You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
354 lines
12 KiB
354 lines
12 KiB
2 years ago
|
<?php
|
||
|
|
|
||
|
|
namespace App\Http\Controllers;
|
||
|
|
use App\Models\Order;
|
||
|
|
use Illuminate\Http\Request;
|
||
|
|
use Illuminate\Support\Facades\Config;
|
||
|
|
use App\CentralLogics\Helpers;
|
||
|
|
|
||
|
|
class PaytmController extends Controller
|
||
|
|
{
|
||
|
|
function encrypt_e($input, $ky)
|
||
|
|
{
|
||
|
|
$key = html_entity_decode($ky);
|
||
|
|
$iv = "@@@@&&&&####$$$$";
|
||
|
|
$data = openssl_encrypt($input, "AES-128-CBC", $key, 0, $iv);
|
||
|
|
return $data;
|
||
|
|
}
|
||
|
|
|
||
|
|
function decrypt_e($crypt, $ky)
|
||
|
|
{
|
||
|
|
$key = html_entity_decode($ky);
|
||
|
|
$iv = "@@@@&&&&####$$$$";
|
||
|
|
$data = openssl_decrypt($crypt, "AES-128-CBC", $key, 0, $iv);
|
||
|
|
return $data;
|
||
|
|
}
|
||
|
|
|
||
|
|
function generateSalt_e($length)
|
||
|
|
{
|
||
|
|
$random = "";
|
||
|
|
srand((double)microtime() * 1000000);
|
||
|
|
|
||
|
|
$data = "AbcDE123IJKLMN67QRSTUVWXYZ";
|
||
|
|
$data .= "aBCdefghijklmn123opq45rs67tuv89wxyz";
|
||
|
|
$data .= "0FGH45OP89";
|
||
|
|
|
||
|
|
for ($i = 0; $i < $length; $i++) {
|
||
|
|
$random .= substr($data, (rand() % (strlen($data))), 1);
|
||
|
|
}
|
||
|
|
|
||
|
|
return $random;
|
||
|
|
}
|
||
|
|
|
||
|
|
function checkString_e($value)
|
||
|
|
{
|
||
|
|
if ($value == 'null')
|
||
|
|
$value = '';
|
||
|
|
return $value;
|
||
|
|
}
|
||
|
|
|
||
|
|
function getChecksumFromArray($arrayList, $key, $sort = 1)
|
||
|
|
{
|
||
|
|
if ($sort != 0) {
|
||
|
|
ksort($arrayList);
|
||
|
|
}
|
||
|
|
$str = $this->getArray2Str($arrayList);
|
||
|
|
$salt = $this->generateSalt_e(4);
|
||
|
|
$finalString = $str . "|" . $salt;
|
||
|
|
$hash = hash("sha256", $finalString);
|
||
|
|
$hashString = $hash . $salt;
|
||
|
|
$checksum = $this->encrypt_e($hashString, $key);
|
||
|
|
return $checksum;
|
||
|
|
}
|
||
|
|
|
||
|
|
function getChecksumFromString($str, $key)
|
||
|
|
{
|
||
|
|
|
||
|
|
$salt = $this->generateSalt_e(4);
|
||
|
|
$finalString = $str . "|" . $salt;
|
||
|
|
$hash = hash("sha256", $finalString);
|
||
|
|
$hashString = $hash . $salt;
|
||
|
|
$checksum = $this->encrypt_e($hashString, $key);
|
||
|
|
return $checksum;
|
||
|
|
}
|
||
|
|
|
||
|
|
function verifychecksum_e($arrayList, $key, $checksumvalue)
|
||
|
|
{
|
||
|
|
$arrayList = $this->removeCheckSumParam($arrayList);
|
||
|
|
ksort($arrayList);
|
||
|
|
$str = $this->getArray2StrForVerify($arrayList);
|
||
|
|
$paytm_hash = $this->decrypt_e($checksumvalue, $key);
|
||
|
|
$salt = substr($paytm_hash, -4);
|
||
|
|
|
||
|
|
$finalString = $str . "|" . $salt;
|
||
|
|
|
||
|
|
$website_hash = hash("sha256", $finalString);
|
||
|
|
$website_hash .= $salt;
|
||
|
|
|
||
|
|
$validFlag = "FALSE";
|
||
|
|
if ($website_hash == $paytm_hash) {
|
||
|
|
$validFlag = "TRUE";
|
||
|
|
} else {
|
||
|
|
$validFlag = "FALSE";
|
||
|
|
}
|
||
|
|
return $validFlag;
|
||
|
|
}
|
||
|
|
|
||
|
|
function verifychecksum_eFromStr($str, $key, $checksumvalue)
|
||
|
|
{
|
||
|
|
$paytm_hash = $this->decrypt_e($checksumvalue, $key);
|
||
|
|
$salt = substr($paytm_hash, -4);
|
||
|
|
|
||
|
|
$finalString = $str . "|" . $salt;
|
||
|
|
|
||
|
|
$website_hash = hash("sha256", $finalString);
|
||
|
|
$website_hash .= $salt;
