bundles/CheckoutBundle/Service/PaymentGateway/Paynovate/PaynovateClient.php line 86

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace Bdm\CheckoutBundle\Service\PaymentGateway\Paynovate;
  7. use Bdm\CheckoutBundle\Entity\PaynovatePayment;
  8. use Bdm\CheckoutBundle\Entity\Transaction;
  9. use Bdm\CheckoutBundle\Repository\OrderRepository;
  10. use GuzzleHttp\Client;
  11. use GuzzleHttp\Exception\ClientException;
  12. use GuzzleHttp\Psr7\Response as GuzzleResponse;
  13. use Symfony\Bundle\FrameworkBundle\Routing\Router;
  14. use Symfony\Component\HttpFoundation\Response;
  15. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  16. use Psr\Log\LoggerInterface;
  17. use Monolog\Logger;
  19. /**
  20. * Class PaynovateClient
  21. */
  22. class PaynovateClient
  23. {
  24. /**
  25. * @var Client $oGuzzle
  26. */
  27. protected $oGuzzle;
  29. /**
  30. * @var OrderRepository $oOrderRepository
  31. */
  32. protected $oOrderRepository;
  34. /**
  35. * @var string $sWebhookUrl
  36. */
  37. protected $sWebhookUrl;
  39. /**
  40. * @var string $sMerchantId
  41. */
  42. protected $sMerchantId;
  44. /**
  45. * @var string $sSignatureKey
  46. */
  47. protected $sSignatureKey;
  49. /**
  50. * @var string $sIntegrationUrl
  51. */
  52. protected $sIntegrationUrl;
  54. /**
  55. * @var string $sDirectEndpoint
  56. */
  57. protected $sDirectEndpoint;
  59. /**
  60. * @var array $aCountryCode
  61. */
  62. protected $aCountryCode;
  64. /**
  65. * @var array $aCurrencyCode
  66. */
  67. protected $aCurrencyCode;
  69. /**
  70. * @var LoggerInterface
  71. */
  72. protected $oLogger;
  74. /**
  75. * @param OrderRepository $oOrderRepository oOrderRepository
  76. * @param Router $oRouter oRouter
  77. * @param array $aCountryCode aCountryCode
  78. * @param array $aCurrencyCode aCurrencyCode
  79. * @param string $sPaynovatePathIpn sPaynovatePathIpn
  80. * @param string $sMerchantId sMerchantId
  81. * @param string $sSignatureKey sSignatureKey
  82. * @param string $sIntegrationUrl sIntegrationUrl
  83. * @param boolean $bLocalEnv bLocalEnv
  84. * @param LoggerInterface $oLogger logger
  85. */
  86. public function __construct(
  87. OrderRepository $oOrderRepository,
  88. Router $oRouter,
  89. $aCountryCode,
  90. $aCurrencyCode,
  91. $sPaynovatePathIpn,
  92. $sMerchantId,
  93. $sSignatureKey,
  94. $sIntegrationUrl,
  95. $bLocalEnv = true,
  96. LoggerInterface $oLogger
  97. ) {
  98. $this->oGuzzle = new Client([
  99. 'verify' => true,
  100. 'allow_redirects' => false,
  101. 'http_errors' => false,
  102. ]);
  103. $this->oOrderRepository = $oOrderRepository;
  104. $this->aCountryCode = $aCountryCode;
  105. $this->aCurrencyCode = $aCurrencyCode;
  106. $this->sMerchantId = $sMerchantId;
  107. $this->sSignatureKey = $sSignatureKey;
  108. $this->sIntegrationUrl = rtrim($sIntegrationUrl, '/');
  109. $this->sDirectEndpoint = $this->sIntegrationUrl . '/direct/';
  110. $this->oLogger = $oLogger;
  112. if ($bLocalEnv) {
  113. $this->sWebhookUrl = $sPaynovatePathIpn.'/api/v1/ipn/paynovate';
  114. } else {
  115. $this->sWebhookUrl = $oRouter->generate(
  116. 'bdm_checkout_api_paynovate_ipn',
  117. [],
  118. UrlGeneratorInterface::ABSOLUTE_URL
