One Hat Cyber Team

View File Name : WorldlineController.php

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

use Illuminate\Support\Facades\Validator;
use DB;
use Carbon\Carbon;
use App\Models\Transaction;
use App\Models\PhoneNumber;

class WorldlineController extends Controller
{

    public function index(Request $request)
    {
      try {
        $hashedData = $request->hashed;

        $newEncrypter = new \Illuminate\Encryption\Encrypter( config('app.deposit_hash_key'), config('app.cipher'));

        $data__ = $newEncrypter->decrypt($hashedData);
        $data__ = json_decode($data__,true);

      } catch (\Exception $e) {

        // bellow line if encryption was not used
        $data__ = $request->all();
      }

      //Url check
      $domain = str_replace('http://', '', $_SERVER['HTTP_ORIGIN']);
      $domain = str_replace('https://', '', $domain);
      $domain = str_replace('www.', '', $domain);
      $url = $domain.$_SERVER['REQUEST_URI'];

      if(0&&$url!=$data__['url']){
        return redirect('/wl/failled');
      }

      //Url check ends

      $phoneCheck = $data__['email'];

      $phone=PhoneNumber::where('users',$phoneCheck)->first();
      if (!$phone) {
          $take_random_phone=PhoneNumber::inRandomOrder()->first();
          PhoneNumber::insert([
              'name'=>$take_random_phone['name'],
              'email'=>$take_random_phone['email'],
              'phone_number'=>$take_random_phone['phone_number'],
              'users'=>$phoneCheck,
          ]);
          $phone=PhoneNumber::where('users',$phoneCheck)->first();
      }

      $data__['phone'] = $phone->phone_number;
      $data__['email'] = $phone->email;
      $data__['name'] = $phone->name;

      $oldTxn = Transaction::whereNotNull('orderId')->where('orderId',$request['orderId'])->first();

      if ($oldTxn) {
        return redirect('/wl/failled');
      }

      $params = $data__;

      // validation starts here
      $validator = self::validator($params);
      if ($validator->fails()) {
        return redirect('/wl/failled');
      }
      // validation ends here

      if (!storeTxn($data__,'worldline')) {
        return redirect('/wl/failled');
      }

      $params = [];
      $params['userId'] = $data__['userId'];
      $params['orderId'] = $data__['orderId'];
      $params['amount'] = $data__['amount'];

      $newEncrypter = new \Illuminate\Encryption\Encrypter( config('app.deposit_hash_key'), config('app.cipher'));

      $data__ = $newEncrypter->encrypt(json_encode($params,true));

      $params_['hashed'] = $data__;
      $params_['server3url'] = 'http://localhost:8002/pg/wl/checkout'; //Proxy

      return view('payments.wl.checkout',compact('params_'));

    }


    static public function validator(array $data)
    {
      return Validator::make($data, [
        'userId' => ['required', 'string', 'max:255'],
        'orderId' => ['required', 'string', 'max:255'],
        'amount' => ['required'],
        'email' => ['required', 'email', 'max:255'],
        'phone' => ['required', 'string', 'min:10', 'max:10'],
      ]);
    }

    static public function fetchTransactionStatus($order_id = null,$denyFail = null,$hourly=null)
    {

      if ($order_id) {
        $all_txn = Transaction::where('gatewayId','worldline')
                  // ->where('sent21','!=',1)
                  ->where('status',1)
                  ->where('orderId',$order_id)
                  ->get();
      }
      elseif($hourly==1){
        $all_txn = Transaction::where('gatewayId','worldline')
                  ->whereNull('sent21')
                  ->where('status',1)
                  ->where('created_at','<',Carbon::now()->subhours(1)->format('Y-m-d H:i:s'))
                  ->where('created_at','>=',Carbon::now()->subhours(49)->format('Y-m-d H:i:s'))
                  ->get();
      }
      else {
        $all_txn = Transaction::where('gatewayId','worldline')
                  ->whereNull('sent21')
                  ->where('status',1)
                  ->where('created_at','<=',Carbon::now()->subMinutes(5)->format('Y-m-d H:i:s'))
                  ->where('created_at','>=',Carbon::now()->subhours(1)->format('Y-m-d H:i:s'))
                  ->get();
      }

      foreach ($all_txn as $key => $txn) {

        $order_id = $txn->orderId;

        $data =[
          'order_id'=>$txn->orderId,
          'pgMeTrnRefNo'=>$txn->merchantTranId
        ];

        $endpoint = "http://localhost:8002/pg/wl/fetchTransactionStatus"; //Proxy URL

        $client = new \GuzzleHttp\Client();
        $response = $client->request('POST', $endpoint,[
          'form_params'=>$data,
        ]);

        $response=json_decode($response->getBody()->getContents(),true);

        self::updateStatus($response['data'],$order_id);

      }

      return true;

    }

    public function callback(Request $request)
    {

      if (strtolower($request['data']['statusCode'])=='s') {
        $data = $request->all()['data'];

        self::updateStatus($data,$data['orderId'],1);
      }

      return true;
    }

    static function updateStatus($response = null,$order_id = null,$denyFail = null){

      $transaction = Transaction::where('orderId',$order_id)
                                ->where('status',1)
                                ->where('gatewayId','worldline')
                                ->first();

      if ($transaction) {
        $transaction->responseJson=json_encode($response);

        $result = $response;
        $amount = $response['trnAmt']/100;
        \Log::info(strtolower($result['statusCode']));

        if ((strtolower($result['statusCode'])=='s')) {
          if (
              $amount==$transaction->amount
            ) {

            $form_data = [
              'data'=>json_encode($transaction)
            ];

            $signature = base64_encode(hash_hmac('sha256',str_replace(':null',':""',json_encode($form_data)), config('app.payment_hask_key'), true));

            $headers = [
              'hash'=>[$signature]
            ];

            try {

              $client = new \GuzzleHttp\Client();
              $response = $client->request('POST', $transaction->client_url.'/callback/payment', [
                'headers'=>$headers,
                'form_params' => $form_data
              ]);
              $response=json_decode($response->getBody()->getContents(),true);

              $transaction->responseJson=json_encode($result);
              $transaction->sent21=1;
              $transaction->status=2;
              $transaction->message = 'client response : '. $response['message'];

            } catch (\Exception $e) {
              \Log::info($e->getMessage());
            }
          }
          else {
            $transaction->responseJson=json_encode($result);
            $transaction->message = 'Data missmatch';
            $transaction->status=4;
          }

          $transaction->save();
        }
        else {
          //Not making failed for 1st one hour
          if($denyFail != 1&&strtotime($transaction->created_at)<strtotime('-1 hour')){
            $d1 = strtotime(date('Y-m-d H:i:s'));
            $d2 = strtotime($transaction->created_at);
            if ($d1-$d2 > 86400*2) {
              $transaction->responseJson=json_encode($result);
              $transaction->status=3;
              $transaction->save();
            }
            else if (strtolower($result['statusCode'])=='f') {
              $transaction->status=3;
              $transaction->message = isset($result['statusDesc'])?$result['statusDesc']:'Failed';
              $transaction->responseJson=json_encode($result);
              $transaction->save();
            }
          }
        }
      }

      return $transaction;
    }


}