From 6b5909f4af6a11b53087733e55f886de2aafa9f1 Mon Sep 17 00:00:00 2001 From: albin tjernqvist Date: Thu, 28 Mar 2019 15:16:36 +0100 Subject: [PATCH] Removed redundant callback url param --- .../Checkout/Model/Checkout/Api/BuildOrder.php | 16 +++++----------- .../Checkout/controllers/IndexController.php | 5 ++--- .../controllers/ValidationController.php | 7 ------- 3 files changed, 7 insertions(+), 21 deletions(-) diff --git a/app/code/community/Svea/Checkout/Model/Checkout/Api/BuildOrder.php b/app/code/community/Svea/Checkout/Model/Checkout/Api/BuildOrder.php index 11f763e..1845a63 100644 --- a/app/code/community/Svea/Checkout/Model/Checkout/Api/BuildOrder.php +++ b/app/code/community/Svea/Checkout/Model/Checkout/Api/BuildOrder.php @@ -146,24 +146,18 @@ protected function _setupOrderConfig($sveaOrder, $quote) $quoteId = $quote->getId(); $storeId = Mage::app()->getStore()->getId(); $mode = Mage::getStoreConfig('payment/SveaCheckout/testmode', $storeId) ? 'test' : 'prod'; - $secret = urlencode(Mage::getModel('Core/Encryption')->encrypt($quoteId)); - $pushParams = [ + $callbackParams = [ 'quoteId' => $quoteId, 'mode' => $mode, ]; - if (isset($pushParams['sveaId'])) { - $pushParams['sveaId'] = $quote->getPaymentReference(); + if (isset($callbackParams['sveaId'])) { + $callbackParams['sveaId'] = $quote->getPaymentReference(); } - $validationParams = array_merge( - $pushParams, - ['secret' => $secret] - ); - - $pushUri = Mage::getUrl('sveacheckout/push', $pushParams); - $validationUri = Mage::getUrl('sveacheckout/validation', $validationParams); + $pushUri = Mage::getUrl('sveacheckout/push', $callbackParams); + $validationUri = Mage::getUrl('sveacheckout/validation', $callbackParams); $termsUri = Mage::getUrl('sveacheckout/index/terms', ['quoteId' => $quoteId]); //payment_SveaCheckout_override_terms_uri diff --git a/app/code/community/Svea/Checkout/controllers/IndexController.php b/app/code/community/Svea/Checkout/controllers/IndexController.php index 59b0188..bacc358 100644 --- a/app/code/community/Svea/Checkout/controllers/IndexController.php +++ b/app/code/community/Svea/Checkout/controllers/IndexController.php @@ -302,10 +302,9 @@ protected function _getSveaResponse($sveaOrder) if(isset($response['MerchantSettings']['CheckoutValidationCallBackUri'])){ $validationUri = $response['MerchantSettings']['CheckoutValidationCallBackUri']; - preg_match('/secret\/(.+)\//', $validationUri, $validationUri); - $encryptedSecret = urlencode(Mage::getModel('Core/Encryption')->encrypt($quote->getId())); + preg_match('/quoteId\/([0-9]+)\//', $validationUri, $validationUri); - if ($validationUri[1] != $encryptedSecret) { + if ($validationUri[1] != $quote->getId()) { $this->_invalidateQuote($sveaOrder, $quote); } } diff --git a/app/code/community/Svea/Checkout/controllers/ValidationController.php b/app/code/community/Svea/Checkout/controllers/ValidationController.php index 41d4e0c..3d1a4dd 100755 --- a/app/code/community/Svea/Checkout/controllers/ValidationController.php +++ b/app/code/community/Svea/Checkout/controllers/ValidationController.php @@ -22,8 +22,6 @@ public function indexAction() $sveaOrder = $svea->setupCommunication(); $request = $this->getRequest(); $quoteId = (int)$request->getParam('quoteId'); - $secret = $request->getParam('secret'); - $decryptedSecret = (int)Mage::getModel('Core/Encryption')->decrypt($secret); $orderQueueItem = Mage::getModel('sveacheckout/queue')->load($quoteId, 'quote_id'); if (!$orderQueueItem->getId()) { @@ -31,11 +29,6 @@ public function indexAction() return $this->reportAndReturn(204, "QueueItem {$quoteId} not found in queue."); } - if ($decryptedSecret !== $quoteId) { - - return $this->reportAndReturn(204, "Secret does not match on Queue ID {$quoteId}."); - } - try { $quote = $this->_getQuoteById($quoteId); $storeId = $quote->getStoreId();