Merge pull request #285 from torreytsui/feature/generalise-signature-calculation

Generalise request signature calculation

Merge pull request #285 from torreytsui/feature/generalise-signature-calculation
Generalise request signature calculation
b6cda614 · Rik ter Beek · GitHub · 4495500d · 9c8f56a1 · b6cda614
Commit b6cda614 authored Jul 03, 2018 by Rik ter Beek Committed by GitHub Jul 03, 2018
4 changed files
--- a/Block/Redirect/Redirect.php
+++ b/Block/Redirect/Redirect.php
@@ -261,8 +261,6 @@ class Redirect extends \Magento\Payment\Block\Form
                    ->getBaseUrl(\Magento\Framework\UrlInterface::URL_TYPE_LINK);

                $formFields['resURL'] = $baseUrl . 'adyen/process/result';
-                $hmacKey = $this->_adyenHelper->getHmac();
-

                if ($brandCode) {
                    $formFields['brandCode'] = $brandCode;
@@ -307,15 +305,9 @@ class Redirect extends \Magento\Payment\Block\Form
                    $formFields['dfValue'] = $this->_order->getPayment()->getAdditionalInformation("df_value");
                }

-                // Sort the array by key using SORT_STRING order
-                ksort($formFields, SORT_STRING);
-
-                // Generate the signing data string
-                $signData = implode(":", array_map([$this, 'escapeString'],
-                    array_merge(array_keys($formFields), array_values($formFields))));
-
-                $merchantSig = base64_encode(hash_hmac('sha256', $signData, pack("H*", $hmacKey), true));
-
+                // Sign request using secret key
+                $hmacKey = $this->_adyenHelper->getHmac();
+                $merchantSig = \Adyen\Util\Util::calculateSha256Signature($hmacKey, $formFields);
                $formFields['merchantSig'] = $merchantSig;

                $this->_adyenLogger->addAdyenDebug(print_r($formFields, true));

--- a/Controller/Process/Result.php
+++ b/Controller/Process/Result.php
@@ -279,7 +279,6 @@ class Result extends \Magento\Framework\App\Action\Action
     */
    protected function _authenticate($response) {

-        $hmacKey = $this->_adyenHelper->getHmac();
        $merchantSigNotification = $response['merchantSig'];

        // do it like this because $_GET is converting dot to underscore
@@ -297,14 +296,9 @@ class Result extends \Magento\Framework\App\Action\Action
        // do not include the merchantSig in the merchantSig calculation
        unset($result['merchantSig']);

-        // Sort the array by key using SORT_STRING order
-        ksort($result, SORT_STRING);
-
-        // Generate the signing data string
-        $signData = implode(":", array_map([$this, 'escapeString'],
-            array_merge(array_keys($result), array_values($result))));
-
-        $merchantSig = base64_encode(hash_hmac('sha256', $signData, pack("H*", $hmacKey), true));
+        // Sign request using secret key
+        $hmacKey = $this->_adyenHelper->getHmac();
+        $merchantSig = \Adyen\Util\Util::calculateSha256Signature($hmacKey, $result);

        if (strcmp($merchantSig, $merchantSigNotification) === 0) {
            return true;

--- a/Gateway/Command/PayByMailCommand.php
+++ b/Gateway/Command/PayByMailCommand.php
@@ -199,15 +199,8 @@ class PayByMailCommand implements CommandInterface
            $formFields['shopperReference']  = $customerId;
        }

-        // Sort the array by key using SORT_STRING order
-        ksort($formFields, SORT_STRING);
-
-        // Generate the signing data string
-        $signData = implode(":", array_map([$this, 'escapeString'],
-            array_merge(array_keys($formFields), array_values($formFields))));
-
-        $merchantSig = base64_encode(hash_hmac('sha256', $signData, pack("H*", $hmacKey), true));
-
+        // Sign request using secret key
+        $merchantSig = \Adyen\Util\Util::calculateSha256Signature($hmacKey, $formFields);
        $formFields['merchantSig']      = $merchantSig;

        $this->_adyenLogger->addAdyenDebug(print_r($formFields, true));

--- a/Test/Unit/Helper/DataTest.php
+++ b/Test/Unit/Helper/DataTest.php
@@ -48,9 +48,22 @@ class DataTest extends \PHPUnit\Framework\TestCase
        $assetRepo = $this->getSimpleMock(\Magento\Framework\View\Asset\Repository::class);
        $assetSource = $this->getSimpleMock(\Magento\Framework\View\Asset\Source::class);
        $notificationFactory = $this->getSimpleMock(\Adyen\Payment\Model\ResourceModel\Notification\CollectionFactory::class);
+        $taxConfig = $this->getSimpleMock(\Magento\Tax\Model\Config::class);
+        $taxCalculation = $this->getSimpleMock(\Magento\Tax\Model\Calculation::class);

-        $this->dataHelper = new \Adyen\Payment\Helper\Data($context, $encryptor, $dataStorage, $country, $moduleList,
-            $billingAgreementCollectionFactory, $assetRepo, $assetSource, $notificationFactory);
+        $this->dataHelper = new \Adyen\Payment\Helper\Data(
+            $context,
+            $encryptor,
+            $dataStorage,
+            $country,
+            $moduleList,
+            $billingAgreementCollectionFactory,
+            $assetRepo,
+            $assetSource,
+            $notificationFactory,
+            $taxConfig,
+            $taxCalculation
+        );
    }

    public function testFormatAmount()