You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
176 lines
5.9 KiB
176 lines
5.9 KiB
2 years ago
|
<?php
|
||
|
|
||
|
namespace App\Http\Controllers;
|
||
|
|
||
|
use App\Models\Order;
|
||
|
use Illuminate\Http\Request;
|
||
|
use App\CentralLogics\Helpers;
|
||
|
use App\Models\BusinessSetting;
|
||
|
use Brian2694\Toastr\Facades\Toastr;
|
||
|
|
||
|
|
||
|
class Paytabs
|
||
|
{
|
||
|
function send_api_request($request_url, $data, $request_method = null)
|
||
|
{
|
||
|
$config = Helpers::get_business_settings('paytabs');
|
||
|
|
||
|
$data['profile_id'] = $config['profile_id'];
|
||
|
$curl = curl_init();
|
||
|
curl_setopt_array($curl, array(
|
||
|
CURLOPT_URL => $config['base_url'] .'/'. $request_url,
|
||
|
CURLOPT_RETURNTRANSFER => true,
|
||
|
CURLOPT_ENCODING => '',
|
||
|
CURLOPT_MAXREDIRS => 10,
|
||
|
CURLOPT_TIMEOUT => 0,
|
||
|
CURLOPT_CUSTOMREQUEST => isset($request_method) ? $request_method : 'POST',
|
||
|
CURLOPT_POSTFIELDS => json_encode($data, true),
|
||
|
CURLOPT_HTTPHEADER => array(
|
||
|
'authorization:' . $config['server_key'],
|
||
|
'Content-Type:application/json'
|
||
|
),
|
||
|
));
|
||
|
|
||
|
$response = json_decode(curl_exec($curl), true);
|
||
|
curl_close($curl);
|
||
|
return $response;
|
||
|
}
|
||
|
|
||
|
function is_valid_redirect($post_values)
|
||
|
{
|
||
|
$config = Helpers::get_business_settings('paytabs');
|
||
|
|
||
|
$serverKey = $config['server_key'];
|
||
|
|
||
|
// Request body include a signature post Form URL encoded field
|
||
|
// 'signature' (hexadecimal encoding for hmac of sorted post form fields)
|
||
|
$requestSignature = $post_values["signature"];
|
||
|
unset($post_values["signature"]);
|
||
|
$fields = array_filter($post_values);
|
||
|
|
||
|
// Sort form fields
|
||
|
ksort($fields);
|
||
|
|
||
|
// Generate URL-encoded query string of Post fields except signature field.
|
||
|
$query = http_build_query($fields);
|
||
|
|
||
|
$signature = hash_hmac('sha256', $query, $serverKey);
|
||
|
if (hash_equals($signature, $requestSignature) === TRUE) {
|
||
|
// VALID Redirect
|
||
|
return true;
|
||
|
} else {
|
||
|
// INVALID Redirect
|
||
|
return false;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
class PaytabsController extends Controller
|
||
|
{
|
||
|
public function payment()
|
||
|
{
|
||
|
$order = Order::with(['details','customer'])->where(['id' => session('order_id'), 'user_id'=>session('customer_id')])->first();
|
||
|
|
||
|
$value = $order->order_amount;
|
||
|
|
||
|
$user = $order->customer;
|
||
|
$currency=BusinessSetting::where('key', 'currency')->first();
|
||
|
|
||
|
$plugin = new Paytabs();
|
||
|
$request_url = 'payment/request';
|
||
|
$data = [
|
||
|
"tran_type" => "sale",
|
||
|
"tran_class" => "ecom",
|
||
|
"cart_id" => 'pay-'.$order->id,
|
||
|
"cart_currency" => isset($currency) ? $currency->value : "EGP",
|
||
|
"cart_amount" => round($value,2),
|
||
|
"cart_description" => "products",
|
||
|
"paypage_lang" => "en",
|
||
|
"callback" => url('/') . "/paytabs-response", // Nullable - Must be HTTPS, otherwise no post data from paytabs
|
||
|
"return" => url('/') . "/paytabs-response", // Must be HTTPS, otherwise no post data from paytabs , must be relative to your site URL
|
||
|
"customer_details" => [
|
||
|
"name" => $user->f_name,
|
||
|
"email" => $user->email,
|
||
|
"phone" => "000000",
|
||
|
"street1" => "address",
|
||
|
"city" => "not given",
|
||
|
"state" => "not given",
|
||
|
"country" => "not given",
|
||
|
"zip" => "00000"
|
||
|
],
|
||
|
"shipping_details" => [
|
||
|
"name" => "not given",
|
||
|
"email" => "not given",
|
||
|
"phone" => "not given",
|
||
|
"street1" => "not given",
|
||
|
"city" => "not given",
|
||
|
"state" => "not given",
|
||
|
"country" => "not given",
|
||
|
"zip" => "0000"
|
||
|
],
|
||
|
"user_defined" => [
|
||
|
"udf9" => "UDF9",
|
||
|
"udf3" => "UDF3"
|
||
|
]
|
||
|
];
|
||
|
$page = $plugin->send_api_request($request_url, $data);
|
||
|
if(!isset($page['redirect_url'])) {
|
||
|
Toastr::error(translate('misconfiguration_or_data_missing'));
|
||
|
return back();
|
||
|
}
|
||
|
header('Location:' . $page['redirect_url']); /* Redirect browser */
|
||
|
exit();
|
||
|
}
|
||
|
|
||
|
public function callback_response(Request $request)
|
||
|
{
|
||
|
$order = Order::with(['details'])->where(['id' => session('order_id'), 'user_id'=>session('customer_id')])->first();
|
||
|
$plugin = new Paytabs();
|
||
|
|
||
|
$response_data = $_POST;
|
||
|
|
||
|
$transRef = filter_input(INPUT_POST, 'tranRef');
|
||
|
|
||
|
if (!$transRef) {
|
||
|
Toastr::error(translate('Transaction reference is not set. return url must be HTTPs with POST method to can retrieve data'));
|
||
|
return back();
|
||
|
}
|
||
|
|
||
|
$is_valid = $plugin->is_valid_redirect($response_data);
|
||
|
if (!$is_valid) {
|
||
|
Toastr::error(translate('Not a valid PayTabs response'));
|
||
|
return back();
|
||
|
}
|
||
|
|
||
|
$request_url = 'payment/query';
|
||
|
$data = [
|
||
|
"tran_ref" => $transRef
|
||
|
];
|
||
|
$verify_result = $plugin->send_api_request($request_url, $data);
|
||
|
$is_success = $verify_result['payment_result']['response_status'] === 'A';
|
||
|
if ($is_success) {
|
||
|
$order->transaction_reference = $transRef;
|
||
|
$order->payment_method = 'Paytabs';
|
||
|
$order->payment_status = 'paid';
|
||
|
$order->order_status = 'confirmed';
|
||
|
$order->confirmed = now();
|
||
|
$order->save();
|
||
|
Helpers::send_order_notification($order);
|
||
|
if ($order->callback != null) {
|
||
|
return redirect($order->callback . '&status=success');
|
||
|
}else{
|
||
|
return \redirect()->route('payment-success');
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$order->order_status = 'failed';
|
||
|
$order->failed = now();
|
||
|
$order->save();
|
||
|
if ($order->callback != null) {
|
||
|
return redirect($order->callback . '&status=fail');
|
||
|
}else{
|
||
|
return \redirect()->route('payment-fail');
|
||
|
}
|
||
|
}
|
||
|
}
|