Merge pull request #1 from PatronBase/webservice-support

Add support for Webservice gateway

Author: dp-roberts

README.md

@@ -11,7 +11,8 @@
 
 
 [Omnipay](https://github.com/thephpleague/omnipay) is a framework agnostic, multi-gateway payment
-processing library for PHP 5.3+. This package implements Redsys support for Omnipay.
+processing library for PHP 5.3+. This package implements Redsys support for Omnipay. It includes
+support for both redirect (3-party) and webservice (2-party) versions of the gateway.
 
 ## Installation
 
@@ -35,7 +36,8 @@ And run composer to update your dependencies:
 
 The following gateways are provided by this package:
 
-* Redsys
+* Redsys_Redirect
+* Redsys_Webservice
 
 For general usage instructions, please see the main [Omnipay](https://github.com/thephpleague/omnipay)
 repository.

composer.json

@@ -9,7 +9,12 @@
         "pay",
         "payment",
         "redsys",
-        "servired"
+        "servired",
+        "sermepa",
+        "redirect",
+        "webservice",
+        "web service",
+        "soap"
     ],
     "homepage": "https://github.com/PatronBase/omnipay-redsys",
     "license": "MIT",
@@ -36,7 +41,7 @@
     },
     "extra": {
         "branch-alias": {
-            "dev-master": "2.0.x-dev"
+            "dev-master": "2.1.x-dev"
         }
     }
 }

phpunit.xml.dist

@@ -9,6 +9,9 @@
          processIsolation="false"
          stopOnFailure="false"
          syntaxCheck="false">
+    <php>
+        <ini name="date.timezone" value="UTC" />
+    </php>
     <testsuites>
         <testsuite name="Omnipay Test Suite">
             <directory>./tests/</directory>

src/Message/CompletePurchaseResponse.php

@@ -2,6 +2,7 @@
 
 namespace Omnipay\Redsys\Message;
 
+use Omnipay\Common\Message\AbstractResponse;
 use Omnipay\Common\Message\RequestInterface;
 use Omnipay\Common\Exception\InvalidResponseException;
 
@@ -31,10 +32,12 @@ public function __construct(RequestInterface $request, $data)
     {
         parent::__construct($request, $data);
 
+        $security = new Security;
+
         if (!empty($data['Ds_MerchantParameters'])) {
-            $this->merchantParameters = $this->decodeMerchantParameters($data['Ds_MerchantParameters']);
+            $this->merchantParameters = $security->decodeMerchantParameters($data['Ds_MerchantParameters']);
         } elseif (!empty($data['DS_MERCHANTPARAMETERS'])) {
-            $this->merchantParameters = $this->decodeMerchantParameters($data['DS_MERCHANTPARAMETERS']);
+            $this->merchantParameters = $security->decodeMerchantParameters($data['DS_MERCHANTPARAMETERS']);
             $this->usingUpcaseResponse = true;
         } else {
             throw new InvalidResponseException('Invalid response from payment gateway (no data)');
@@ -49,10 +52,10 @@ public function __construct(RequestInterface $request, $data)
             throw new InvalidResponseException();
         }
 
-        $this->returnSignature = $this->createReturnSignature(
+        $this->returnSignature = $security->createReturnSignature(
             $data[$this->usingUpcaseResponse ? 'DS_MERCHANTPARAMETERS' : 'Ds_MerchantParameters'],
             $order,
-            base64_decode($this->request->getHmacKey())
+            $this->request->getHmacKey()
         );
 
         if ($this->returnSignature != $data[$this->usingUpcaseResponse ? 'DS_SIGNATURE' : 'Ds_Signature']) {

src/Message/PurchaseRequest.php

@@ -160,7 +160,21 @@ public function getData()
 
     public function sendData($data)
     {
-        return $this->response = new PurchaseResponse($this, $data);
+        $security = new Security;
+
+        $encoded_data = $security->encodeMerchantParameters($data);
+
+        $response_data = array(
+            'Ds_SignatureVersion'   => Security::VERSION,
+            'Ds_MerchantParameters' => $encoded_data,
+            'Ds_Signature'          => $security->createSignature(
+                $encoded_data,
+                $data['Ds_Merchant_Order'],
+                $this->getHmacKey()
+            ),
+        );
+
+        return $this->response = new PurchaseResponse($this, $response_data);
     }
 
     public function getEndpoint()

src/Message/PurchaseResponse.php

@@ -2,15 +2,13 @@
 
 namespace Omnipay\Redsys\Message;
 
-use Omnipay\Common\Message\RedirectResponseInterface;
+use Omnipay\Common\Message\AbstractResponse;
 
