * @throws UnauthorizedPostSaleException If signature is not valid */ protected function validate(Response $response) { $sha1outkey = $this->sha1Out; $keys = $response->jsonSerialize(); ksort($keys); $hashKey = ''; foreach ($keys as $key => $val) { if ($val != '' && $key != 'SHASIGN') { $hashKey .= $key . '=' . $val . $sha1outkey; } } $this->logger->debug('signature calculé :' . hash('sha1', $hashKey)); $this->logger->debug('signature reçu :' . $response->getShasign()); if (strtoupper(hash('sha1', $hashKey)) === strtoupper($response->getShasign())) { return true; } throw new UnauthorizedPostSaleException(); }