  119. );
  120. }
  121. }
  123. /**
  124. * Generate SHA512 signature for Paynovate API
  125. *
  126. * @param string|array $sQueryStringOrData URL-encoded query string OR data array for REST API
  127. * @param string|null $sTimestamp Optional timestamp for REST API
  128. * @return string
  129. */
  130. protected function generateSignature($sQueryStringOrData, $sTimestamp = null)
  131. {
  132. if (is_array($sQueryStringOrData)) {
  133. $aData = $sQueryStringOrData;
  134. unset($aData['signature']);
  135. ksort($aData);
  136. $sSignatureString = '';
  137. foreach ($aData as $sKey => $sValue) {
  138. // Gérer les valeurs qui sont des tableaux (sous-tableaux dans callback)
  139. if (is_array($sValue)) {
  140. $sValue = json_encode($sValue);
  141. }
  142. $sSignatureString .= $sKey . $sValue;
  143. }
  144. $sSignatureString .= $this->sSignatureKey;
  145. return hash('sha512', $sSignatureString);
  146. }
  147. return hash('sha512', $sQueryStringOrData . $this->sSignatureKey);
  148. }
  150. /**
  151. * Build URL-encoded query string from sorted data array
  152. *
  153. * @param array $aData request data
  154. * @return string
  155. */
  156. protected function buildQueryString(array $aData)
  157. {
  158. ksort($aData);
  159. $aPairs = [];
  160. foreach ($aData as $sKey => $sValue) {
  161. $aPairs[] = urlencode((string)$sKey) . '=' . urlencode((string)$sValue);
  162. }
  164. return implode('&', $aPairs);
  165. }
  167. /**
  168. * @param Transaction $oTransaction oTransaction
  169. * @param string $sUrl sUrl
  170. * @return mixed
  171. * @throws \Exception
  172. */
  173. public function createPayment(Transaction $oTransaction, $sUrl, $sIpnUrl = null)
  174. {
  175. $oCard = $oTransaction->getPaymentMethod();
  176. $oOrder = $this->oOrderRepository->findById($oTransaction->getPayment()->getToken()->getEntityId());
  177. $oOrderCustomer = $oOrder->getOrderCustomer();
  179. if ($oOrderCustomer === null) {
  180. throw new \Exception('Order customer not found');
  181. }
  183. $sExpYear = (string)$oCard->getExpYear();
  184. $sFormatYear = substr(str_pad($sExpYear, 2, '0', STR_PAD_LEFT), -2);
  185. $sMerchantReference = $oOrder->getReference().$oTransaction->getReference();
  186. $sTransactionUnique = bin2hex(random_bytes(8));
  188. $sBillingAddress = trim($oOrderCustomer->getAddressLine1() . ' ' . $oOrderCustomer->getAddressLine2());
  190. $aData = [
  191. 'merchantID' => $this->sMerchantId,
  192. 'action' => 'SALE',
  193. 'type' => '1',
  194. 'currencyCode' => $this->getCurrencyNumericCode($oTransaction->getCurrencyIsoCode()),
  195. 'countryCode' => $this->getCountryNumericCode($oOrderCustomer->getCountryCode()),
  196. 'amount' => (int)($oTransaction->getAmount() * 100), // Montant en centimes
  197. 'orderRef' => $sMerchantReference,
  198. 'transactionUnique' => $sTransactionUnique,
  199. 'cardNumber' => $oCard->getNumber(),
  200. 'cardExpiryMonth' => str_pad((string) $oCard->getExpMonth(), 2, "0", STR_PAD_LEFT),
  201. 'cardExpiryYear' => $sFormatYear,
  202. 'cardCVV' => $oCard->getCvc(),
  203. 'avscv2CheckRequired' => 'N',
  204. 'duplicateDelay' => '300', //5 minutes (duplaicate order ref)
  205. ];
  207. $oTransaction->set3DS(true);