 /**
  * Redsys Purchase Response
  */
-class PurchaseResponse extends AbstractResponse implements RedirectResponseInterface
+class PurchaseResponse extends AbstractResponse
 {
-    protected $version = 'HMAC_SHA256_V1';
-
     public function isSuccessful()
     {
         return false;
@@ -33,15 +31,6 @@ public function getRedirectMethod()
 
     public function getRedirectData()
     {
-        $redirect_data = array();
-        $redirect_data['Ds_SignatureVersion'] = $this->version;
-        $redirect_data['Ds_MerchantParameters'] = $this->encodeMerchantParameters($this->data);
-        $redirect_data['Ds_Signature'] = $this->createSignature(
-            $redirect_data['Ds_MerchantParameters'],
-            $this->data['Ds_Merchant_Order'],
-            base64_decode($this->request->getHmacKey())
-        );
-
-        return $redirect_data;
+        return $this->data;
     }
 }

src/Message/AbstractResponse.php renamed to src/Message/Security.php

@@ -2,25 +2,30 @@
 
 namespace Omnipay\Redsys\Message;
 
-use Omnipay\Common\Message\AbstractResponse as BaseAbstractResponse;
 use Omnipay\Common\Exception\RuntimeException;
 
 /**
- * Abstract Response
+ * Security
  *
- * This abstract class extends the base Omnipay AbstractResponse in order
- * to provide some common encoding and decoding functions.
+ * This class provides common encoding, decoding and signing functions.
+ * While all of this code could be called statically, it is left as a
+ * regular class in order to faciliate unit testing. If alternate
+ * encryption methods are provided later, the VERSION const can be
+ * switched to a constructor option (and validated against a whitelist).
  */
-abstract class AbstractResponse extends BaseAbstractResponse
+class Security
 {
+    /** @var string */
+    const VERSION = 'HMAC_SHA256_V1';
+
     /**
      * Encode merchant parameters
      *
      * @param array $data  The parameters to encode
      *
      * @return string Encoded data
      */
-    protected function encodeMerchantParameters($data)
+    public function encodeMerchantParameters($data)
     {
         return base64_encode(json_encode($data));
     }
@@ -32,28 +37,27 @@ protected function encodeMerchantParameters($data)
      *
      * @return array Decoded data
      */
-    protected function decodeMerchantParameters($data)
+    public function decodeMerchantParameters($data)
     {
         return (array)json_decode(base64_decode(strtr($data, '-_', '+/')));
     }
 
     /**
      * Encrypt message with given key and default IV
      *
-     * @todo function_exists() vs extension_loaded()?
-     *
      * @param string $message  The message to encrypt
-     * @param string $key      The key used to encrypt the message
+     * @param string $key      The base64-encoded key used to encrypt the message
      *
      * @return string Encrypted message
      *
      * @throws RuntimeException
      */
     protected function encryptMessage($message, $key)
     {
+        $key = base64_decode($key);
         $iv = implode(array_map('chr', array(0, 0, 0, 0, 0, 0, 0, 0)));
 
-        if (function_exists('mcrypt_encrypt')) {
+        if ($this->hasValidEncryptionMethod()) {
             $ciphertext = mcrypt_encrypt(MCRYPT_3DES, $key, $message, MCRYPT_MODE_CBC, $iv);
         } else {
             throw new RuntimeException('No valid encryption extension installed');
@@ -62,24 +66,43 @@ protected function encryptMessage($message, $key)
         return $ciphertext;
     }
 
+    /**
+     * Check if the system has a valid encryption method available
+     *
+     * @return bool
+     */
+    public function hasValidEncryptionMethod()
+    {
+        return extension_loaded('mcrypt') && function_exists('mcrypt_encrypt');
+    }
+
     /**
      * Create signature hash used to verify messages
      *
      * @todo Add if-check on algorithm to match against signature version as new param?
      *
      * @param string $message  The message to encrypt
      * @param string $salt     Unique salt used to generate the ciphertext
-     * @param string $key      The key used to encrypt the message
+     * @param string $key      The base64-encoded key used to encrypt the message
      *
      * @return string Generated signature
      */
-    protected function createSignature($message, $salt, $key)
+    public function createSignature($message, $salt, $key)
     {
         $ciphertext = $this->encryptMessage($salt, $key);
         return base64_encode(hash_hmac('sha256', $message, $ciphertext, true));
     }
 
-    protected function createReturnSignature($message, $salt, $key)
+    /**
+     * Create signature hash used to verify messages back for Redirect gateway
+     *
+     * @param string $message  The message to encrypt
+     * @param string $salt     Unique salt used to generate the ciphertext
+     * @param string $key      The base64-encoded key used to encrypt the message
+     *
+     * @return string Generated signature
+     */
+    public function createReturnSignature($message, $salt, $key)
     {
         return strtr($this->createSignature($message, $salt, $key), '+/', '-_');
     }

