diff --git a/src/Message/SIMCompleteAuthorizeRequest.php b/src/Message/SIMCompleteAuthorizeRequest.php index f10ffb9b..a36ea1f2 100644 --- a/src/Message/SIMCompleteAuthorizeRequest.php +++ b/src/Message/SIMCompleteAuthorizeRequest.php @@ -21,7 +21,7 @@ public function getTransactionId() public function getData() { // The hash sent in the callback from the Authorize.Net gateway. - $hash_posted = $this->getPostedHash($this->httpRequest); + $hash_posted = $this->getPostedHash(); // The transaction reference generated by the Authorize.Net gateway and sent in the callback. $posted_transaction_reference = $this->httpRequest->request->get('x_trans_id'); @@ -30,7 +30,7 @@ public function getData() $posted_amount = $this->httpRequest->request->get('x_amount'); // Calculate the hash locally, using the shared "hash secret" and login ID. - $hash_calculated = $this->getHash($posted_transaction_reference, $posted_amount, $this->httpRequest); + $hash_calculated = $this->getHash($posted_transaction_reference, $posted_amount); if ($hash_posted !== $hash_calculated) { // If the hash is incorrect, then we can't trust the source nor anything sent. @@ -68,10 +68,10 @@ public function getData() * @param $httpRequest * @return string */ - public function getHash($transaction_reference, $amount, $httpRequest) + public function getHash($transaction_reference, $amount) { - if (!empty($httpRequest) && $hash = $this->getSha512Hash($httpRequest)) { - return $hash; + if ($this->getSignatureKey()) { + return $this->getSha512Hash(); } else { return $this->getMd5Hash($transaction_reference, $amount); } @@ -98,48 +98,51 @@ public function getMd5Hash($transaction_reference, $amount) /** * Generate sha512 hash. - * Required fields are provided in Table 18 in https://www.authorize.net/content/dam/authorize/documents/SIM_guide.pdf#page=73 + * Required fields are provided in Table 18 in + * https://www.authorize.net/content/dam/authorize/documents/SIM_guide.pdf#page=73 * @param $httpRequest * @return string|null */ - public function getSha512Hash($httpRequest) + public function getSha512Hash() { $signatureKey = $this->getSignatureKey(); - if (empty($signatureKey) || empty($httpRequest)) { + $httpRequest = $this->httpRequest->request; + + if (empty($signatureKey)) { return null; } $hashData = implode('^', [ - $httpRequest->request->get('x_trans_id'), - $httpRequest->request->get('x_test_request'), - $httpRequest->request->get('x_response_code'), - $httpRequest->request->get('x_auth_code'), - $httpRequest->request->get('x_cvv2_resp_code'), - $httpRequest->request->get('x_cavv_response'), - $httpRequest->request->get('x_avs_code'), - $httpRequest->request->get('x_method'), - $httpRequest->request->get('x_account_number'), - $httpRequest->request->get('x_amount'), - $httpRequest->request->get('x_company'), - $httpRequest->request->get('x_first_name'), - $httpRequest->request->get('x_last_name'), - $httpRequest->request->get('x_address'), - $httpRequest->request->get('x_city'), - $httpRequest->request->get('x_state'), - $httpRequest->request->get('x_zip'), - $httpRequest->request->get('x_country'), - $httpRequest->request->get('x_phone'), - $httpRequest->request->get('x_fax'), - $httpRequest->request->get('x_email'), - $httpRequest->request->get('x_ship_to_company'), - $httpRequest->request->get('x_ship_to_first_name'), - $httpRequest->request->get('x_ship_to_last_name'), - $httpRequest->request->get('x_ship_to_address'), - $httpRequest->request->get('x_ship_to_city'), - $httpRequest->request->get('x_ship_to_state'), - $httpRequest->request->get('x_ship_to_zip'), - $httpRequest->request->get('x_ship_to_country'), - $httpRequest->request->get('x_invoice_num'), + $httpRequest->get('x_trans_id'), + $httpRequest->get('x_test_request'), + $httpRequest->get('x_response_code'), + $httpRequest->get('x_auth_code'), + $httpRequest->get('x_cvv2_resp_code'), + $httpRequest->get('x_cavv_response'), + $httpRequest->get('x_avs_code'), + $httpRequest->get('x_method'), + $httpRequest->get('x_account_number'), + $httpRequest->get('x_amount'), + $httpRequest->get('x_company'), + $httpRequest->get('x_first_name'), + $httpRequest->get('x_last_name'), + $httpRequest->get('x_address'), + $httpRequest->get('x_city'), + $httpRequest->get('x_state'), + $httpRequest->get('x_zip'), + $httpRequest->get('x_country'), + $httpRequest->get('x_phone'), + $httpRequest->get('x_fax'), + $httpRequest->get('x_email'), + $httpRequest->get('x_ship_to_company'), + $httpRequest->get('x_ship_to_first_name'), + $httpRequest->get('x_ship_to_last_name'), + $httpRequest->get('x_ship_to_address'), + $httpRequest->get('x_ship_to_city'), + $httpRequest->get('x_ship_to_state'), + $httpRequest->get('x_ship_to_zip'), + $httpRequest->get('x_ship_to_country'), + $httpRequest->get('x_invoice_num'), ]); $hash = hash_hmac('sha512', '^' . $hashData . '^', hex2bin($signatureKey)); $hash = strtoupper($hash); @@ -150,20 +153,15 @@ public function getSha512Hash($httpRequest) /** * Get posted hash from the callback from the Authorize.Net gateway. * - * @param $httpRequest * @return string|null */ - public function getPostedHash($httpRequest) + public function getPostedHash() { - if (empty($httpRequest)){ - return null; - } - if ($signatureKey = $this->getSignatureKey()) { - return strtoupper($httpRequest->request->get('x_SHA2_Hash')); + return strtoupper($this->httpRequest->request->get('x_SHA2_Hash')); } - return strtolower($httpRequest->request->get('x_MD5_Hash')); + return strtolower($this->httpRequest->request->get('x_MD5_Hash')); } public function sendData($data)