-
Notifications
You must be signed in to change notification settings - Fork 17
/
Api.php
315 lines (269 loc) · 8.23 KB
/
Api.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
<?php
namespace Crevillo\Payum\Redsys;
use Payum\Core\Bridge\Spl\ArrayObject;
use Payum\Core\Exception\InvalidArgumentException;
use Payum\Core\Exception\LogicException;
class Api
{
const TRANSACTIONTYPE_AUTHORIZATION = 0;
const CONSUMERLANGUAGE_SPANISH = '001';
const DS_RESPONSE_CANCELED = '0184';
const DS_RESPONSE_USER_CANCELED = '9915';
const ORDER_NUMBER_MINIMUM_LENGTH = 4;
const ORDER_NUMBER_MAXIMUM_LENGHT = 12;
const SIGNATURE_VERSION = 'HMAC_SHA256_V1';
protected $options = array(
'merchant_code' => null,
'terminal' => null,
'secret_key' => null,
'sandbox' => true,
);
/**
* Currency codes to the values the bank
* understand. Remember you can only work
* with one of them per commerce
*/
protected $currencies = array(
'EUR' => '978',
'USD' => '840',
'GBP' => '826',
'JPY' => '392',
'ARA' => '32',
'CAD' => '124',
'CLP' => '152',
'COP' => '170',
'INR' => '356',
'MXN' => '484',
'PEN' => '604',
'CHF' => '756',
'BRL' => '986',
'VEF' => '937',
'TRL' => '949',
);
private $payment_vars = array();
public function setParameter($key, $value)
{
$this->payment_vars[$key] = $value;
}
public function __construct(array $options)
{
$this->options = array_replace($this->options, $options);
if (true == empty($this->options['merchant_code'])) {
throw new InvalidArgumentException('The merchant_code option must be set.');
}
if (true == empty($this->options['terminal'])) {
throw new InvalidArgumentException('The terminal option must be set.');
}
if (true == empty($this->options['secret_key'])) {
throw new InvalidArgumentException('The secret_key option must be set.');
}
if (false == is_bool($this->options['sandbox'])) {
throw new InvalidArgumentException('The boolean sandbox option must be set.');
}
}
/**
* @return string
*/
public function getRedsysUrl()
{
return $this->options['sandbox'] ?
'https://sis-t.redsys.es:25443/sis/realizarPago' :
'https://sis.redsys.es/sis/realizarPago';
}
/**
* @param $currency
*
* @return mixed
*/
public function getISO4127($currency)
{
if (!isset($this->currencies[$currency])) {
throw new LogicException('Currency not allowed by the gateway.');
}
return $this->currencies[$currency];
}
/**
* @return string
*/
public function getMerchantCode()
{
return $this->options['merchant_code'];
}
/**
* @return string
*/
public function getMerchantTerminalCode()
{
return $this->options['terminal'];
}
/**
* Validate the order number passed to the bank. it needs to pass the
* following test
*
* - Must be between 4 and 12 characters
* - We complete with 0 to the left in case length or the number is lower
* than 4 in order to make the integration easier
* - Four first characters must be digits
* - Following eight can be digits or characters which ASCII numbers are:
* - between 65 and 90 ( A - Z)
* - between 97 and 122 ( a - z )
*
* If the test pass, orderNumber will be returned. if not, a Exception will be thrown
*
* @param string $orderNumber
*
* @return string
*/
public function ensureCorrectOrderNumber($orderNumber)
{
if (strlen($orderNumber) > self::ORDER_NUMBER_MAXIMUM_LENGHT) {
throw new LogicException('Payment number can\'t have more than 12 characters');
}
// add 0 to the left in case length of the order number is less than 4
$orderNumber = str_pad($orderNumber, self::ORDER_NUMBER_MINIMUM_LENGTH,
'0', STR_PAD_LEFT);
