/** * Controller action for confirm requests sent "server-to-server" from Wirecard * * Handles verification of the responseFingerprint and triggers the ConfirmPaymentEvent. * Handle the event to decide wether the controller should respond to the confirmation * with a success or an error message. * * @param Request $request * @return Response */ function confirmAction(Request $request) { if (!$request->isMethod('POST')) { return new Response("", Response::HTTP_METHOD_NOT_ALLOWED); } if (!$request->request->has('responseFingerprintOrder')) { return new Response("responseFingerprintOrder missing", Response::HTTP_BAD_REQUEST); } $fingerprint = Fingerprint::fromResponseParameters($request->request->all(), $this->context); $fingerprintIsValid = hash_equals((string) $fingerprint, $request->request->get('responseFingerprint')); if ($fingerprintIsValid === false) { return new Response("Fingerprint not valid", Response::HTTP_FORBIDDEN); } $event = new Event\ConfirmPaymentEvent($request->request->all()); $this->eventDispatcher->dispatch(Event\ConfirmPaymentEvent::NAME, $event); if (!$event->isPropagationStopped() || $event->getState() === Event\ConfirmPaymentEvent::RESPOND_WITH_SUCCESS) { return new JsonResponse(['status' => 'OK', 'errorCodes' => null, 'QPAY-CONFIRMATION-RESPONSE' => ['result' => 'OK']]); } return new JsonResponse(['status' => 'NOK', 'errorCodes' => $event->getErrorCode(), 'QPAY-CONFIRMATION-RESPONSE' => ['result' => 'NOK', 'message' => $event->getErrorMessage()]]); }
<?php require __DIR__ . '/../../vendor/autoload.php'; use Hochstrasser\Wirecard\Fingerprint; use Hochstrasser\Wirecard\Context; $context = new Context(['customer_id' => 'D200001', 'secret' => 'B8AKTPWBRMNBV455FG6M2DANE99WU2', 'language' => 'de', 'shop_id' => 'qmore']); $fingerprint = Fingerprint::fromResponseParameters($_POST, $context); $fingerprintIsValid = hash_equals((string) $fingerprint, $_POST['responseFingerprint']); if ($_POST) { ?> <h3>Response Parameters</h3> <pre><code><?php var_dump($_POST); ?> </code></pre> <?php } ?> <h3>Fingerprint</h3> <p> Fingerprint is <?php echo $fingerprintIsValid ? '<strong style="color: green;">valid</strong>' : '<strong style="color: red;">invalid</strong>'; ?> </p> <div>Expected:</div> <div> <code><?php echo $fingerprint;