|
||
|
|
|
||
|
|
$validFlag = "FALSE";
|
||
|
|
if ($website_hash == $paytm_hash) {
|
||
|
|
$validFlag = "TRUE";
|
||
|
|
} else {
|
||
|
|
$validFlag = "FALSE";
|
||
|
|
}
|
||
|
|
return $validFlag;
|
||
|
|
}
|
||
|
|
|
||
|
|
function getArray2Str($arrayList)
|
||
|
|
{
|
||
|
|
$findme = 'REFUND';
|
||
|
|
$findmepipe = '|';
|
||
|
|
$paramStr = "";
|
||
|
|
$flag = 1;
|
||
|
|
foreach ($arrayList as $key => $value) {
|
||
|
|
$pos = strpos($value, $findme);
|
||
|
|
$pospipe = strpos($value, $findmepipe);
|
||
|
|
if ($pos !== false || $pospipe !== false) {
|
||
|
|
continue;
|
||
|
|
}
|
||
|
|
|
||
|
|
if ($flag) {
|
||
|
|
$paramStr .= $this->checkString_e($value);
|
||
|
|
$flag = 0;
|
||
|
|
} else {
|
||
|
|
$paramStr .= "|" . $this->checkString_e($value);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
return $paramStr;
|
||
|
|
}
|
||
|
|
|
||
|
|
function getArray2StrForVerify($arrayList)
|
||
|
|
{
|
||
|
|
$paramStr = "";
|
||
|
|
$flag = 1;
|
||
|
|
foreach ($arrayList as $key => $value) {
|
||
|
|
if ($flag) {
|
||
|
|
$paramStr .= $this->checkString_e($value);
|
||
|
|
$flag = 0;
|
||
|
|
} else {
|
||
|
|
$paramStr .= "|" . $this->checkString_e($value);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
return $paramStr;
|
||
|
|
}
|
||
|
|
|
||
|
|
function redirect2PG($paramList, $key)
|
||
|
|
{
|
||
|
|
$hashString = $this->getchecksumFromArray($paramList);
|
||
|
|
$checksum = $this->encrypt_e($hashString, $key);
|
||
|
|
}
|
||
|
|
|
||
|
|
function removeCheckSumParam($arrayList)
|
||
|
|
{
|
||
|
|
if (isset($arrayList["CHECKSUMHASH"])) {
|
||
|
|
unset($arrayList["CHECKSUMHASH"]);
|
||
|
|
}
|
||
|
|
return $arrayList;
|
||
|
|
}
|
||
|
|
|
||
|
|
function getTxnStatus($requestParamList)
|
||
|
|
{
|
||
|
|
return $this->callAPI("PAYTM_STATUS_QUERY_URL", $requestParamList);
|
||
|
|
}
|
||
|
|
|
||
|
|
function getTxnStatusNew($requestParamList)
|
||
|
|
{
|
||
|
|
return $this->callNewAPI("PAYTM_STATUS_QUERY_NEW_URL", $requestParamList);
|
||
|
|
}
|
||
|
|
|
||
|
|
function initiateTxnRefund($requestParamList)
|
||
|
|
{
|
||
|
|
$CHECKSUM = $this->getRefundChecksumFromArray($requestParamList, "PAYTM_MERCHANT_KEY", 0);
|
||
|
|
$requestParamList["CHECKSUM"] = $CHECKSUM;
|
||
|
|
return $this->callAPI("PAYTM_REFUND_URL", $requestParamList);
|
||
|
|
}
|
||
|
|
|
||
|
|
function callAPI($apiURL, $requestParamList)
|
||
|
|
{
|
||
|
|
$jsonResponse = "";
|
||
|
|
$responseParamList = array();
|
||
|
|
$JsonData = json_encode($requestParamList);
|
||
|
|
$postData = 'JsonData=' . urlencode($JsonData);
|
||
|
|
$ch = curl_init($apiURL);
|
||
|
|
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
|
||
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
|
||
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
|
||
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
|
||
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
|
||
|
|
'Content-Type: application/json',
|
||
|
|
'Content-Length: ' . strlen($postData))
|
||
|
|
);
|
||
|
|
$jsonResponse = curl_exec($ch);
|
||
|
|
$responseParamList = json_decode($jsonResponse, true);
|
||
|
|
return $responseParamList;
|
||
|
|
}
|
||
|
|
|
||
|
|
function callNewAPI($apiURL, $requestParamList)
|
||
|
|
{
|
||
|
|
$jsonResponse = "";
|
||
|
|
$responseParamList = array();
|
||
|
|
