forked from verdnatura/hedera-web
fixes #5174 Redsys TPV api migrated to salix
This commit is contained in:
parent
c463e967ca
commit
efc7342359
|
@ -1,4 +1,4 @@
|
|||
hedera-web (22.48.8) stable; urgency=low
|
||||
hedera-web (22.48.9) stable; urgency=low
|
||||
|
||||
* Initial Release.
|
||||
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
MAILTO=webmaster
|
||||
*/1 * * * * root hedera-web.php -m misc/mail
|
||||
*/4 * * * * root hedera-web.php -m tpv/confirm-mail
|
||||
*/2 * * * * root hedera-web.php -m edi/load
|
||||
0 23 * * * root hedera-web.php -m edi/clean
|
||||
0 5 * * * root hedera-web.php -m edi/update
|
||||
|
|
|
@ -9,11 +9,10 @@ module.exports = new Class({
|
|||
this.tpvStatus = this.hash.$.tpvStatus;
|
||||
|
||||
if (this.tpvStatus) {
|
||||
const query = 'CALL myTpvTransaction_end(#transaction, #status)';
|
||||
this.conn.execQuery(query, {
|
||||
transaction: this.tpvOrder,
|
||||
this.conn.post('TpvTransactions/end', {
|
||||
orderId: this.tpvOrder,
|
||||
status: this.tpvStatus
|
||||
});
|
||||
})
|
||||
}
|
||||
|
||||
return this.tpvStatus;
|
||||
|
@ -29,11 +28,11 @@ module.exports = new Class({
|
|||
return;
|
||||
}
|
||||
|
||||
const json = await this.conn.send('tpv/transaction', {
|
||||
amount: parseInt(amount)
|
||||
,urlOk: this._makeUrl('ok')
|
||||
,urlKo: this._makeUrl('ko')
|
||||
,company
|
||||
const json = await this.conn.post('TpvTransactions/start', {
|
||||
amount: parseInt(amount),
|
||||
urlOk: this._makeUrl('ok'),
|
||||
urlKo: this._makeUrl('ko'),
|
||||
company
|
||||
});
|
||||
|
||||
const postValues = json.postValues;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "hedera-web",
|
||||
"version": "22.48.8",
|
||||
"version": "22.48.9",
|
||||
"description": "Verdnatura web page",
|
||||
"license": "GPL-3.0",
|
||||
"repository": {
|
||||
|
|
|
@ -1,98 +0,0 @@
|
|||
<?php
|
||||
|
||||
require_once(__DIR__.'/tpv.php');
|
||||
|
||||
/**
|
||||
* Gets transaction confirmations from the IMAP mailbox.
|
||||
*/
|
||||
class ConfirmMail extends Vn\Lib\Method {
|
||||
function run($db) {
|
||||
$imap = NULL;
|
||||
$imapConf = $db->getObject(
|
||||
'SELECT host, user, pass, cleanPeriod, successFolder, errorFolder
|
||||
FROM tpvImapConfig'
|
||||
);
|
||||
|
||||
$mailbox = sprintf('{%s/imap/ssl/novalidate-cert}',
|
||||
$imapConf->host);
|
||||
|
||||
$imap = imap_open($mailbox
|
||||
,$imapConf->user
|
||||
,base64_decode($imapConf->pass)
|
||||
);
|
||||
|
||||
if (!$imap)
|
||||
throw new Exception(imap_last_error());
|
||||
|
||||
// Fetchs and confirms new transaction mails
|
||||
|
||||
$count = 0;
|
||||
$inbox = imap_search($imap, 'ALL');
|
||||
|
||||
if ($inbox)
|
||||
foreach ($inbox as $msg) {
|
||||
// Decodes the mail body
|
||||
|
||||
$params = [];
|
||||
$body = imap_fetchbody($imap, $msg, '1');
|
||||
$strings = explode(';', $body);
|
||||
|
||||
foreach ($strings as $string) {
|
||||
$x = explode(':', $string);
|
||||
$params[trim($x[0])] = trim($x[1]);
|
||||
}
|
||||
|
||||
// Confirms the transaction
|
||||
|
||||
$success = FALSE;
|
||||
|
||||
try {
|
||||
$success = Tpv::confirm($db, $params);
|
||||
} catch (\Exception $e) {
|
||||
trigger_error($e->getMessage(), E_USER_WARNING);
|
||||
}
|
||||
|
||||
// Moves the processed mail to another folder
|
||||
|
||||
if ($success)
|
||||
$folder = $imapConf->successFolder;
|
||||
else
|
||||
$folder = $imapConf->errorFolder;
|
||||
|
||||
if (!imap_mail_move($imap, $msg, "$folder"))
|
||||
trigger_error(imap_last_error(), E_USER_WARNING);
|
||||
|
||||
$count++;
|
||||
}
|
||||
|
||||
