Permalink
Browse files

Fixed code for Signature Creation and Validation

  • Loading branch information...
1 parent cad473d commit 41732f3e997649da9c2f203920dc7b7b1d921af0 @manojumate manojumate committed Nov 17, 2014
Showing with 41 additions and 23 deletions.
  1. +32 −19 gocoin-callback.php
  2. +1 −1 gocoin-checkout.php
  3. +4 −3 gocoin-util.php
  4. +4 −0 history.md
View
@@ -1,21 +1,22 @@
<?php
/**
* PHP functions to process gocoin payment
-* Version: 0.3.0
+* Version: 0.3.1
*
*/
/**
* Get call back
-*/
+*/
if ( !defined('ABSPATH') ) {
require_once('../../../wp-load.php' );
}
require_once('gocoin-util.php');
- function gocoin_callback() {
+ function gocoin_callback() {
+
global $woocommerce;
$gateways = $woocommerce->payment_gateways->payment_gateways();
@@ -24,41 +25,57 @@ function gocoin_callback() {
if (!isset($gateways['gocoin'])) {
return;
}
-
$gocoin = $gateways['gocoin'];
- $data = Util::postData();
-
- if (isset($data->error))
+ $gocoin_setting = isset($gocoin->settings) && is_array($gocoin->settings)?$gocoin->settings:array();
+
+ $key = isset($gocoin_setting['accessToken']) && !empty($gocoin_setting['accessToken'])?$gocoin_setting['accessToken']:'';
+ if(empty($key)){
+ return $logger->add('gocoin-callback', 'Api Key is blank');
+ }
+ $data = Util::postData();
+ if (isset($data->error)){
return $logger->add('gocoin-callback', $data->error);
+ }
else {
- $key = $gocoin -> settings -> accessToken;
+ // $key = $gocoin -> settings -> accessToken;
$event_id = $data -> id;
$event = $data -> event;
$invoice = $data -> payload;
-
+ $payload_arr = get_object_vars($invoice) ;
+ ksort($payload_arr);
$signature = $invoice -> user_defined_8;
- $sig_comp = Util::sign($invoice, $key);
+
+ $sig_comp = Util::sign($payload_arr, $key);
$status = $invoice -> status;
- $order_id = (int) $invoice -> order_id;
+ $order_id = (int) $invoice -> order_id;
$order = WC_Order_Factory::get_order($order_id);
-
+
if (!$order) {
$msg = "Order with id: " . $order_id . " was not found. Event ID: " . $event_id;
return $logger->add('gocoin-callback', $msg);
}
// Check that if a signature exists, it is valid
if (isset($signature) && ($signature != $sig_comp)) {
- $msg = "Signature : " . $signature . "does not match for Order: " . $order_id;
+ $msg = "Signature : " . $signature . "does not match for Order: " . $order_id ."$sig_comp | $signature ";
}
- else {
+ elseif (empty($signature) || empty($sig_comp) ) {
+ $msg = "Signature is blank for Order: " . $order_id;
+ }
+ elseif($signature == $sig_comp) {
+
+
switch($event) {
case 'invoice_created':
break;
case 'invoice_payment_received':
switch ($status) {
+ case 'ready_to_ship':
+ $msg = 'Order ' . $order_id .' is paid and awaiting payment confirmation on blockchain.';
+ $order->update_status('on-hold', __($msg, 'woothemes'));
+ break;
case 'paid':
$msg = 'Order ' . $order_id .' is paid and awaiting payment confirmation on blockchain.';
$order->update_status('on-hold', __($msg, 'woothemes'));
@@ -98,8 +115,4 @@ function gocoin_callback() {
}
-
-
-
- gocoin_callback();
-
+ gocoin_callback();
View
@@ -3,7 +3,7 @@
* Plugin Name: Official GoCoin WooCommerce Plugin
* Plugin URI: http://www.gocoin.com
* Description: This plugin adds the GoCoin Payment Gateway to your WooCommerce Shopping Cart. WooCommerce is required.
- * Version: 0.3.0
+ * Version: 0.3.1
* Author: GoCoin
*/
View
@@ -6,7 +6,8 @@
class Util
{
public function sign($data, $key){
- $include = array('price_currency','base_price','base_price_currency','order_id','customer_name');
+ // $include = array('price_currency','base_price','base_price_currency','order_id','customer_name');
+ $include = array('base_price','base_price_currency','order_id','customer_name');
// $data must be an array
if(is_array($data)) {
@@ -24,10 +25,10 @@ public function sign($data, $key){
//Strip trailing '&' and lowercase
$msg = substr($querystring, 0, strlen($querystring) - 1);
- $msg = strtolower($query_str);
+ $msg = strtolower($msg);
// hash with key
- $hash = hash_hmac("sha256", $query_str, $key, true);
+ $hash = hash_hmac("sha256", $msg, $key, true);
$encoded = base64_encode($hash);
return $encoded;
}
View
@@ -1,5 +1,9 @@
## Changelog
+#### v0.3.1
+Modified Signature Creation and Validation
+
+
#### v0.3.0
Multi-Currency support
Improved logging

0 comments on commit 41732f3

Please sign in to comment.