Generalise request signature calculation

ebecd605 · torreytsui · 4495500d · ebecd605 · ebecd605 · ebecd605
Commit ebecd605 authored Jun 29, 2018 by torreytsui
Showing with 8 additions and 29 deletions

Block/Redirect/Redirect.php Block/Redirect/Redirect.php +3 -11

Controller/Process/Result.php Controller/Process/Result.php +3 -9

Gateway/Command/PayByMailCommand.php Gateway/Command/PayByMailCommand.php +2 -9

No files found.
--- a/Block/Redirect/Redirect.php
+++ b/Block/Redirect/Redirect.php
@@ -261,8 +261,6 @@ class Redirect extends \Magento\Payment\Block\Form
                    ->getBaseUrl(\Magento\Framework\UrlInterface::URL_TYPE_LINK);
                $formFields['resURL'] = $baseUrl . 'adyen/process/result';
-                $hmacKey = $this->_adyenHelper->getHmac();
                if ($brandCode) {
                    $formFields['brandCode'] = $brandCode;
@@ -307,15 +305,9 @@ class Redirect extends \Magento\Payment\Block\Form
                    $formFields['dfValue'] = $this->_order->getPayment()->getAdditionalInformation("df_value");
                }
-                // Sort the array by key using SORT_STRING order
+                // Sign request using secret key
-                ksort($formFields, SORT_STRING);
+                $hmacKey = $this->_adyenHelper->getHmac();
+                $merchantSig = \Adyen\Util\Util::calculateSha256Signature($hmacKey, $formFields);
-                // Generate the signing data string
-                $signData = implode(":", array_map([$this, 'escapeString'],
-                    array_merge(array_keys($formFields), array_values($formFields))));
-                $merchantSig = base64_encode(hash_hmac('sha256', $signData, pack("H*", $hmacKey), true));
                $formFields['merchantSig'] = $merchantSig;
                $this->_adyenLogger->addAdyenDebug(print_r($formFields, true));

--- a/Controller/Process/Result.php
+++ b/Controller/Process/Result.php
@@ -279,7 +279,6 @@ class Result extends \Magento\Framework\App\Action\Action
     */
    protected function _authenticate($response) {
-        $hmacKey = $this->_adyenHelper->getHmac();
        $merchantSigNotification = $response['merchantSig'];
        // do it like this because $_GET is converting dot to underscore
@@ -297,14 +296,9 @@ class Result extends \Magento\Framework\App\Action\Action
        // do not include the merchantSig in the merchantSig calculation
        unset($result['merchantSig']);
-        // Sort the array by key using SORT_STRING order
+        // Sign request using secret key
-        ksort($result, SORT_STRING);
+        $hmacKey = $this->_adyenHelper->getHmac();
+        $merchantSig = \Adyen\Util\Util::calculateSha256Signature($hmacKey, $result);
-        // Generate the signing data string
-        $signData = implode(":", array_map([$this, 'escapeString'],
-            array_merge(array_keys($result), array_values($result))));
-        $merchantSig = base64_encode(hash_hmac('sha256', $signData, pack("H*", $hmacKey), true));
        if (strcmp($merchantSig, $merchantSigNotification) === 0) {
            return true;

--- a/Gateway/Command/PayByMailCommand.php
+++ b/Gateway/Command/PayByMailCommand.php
@@ -199,15 +199,8 @@ class PayByMailCommand implements CommandInterface
            $formFields['shopperReference']  = $customerId;
        }
-        // Sort the array by key using SORT_STRING order
+        // Sign request using secret key
-        ksort($formFields, SORT_STRING);
+        $merchantSig = \Adyen\Util\Util::calculateSha256Signature($hmacKey, $formFields);
-        // Generate the signing data string
-        $signData = implode(":", array_map([$this, 'escapeString'],
-            array_merge(array_keys($formFields), array_values($formFields))));
-        $merchantSig = base64_encode(hash_hmac('sha256', $signData, pack("H*", $hmacKey), true));
        $formFields['merchantSig']      = $merchantSig;
        $this->_adyenLogger->addAdyenDebug(print_r($formFields, true));