fix validation process

yowaiOtoko · Mar 27, 2014 · 21732fe · 21732fe
1 parent 12098e5
commit 21732fe
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 13 deletions.
diff --git a/DependencyInjection/LexikPayboxExtension.php b/DependencyInjection/LexikPayboxExtension.php
@@ -39,7 +39,14 @@ public function load(array $configs, ContainerBuilder $container)
                     'The "pbx_retour" option must be set for validation_by "pbx_retour"'
                 );
             }else{
-                $container->setParameter('lexik_paybox.pbx_retour', $config['parameters']['pbx_retour']);
+                // if PXB_REPONDRE_A is used the signature only sign parameter from PBX_RETOUR without 'Sign' parameter
+                $param_signed = explode(';', $config['parameters']['pbx_retour']);
+                $param_signed = array_map(function($param){
+                    return substr($param, 0, strpos($param, ':'));
+                }, $param_signed);
+                $param_signed = array_diff($param_signed, array(Paybox::SIGNATURE_PARAMETER));
+
+                $container->setParameter('lexik_paybox.pbx_retour', $param_signed);
             }
         }else{
             $container->setParameter('lexik_paybox.pbx_retour', null);

diff --git a/Paybox/System/Base/Response.php b/Paybox/System/Base/Response.php
@@ -53,7 +53,7 @@ class Response
     private $validationBy;
 
     /**
-     * @var string
+     * @var array
      */
     private $pbxRetour;
 
@@ -64,8 +64,10 @@ class Response
      * @param LoggerInterface          $logger
      * @param EventDispatcherInterface $dispatcher
      * @param string                   $publicKey
+     * @param string                   $validationBy
+     * @param array                    $pbxRetour
      */
-    public function __construct(HttpRequest $request, LoggerInterface $logger, EventDispatcherInterface $dispatcher, $publicKey, $validationBy, $pbxRetour)
+    public function __construct(HttpRequest $request, LoggerInterface $logger, EventDispatcherInterface $dispatcher, $publicKey, $validationBy, array $pbxRetour)
     {
         $this->request    = $request;
         $this->logger     = $logger;
@@ -125,7 +127,7 @@ protected function initData()
         foreach ($this->getRequestParameters() as $key => $value) {
             $this->logger->info(sprintf('%s=%s', $key, $value));
 
-            if (Paybox::SIGNATURE_PARAMETER !== $key) {
+            if (in_array($key, $this->pbxRetour)) {
                 $this->data[$key] = urlencode($value);
             }
         }
@@ -143,18 +145,11 @@ public function verifySignature()
         $this->initData();
         $this->initSignature();
 
-        $file = fopen($this->publicKey, 'r');
-        $cert = fread($file, 8192);
-        fclose($file);
-
+        $cert = file_get_contents($this->publicKey);
         $publicKey = openssl_get_publickey($cert);
 
-        $data = 'url_ipn' == $this->validationBy ?
-                Paybox::stringify($this->data) :
-                $this->pbxRetour;
-
         $result = openssl_verify(
-            $data,
+            Paybox::stringify($this->data),
             $this->signature,
             $publicKey
         );