AuthnetWebhook程序包签名密钥验证

时间:2018-12-28 10:36:50

标签: php laravel payment-gateway authorize.net authorize.net-webhooks

我从authorize.net商人界面获得了SIGNATURE_KEY。我正在使用AuthnetJson程序包。我是否必须将128个十六进制SIGNATURE_KEY转换为二进制?如果答案是肯定的,那我就这样做了,但是我的代码永远不会在($ webhook-> isValid()){//代码永远不会执行execute}内执行。我在做什么错了?

$webhook = new AuthnetWebhook('services.authorize.signature', $payload);
    if ($webhook->isValid()) {
        // Get the transaction ID
        $transactionId = $webhook->payload->id;

        // Here you can get more information about the transaction
        $request  = AuthnetApiFactory::getJsonApiHandler('services.authorize.login', 'services.authorize.key');
        $response = $request->getTransactionDetailsRequest(array(
            'transId' => $transactionId
        ));
        $user = User::find(1);
        $user->notify( new PasswordResetSuccess($response));
        /* You can put these response values in the database or whatever your business logic dictates.
        $response->transaction->transactionType
        $response->transaction->transactionStatus
        $response->transaction->authCode
        $response->transaction->AVSResponse
        */
    }

编辑:

<?php

namespace App\Http\Controllers\Api\Anet;

use Illuminate\Http\Request;
use net\authorize\api\contract\v1 as AnetAPI;
use net\authorize\api\controller as AnetController;
use App\Http\Controllers\Controller;
use JohnConde\Authnet\AuthnetWebhook;
use App\Notifications\PasswordResetSuccess;
use App\Models\User;
use Log;
use \stdClass;
use App\Models\Anet;
class WebhookController extends Controller
{
    public function webhook(Request $request){

        $headers = getallheaders();
        $payloadraw = file_get_contents("php://input");
        $payloadEncoded = json_encode($payloadraw);
        $payloadDecoded = json_decode($payloadraw);
        $type = gettype($payloadraw);

        $webhook = new AuthnetWebhook('xxxxx8EF4B4186A3BC745B70637EA1Fxx091E1DD0706BF9A9D721982B882BE54192BD1BBCEAFC0415DF06E6xxxxxxxxx',$payloadEncoded, $headers);
        if ($webhook->isValid()) {
            // Get the transaction ID
            $transactionId = $webhook->payload->id;

            // Here you can get more information about the transaction
            $request  = AuthnetApiFactory::getJsonApiHandler('AUTHNET_LOGIN','AUTHNET_TRANSKEY');
            $response = $request->getTransactionDetailsRequest(array('transId' => $transactionId));

            $anet = new Anet();
            $anet->notification = $payloadraw ;
            $anet->payload = $payloadDecoded ;
            $anet->type = $type ;
            $anet->transaction_type = $response->transaction->transactionType;
            $anet->transactions_status = $response->transaction->transactionStatus;
            $anet->auth_code = $response->transaction->authCode;
            $anet->avs_response = $response->transaction->AVSResponse; 
            $anet->save();  
        }else{
            $anet = new Anet();
            $anet->notification = $payloadEncoded ;
            $anet->payload = $payloadDecoded ;
            $anet->type = $type ;
            $anet->transactions_status = '401';
            $anet->save();  
        }

    }   
}

2 个答案:

答案 0 :(得分:1)

您不需要将其转换为二进制。在Authorize.Net界面中显示的值就是在代码中应使用的值:

示例:

config.inc.php

或者,如果您使用库中的defined('AUTHNET_SIGNATURE') || define('AUTHNET_SIGNATURE', '14FE4A2385812E980CCF97D177F17863CE214D1BE6CE8E1E894487AACF3609C1A5FE1752CB4A002C634B84E397DC8A218E1A160BA7CAB7CBE4C05B35E9CBB05E'); 配置文件:

$webhook = new AuthnetWebhook(AUTHNET_SIGNATURE, $payload);

以及您的代码中

    DispatchQueue.main.async {
        let vcEvent = UIStoryboard(name: "Detail", bundle: nil).instantiateViewController(withIdentifier: "eventDetail") as! EventDetailVC

        vc.viewDetail?.addSubview(vcEvent.view)

        vc.cover?.image = DataManager.shared.arrayImage[indexPath.row]

        self.view.frame = (vc.viewDetail?.bounds)!

        DataManager.shared.cover = DataManager.shared.arrayImage[indexPath.row]

        //DataManager.shared.cover = DataManager.shared.arrayImage[indexPath.row]
    }

    present(vc, animated: true) {
        //NOPE
    }

答案 1 :(得分:0)

在没有引用其余逻辑的情况下,if语句评估为不真实的原因是您正在对已经为json的json数据进行编码。调用getallheaders()时,内容类型已定义为json。因此,将其替换:

    $headers = getallheaders();
    $payloadraw = file_get_contents("php://input");
    $payloadEncoded = json_encode($payloadraw);
    $payloadDecoded = json_decode($payloadraw);
    $type = gettype($payloadraw);

与此:

    $headers = getallheaders();
    $payload = file_get_contents("php://input");

这:

  $webhook = new AuthnetWebhook($signature,$payload, $headers);
    if ($webhook->isValid()) {
      //logic goes here      
     }

评估为true,将执行条件中包含的任何有效逻辑。我建议在添加其他逻辑之前测试上述代码以验证它是否有效。您可以创建一个简单的日志文件,如下所示:

$dump = print_r($payload,true);
$fp = file_put_contents( '

test.log', $dump );

如果在传递单个Webhook之后目录中有一个名为test.log的文件,则说明您有一个基准。如果其余if语句中的逻辑无效,则可能会破坏整个过程。

要回答已经正确回答的第一个问题,请不要将签名密钥转换为二进制。因此,以上代码中的$signature是签名密钥,完全是授权给您的。

相关问题
最新问题