  208. if($oTransaction->get3DS() === true) {
  209. $aData['threeDSRequired'] = 'Y';
  210. $aData['threeDSRedirectURL'] = $sUrl;
  211. $aData['redirectURL'] = $sUrl; // Redirect URL for user's browser
  213. if ($sIpnUrl) {
  214. $aData['callbackURL'] = $sIpnUrl;
  215. $this->oLogger->log(Logger::INFO, '[createPayment] Using IPN webhook URL: ' . $sIpnUrl);
  216. }
  218. // Device information (required for 3DS 2.0)
  219. $aData['deviceChannel'] = 'browser';
  220. $aData['deviceIdentity'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'Mozilla/5.0';
  221. $aData['remoteAddress'] = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1';
  222. $aData['deviceTimeZone'] = '0';
  223. $aData['deviceCapabilities'] = 'javascript';
  224. $aData['deviceScreenResolution'] = '1920x1080x24';
  225. $aData['deviceAcceptContent'] = 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8';
  226. $aData['deviceAcceptEncoding'] = 'gzip, deflate, br';
  227. $aData['deviceAcceptLanguage'] = 'en-US,en;q=0.9';
  228. } else {
  229. $aData['threeDSRequired'] = 'N';
  230. $aData['redirectURL'] = $sUrl; // Redirect URL for user's browser
  232. if ($sIpnUrl) {
  233. $aData['callbackURL'] = $sIpnUrl;
  234. $this->oLogger->log(Logger::INFO, '[createPayment] Using IPN webhook URL: ' . $sIpnUrl);
  235. }
  236. }
  238. if ($oOrderCustomer->getEmail()) {
  239. $aData['customerEmail'] = $oOrderCustomer->getEmail();
  240. }
  242. if ($sBillingAddress) {
  243. $aData['customerAddress'] = $sBillingAddress;
  244. }
  246. if ($oOrderCustomer->getCity()) {
  247. $aData['customerTown'] = substr($oOrderCustomer->getCity(), 0, 50);
  248. }
  250. if ($oOrderCustomer->getPostalCode()) {
  251. $aData['customerPostcode'] = $oOrderCustomer->getPostalCode();
  252. }
  254. $sQueryString = $this->buildQueryString($aData);
  255. $sSignature = $this->generateSignature($sQueryString);
  256. $sPostData = $sQueryString . '&signature=' . $sSignature;
  258. $aOptions = [
  259. 'headers' => [
  260. 'Content-Type' => 'application/x-www-form-urlencoded',
  261. ],
  262. 'body' => $sPostData,
  263. ];
  265. $aLogPayload = $aData;
  266. if (isset($aLogPayload['cardNumber'])) {
  267. $sValue = (string) $aLogPayload['cardNumber'];
  268. $iLength = strlen($sValue);
  269. $aLogPayload['cardNumber'] = ($iLength > 4 ? str_repeat('X', $iLength - 4) : '') . substr($sValue, -4);
  270. }
  271. if (isset($aLogPayload['cardCVV'])) {
  272. $aLogPayload['cardCVV'] = '***';
  273. }
  275. $this->oLogger->info('[createPayment] Sending request to Paynovate', [
  276. 'endpoint' => $this->sDirectEndpoint,
  277. 'payload' => $aLogPayload,
  278. ]);
  280. try {
  281. $oRequest = $this->oGuzzle->request('POST', $this->sDirectEndpoint, $aOptions);
  283. $sResponseBody = $oRequest->getBody()->getContents();
  284. $iStatusCode = $oRequest->getStatusCode();
  286. $aHeaders = [];
  287. foreach ($oRequest->getHeaders() as $sName => $aValues) {
  288. $aHeaders[$sName] = implode(', ', $aValues);
  289. }
  291. $this->oLogger->info('[createPayment] Received response from Paynovate', [
  292. 'endpoint' => $this->sDirectEndpoint,
  293. 'status_code' => $iStatusCode,
  294. 'headers' => $aHeaders,
  295. 'body' => $sResponseBody,
