Skip to content

Commit

Permalink
Refactor PR 128 for adding tests.
Browse files Browse the repository at this point in the history
  • Loading branch information
@judgej
judgej committed Mar 16, 2019
1 parent de5eb0c commit 6b97fbd
Showing 1 changed file with 44 additions and 46 deletions.
90 changes: 44 additions & 46 deletions src/Message/SIMCompleteAuthorizeRequest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ public function getTransactionId()
public function getData()
{
// The hash sent in the callback from the Authorize.Net gateway.
$hash_posted = $this->getPostedHash($this->httpRequest);
$hash_posted = $this->getPostedHash();

// The transaction reference generated by the Authorize.Net gateway and sent in the callback.
$posted_transaction_reference = $this->httpRequest->request->get('x_trans_id');
Expand All @@ -30,7 +30,7 @@ public function getData()
$posted_amount = $this->httpRequest->request->get('x_amount');

// Calculate the hash locally, using the shared "hash secret" and login ID.
$hash_calculated = $this->getHash($posted_transaction_reference, $posted_amount, $this->httpRequest);
$hash_calculated = $this->getHash($posted_transaction_reference, $posted_amount);

if ($hash_posted !== $hash_calculated) {
// If the hash is incorrect, then we can't trust the source nor anything sent.
Expand Down Expand Up @@ -68,10 +68,10 @@ public function getData()
* @param $httpRequest
* @return string
*/
public function getHash($transaction_reference, $amount, $httpRequest)
public function getHash($transaction_reference, $amount)
{
if (!empty($httpRequest) && $hash = $this->getSha512Hash($httpRequest)) {
return $hash;
if ($this->getSignatureKey()) {
return $this->getSha512Hash();
} else {
return $this->getMd5Hash($transaction_reference, $amount);
}
Expand All @@ -98,48 +98,51 @@ public function getMd5Hash($transaction_reference, $amount)

/**
* Generate sha512 hash.
* Required fields are provided in Table 18 in https://www.authorize.net/content/dam/authorize/documents/SIM_guide.pdf#page=73
* Required fields are provided in Table 18 in
* https://www.authorize.net/content/dam/authorize/documents/SIM_guide.pdf#page=73
* @param $httpRequest
* @return string|null
*/
public function getSha512Hash($httpRequest)
public function getSha512Hash()
{
$signatureKey = $this->getSignatureKey();
if (empty($signatureKey) || empty($httpRequest)) {
$httpRequest = $this->httpRequest->request;

if (empty($signatureKey)) {
return null;
}

$hashData = implode('^', [
$httpRequest->request->get('x_trans_id'),
$httpRequest->request->get('x_test_request'),
$httpRequest->request->get('x_response_code'),
$httpRequest->request->get('x_auth_code'),
$httpRequest->request->get('x_cvv2_resp_code'),
$httpRequest->request->get('x_cavv_response'),
$httpRequest->request->get('x_avs_code'),
$httpRequest->request->get('x_method'),
$httpRequest->request->get('x_account_number'),
$httpRequest->request->get('x_amount'),
$httpRequest->request->get('x_company'),
$httpRequest->request->get('x_first_name'),
$httpRequest->request->get('x_last_name'),
$httpRequest->request->get('x_address'),
$httpRequest->request->get('x_city'),
$httpRequest->request->get('x_state'),
$httpRequest->request->get('x_zip'),
$httpRequest->request->get('x_country'),
$httpRequest->request->get('x_phone'),
$httpRequest->request->get('x_fax'),
$httpRequest->request->get('x_email'),
$httpRequest->request->get('x_ship_to_company'),
$httpRequest->request->get('x_ship_to_first_name'),
$httpRequest->request->get('x_ship_to_last_name'),
$httpRequest->request->get('x_ship_to_address'),
$httpRequest->request->get('x_ship_to_city'),
$httpRequest->request->get('x_ship_to_state'),
$httpRequest->request->get('x_ship_to_zip'),
$httpRequest->request->get('x_ship_to_country'),
$httpRequest->request->get('x_invoice_num'),
$httpRequest->get('x_trans_id'),
$httpRequest->get('x_test_request'),
$httpRequest->get('x_response_code'),
$httpRequest->get('x_auth_code'),
$httpRequest->get('x_cvv2_resp_code'),
$httpRequest->get('x_cavv_response'),
$httpRequest->get('x_avs_code'),
$httpRequest->get('x_method'),
$httpRequest->get('x_account_number'),
$httpRequest->get('x_amount'),
$httpRequest->get('x_company'),
$httpRequest->get('x_first_name'),
$httpRequest->get('x_last_name'),
$httpRequest->get('x_address'),
$httpRequest->get('x_city'),
$httpRequest->get('x_state'),
$httpRequest->get('x_zip'),
$httpRequest->get('x_country'),
$httpRequest->get('x_phone'),
$httpRequest->get('x_fax'),
$httpRequest->get('x_email'),
$httpRequest->get('x_ship_to_company'),
$httpRequest->get('x_ship_to_first_name'),
$httpRequest->get('x_ship_to_last_name'),
$httpRequest->get('x_ship_to_address'),
$httpRequest->get('x_ship_to_city'),
$httpRequest->get('x_ship_to_state'),
$httpRequest->get('x_ship_to_zip'),
$httpRequest->get('x_ship_to_country'),
$httpRequest->get('x_invoice_num'),
]);
$hash = hash_hmac('sha512', '^' . $hashData . '^', hex2bin($signatureKey));
$hash = strtoupper($hash);
Expand All @@ -150,20 +153,15 @@ public function getSha512Hash($httpRequest)
/**
* Get posted hash from the callback from the Authorize.Net gateway.
*
* @param $httpRequest
* @return string|null
*/
public function getPostedHash($httpRequest)
public function getPostedHash()
{
if (empty($httpRequest)){
return null;
}

if ($signatureKey = $this->getSignatureKey()) {
return strtoupper($httpRequest->request->get('x_SHA2_Hash'));
return strtoupper($this->httpRequest->request->get('x_SHA2_Hash'));
}

return strtolower($httpRequest->request->get('x_MD5_Hash'));
return strtolower($this->httpRequest->request->get('x_MD5_Hash'));
}

public function sendData($data)
Expand Down

0 comments on commit 6b97fbd

Please sign in to comment.