src/Message/WebservicePurchaseRequest.php

@@ -0,0 +1,122 @@
+<?php
+
+namespace Omnipay\Redsys\Message;
+
+use Exception;
+use SimpleXMLElement;
+
+/**
+ * Redsys Webservice Purchase Request
+ */
+class WebservicePurchaseRequest extends PurchaseRequest
+{
+    /** @var string */
+    protected $liveEndpoint = "https://sis.redsys.es/sis/services/SerClsWSEntrada";
+    /** @var string */
+    protected $testEndpoint = "https://sis-t.redsys.es:25443/sis/services/SerClsWSEntrada";
+ 
+    public function getData()
+    {
+        $this->validate('merchantId', 'terminalId', 'amount', 'currency', 'card');
+        $card = $this->getCard();
+        // test cards aparently don't validate
+        if (!$this->getTestMode()) {
+            $card->validate();
+        }
+
+        $data = array(
+            'DS_MERCHANT_AMOUNT'           => $this->getAmountInteger(),
+            'DS_MERCHANT_ORDER'            => $this->getTransactionId(),
+            'DS_MERCHANT_MERCHANTCODE'     => $this->getMerchantId(),
+            'DS_MERCHANT_CURRENCY'         => $this->getCurrencyNumeric(),  // uses ISO-4217 codes
+            'DS_MERCHANT_PAN'              => $card->getNumber(),
+            'DS_MERCHANT_CVV2'             => $card->getCvv(),
+            'DS_MERCHANT_TRANSACTIONTYPE'  => 'A',                          // 'Traditional payment'
+            'DS_MERCHANT_TERMINAL'         => $this->getTerminalId(),
+            'DS_MERCHANT_EXPIRYDATE'       => $card->getExpiryDate('ym'),
+            // undocumented fields
+            'DS_MERCHANT_MERCHANTDATA'     => $this->getMerchantData(),
+            'DS_MERCHANT_MERCHANTNAME'     => $this->getMerchantName(),
+            'DS_MERCHANT_CONSUMERLANGUAGE' => $this->getConsumerLanguage(),
+        );
+
+
+        $request = new SimpleXMLElement('<REQUEST/>');
+        $requestData = $request->addChild('DATOSENTRADA');
+        foreach ($data as $tag => $value) {
+            $requestData->addChild($tag, $value);
+        }
+
+        $security = new Security;
+
+        $request->addChild('DS_SIGNATUREVERSION', Security::VERSION);
+        $request->addChild('DS_SIGNATURE', $security->createSignature(
+            $requestData->asXML(),
+            $data['DS_MERCHANT_ORDER'],
+            $this->getHmacKey()
+        ));
+
+        // keep data as nested array for method signature compatibility
+        return array(
+            'DATOSENTRADA'        => $data,
+            'DS_SIGNATUREVERSION' => (string)$request->DS_SIGNATUREVERSION,
+            'DS_SIGNATURE'        => (string)$request->DS_SIGNATURE,
+        );
+    }
+
+    /**
+     * Send the data
+     *
+     * Uses its own SOAP wrapper instead of PHP's SoapClient
+     */
+    public function sendData($data)
+    {
+        // re-create the XML
+        $request = new SimpleXMLElement('<REQUEST/>');
+        $requestData = $request->addChild('DATOSENTRADA');
+        foreach ($data['DATOSENTRADA'] as $tag => $value) {
+            $requestData->addChild($tag, $value);
+        }
+        $request->addChild('DS_SIGNATUREVERSION', $data['DS_SIGNATUREVERSION']);
+        $request->addChild('DS_SIGNATURE', $data['DS_SIGNATURE']);
+
+        // wrap in SOAP envelope
+        $requestEnvelope = "<soapenv:Envelope xmlns:soapenv='http://schemas.xmlsoap.org/soap/envelope/'>
+              <soapenv:Header/>
+              <soapenv:Body>
+                <impl:trataPeticion xmlns:impl='http://webservice.sis.sermepa.es'>
+                  <impl:datosEntrada>
+                    ".htmlspecialchars($request->asXML())."
+                  </impl:datosEntrada>
+                </impl:trataPeticion>
+              </soapenv:Body>
+            </soapenv:Envelope>";
+
+        // send the actual SOAP request
+        $httpResponse = $this->httpClient->post(
+            $this->getEndpoint(),
+            array('SOAPAction' => 'trataPeticion'),
+            $requestEnvelope
+        )->send();
+
+        // unwrap httpResponse into actual data as SimpleXMLElement tree
+        $responseEnvelope = $httpResponse->xml();
+        $responseData = new SimpleXMLElement(htmlspecialchars_decode(
+            $responseEnvelope->children("http://schemas.xmlsoap.org/soap/envelope/")
+            ->Body->children("http://webservice.sis.sermepa.es")
+            ->trataPeticionResponse
+            ->trataPeticionReturn
+        ));
+
+
+        // remove any reflected request data (this happens on SIS errors, and includes card number)
+        if (isset($responseData->RECIBIDO)) {
+            unset($responseData->RECIBIDO);
+        }
+
+        // convert to nested arrays (drop the 'true' to use simple objects)
+        $responseData = json_decode(json_encode($responseData), true);
+
+        return $this->response = new WebservicePurchaseResponse($this, $responseData);
+    }
+}