  296. ]);
  298. if ($iStatusCode == 302 && $oRequest->hasHeader('Location')) {
  299. $sLocationUrl = $oRequest->getHeader('Location')[0];
  300. $this->oLogger->info('[createPayment] Detected 302 redirect', [
  301. 'location' => $sLocationUrl
  302. ]);
  304. $aParsedUrl = parse_url($sLocationUrl);
  305. if (!empty($aParsedUrl['query'])) {
  306. parse_str($aParsedUrl['query'], $aLocationParams);
  308. $sNewBody = http_build_query($aLocationParams);
  309. $this->oLogger->info('[createPayment] Extracted params from Location header', [
  310. 'params' => $aLocationParams
  311. ]);
  313. return new GuzzleResponse(
  314. 200,
  315. ['Content-Type' => 'application/x-www-form-urlencoded'],
  316. $sNewBody
  317. );
  318. }
  319. }
  321. if (in_array($iStatusCode, [Response::HTTP_OK, Response::HTTP_ACCEPTED, Response::HTTP_CREATED])) {
  322. return $oRequest;
  323. }
  325. throw new \Exception('payment error');
  326. } catch (ClientException $oException) {
  327. $sResponseBody = $oException->getResponse()->getBody()->getContents();
  329. parse_str($sResponseBody, $aResponseData);
  331. $this->oLogger->error('[createPayment] Error response from Paynovate', [
  332. 'endpoint' => $this->sIntegrationUrl,
  333. 'status_code' => $oException->getResponse()->getStatusCode(),
  334. 'body' => $sResponseBody,
  335. 'payload' => $aLogPayload,
  336. ]);
  338. if (isset($aResponseData['responseCode'])) {
  339. $oTransaction->setTransactionErrorCode(PaymentService::PREFIX_ERROR_CODE.$aResponseData['responseCode']);
  340. }
  342. $sErrorMsg = isset($aResponseData['responseMessage']) ? $aResponseData['responseMessage'] : 'payment error';
  343. $iErrorCode = isset($aResponseData['responseCode']) ? (int)$aResponseData['responseCode'] : 0;
  345. throw new \Bdm\CoreBundle\Exception\PaymentGateway\Paynovate\PaynovatePaymentGatewayRejectionException(
  346. $iErrorCode,
  347. $oException->getResponse()->getStatusCode(),
  348. $oException,
  349. 'Paynovate error: ' . $sErrorMsg . ' (Code: ' . ($aResponseData['responseCode'] ?? 'unknown') . ')'
  350. );
  351. }
  352. }
  354. /**
  355. * @param Transaction $oTransaction oTransaction
  356. * @param PaynovatePayment $oPaynovatePayment oPaynovatePayment
  357. * @return \Psr\Http\Message\ResponseInterface|null
  358. * @throws \Exception
  359. */
  360. public function refundTransaction(Transaction $oTransaction, PaynovatePayment $oPaynovatePayment)
  361. {
  362. $oOrder = $this->oOrderRepository->findById($oTransaction->getPayment()->getToken()->getEntityId());
  364. $sTransactionUnique = strtoupper(bin2hex(random_bytes(8)));
  365. $sOrderRef = 'Refund ' . $oOrder->getReference() . '-' . gmdate('Ymd-His');
  367. $aParams = [
  368. 'merchantID' => $this->sMerchantId,
  369. 'action' => 'REFUND_SALE',
  370. 'xref' => $oPaynovatePayment->getXref(),
  371. 'amount' => (int)($oTransaction->getAmount() * 100),
  372. 'orderRef' => $sOrderRef,
  373. 'transactionUnique' => $sTransactionUnique,
  374. 'duplicateDelay' => '0',
  375. 'merchantData' => $sTransactionUnique,
  376. 'callbackURL' => $this->sWebhookUrl,
  377. ];
  379. $sQueryString = $this->buildQueryString($aParams);
  380. $sSignature = $this->generateSignature($sQueryString);