$JsonData = json_encode($requestParamList);
|
||
|
|
$postData = 'JsonData=' . urlencode($JsonData);
|
||
|
|
$ch = curl_init($apiURL);
|
||
|
|
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
|
||
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
|
||
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
|
||
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
|
||
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
|
||
|
|
'Content-Type: application/json',
|
||
|
|
'Content-Length: ' . strlen($postData))
|
||
|
|
);
|
||
|
|
$jsonResponse = curl_exec($ch);
|
||
|
|
$responseParamList = json_decode($jsonResponse, true);
|
||
|
|
return $responseParamList;
|
||
|
|
}
|
||
|
|
|
||
|
|
function getRefundChecksumFromArray($arrayList, $key, $sort = 1)
|
||
|
|
{
|
||
|
|
if ($sort != 0) {
|
||
|
|
ksort($arrayList);
|
||
|
|
}
|
||
|
|
$str = $this->getRefundArray2Str($arrayList);
|
||
|
|
$salt = $this->generateSalt_e(4);
|
||
|
|
$finalString = $str . "|" . $salt;
|
||
|
|
$hash = hash("sha256", $finalString);
|
||
|
|
$hashString = $hash . $salt;
|
||
|
|
$checksum = $this->encrypt_e($hashString, $key);
|
||
|
|
return $checksum;
|
||
|
|
}
|
||
|
|
|
||
|
|
function getRefundArray2Str($arrayList)
|
||
|
|
{
|
||
|
|
$findmepipe = '|';
|
||
|
|
$paramStr = "";
|
||
|
|
$flag = 1;
|
||
|
|
foreach ($arrayList as $key => $value) {
|
||
|
|
$pospipe = strpos($value, $findmepipe);
|
||
|
|
if ($pospipe !== false) {
|
||
|
|
continue;
|
||
|
|
}
|
||
|
|
|
||
|
|
if ($flag) {
|
||
|
|
$paramStr .= $this->checkString_e($value);
|
||
|
|
$flag = 0;
|
||
|
|
} else {
|
||
|
|
$paramStr .= "|" . $this->checkString_e($value);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
return $paramStr;
|
||
|
|
}
|
||
|
|
|
||
|
|
function callRefundAPI($refundApiURL, $requestParamList)
|
||
|
|
{
|
||
|
|
$jsonResponse = "";
|
||
|
|
$responseParamList = array();
|
||
|
|
$JsonData = json_encode($requestParamList);
|
||
|
|
$postData = 'JsonData=' . urlencode($JsonData);
|
||
|
|
$ch = curl_init($refundApiURL);
|
||
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
|
||
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
|
||
|
|
curl_setopt($ch, CURLOPT_URL, $refundApiURL);
|
||
|
|
curl_setopt($ch, CURLOPT_POST, true);
|
||
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
|
||
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||
|
|
$headers = array();
|
||
|
|
$headers[] = 'Content-Type: application/json';
|
||
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
|
||
|
|
$jsonResponse = curl_exec($ch);
|
||
|
|
$responseParamList = json_decode($jsonResponse, true);
|
||
|
|
return $responseParamList;
|
||
|
|
}
|
||
|
|
|
||
|
|
//payment functions
|
||
|
|
public function payment(Request $request)
|
||
|
|
{
|
||
|
|
$order = Order::with(['details', 'customer'])->where(['id' => $request->order_id, 'user_id'=>$request->customer_id])->first();
|
||
|
|
|
||
|
|
$value = $order->order_amount;
|
||
|
|
$user = $order->customer;
|
||
|
|
|
||
|
|
$paramList = array();
|
||
|
|
$ORDER_ID = $order->id;
|
||
|
|
$CUST_ID = $user['id'];
|
||
|
|
$INDUSTRY_TYPE_ID = $request["INDUSTRY_TYPE_ID"];
|
||
|
|
$CHANNEL_ID = $request["CHANNEL_ID"];
|
||
|
|
$TXN_AMOUNT = round($value, 2);
|
||
|
|
|
||
|
|
// Create an array having all required parameters for creating checksum.