imap_expunge($imap);
|
||||
|
||||
// Cleans the old mails
|
||||
|
||||
$deleted = 0;
|
||||
|
||||
if (rand(1, 20) == 1) {
|
||||
$folders = array(
|
||||
$imapConf->successFolder
|
||||
,$imapConf->errorFolder
|
||||
);
|
||||
|
||||
$date = new \DateTime(NULL);
|
||||
$date->sub(new \DateInterval($imapConf->cleanPeriod));
|
||||
$filter = sprintf('BEFORE "%s"', $date->format('D, j M Y'));
|
||||
|
||||
foreach ($folders as $folder)
|
||||
if (imap_reopen($imap, $mailbox.$folder))
|
||||
if ($messages = imap_search($imap, $filter)) {
|
||||
foreach ($messages as $message)
|
||||
imap_delete($imap, $message);
|
||||
|
||||
imap_expunge($imap);
|
||||
$deleted += count($messages);
|
||||
}
|
||||
}
|
||||
|
||||
echo "$count mails processed, $deleted mails deleted.\n";
|
||||
}
|
||||
}
|
||||
|
|
@ -1,13 +0,0 @@
|
|||
<?php
|
||||
|
||||
require_once(__DIR__.'/tpv.php');
|
||||
|
||||
/**
|
||||
* Gets transaction confirmation from HTTP POST.
|
||||
*/
|
||||
class ConfirmPost extends Vn\Web\RestRequest {
|
||||
function run($db) {
|
||||
Tpv::confirm($db, $_POST);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,91 +0,0 @@
|
|||
<?php
|
||||
|
||||
require_once('vn/web/util.php');
|
||||
require_once(__DIR__.'/tpv.php');
|
||||
|
||||
/**
|
||||
* Gets transaction confirmation from SOAP service.
|
||||
*/
|
||||
class ConfirmSoap extends Vn\Web\RestRequest {
|
||||
function run($db) {
|
||||
global $tpvConfirmSoap;
|
||||
|
||||
$tpvConfirmSoap = $this;
|
||||
ini_set('soap.wsdl_cache_enabled', FALSE);
|
||||
|
||||
$server = new SoapServer(__DIR__ .'/soap.wsdl');
|
||||
$server->addFunction('procesaNotificacionSIS');
|
||||
$server->handle();
|
||||
}
|
||||
}
|
||||
|
||||
function procesaNotificacionSIS($XML) {
|
||||
global $tpvConfirmSoap;
|
||||
|
||||
$db = $tpvConfirmSoap->app->getSysConn();
|
||||
|
||||
$status = 'OK';
|
||||
$requestString = $XML;
|
||||
|
||||
// Processes the request
|
||||
|
||||
try {
|
||||
$xml = new SimpleXMLElement($requestString);
|
||||
$params =(array) $xml->{'Request'};
|
||||
|
||||
if (!(isset($params['Ds_Amount'])
|
||||
&& isset($params['Ds_Order'])
|
||||
&& isset($params['Ds_MerchantCode'])
|
||||
&& isset($params['Ds_Currency'])
|
||||
&& isset($params['Ds_Response'])))
|
||||
throw new Exception('Missing required parameters');
|
||||
|
||||
// Checks the signature
|
||||
|
||||
$start = strpos($requestString, '<Request');
|
||||
$end = strrpos($requestString, '</Request>');
|
||||
$shaString = substr($requestString, $start, $end - $start + 10);
|
||||
|
||||
$key = $db->getValue(
|
||||
'SELECT secretKey FROM tpvMerchant WHERE id = #'
|
||||
,[$params['Ds_MerchantCode']]
|
||||
);
|
||||
|
||||
if (sha1($shaString.$key) != $xml->{'Signature'})
|
||||
throw new Exception('Invalid signature');
|
||||
|
||||
// Confirms the transaction
|
||||
|
||||
Tpv::confirm($db, $params);
|
||||
} catch (Exception $e) {
|
||||
$status = 'KO';
|
||||
}
|
||||
|
||||
// Generates the response
|
||||
|
||||
$responseString = file_get_contents(__DIR__ .'/soap-reply.xml');
|
||||
$xml = new SimpleXMLElement($responseString);
|
||||
|
||||
$response = $xml->{'Response'};
|
||||
$response->{'Ds_Response_Merchant'} = $status;
|
||||
|
||||
$xml->{'Signature'} = sha1($response->asXML().$key);
|
||||
|
||||
return $xml->asXML();
|
||||
/*
|
||||
// Another way to generate the response
|
||||
|
||||
$xmlResponse =
|
||||
'<Response Ds_Version="0.0">
|
||||
<Ds_Response_Merchant>'. $status .'</Ds_Response_Merchant>
|
||||
</Response>';
|
||||
|
||||
$xmlMessage =
|
||||
'<Message>
|
||||
'. $xmlResponse .'