  381. $sPostBody = $sQueryString . '&signature=' . $sSignature;
  383. $aOptions = [
  384. 'body' => $sPostBody,
  385. 'headers' => ['Content-Type' => 'application/x-www-form-urlencoded'],
  386. 'allow_redirects' => false,
  387. ];
  389. try {
  390. $sDirectUrl = rtrim($this->sIntegrationUrl, '/') . '/direct/';
  392. $this->oLogger->info('[refundTransaction] Sending REFUND_SALE request', [
  393. 'endpoint' => $sDirectUrl,
  394. 'payload' => $aParams,
  395. 'signature' => substr($sSignature, 0, 20) . '...',
  396. ]);
  398. $oRequest = $this->oGuzzle->request('POST', $sDirectUrl, $aOptions);
  400. // Handle 302 redirects (response in Location header query params)
  401. if ($oRequest->getStatusCode() === 302) {
  402. $sLocation = $oRequest->getHeader('Location')[0] ?? '';
  403. $aParsedUrl = parse_url($sLocation);
  404. if (isset($aParsedUrl['query'])) {
  405. $oRequest = new \GuzzleHttp\Psr7\Response(200, [], $aParsedUrl['query']);
  406. }
  407. }
  409. $oRequest->getBody()->rewind();
  410. $sResponseBody = $oRequest->getBody()->getContents();
  411. $oRequest->getBody()->rewind();
  413. $this->oLogger->info('[refundTransaction] Received response', [
  414. 'status_code' => $oRequest->getStatusCode(),
  415. 'headers' => $oRequest->getHeaders(),
  416. 'body' => $sResponseBody,
  417. ]);
  418. } catch (\Exception $oException) {
  419. $this->oLogger->error('[refundTransaction] Error calling Paynovate', [
  420. 'message' => $oException->getMessage(),
  421. ]);
  422. $oRequest = null;
  423. }
  425. return $oRequest;
  426. }
  428. /**
  429. * @param Transaction $oTransaction Transaction
  430. * @param PaynovatePayment $oPaynovatePayment oPaynovatePayment
  431. * @return \Psr\Http\Message\ResponseInterface|null
  432. * @throws \Exception
  433. */
  434. public function cancelTransaction(Transaction $oTransaction, PaynovatePayment $oPaynovatePayment)
  435. {
  436. $sXref = $oPaynovatePayment->getXref();
  438. if (empty($sXref)) {
  439. throw new \Exception('Cannot cancel transaction: xref is missing');
  440. }
  442. $aParams = [
  443. 'merchantID' => $this->sMerchantId,
  444. 'action' => 'CANCEL',
  445. 'xref' => $sXref,
  446. ];
  448. $sQueryString = $this->buildQueryString($aParams);
  449. $sSignature = $this->generateSignature($sQueryString);
  450. $sPostData = $sQueryString . '&signature=' . $sSignature;
  452. $aOptions = [
  453. 'headers' => ['Content-Type' => 'application/x-www-form-urlencoded'],
  454. 'body' => $sPostData,
  455. ];
  457. $this->oLogger->info('[cancelTransaction] Sending CANCEL request', [
  458. 'endpoint' => $this->sDirectEndpoint,
  459. 'payload' => $aParams,
  460. 'signature' => substr($sSignature, 0, 20) . '...',
  461. ]);
  463. try {
  464. $oRequest = $this->oGuzzle->request('POST', $this->sDirectEndpoint, $aOptions);
  466. $oRequest->getBody()->rewind();
  467. $sResponseBody = $oRequest->getBody()->getContents();
  468. $oRequest->getBody()->rewind();
  470. $this->oLogger->info('[cancelTransaction] Received response', [
  471. 'status_code' => $oRequest->getStatusCode(),
  472. 'headers' => $oRequest->getHeaders(),
  473. 'body' => $sResponseBody,
  474. ]);
  475. } catch (\Exception $exception) {