|
||
|
|
$paramList["MID"] = Config::get('config_paytm.PAYTM_MERCHANT_MID');
|
||
|
|
$paramList["ORDER_ID"] = $ORDER_ID;
|
||
|
|
$paramList["CUST_ID"] = $CUST_ID;
|
||
|
|
$paramList["INDUSTRY_TYPE_ID"] = $INDUSTRY_TYPE_ID;
|
||
|
|
$paramList["CHANNEL_ID"] = $CHANNEL_ID;
|
||
|
|
$paramList["TXN_AMOUNT"] = $TXN_AMOUNT;
|
||
|
|
$paramList["WEBSITE"] = Config::get('config_paytm.PAYTM_MERCHANT_WEBSITE');
|
||
|
|
|
||
|
|
$paramList["CALLBACK_URL"] = route('paytm-response');
|
||
|
|
$paramList["MSISDN"] = $user['phone']; //Mobile number of customer
|
||
|
|
$paramList["EMAIL"] = $user['email']; //Email ID of customer
|
||
|
|
$paramList["VERIFIED_BY"] = "EMAIL"; //
|
||
|
|
$paramList["IS_USER_VERIFIED"] = "YES"; //
|
||
|
|
|
||
|
|
//Here checksum string will return by getChecksumFromArray() function.
|
||
|
|
$checkSum = $this->getChecksumFromArray($paramList, Config::get('config_paytm.PAYTM_MERCHANT_KEY'));
|
||
|
|
return view('paytm-payment-view', compact('checkSum', 'paramList'));
|
||
|
|
}
|
||
|
|
|
||
|
|
public function callback(Request $request)
|
||
|
|
{
|
||
|
|
$order = Order::with(['details'])->where(['id' => $request->ORDERID])->first();
|
||
|
|
$paramList = $_POST;
|
||
|
|
$paytmChecksum = isset($_POST["CHECKSUMHASH"]) ? $_POST["CHECKSUMHASH"] : ""; //Sent by Paytm pg
|
||
|
|
|
||
|
|
//Verify all parameters received from Paytm pg to your application. Like MID received from paytm pg is same as your application’s MID, TXN_AMOUNT and ORDER_ID are same as what was sent by you to Paytm PG for initiating transaction etc.
|
||
|
|
$isValidChecksum = $this->verifychecksum_e($paramList, Config::get('config_paytm.PAYTM_MERCHANT_KEY'), $paytmChecksum); //will return TRUE or FALSE string.
|
||
|
|
|
||
|
|
if ($isValidChecksum == "TRUE") {
|
||
|
|
if ($request["STATUS"] == "TXN_SUCCESS") {
|
||
|
|
// $order->transaction_reference = $transRef;
|
||
|
|
$order->payment_method = 'PayTM';
|
||
|
|
$order->payment_status = 'paid';
|
||
|
|
$order->order_status = 'confirmed';
|
||
|
|
$order->confirmed = now();
|
||
|
|
$order->save();
|
||
|
|
Helpers::send_order_notification($order);
|
||
|
|
if ($order->callback != null) {
|
||
|
|
return redirect($order->callback . '&status=success');
|
||
|
|
}else{
|
||
|
|
return \redirect()->route('payment-success');
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
$order->order_status = 'failed';
|
||
|
|
$order->failed = now();
|
||
|
|
$order->save();
|
||
|
|
if ($order->callback != null) {
|
||
|
|
return redirect($order->callback . '&status=fail');
|
||
|
|
}else{
|
||
|
|
return \redirect()->route('payment-fail');
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|