1<?php
2// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project
3//
4// All Rights Reserved. See copyright.txt for details and a complete list of authors.
5// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
6// $Id$
7
8class IsraelPostLib
9{
10	private $payment;
11
12	function __construct(PaymentLib $payment)
13	{
14		$this->payment = $payment;
15	}
16
17	/**
18	 * Check if the payment has been received through the gateway's API.
19	 * Return false if this is not supported.
20	 */
21	public function check_payment($paymentId, $jitGet, $jitPost)
22	{
23		if ($paymentId != $jitGet->PreOrderID->digits()) {
24			return false;
25		}
26
27		$hash = $this->generateHash($paymentId, $jitGet);
28		if ($hash !== $jitGet->OKauthentication->word()) {
29			return false;
30		}
31
32		return $this->checkWithService($paymentId);
33	}
34
35	public function capture_payment($payment, $received)
36	{
37		global $prefs;
38
39		$url = $prefs['payment_israelpost_environment'] . 'genericJ4afterJ5?OpenAgent';
40		$url .= '&' . http_build_query([
41			'Business' => $prefs['payment_israelpost_business_id'],
42			'PreOrderID' => $payment['paymentRequestId'],
43			'cid' => $received['details']['CARTID'],
44		], '', '&');
45
46		$tikilib = TikiLib::lib('tiki');
47		$out = $tikilib->httprequest($url);
48
49		// All we care about is that the service received our request,
50		// not if it worked. checkWithService will pull the truth.
51		if ($out !== false) {
52			$this->checkWithService($payment['paymentRequestId']);
53			return true;
54		}
55
56		return false;
57	}
58
59	private function checkWithService($paymentId)
60	{
61		global $prefs;
62
63		$client = $this->getClient();
64		$response = $client->INQUIRE($prefs['payment_israelpost_business_id'], $prefs['payment_israelpost_api_password'], $paymentId);
65		if (isset($response->ORDERS)) {
66			$payment = $this->payment->get_payment($paymentId);
67			// Collect the payment ids already entered
68			$existingOrders = array_map(function ($payment) {
69				return $payment['details']['ORDERID'];
70			}, $payment['payments']);
71			$existingAuth = array_map(function ($payment) {
72				return $payment['details']['AUTHORISAT'];
73			}, $payment['payments']);
74
75			$entered = false;
76			foreach ($response->ORDERS as $order) {
77				if ($order->STATUS == 2) { // Order approved
78					if (! in_array($order->ORDERID, $existingOrders) // Order not already entered
79						&& $order->CURRENCY_CODE == $payment['currency'] // Same currency - we do not deal with conversions
80					) {
81						$this->payment->enter_payment($paymentId, $order->TOTAL_PAID, 'israelpost', (array) $order);
82						$entered = true;
83					}
84				} elseif ($order->STATUS == 5) { // Pre-auth
85					if (! in_array($order->AUTHORISAT, $existingAuth) // Order not already entered
86						&& $order->CURRENCY_CODE == $payment['currency'] // Same currency - we do not deal with conversions
87					) {
88						$this->payment->enter_authorization($paymentId, 'israelpost', 3, (array) $order);
89						$entered = true;
90					}
91				}
92			}
93
94			return $entered;
95		}
96
97		return false;
98	}
99
100	private function generateHash($paymentId, $jitGet)
101	{
102		global $prefs;
103
104		$combined = [$prefs['payment_israelpost_business_id'], $prefs['payment_israelpost_api_password']];
105
106		if ($prefs['payment_israelpost_request_preauth'] == 'y') {
107			$combined[] = $jitGet->authorisat->digits();
108		} else {
109			$combined[] = $jitGet->OrderID->digits();
110		}
111
112		$combined[] = $jitGet->CartID->word();
113		$combined[] = $paymentId;
114
115		return hash("sha256", implode('', $combined));
116	}
117
118	private function getClient()
119	{
120		global $prefs;
121
122		$wsdl = $prefs['payment_israelpost_environment'] . 'GetGenericStatus?wsdl';
123		$client = new Zend\Soap\Client($wsdl, [
124			'soap_version' => SOAP_1_1,
125		]);
126
127		return $client;
128	}
129}
130