private CallbackResult GenerateAbortedCallbackResponse(OrderReadOnly order, CallbackRequestModel request, OpayoSettings settings) { logger.Warn <OpayoServerClient>("Payment transaction aborted:\n\tOpayoTx: {VPSTxId}\n\tDetail: {StatusDetail}", request.VPSTxId, request.StatusDetail); var validSig = ValidateVpsSigniture(order, request, settings); return(new CallbackResult { HttpResponse = new HttpResponseMessage(System.Net.HttpStatusCode.OK) { Content = validSig ? GenerateAbortCallbackResponseBody() : GenerateInvalidCallbackResponseBody() } }); }
private CallbackResult GeneratePendingCallbackResponse(OrderReadOnly order, CallbackRequestModel request, OpayoSettings settings) { logger.Warn <OpayoServerClient>("Payment transaction pending:\n\tOpayoTx: {VPSTxId}", request.VPSTxId); var validSig = ValidateVpsSigniture(order, request, settings); return(new CallbackResult { TransactionInfo = validSig ? new TransactionInfo { TransactionId = request.VPSTxId, AmountAuthorized = order.TotalPrice.Value.WithTax, TransactionFee = request.Surcharge, PaymentStatus = PaymentStatus.PendingExternalSystem } : null, HttpResponse = new HttpResponseMessage(System.Net.HttpStatusCode.OK) { Content = validSig ? GenerateOkCallbackResponseBody() : GenerateInvalidCallbackResponseBody() } }); }
private CallbackResult GenerateNotAuthorisedCallbackResponse(OrderReadOnly order, CallbackRequestModel request, OpayoSettings settings) { logger.Warn <OpayoServerClient>("Payment transaction not authorised:\n\tOpayoTx: {VPSTxId}", request.VPSTxId); var validSig = ValidateVpsSigniture(order, request, settings); return(new CallbackResult { TransactionInfo = validSig ? new TransactionInfo { TransactionId = request.VPSTxId, AmountAuthorized = 0, TransactionFee = request.Surcharge, PaymentStatus = PaymentStatus.Error } : null, HttpResponse = new HttpResponseMessage(System.Net.HttpStatusCode.OK) { Content = validSig ? GenerateRejectedCallbackResponseBody() : GenerateInvalidCallbackResponseBody() }, MetaData = validSig ? new Dictionary <string, string> { { OpayoConstants.OrderProperties.TransDetails, string.Join(":", request.TxAuthNo, request.CardType, request.Last4Digits) }, { OpayoConstants.OrderProperties.TransDetailsHash, string.Join(":", request.TxAuthNo, request.CardType, request.Last4Digits).ToMD5Hash() } } : null }); }
private CallbackResult GenerateAuthenticatedCallbackResponse(OrderReadOnly order, CallbackRequestModel request, OpayoSettings settings) { logger.Warn <OpayoServerClient>("Payment transaction Authenticated:\n\tOpayoTx: {VPSTxId}", request.VPSTxId); var validSig = ValidateVpsSigniture(order, request, settings); return(new CallbackResult { HttpResponse = new HttpResponseMessage(System.Net.HttpStatusCode.OK) { Content = validSig ? GenerateOkCallbackResponseBody() : GenerateInvalidCallbackResponseBody() }, MetaData = validSig ? new Dictionary <string, string> { { OpayoConstants.OrderProperties.TransDetails, string.Join(":", request.TxAuthNo, request.CardType, request.Last4Digits) }, { OpayoConstants.OrderProperties.TransDetailsHash, string.Join(":", request.TxAuthNo, request.CardType, request.Last4Digits).ToMD5Hash() } } : null }); }
public CallbackResult HandleCallback(OrderReadOnly order, CallbackRequestModel request, OpayoSettings settings) { switch (request.Status) { case OpayoConstants.CallbackRequest.Status.Abort: return(GenerateAbortedCallbackResponse(order, request, settings)); case OpayoConstants.CallbackRequest.Status.Rejected: return(GenerateRejectedCallbackResponse(order, request, settings)); case OpayoConstants.CallbackRequest.Status.Registered: case OpayoConstants.CallbackRequest.Status.Error: return(GenerateErrorCallbackResponse(order, request, settings)); case OpayoConstants.CallbackRequest.Status.Pending: return(GeneratePendingCallbackResponse(order, request, settings)); case OpayoConstants.CallbackRequest.Status.Ok: return(GenerateOkCallbackResponse(order, request, settings)); case OpayoConstants.CallbackRequest.Status.NotAuthorised: return(GenerateNotAuthorisedCallbackResponse(order, request, settings)); case OpayoConstants.CallbackRequest.Status.Authenticated: return(GenerateAuthenticatedCallbackResponse(order, request, settings)); default: logger.Warn <SagePayServerClient>("Unknown callback response status recieved: {status}", request.Status); return(CallbackResult.Empty); } }
private bool ValidateVpsSigniture(OrderReadOnly order, CallbackRequestModel callbackRequest, OpayoSettings settings) { var md5Values = new List <string> { callbackRequest.VPSTxId, callbackRequest.VendorTxCode, callbackRequest.Status, callbackRequest.TxAuthNo, settings.VendorName.ToLowerInvariant(), callbackRequest.AVSCV2, order.Properties[OpayoConstants.OrderProperties.SecurityKey]?.Value, callbackRequest.AddressResult, callbackRequest.PostCodeResult, callbackRequest.CV2Result, callbackRequest.GiftAid, callbackRequest.SecureStatus, callbackRequest.CAVV, callbackRequest.AddressStatus, callbackRequest.PayerStatus, callbackRequest.CardType, callbackRequest.Last4Digits, callbackRequest.DeclineCode, callbackRequest.ExpiryDate, callbackRequest.FraudResponse, callbackRequest.BankAuthCode }; string calcedMd5Hash = string.Join("", md5Values.Where(v => string.IsNullOrEmpty(v) == false)).ToMD5Hash().ToUpperInvariant(); return(callbackRequest.VPSSignature == calcedMd5Hash); }