1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322: 323: 324: 325: 326: 327: 328: 329: 330: 331: 332: 333: 334: 335: 336: 337: 338: 339: 340: 341: 342: 343: 344: 345: 346: 347: 348: 349: 350: 351: 352: 353: 354: 355: 356: 357: 358: 359: 360: 361: 362: 363: 364: 365: 366: 367: 368: 369: 370: 371: 372: 373: 374: 375: 376: 377: 378: 379: 380: 381: 382: 383: 384: 385: 386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396: 397: 398: 399: 400: 401: 402: 403: 404: 405: 406: 407: 408: 409: 410: 411: 412: 413: 414: 415: 416: 417: 418: 419: 420: 421: 422: 423: 424: 425: 426: 427: 428: 429: 430: 431: 432: 433: 434: 435: 436: 437: 438: 439: 440: 441: 442: 443: 444: 445: 446: 447: 448: 449: 450: 451: 452: 453: 454: 455: 456: 457: 458: 459: 460: 461: 462: 463: 464: 465: 466: 467: 468: 469: 470: 471: 472: 473: 474: 475: 476: 477: 478: 479: 480: 481: 482: 483: 484: 485: 486: 487: 488: 489: 490: 491: 492: 493: 494: 495: 496: 497: 498: 499: 500: 501: 502: 503: 504: 505: 506: 507: 508: 509: 510: 511: 512: 513: 514: 515: 516: 517: 518: 519: 520: 521: 522: 523: 524: 525: 526: 527: 528: 529: 530: 531: 532: 533: 534: 535: 536: 537: 538: 539: 540: 541: 542: 543: 544: 545: 546: 547: 548: 549: 550: 551: 552: 553: 554: 555: 556: 557: 558: 559: 560: 561: 562:
<?php
namespace RKD\Banklink\Protocol;
use DateTime;
use DateTimeZone;
use InvalidArgumentException;
use RKD\Banklink\Protocol\Helper\ProtocolHelper;
use RKD\Banklink\Protocol\IPizza\Services;
use RKD\Banklink\Response\AuthResponse;
use RKD\Banklink\Response\PaymentResponse;
use RKD\Banklink\Response\ResponseInterface;
use UnexpectedValueException;
class IPizza implements ProtocolInterface
{
protected $publicKey;
protected $privateKey;
protected $privateKeyPassword;
protected $sellerId;
protected $sellerName;
protected $sellerAccount;
protected $version;
protected $requestUrl;
protected $serviceId;
protected $result;
protected $useMbStrlen = true;
protected $algorithm = OPENSSL_ALGO_SHA1;
const FIELD_SERVICE = 'VK_SERVICE';
const FIELD_VERSION = 'VK_VERSION';
const FIELD_SND_ID = 'VK_SND_ID';
const FIELD_STAMP = 'VK_STAMP';
const FIELD_AMOUNT = 'VK_AMOUNT';
const FIELD_CURR = 'VK_CURR';
const FIELD_REF = 'VK_REF';
const FIELD_MSG = 'VK_MSG';
const FIELD_RETURN = 'VK_RETURN';
const FIELD_CANCEL = 'VK_CANCEL';
const FIELD_DATETIME = 'VK_DATETIME';
const FIELD_T_DATETIME = 'VK_T_DATETIME';
const FIELD_LANG = 'VK_LANG';
const FIELD_NAME = 'VK_NAME';
const FIELD_ACC = 'VK_ACC';
const FIELD_MAC = 'VK_MAC';
const FIELD_RID = 'VK_RID';
const FIELD_REPLY = 'VK_REPLY';
const FIELD_NONCE = 'VK_NONCE';
const FIELD_REC_ID = 'VK_REC_ID';
const FIELD_AUTO = 'VK_AUTO';
const FIELD_SND_NAME = 'VK_SND_NAME';
const FIELD_SND_ACC = 'VK_SND_ACC';
const FIELD_REC_NAME = 'VK_REC_NAME';
const FIELD_REC_ACC = 'VK_REC_ACC';
const FIELD_T_NO = 'VK_T_NO';
const FIELD_USER_ID = 'VK_USER_ID';
const FIELD_USER_NAME = 'VK_USER_NAME';
const FIELD_COUNTRY= 'VK_COUNTRY';
const FIELD_TOKEN = 'VK_TOKEN';
public function __construct(
$sellerId,
$privateKey,
$privateKeyPassword,
$publicKey,
$requestUrl,
$sellerName = null,
$sellerAccount = null,
$version = '008'
) {
$this->privateKey = $privateKey;
$this->privateKeyPassword = $privateKeyPassword;
$this->publicKey = $publicKey;
$this->sellerId = $sellerId;
$this->sellerName = $sellerName;
$this->sellerAccount = $sellerAccount;
$this->version = $version;
$this->requestUrl = $requestUrl;
if (strlen($sellerName) > 0 && strlen($sellerAccount) > 0) {
$this->serviceId = Services::PAYMENT_REQUEST_1011;
return;
}
$this->serviceId = Services::PAYMENT_REQUEST_1012;
}
public function useMbStrlen($useMbStrlen)
{
$this->useMbStrlen = (boolean)$useMbStrlen;
}
public function getPaymentRequest(
