search

lexik / LexikPayboxBundle

LexikPayboxBundle eases the implementation of the Paybox payment system
MIT License
40 stars 47 forks source link

Wrong HMAC calculation when using multiple forms #84

Open Yondz opened 7 years ago

Yondz commented 7 years ago

Hi,

I found a small issue when I tried to generate several forms for one page (one form per payment type), the field PBX_HMAC is not regenerated for each form.

It seems that once the service has been called and a form generated, this parameter is set for the execution lifetime, due to this if condition in Lexik\Bundle\PayboxBundle\Paybox\System\Base\Request (line 129-133) : 

   /**
     * Returns all parameters set for a payment.
     *
     * @return array
     */
    public function getParameters()
    {
       // This condition prevent the generation of a new PBX_HMAC
       if (null === $this->getParameter('PBX_HMAC')) {
            $this->setParameter('PBX_TIME', date('c'));
            $this->setParameter('PBX_HMAC', strtoupper($this->computeHmac()));
       }

        $resolver = new ParameterResolver($this->globals['currencies']);

        return $resolver->resolve($this->parameters);
    }

To overcome this, I extended this class in my app by adding this parameter 

parameters:
  lexik_paybox.request_handler.class:              'Path\To\Custom\Request'

And commented the condition like this :


    /**
     * Returns all parameters set for a payment.
     *
     * @return array
     */
    public function getParameters()
    {
        //if (null === $this->getParameter('PBX_HMAC')) {
            $this->setParameter('PBX_TIME', date('c'));
            $this->setParameter('PBX_HMAC', strtoupper($this->computeHmac()));
        //}

        $resolver = new ParameterResolver($this->globals['currencies']);

        return $resolver->resolve($this->parameters);
    }

It works well :)

Btw, I also had to extend \Lexik\Bundle\PayboxBundle\Paybox\System\Base\ParameterResolver for another reason, the value "ANCV" was not allowed in the PBX_TYPECARTE options, since the ParameterResolver is manually instanciated in Request::getParameters().

Yondz

acidjames commented 7 years ago

Hi @Yondz

i wonder if inserting multiple forms is the way to go, are you forced to use that behaviour ?

Is it to enhance the UX ?

Yondz commented 7 years ago

Hi @acidjames

I know it is not the way this bundle was designed for, but I need to instanciate several pre-configured payment buttons on the same page (VISA, Mastercard, CB, ..), and thus set PBX_TYPECARTE var to the proper value -> generate the PBX_HMAC for each button.

This way the user goes directly to the pre-configured payment method.

Yondz

acidjames commented 7 years ago

Hi @Yondz

i've never used the VISA, MASTERCARD variables, i have only been using CB, does it make any difference ? (if you have looked into the docs)