|
||||
<Signature>'. sha1($xmlResponse.$key) .'</Signature>
|
||||
</Message>';
|
||||
|
||||
return $xmlMessage;
|
||||
*/}
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
<Message>
|
||||
<Response Ds_Version="0.0">
|
||||
<Ds_Response_Merchant></Ds_Response_Merchant>
|
||||
</Response>
|
||||
<Signature></Signature>
|
||||
</Message>
|
|
@ -1,40 +0,0 @@
|
|||
<!ELEMENT Message (Request, Signature)>
|
||||
|
||||
<!ELEMENT Request (
|
||||
Fecha,
|
||||
Hora,
|
||||
Ds_SecurePayment,
|
||||
Ds_Amount,
|
||||
Ds_Currency,
|
||||
Ds_Order,
|
||||
Ds_MerchantCode,
|
||||
Ds_Terminal,
|
||||
Ds_Response,
|
||||
Ds_MerchantData?,
|
||||
Ds_Card_Type?,
|
||||
Ds_TransactionType,
|
||||
Ds_ConsumerLanguage,
|
||||
Ds_ErrorCode?,
|
||||
Ds_CardCountry?,
|
||||
Ds_AuthorisationCode?
|
||||
)>
|
||||
|
||||
<!ATTLIST Request Ds_Version CDATA #REQUIRED>
|
||||
<!ELEMENT Fecha (#PCDATA)>
|
||||
<!ELEMENT Hora (#PCDATA)>
|
||||
<!ELEMENT Ds_SecurePayment (#PCDATA)>
|
||||
<!ELEMENT Ds_Amount (#PCDATA)>
|
||||
<!ELEMENT Ds_Currency (#PCDATA)>
|
||||
<!ELEMENT Ds_Order (#PCDATA)>
|
||||
<!ELEMENT Ds_MerchantCode (#PCDATA)>
|
||||
<!ELEMENT Ds_Terminal (#PCDATA)>
|
||||
<!ELEMENT Ds_Response (#PCDATA)>
|
||||
<!ELEMENT Ds_MerchantData (#PCDATA)>
|
||||
<!ELEMENT Ds_Card_Type (#PCDATA)>
|
||||
<!ELEMENT Ds_TransactionType (#PCDATA)>
|
||||
<!ELEMENT Ds_ConsumerLanguage (#PCDATA)>
|
||||
<!ELEMENT Ds_ErrorCode (#PCDATA)>
|
||||
<!ELEMENT Ds_CardCountry (#PCDATA)>
|
||||
<!ELEMENT Ds_AuthorisationCode (#PCDATA)>
|
||||
<!ELEMENT Signature (#PCDATA)>
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
<Message>
|
||||
<Request Ds_Version='0.0'>
|
||||
<Fecha>21/10/2014</Fecha>
|
||||
<Hora>17:56</Hora>
|
||||
<Ds_SecurePayment>1</Ds_SecurePayment>
|
||||
<DS_Card_Type>D</DS_Card_Type>
|
||||
<Ds_Card_Country>724</Ds_Card_Country>
|
||||
<Ds_Amount>1</Ds_Amount>
|
||||
<Ds_Currency>978</Ds_Currency>
|
||||
<Ds_Order>000000007216</Ds_Order>
|
||||
<Ds_MerchantCode>329744999</Ds_MerchantCode>
|
||||
<Ds_Terminal>001</Ds_Terminal>
|
||||
<Ds_Response>0000</Ds_Response>
|
||||
<Ds_MerchantData></Ds_MerchantData>
|
||||
<Ds_TransactionType>0</Ds_TransactionType>
|
||||
<Ds_ConsumerLanguage>1</Ds_ConsumerLanguage>
|
||||
<Ds_AuthorisationCode>563451</Ds_AuthorisationCode>
|
||||
</Request>
|
||||
<Signature>b97d1aba50aac5efc0915f59a70e24fc94cb3ffe</Signature>
|
||||
</Message>
|
|
@ -1,56 +0,0 @@
|
|||
<?php
|
||||
|
||||
if (isset($_POST['key'])) {
|
||||
ini_set('soap.wsdl_cache_enabled', FALSE);
|
||||
|
||||
$requestString = file_get_contents(__DIR__.'/soap-request.xml');
|
||||
|
||||
$client = new SoapClient(__DIR__.'/soap.wsdl');
|
||||
$result = $client->__soapCall('procesaNotificacionSIS', [
|
||||
'XML' => $requestString
|
||||
]);
|
||||
|
||||
$xml = new SimpleXMLElement($result);
|
||||
|
||||
$key = $_POST['key'];
|
||||
|
||||
$start = strpos($result, '<Response');
|
||||
$end = strrpos($result, '</Response>');