int $orderId,
float $sum,
string $message,
string $language = 'EST',
string $currency = 'EUR',
array $customRequestData = [],
string $encoding = 'UTF-8',
string $timezone = 'Europe/Tallinn'
) : array {
$time = getenv('CI') ? getenv('TEST_DATETIME') : 'now';
$datetime = new DateTime($time, new DateTimeZone($timezone));
$data = [
static::FIELD_SERVICE => $this->serviceId,
static::FIELD_VERSION => $this->version,
static::FIELD_SND_ID => $this->sellerId,
static::FIELD_STAMP => $orderId,
static::FIELD_AMOUNT => $sum,
static::FIELD_CURR => $currency,
static::FIELD_REF => ProtocolHelper::calculateReference($orderId),
static::FIELD_MSG => $message,
static::FIELD_RETURN => $this->requestUrl,
static::FIELD_CANCEL => $this->requestUrl,
static::FIELD_DATETIME => $datetime->format('Y-m-d\TH:i:sO'),
static::FIELD_LANG => $language,
];
if (Services::PAYMENT_REQUEST_1011 === $this->serviceId) {
$data[static::FIELD_NAME] = $this->sellerName;
$data[static::FIELD_ACC] = $this->sellerAccount;
}
if (is_array($customRequestData)) {
$data = array_merge($data, $customRequestData);
}
$data[static::FIELD_MAC] = $this->getSignature($data, $encoding);
return $data;
}
public function getAuthRequest(
?string $recId = null,
?string $nonce = null,
?string $rid = null,
string $encoding = 'UTF-8',
string $language = 'EST',
string $timezone = 'Europe/Tallinn'
) : array {
$time = getenv('CI') ? getenv('TEST_DATETIME') : 'now';
$datetime = new Datetime($time, new DateTimeZone($timezone));
$this->serviceId = (is_null($nonce)) ? Services::AUTH_REQUEST_4011 : Services::AUTH_REQUEST_4012;
$data = [
static::FIELD_SERVICE => $this->serviceId,
static::FIELD_VERSION => $this->version,
static::FIELD_SND_ID => $this->sellerId,
static::FIELD_RETURN => $this->requestUrl,
static::FIELD_DATETIME => $datetime->format('Y-m-d\TH:i:sO'),
static::FIELD_RID => '',
static::FIELD_LANG => $language,
static::FIELD_REPLY => Services::AUTH_RESPONSE_3012
];
if (!is_null($nonce)) {
$data[static::FIELD_SERVICE] = Services::AUTH_REQUEST_4012;
$data[static::FIELD_NONCE] = $nonce;
$data[static::FIELD_REC_ID] = $recId;
unset($data[static::FIELD_REPLY]);
}
if (!is_null($rid)) {
$data[static::FIELD_RID] = $rid;
}
$data[static::FIELD_MAC] = $this->getSignature($data, $encoding);
return $data;
}
public function handleResponse(array $response, string $encoding = 'UTF-8') : ResponseInterface
{
$success = $this->validateSignature($response, $encoding);
$service = $response[static::FIELD_SERVICE];
$servicesClass = static::getServicesClass();
if (in_array($service, $servicesClass::getPaymentResponseServices())) {
return $this->handlePaymentResponse($response, $success);
}
if (in_array($service, $servicesClass::getAuthenticationResponseServices())) {
return $this->handleAuthResponse($response, $success);
}
}
protected function handlePaymentResponse(array $responseData, bool $success) : ResponseInterface
{
$servicesClass = static::getServicesClass();
$status = PaymentResponse::STATUS_ERROR;
if ($success && $responseData[static::FIELD_SERVICE] === $servicesClass::PAYMENT_RESPONSE_SUCCESS) {
$status = PaymentResponse::STATUS_SUCCESS;
}
$response = new PaymentResponse($status, $responseData);
$response->setOrderId($responseData[static::FIELD_STAMP]);
if (isset($responseData[static::FIELD_LANG])) {
$response->setLanguage($responseData[static::FIELD_LANG]);
}
if (isset($responseData[static::FIELD_AUTO])) {
$response->setAutomatic($responseData[static::FIELD_AUTO] === PaymentResponse::RESPONSE_AUTO);
}
if (isset($responseData[static::FIELD_MSG])) {
$response->setMessage($responseData[static::FIELD_MSG]);
}
if (PaymentResponse::STATUS_SUCCESS === $status) {
$receiverAccount = $responseData[static::FIELD_REC_ACC] ?? $responseData[static::FIELD_ACC];
