<?phpdeclare(strict_types=1);namespace Aspello\Payum\PayByNet\Action\API;use Aspello\Payum\PayByNet\Exception\InvalidNotifyHttpRequestException;use Aspello\Payum\PayByNet\Exception\WrongNotifyHttpRequestException;use Aspello\Payum\PayByNet\Request\AssertNotifyRequestData;use Aspello\Payum\PayByNet\Api;use Payum\Core\Action\ActionInterface;use Payum\Core\ApiAwareInterface;use Payum\Core\ApiAwareTrait;use Payum\Core\Request\GetHttpRequest;final class AssertNotifyRequestDataAction implements ActionInterface, ApiAwareInterface{ use ApiAwareTrait; /** @var Api */ protected $api; public function __construct() { $this->apiClass = Api::class; } /** * @param AssertNotifyRequestData $request * @return void */ public function execute($request): void { if (!$this->isNotifyHttpRequest($request->notifyRequest)) { throw new WrongNotifyHttpRequestException('Invalid notify request.'); } $requestData = $request->notifyRequest->request; $hashToCompareWith = $this->api->prepareNotifyHash($requestData); if ($requestData['hash'] !== $hashToCompareWith) { throw new InvalidNotifyHttpRequestException('Invalid hash value.'); } if ($request->details instanceof \ArrayObject && (float)$requestData['transAmount'] !== (float)$request->details['amount']) { throw new InvalidNotifyHttpRequestException('Invalid transAmount value.'); } } public function supports($request): bool { return $request instanceof AssertNotifyRequestData; } private function isNotifyHttpRequest(GetHttpRequest $httpRequest): bool { if ('POST' !== strtoupper($httpRequest->method)) { return false; } $mandatoryFields = ['newStatus', 'transAmount', 'paymentId', 'hash']; foreach ($mandatoryFields as $mandatoryField) { if (!array_key_exists($mandatoryField, $httpRequest->request)) { return false; } } return true; }}