|
||||
$shaString = substr($result, $start, $end - $start + 11);
|
||||
$shaHash = sha1($shaString.$key);
|
||||
|
||||
$isValid = $xml->{'Signature'} == $shaHash;
|
||||
} else {
|
||||
$key = '';
|
||||
$result = '';
|
||||
$shaHash = '';
|
||||
$isValid = FALSE;
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
<title>
|
||||
TPV SOAP Client
|
||||
</title>
|
||||
</head>
|
||||
<body>
|
||||
<form action="?" method="post">
|
||||
<label>Key:</label>
|
||||
<input type="password" value="<?=$key?>" name="key"/>
|
||||
<input type="submit"/>
|
||||
</form>
|
||||
<h2>Response</h2>
|
||||
<p>
|
||||
<pre><?=htmlentities($result)?></pre>
|
||||
</p>
|
||||
<h2>Signature</h2>
|
||||
<p>
|
||||
Calculated: <?=$shaHash?>
|
||||
</p>
|
||||
<p>
|
||||
Valid: <input type="checkbox" <?=($isValid ? 'checked' : '')?>/>
|
||||
</p>
|
||||
</body>
|
||||
</html>
|
|
@ -1,51 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<definitions name="InotificacionSIS"
|
||||
targetNamespace="https://sis.sermepa.es/sis/InotificacionSIS.wsdl"
|
||||
xmlns:xs="http://www.w3.org/2001/XMLSchema"
|
||||
xmlns:tns="https://sis.sermepa.es/sis/InotificacionSIS.wsdl"
|
||||
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
|
||||
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
|
||||
xmlns="http://schemas.xmlsoap.org/wsdl/">
|
||||
|
||||
<message name="procesaNotificacionSISRequest">
|
||||
<part name="XML" type="xs:string"/>
|
||||
</message>
|
||||
|
||||
<message name="procesaNotificacionSISResponse">
|
||||
<part name="return" type="xs:string"/>
|
||||
</message>
|
||||
|
||||
<portType name="InotificacionSISPortType">
|
||||
<operation name="procesaNotificacionSIS">
|
||||
<input message="tns:procesaNotificacionSISRequest"/>
|
||||
<output message="tns:procesaNotificacionSISResponse"/>
|
||||
</operation>
|
||||
</portType>
|
||||
|
||||
<binding name="InotificacionSISBinding" type="tns:InotificacionSISPortType">
|
||||
<soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
|
||||
<operation name="procesaNotificacionSIS">
|
||||
<soap:operation
|
||||
soapAction="urn:InotificacionSIS#procesaNotificacionSIS" style="rpc"/>
|
||||
<input>
|
||||
<soap:body use="encoded"
|
||||
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
|
||||
namespace="InotificacionSIS"/>
|
||||
</input>
|
||||
<output>
|
||||
<soap:body use="encoded"
|
||||
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
|
||||
namespace="InotificacionSIS"/>
|
||||
</output>
|
||||
</operation>
|
||||
</binding>
|
||||
|
||||
<service name="InotificacionSISService">
|
||||
<port name="InotificacionSIS" binding="tns:InotificacionSISBinding">
|
||||
<soap:address
|
||||
location="http://localhost/~juan/hedera-web/tpv/soap.php"/>
|
||||
</port>
|
||||
</service>
|
||||
|
||||
</definitions>
|
|
@ -1,33 +0,0 @@
|
|||
<?php
|
||||
|
||||
class Tpv {
|
||||
/**
|
||||
* Tryes to confirm a transaction with the given params.