  476. $this->oLogger->error('[cancelTransaction] Error calling Paynovate', [
  477. 'message' => $exception->getMessage(),
  478. ]);
  479. throw $exception;
  480. }
  482. return $oRequest;
  483. }
  485. /**
  486. * Continue 3DS authentication flow
  487. * Called after the 3DS "method" callback to continue the authentication
  488. *
  489. * @param string $sThreeDSRef The threeDSRef from initial payment response
  490. * @return \Psr\Http\Message\ResponseInterface
  491. * @throws \Exception
  492. */
  493. public function continue3DS($sThreeDSRef, array $aAdditionalData = [])
  494. {
  495. $this->oLogger->info('[continue3DS] Starting 3DS continuation', [
  496. 'threeDSRef' => substr($sThreeDSRef, 0, 20) . '...',
  497. 'has_additional_data' => !empty($aAdditionalData)
  498. ]);
  500. // Build parameters for continue3DS request
  501. $aData = [
  502. 'merchantID' => $this->sMerchantId,
  503. 'threeDSRef' => $sThreeDSRef,
  504. ];
  506. // Add additional data (like threeDSResponse)
  507. if (!empty($aAdditionalData)) {
  508. $aData = array_merge($aData, $aAdditionalData);
  509. $this->oLogger->info('[continue3DS] Merged additional data', [
  510. 'data_keys' => array_keys($aAdditionalData),
  511. 'full_data' => json_encode($aData)
  512. ]);
  513. }
  515. // Build query string
  516. // Use http_build_query for nested arrays (like threeDSResponse)
  517. // Sort by keys first (required for signature)
  518. ksort($aData);
  519. $sQueryString = http_build_query($aData, '', '&', PHP_QUERY_RFC3986);
  521. $this->oLogger->info('[continue3DS] Built query string', [
  522. 'query_string' => substr($sQueryString, 0, 500) . '...'
  523. ]);
  525. // Generate signature
  526. $sSignature = $this->generateSignature($sQueryString);
  528. // Add signature to query string
  529. $sPostData = $sQueryString . '&signature=' . $sSignature;
  531. $aOptions = [
  532. 'headers' => [
  533. 'Content-Type' => 'application/x-www-form-urlencoded',
  534. ],
  535. 'body' => $sPostData,
  536. ];
  538. $this->oLogger->info('[continue3DS] Sending request to Paynovate', [
  539. 'endpoint' => $this->sDirectEndpoint,
  540. 'payload' => $aData,
  541. 'signature' => substr($sSignature, 0, 20) . '...',
  542. ]);
  544. try {
  545. $oRequest = $this->oGuzzle->request('POST', $this->sDirectEndpoint, $aOptions);
  547. $sResponseBody = $oRequest->getBody()->getContents();
  548. $iStatusCode = $oRequest->getStatusCode();
  550. // Log response headers for debugging
  551. $aHeaders = [];
  552. foreach ($oRequest->getHeaders() as $sName => $aValues) {
  553. $aHeaders[$sName] = implode(', ', $aValues);
  554. }
  556. $this->oLogger->info('[continue3DS] Received response from Paynovate', [
  557. 'endpoint' => $this->sDirectEndpoint,
  558. 'status_code' => $iStatusCode,
  559. 'headers' => $aHeaders,
  560. 'body' => $sResponseBody,
  561. ]);
  563. // IMPORTANT: Paynovate returns 3DS parameters in the Location header of a 302 response
  564. if ($iStatusCode == 302 && $oRequest->hasHeader('Location')) {
  565. $sLocationUrl = $oRequest->getHeader('Location')[0];
  566. $this->oLogger->info('[continue3DS] Detected 302 redirect', [
  567. 'location' => $sLocationUrl
  568. ]);
  570. // Parse the query string from the Location header
  571. $aParsedUrl = parse_url($sLocationUrl);
  572. if (!empty($aParsedUrl['query'])) {
  573. parse_str($aParsedUrl['query'], $aLocationParams);
  575. // Create a new response with the parameters in the body as form-urlencoded
  576. $sNewBody = http_build_query($aLocationParams);
  577. $this->oLogger->info('[continue3DS] Extracted params from Location header', [
  578. 'params' => $aLocationParams
  579. ]);
  581. // Return a new response object with the extracted parameters in the body
  582. return new GuzzleResponse(
  583. 200, // Change status to 200 so PaymentService treats it as success
  584. ['Content-Type' => 'application/x-www-form-urlencoded'],
  585. $sNewBody
  586. );
  587. }
  588. }
  590. if (in_array($iStatusCode, [Response::HTTP_OK, Response::HTTP_ACCEPTED, Response::HTTP_CREATED])) {
  591. return $oRequest;
  592. }
  594. throw new \Exception('continue3DS error: unexpected status code ' . $iStatusCode);
  595. } catch (ClientException $oException) {
  596. $sResponseBody = $oException->getResponse()->getBody()->getContents();
  598. $this->oLogger->error('[continue3DS] Error response from Paynovate', [
  599. 'endpoint' => $this->sDirectEndpoint,
  600. 'status_code' => $oException->getResponse()->getStatusCode(),
  601. 'body' => $sResponseBody,
  602. ]);
  604. throw new \Exception('Paynovate continue3DS error: ' . $sResponseBody);
  605. }
  606. }
  608. /**
  609. * Get Payment informations
  610. * @param PaynovatePayment $oPaynovatePayment $oPaynovatePayment
  611. * @return \Psr\Http\Message\ResponseInterface
  612. * @throws \Exception
  613. */
  614. public function getPaymentInformation(PaynovatePayment $oPaynovatePayment)
  615. {
  616. $aParams = [
  617. 'merchantID' => $this->sMerchantId,
  618. 'action' => 'QUERY',
  619. 'xref' => $oPaynovatePayment->getXref(),
  620. ];
  622. // Build query string for signature (same as other methods)
  623. $sQueryString = $this->buildQueryString($aParams);
  624. $sSignature = $this->generateSignature($sQueryString);
  625. $sPostData = $sQueryString . '&signature=' . $sSignature;
  627. $aOptions = [
  628. 'headers' => [
  629. 'Content-Type' => 'application/x-www-form-urlencoded',
  630. ],
  631. 'body' => $sPostData,
  632. ];
  634. $this->oLogger->info('[getPaymentInformation] Sending request to Paynovate', [
  635. 'endpoint' => $this->sIntegrationUrl . '/direct/',
  636. 'xref' => $oPaynovatePayment->getXref(),
  637. ]);
  639. $oRequest = $this->oGuzzle->request('POST', $this->sIntegrationUrl.'/direct/', $aOptions);
  641. $sResponseBody = $oRequest->getBody()->getContents();
  642. $this->oLogger->info('[getPaymentInformation] Received response from Paynovate', [
  643. 'endpoint' => $this->sIntegrationUrl . '/direct/',
  644. 'status_code' => $oRequest->getStatusCode(),
  645. 'body' => $sResponseBody,
  646. ]);
  647. $oRequest->getBody()->rewind();
  649. if ($oRequest->getStatusCode() == Response::HTTP_OK) {
  650. return $oRequest;
  651. }
  653. throw new \Exception('error_paynovate_get_transaction_information');
  654. }
  656. /**
  657. * Get payment information
  658. * @param Transaction $oTransaction transaction
  659. * @return array
  660. * @throws \Exception
  661. */
  662. protected function getCardType(Transaction $oTransaction)
  663. {
  664. $oCard = $oTransaction->getPaymentMethod();
  665. switch (substr($oCard->getNumber(), 0, 1)) {
  666. case PaynovatePayment::CARD_MASTERCARD_INT:
  667. $aType['label'] = 'MASTERCARD';
  668. $aType['code'] = PaynovatePayment::CARD_MASTERCARD_INT;
  669. break;
  670. case PaynovatePayment::CARD_VISA_INT:
  671. $aType['label'] = 'VISA';
  672. $aType['code'] = PaynovatePayment::CARD_VISA_INT;
  673. break;
  674. default:
  675. throw new \Exception();
  676. }
  678. return $aType;
  679. }
  681. /**
  682. * Get iso3 code
  683. * @param string $sIso2 iso2 code
  684. * @return int|mixed|string
  685. * @throws \Exception
  686. */
  687. private function getIso3Code($sIso2Code)
  688. {
  689. if (strlen($sIso2Code) === 3) {
  690. return $sIso2Code;
  691. }
  693. $aCountryCode = array_flip($this->aCountryCode);
  695. if (isset($aCountryCode[$sIso2Code])) {
  696. return $aCountryCode[$sIso2Code];
  697. }
  699. throw new \Exception('Bad ISO code');
  700. }
  702. /**
  703. * Get numeric country code for Direct API
  704. * @param string $sIso2Code ISO2 country code
  705. * @return string
  706. */
  707. /**
  708. * Get currency numeric code from ISO3 code
  709. *
  710. * @param string $sIso3Code ISO3 currency code (EUR, GBP, USD, etc.)
  711. * @return string Numeric currency code (978, 826, 840, etc.)
  712. */
  713. private function getCurrencyNumericCode($sIso3Code)
  714. {
  715. // Use injected currency codes from parameters.yml
  716. if (isset($this->aCurrencyCode[$sIso3Code])) {
  717. return (string) $this->aCurrencyCode[$sIso3Code];
  718. }
  720. // Fallback par défaut: EUR
  721. $this->oLogger->warning('[getCurrencyNumericCode] Unknown currency: ' . $sIso3Code . ', using EUR (978) as fallback');
  722. return '978';
  723. }
  725. /**
  726. * Get country numeric code from ISO2 code
  727. *
  728. * @param string $sIso2Code ISO2 country code (FR, GB, US, etc.)
  729. * @return string Numeric country code (250, 826, 840, etc.)
  730. */
  731. private function getCountryNumericCode($sIso2Code)
  732. {
  733. // Map ISO2 to numeric codes (ISO 3166-1 numeric)
  734. $aNumericCodes = [
  735. 'FR' => '250', // France
  736. 'GB' => '826', // UK
  737. 'US' => '840', // USA
  738. 'DE' => '276', // Germany
  739. 'ES' => '724', // Spain
  740. 'IT' => '380', // Italy
  741. 'BE' => '056', // Belgium
  742. 'NL' => '528', // Netherlands
  743. // Ajouter d'autres pays si nécessaire
  744. ];
  746. return $aNumericCodes[$sIso2Code] ?? '250'; // Par défaut FR
  747. }
  749. /**
  750. * Verify webhook signature
  751. *
  752. * @param array $aData webhook data
  753. * @param string $sReceivedSignature received signature
  754. * @return bool
  755. */
  756. public function verifyWebhookSignature(array $aData, $sReceivedSignature)
  757. {
  758. $aDataCopy = $aData;
  759. unset($aDataCopy['signature']);
  760. ksort($aDataCopy);
  761. $sQueryString = http_build_query($aDataCopy, '', '&');
  762. $sCalculatedSignature = hash('SHA512', $sQueryString . $this->sSignatureKey);
  764. return hash_equals($sCalculatedSignature, $sReceivedSignature);
  765. }
  766. }