Minimal upgrade to CSOB eAPI 1.9

composer.json

@@ -14,6 +14,10 @@
   "homepage": "https://github.com/bileto/omnipay-csob",
   "license": "MIT",
   "authors": [
+    {
+      "name": "Josef Petrák",
+      "email": "josef@petrak.xyz"
+    },
     {
       "name": "Michal Sänger",
       "email": "michal.sanger@bileto.com"
@@ -27,6 +31,8 @@
     "psr-4": { "Omnipay\\Csob\\" : "src/" }
   },
   "require": {
+    "ext-json": "*",
+    "ext-openssl": "*",
     "omnipay/common": "2.5.*"
   },
   "require-dev": {

src/Gateway.php

@@ -20,8 +20,8 @@
  */
 class Gateway extends AbstractGateway
 {
-    const URL_SANDBOX = 'https://iapi.iplatebnibrana.csob.cz/api/v1.6';
-    const URL_PRODUCTION = 'https://api.platebnibrana.csob.cz/api/v1.6';
+    const URL_SANDBOX = 'https://iapi.iplatebnibrana.csob.cz/api/v1.9';
+    const URL_PRODUCTION = 'https://api.platebnibrana.csob.cz/api/v1.9';
 
     /** @var DataSignator */
     private $signator;

src/GatewayFactory.php

@@ -25,7 +25,7 @@ public static function createInstance($publicKey, $privateKey, $privateKeyPasswo
         $dataSignator = new DataSignator($preparer, $signator);
         $dataVerifier = new DataVerifier($preparer, $verifier);
 
-        /** @var \Omnipay\Csob\Gateway $gateway */
+        /** @var Gateway $gateway */
         $gateway = Omnipay::create('Csob');
         $gateway->setSignator($dataSignator);
         $gateway->setVerifier($dataVerifier);

src/Message/InitPaymentRequest.php

@@ -7,7 +7,6 @@
 
 class InitPaymentRequest extends AbstractRequest
 {
-
     public function setMerchantId($value)
     {
         $this->setParameter('merchantId', $value);
@@ -68,9 +67,14 @@ public function setCart(array $value)
         $this->setParameter('cart', $value);
     }
 
-    public function setDescription($value)
+    public function setCustomer($value)
+    {
+        $this->setParameter('customer', $value);
+    }
+
+    public function setOrder($value)
     {
-        $this->setParameter('description', $value);
+        $this->setParameter('order', $value);
     }
 
     public function setMerchantData($value)
@@ -88,6 +92,36 @@ public function setLanguage($value)
         $this->setParameter('language', $value);
     }
 
+    public function setTtlSec($value)
+    {
+        $this->setParameter('ttlSec', $value);
+    }
+
+    public function setLogoVersion($value)
+    {
+        $this->setParameter('logoVersion', $value);
+    }
+
+    public function setColorSchemeVersion($value)
+    {
+        $this->setParameter('colorSchemeVersion', $value);
+    }
+
+    public function setCustomExpiry($value)
+    {
+        $this->setParameter('customExpiry', $value);
+    }
+
+    // FIXME Remove
+
+    /**
+     * @deprecated
+     */
+    public function setDescription($value)
+    {
+        //FIXME Disabled as deprecated $this->setParameter('description', $value);
+    }
+
     /**
      * Get the raw data array for this message. The format of this varies from gateway to
      * gateway, but will usually be either an associative array, or a SimpleXMLElement.
@@ -104,9 +138,28 @@ public function getData()
     private function signData($data)
     {
         $arrayKeys = [
-            'merchantId', 'orderNo', 'dttm', 'payOperation', 'payMethod', 'totalAmount', 'currency', 'closePayment', 'returnUrl',
-            'returnMethod', 'cart', 'description', 'merchantData', 'customerId', 'language'
+            'merchantId',
+            'orderNo',
+            'dttm',
+            'payOperation',
+            'payMethod',
+            'totalAmount',
+            'currency',
+            'closePayment',
+            'returnUrl',
+            'returnMethod',
+            'cart',
+            'customer',
+            'order',
+            'merchantData',
+            'customerId',
+            'language',
+            'ttlSec',
+            'logoVersion',
+            'colorSchemeVersion',
+            'customExpiry',
         ];
+
         return $this->getSignator()->sign($data, $arrayKeys);
     }
 
@@ -119,19 +172,29 @@ private function signData($data)
     public function sendData($data)
     {
         $apiUrl = $this->getApiUrl() . '/payment/init';
+        $stringBody = json_encode($data);
         $httpRequest = $this->httpClient->createRequest(
             RequestInterface::POST,
             $apiUrl,
             ['Content-Type' => 'application/json'],
-            json_encode($data)
+            $stringBody
         );
 
+        print_r($httpRequest->getRawHeaders());
+        print_r($stringBody);
+
         $httpResponse = $httpRequest->send();
-        $data = $httpResponse->json();
-        $response = new PaymentResponse($this, $data);
-        $response->setVerifier($this->getVerifier());
 