|
||||
*/
|
||||
static function confirm($db, $params) {
|
||||
if (!(isset($params['Ds_Amount'])
|
||||
&& isset($params['Ds_Order'])
|
||||
&& isset($params['Ds_MerchantCode'])
|
||||
&& isset($params['Ds_Currency'])
|
||||
&& isset($params['Ds_Response'])))
|
||||
return FALSE;
|
||||
|
||||
if (isset($params['Ds_ErrorCode']))
|
||||
$error = $params['Ds_ErrorCode'];
|
||||
else
|
||||
$error = NULL;
|
||||
|
||||
return $db->query(
|
||||
'CALL tpvTransaction_confirm(#, #, #, #, #, #)',
|
||||
[
|
||||
$params['Ds_Amount']
|
||||
,$params['Ds_Order']
|
||||
,$params['Ds_MerchantCode']
|
||||
,$params['Ds_Currency']
|
||||
,$params['Ds_Response']
|
||||
,$error
|
||||
]
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,67 +0,0 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Starts a new TPV transaction and returns the params.
|
||||
*/
|
||||
class Transaction extends Vn\Web\JsonRequest {
|
||||
const PARAMS = ['amount'];
|
||||
|
||||
function run($db) {
|
||||
$amount = (int) $_REQUEST['amount'];
|
||||
$companyId = empty($_REQUEST['company']) ? NULL : $_REQUEST['company'];
|
||||
|
||||
$row = $db->getObject('CALL myTpvTransaction_start(#, #)',
|
||||
[$amount, $companyId]);
|
||||
|
||||
if (!isset($row))
|
||||
throw new Exception('Transaction error');
|
||||
|
||||
$transactionId = str_pad($row->transactionId, 12, '0', STR_PAD_LEFT);
|
||||
$merchantUrl = $row->merchantUrl ? $row->merchantUrl : '';
|
||||
$urlOk = empty($_REQUEST['urlOk']) ? '' :
|
||||
str_replace('_transactionId_', $transactionId, $_REQUEST['urlOk']);
|
||||
$urlKo = empty($_REQUEST['urlKo']) ? '' :
|
||||
str_replace('_transactionId_', $transactionId, $_REQUEST['urlKo']);
|
||||
|
||||
$params = [
|
||||
'Ds_Merchant_Amount' => $amount
|
||||
,'Ds_Merchant_Order' => $transactionId
|
||||
,'Ds_Merchant_MerchantCode' => $row->merchant
|
||||
,'Ds_Merchant_Currency' => $row->currency
|
||||
,'Ds_Merchant_TransactionType' => $row->transactionType
|
||||
,'Ds_Merchant_Terminal' => $row->terminal
|
||||
,'Ds_Merchant_MerchantURL' => $merchantUrl
|
||||
,'Ds_Merchant_UrlOK' => $urlOk
|
||||
,'Ds_Merchant_UrlKO' => $urlKo
|
||||
];
|
||||
|
||||
$encodedParams = base64_encode(json_encode($params));
|
||||
|
||||
$key = base64_decode($row->secretKey);
|
||||
|
||||
$bytes = [0, 0, 0, 0, 0, 0, 0, 0];
|
||||
$iv = implode(array_map('chr', $bytes));
|
||||
|
||||
$paddedData = $transactionId;
|
||||
if (strlen($paddedData) % 8) {
|
||||
$paddedData = str_pad($paddedData,
|
||||
strlen($paddedData) + 8 - strlen($paddedData) % 8, "\0");
|
||||
}
|
||||
|
||||
$encryptedData = openssl_encrypt($paddedData,
|
||||
'des-ede3-cbc', $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING , $iv);
|
||||
$signature = base64_encode(hash_hmac('sha256', $encodedParams, $encryptedData, TRUE));
|
||||
|
||||
$url = $row->url;
|
||||
$postValues = [
|
||||
'Ds_SignatureVersion' => 'HMAC_SHA256_V1'
|
||||
,'Ds_MerchantParameters' => $encodedParams
|
||||
,'Ds_Signature' => $signature
|
||||
];
|
||||
|
||||
return [
|
||||
'url' => $url
|
||||
,'postValues' => $postValues
|
||||
];
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue