salix/modules/client/back/methods/tpv-transaction/confirm.js

98 lines
2.9 KiB
JavaScript

const UserError = require('vn-loopback/util/user-error');
const base64url = require('base64url');
module.exports = Self => {
Self.remoteMethod('confirm', {
description: 'Confirms electronic payment transaction',
accessType: 'WRITE',
accepts: [
{
arg: 'Ds_SignatureVersion',
type: 'string',
required: false,
}, {
arg: 'Ds_MerchantParameters',
type: 'string',
required: true,
}, {
arg: 'Ds_Signature',
type: 'string',
required: true,
}
],
returns: {
type: 'Boolean',
root: true
},
http: {
path: `/confirm`,
verb: 'POST'
}
});
Self.confirm = async(signatureVersion, merchantParameters, signature) => {
const $ = Self.app.models;
const decodedParams = JSON.parse(
base64url.decode(merchantParameters, 'utf8'));
const params = {};
for (const param in decodedParams)
params[param] = decodeURIComponent(decodedParams[param]);
const orderId = params['Ds_Order'];
if (!orderId)
throw new UserError('Order id not provided');
const transaction = await Self.findById(orderId, {fields: ['id']});
if (!transaction)
throw new UserError('Order not found');
try {
await transaction.updateAttributes({
merchantParameters,
signature,
signatureVersion,
});
const merchantId = parseInt(params['Ds_MerchantCode']);
if (!merchantId)
throw new UserError('Merchant id not provided');
const merchant = await $.TpvMerchant.findById(merchantId, {
fields: ['id', 'secretKey']
});
if (!merchant)
throw new UserError('Merchant not found');
const base64hmac = Self.createSignature(
orderId,
merchant.secretKey,
merchantParameters
);
if (base64hmac !== base64url.toBase64(signature))
throw new UserError('Invalid signature');
await Self.rawSql(
'CALL hedera.tpvTransaction_confirm(?, ?, ?, ?, ?, ?)', [
params['Ds_Amount'],
orderId,
merchantId,
params['Ds_Currency'],
params['Ds_Response'],
params['Ds_ErrorCode']
]);
return true;
} catch (err) {
try {
await transaction.updateAttribute('responseError', err.message);
} catch (e) {
console.error(e);
}
throw err;
}
};
};