$response
->setSum($responseData[static::FIELD_AMOUNT])
->setCurrency($responseData[static::FIELD_CURR])
->setSender($responseData[static::FIELD_SND_NAME], $responseData[static::FIELD_SND_ACC])
->setReceiver($responseData[static::FIELD_REC_NAME], $receiverAccount)
->setTransactionId($responseData[static::FIELD_T_NO])
->setTransactionDate($responseData[static::FIELD_T_DATETIME]);
}
return $response;
}
protected function handleAuthResponse(array $responseData, bool $success) : ResponseInterface
{
$status = AuthResponse::STATUS_ERROR;
if ($success) {
$status = AuthResponse::STATUS_SUCCESS;
}
$response = new AuthResponse($status, $responseData);
if (isset($responseData[static::FIELD_LANG])) {
$response->setLanguage($responseData[static::FIELD_LANG]);
}
if (PaymentResponse::STATUS_SUCCESS === $status) {
$response
->setUserId($responseData[static::FIELD_USER_ID])
->setUserName($responseData[static::FIELD_USER_NAME])
->setUserCountry($responseData[static::FIELD_COUNTRY])
->setToken($responseData[static::FIELD_TOKEN])
->setRid($responseData[static::FIELD_RID])
->setNonce($responseData[static::FIELD_NONCE])
->setAuthDate($responseData[static::FIELD_DATETIME]);
}
return $response;
}
public function getSignature(array $data, string $encoding = 'UTF-8') : string
{
$mac = $this->generateSignature($data, $encoding);
if (is_file($this->privateKey)) {
$privateKey = openssl_pkey_get_private('file://'.$this->privateKey, $this->privateKeyPassword);
} elseif (is_string($this->privateKey)) {
$privateKey = openssl_pkey_get_private($this->privateKey, $this->privateKeyPassword);
}
if (!$privateKey) {
throw new UnexpectedValueException('Can not get private key.');
}
openssl_sign($mac, $signature, $privateKey, $this->algorithm);
openssl_free_key($privateKey);
$result = base64_encode($signature);
return $result;
}
protected function generateSignature(array $data, string $encoding = 'UTF-8') : string
{
if (!isset($data[static::FIELD_SERVICE])) {
throw new InvalidArgumentException(static::FIELD_SERVICE.' key must be in data. Can\'t generate signature.');
}
$service = $data[static::FIELD_SERVICE];
$fields = static::getFields($service);
$mac = '';
if (in_array(static::FIELD_REC_ACC, $fields) && isset($data[static::FIELD_ACC])) {
$fields[array_search(static::FIELD_REC_ACC, $fields)] = static::FIELD_ACC;
}
foreach ($fields as $key) {
if (!isset($data[$key]) || $data[$key] === false || is_null($data[$key])) {
throw new UnexpectedValueException(
vsprintf('Field %s must be set to use service %s.', [$key, $service])
);
}
$value = $data[$key];
$length = $this->useMbStrlen ? mb_strlen($value, $encoding) : strlen($value);
$mac .= str_pad($length, 3, '0', STR_PAD_LEFT).$value;
}
return $mac;
}
protected function validateSignature(array $response, string $encoding = 'UTF-8') : bool
{
$data = $this->generateSignature($response, $encoding);
if (is_file($this->publicKey)) {
$publicKey = openssl_get_publickey('file://'.$this->publicKey);
} elseif (is_string($this->publicKey)) {
$publicKey = openssl_get_publickey($this->publicKey);
}
if (!$publicKey) {
throw new UnexpectedValueException('Can not get public key.');
}
$this->result = openssl_verify($data, base64_decode($response[static::FIELD_MAC]), $publicKey, $this->algorithm);
openssl_free_key($publicKey);
return $this->result === 1;
}
public function setAlgorithm($algorithm) : self
{
$this->algorithm = $algorithm;
return $this;
}
public function getAlgorithm()
{
return $this->algorithm;
}
protected static function getFields($service)
{
$servicesClass = static::getServicesClass();
return $servicesClass::getFields($service);
}
protected static function getServicesClass()
{
return Services::class;
}
}