-        return $this->response = $response;
-    }
+        try {
+            $data = $httpResponse->json();
+            $response = new PaymentResponse($this, $data);
+            $response->setVerifier($this->getVerifier());
+
+            return $this->response = $response;
+        } catch (\Exception $e) {
+            print_r($httpResponse->getBody(true));
 
+            throw $e;
+        }
+    }
 }

src/Message/ProcessPaymentResponse.php

@@ -20,26 +20,24 @@ function __construct(RequestInterface $request, $redirectUrl)
 
     /**
      * Is the response successful?
-     *
-     * @return boolean
      */
-    public function isSuccessful()
+    public function isSuccessful(): bool
     {
         return false;
     }
 
     /**
      * Gets the redirect target url.
      */
-    public function getRedirectUrl()
+    public function getRedirectUrl(): string
     {
         return $this->redirectUrl;
     }
 
     /**
      * Get the required redirect method (either GET or POST).
      */
-    public function getRedirectMethod()
+    public function getRedirectMethod(): string
     {
         return GuzzleRequestInterface::GET;
     }
@@ -52,10 +50,8 @@ public function getRedirectData()
         return;
     }
 
-    public function isRedirect()
+    public function isRedirect(): bool
     {
         return true;
     }
-
-
-}
+}

src/Purchase.php

@@ -16,10 +16,10 @@ class Purchase
     const CURRENCY_HUF = 'HUF';
     const CURRENCY_PLN = 'PLN';
 
-    const LANG_CZ = 'CZ';
-    const LANG_EN = 'EN';
-    const LANG_DE = 'DE';
-    const LANG_SK = 'SK';
+    const LANG_CS = 'cs';
+    const LANG_EN = 'en';
+    const LANG_DE = 'de';
+    const LANG_SK = 'sk';
 
     const PAY_OPERATION_PAYMENT = 'payment';
     const PAY_METHOD_CARD = 'card';
@@ -112,6 +112,12 @@ class Purchase
      */
     private $cart = [];
 
+    /** @var array<mixed> */
+    private $customer = [];
+
+    /** @var array<mixed> */
+    private $order = [];
+
     /**
      * Brief description of the purchase for 3DS page:
      * In case of customer verification on the issuing bank’s side, the
@@ -149,7 +155,7 @@ class Purchase
      *
      * @var string
      */
-    private $language = self::LANG_CZ;
+    private $language = self::LANG_CS;
 
     /**
      * @param string $merchantId
@@ -255,6 +261,16 @@ public function setCart(array $cartItems)
         }
     }
 
+    public function setCustomer(array $customer)
+    {
+        $this->customer = $customer;
+    }
+
+    public function setOrder(array $order)
+    {
+        $this->order = $order;
+    }
+
     /**
      * In version v1, at least 1 item (e.g. “credit charge”) and at most 2 items
      * must be in the cart (e.g. “purchase for my shop” and “shipment costs”).
@@ -271,6 +287,8 @@ public function addCartItem(CartItem $cartItem)
 
     /**
      * @param string $description
+     *
+     * @deprecated
      */
     public function setDescription($description)
     {
@@ -438,10 +456,16 @@ public function toArray()
             "returnUrl" => (string)$this->getReturnUrl(),
             "returnMethod" => (string)$this->getReturnMethod(),
             "cart" => [],
-            "description" => (string)$this->getDescription(),
+            "customer" => $this->customer,
+            "order" => $this->order,
             "merchantData" => (string)$this->getMerchantData(),
             "customerId" => (string)$this->getCustomerId(),
             "language" => (string)$this->getLanguage(),
+            "ttlSec" => null,
+            "logoVersion" => null,
+            "colorSchemeVersion" => null,
+            "customExpiry" => null,
+            // FIXME Deprecate "description" => (string)$this->getDescription(),
         ];
 
         /** @var CartItem $cartItem */

src/Sign/Signator.php

@@ -27,7 +27,7 @@ function __construct($privateKey, $privateKeyPassword = null)
     public function sign($text) {
         $privateKeyId = openssl_get_privatekey($this->privateKey, $this->privateKeyPassword);
 
-        openssl_sign($text, $signature, $privateKeyId);
+        openssl_sign($text, $signature, $privateKeyId, OPENSSL_ALGO_SHA256);
         $signature = base64_encode($signature);
         openssl_free_key($privateKeyId);
 

src/Sign/Verifier.php

@@ -24,7 +24,7 @@ function verify($text, $signatureBase64) {
         $publicKeyId = openssl_get_publickey($this->publicKey);
 
         $signature = base64_decode($signatureBase64);
-        $res = openssl_verify($text, $signature, $publicKeyId);
+        $res = openssl_verify($text, $signature, $publicKeyId, OPENSSL_ALGO_SHA256);
         openssl_free_key($publicKeyId);
 
         return $res === 1;