if (!preg_match('/^[0-9]{4}[a-z0-9]{0,12}$/i', $orderNumber)) {
throw new LogicException('The payment gateway doesn\'t allow order numbers with this format.');
}
return $orderNumber;
}
/**
* 3DES Function provided by Redsys
*
* @param string $merchantOrder
* @param string $key
*
* @return string
*/
private function encrypt_3DES($merchantOrder, $key)
{
$ciphertext = null;
if ( function_exists( 'mcrypt_encrypt' ) && version_compare(phpversion(), '7.1', '<') ) {
// default IV
$bytes = array(0,0,0,0,0,0,0,0); //byte [] IV = {0, 0, 0, 0, 0, 0, 0, 0}
$iv = implode(array_map("chr", $bytes));
$ciphertext = mcrypt_encrypt(MCRYPT_3DES, $key, $merchantOrder, MCRYPT_MODE_CBC, $iv);
} elseif(function_exists( 'openssl_encrypt' ) && version_compare(phpversion(), '7.1', '>=') ) {
$l = ceil(strlen($merchantOrder) / 8) * 8;
$ciphertext = substr(openssl_encrypt($merchantOrder . str_repeat("\0", $l - strlen($merchantOrder)), 'des-ede3-cbc', $key, OPENSSL_RAW_DATA, "\0\0\0\0\0\0\0\0"), 0, $l);
}
return $ciphertext;
}
/**
* base64_url_encode function provided by Redsys
*
* @param $input
* @return string
*/
function base64_url_encode($input)
{
return strtr(base64_encode($input), '+/', '-_');
}
/**
* Decode function provided by Redsys
*
* @param $input
* @return string
*/
private function base64_url_decode($input)
{
return base64_decode(strtr($input, '-_', '+/'));
}
/**
* Mac256 function provided by Redsys
*
* @param $ent
* @param $key
* @return string
*/
private function mac256($ent, $key)
{
$res = hash_hmac('sha256', $ent, $key, true);
return $res;
}
/**
* encodeBase64 function provided by Redsys
*
* @param $data
* @return string
*/
private function encodeBase64($data)
{
$data = base64_encode($data);
return $data;
}
/**
* decodeBase64 function provided by Redsys
*
* @param $data
* @return string
*/
private function decodeBase64($data)
{
$data = base64_decode($data);
return $data;
}
/**
* builds signature from the data sent by Redsys in the reply
*
* @param $key
* @param $data
* @return string
*/
function createMerchantSignatureNotif($key, $data)
{
$key = $this->decodeBase64($key);
$decodec = $this->base64_url_decode($data);
$orderData = json_decode($decodec, true);
$key = $this->encrypt_3DES($orderData['Ds_Order'], $key);
$res = $this->mac256($data, $key);
return $this->base64_url_encode($res);
}
/**
* Validates notification sent by Redsys when it receives the payment
*
* @param array $notification
*
* @return bool
*/
public function validateNotificationSignature(array $notification)
{
$notification = ArrayObject::ensureArrayObject($notification);
$notification->validateNotEmpty('Ds_Signature');
$notification->validateNotEmpty('Ds_MerchantParameters');
$data = $notification["Ds_MerchantParameters"];
$key = $this->options['secret_key'];
$signedResponse = $this->createMerchantSignatureNotif($key, $data);
return $signedResponse == $notification['Ds_Signature'];
}
/**
* Builds Merchant Parameters encoded string.
* Bank will take care of decode this
*
* @param array $params
* @return string
*/
function createMerchantParameters(array $params)
{
$json = json_encode($params);
return $this->encodeBase64($json);
}
/**
* Sing request sent to Gateway
*
* @param array $params
*
* @return string
*/
public function sign(array $params)
{
$base64DecodedKey = base64_decode($this->options['secret_key']);
$key = $this->encrypt_3DES($params['Ds_Merchant_Order'],
$base64DecodedKey);
$res = $this->mac256(
$this->createMerchantParameters($params),
$key
);
return base64_encode($res);
}
}