/// <summary> /// If transaction is made with currency conversion, validate data saved on external server. /// </summary> /// <param name="order">The order instance.</param> /// <param name="data">Data sent by external server.</param> /// <returns>True if valid. False if no valid.</returns> public bool ValidateDataSavedAtExternalServer(Order order, DotPayOperationDetails externalData) { return(externalData.Control == order.OrderNumber && externalData.OriginalAmount == order.Cart.CartLines.Sum(x => x.Product.Price * x.Quantity) && externalData.OriginalCurrency == settings.Currency && externalData.OperationStatus == "completed" && externalData.OperationType == "payment"); }
public HttpStatusCode DotPayConfirmation(DotPayTransactionResponse model) { Response.Charset = "utf-8"; string dotPayIp = "195.150.9.37"; if (dotPayIp == HttpContext.Request.UserHostAddress) { string sum = string.Concat(AppSettings.GetDotPayPIN(), model.id.ToString(), model.operation_number, model.operation_type, model.operation_status, model.operation_amount, model.operation_currency, model.operation_original_amount, model.operation_original_currency, model.operation_datetime, model.control, model.description, model.email, model.p_info, model.p_email, model.channel); string checksum = SHA.GetSHA256Hash(sum); if (checksum == model.signature) { Order order = _orderRepository.GetByOrderNumber(model.control); if (order != null) { if (order.TransactionNumber != null) { return(HttpStatusCode.OK); } bool isTransactionValid = true; bool isPaymentDone = _transactionRepository.IsPaymentCompleted(model.id, model.operation_number, model.operation_type, model.operation_status); if (!isPaymentDone) { _orderRepository.OrderPaymentFailed(order); _mailingRepository.PaymentFailedMail(order.AppUser.Email, order.OrderNumber); _unitOfWork.SaveChanges(); return(HttpStatusCode.OK); } bool isSameCurrency = _transactionRepository.IsTransactionSameCurrency(model.operation_amount, model.operation_currency, model.operation_original_amount, model.operation_original_currency); if (!isSameCurrency) { string responseString = RequestWeb.GetOperationDetails(model.operation_number); DotPayOperationDetails data = JsonConvert.DeserializeObject <DotPayOperationDetails>(responseString); isTransactionValid = _transactionRepository.ValidateDataSavedAtExternalServer(order, data); } else { isTransactionValid = _transactionRepository.ValidateSameCurrencyTransaction(model.operation_amount, model.operation_currency, model.control, order); } if (!isTransactionValid) { _orderRepository.OrderPaymentFailed(order); _mailingRepository.PaymentFailedMail(order.AppUser.Email, order.OrderNumber); _unitOfWork.SaveChanges(); return(HttpStatusCode.OK); } _orderRepository.OrderPaymentSuccess(order, model.operation_number); _mailingRepository.OrderChangedStatusMail(order.AppUser.Email, order.OrderNumber, order.OrderStatus.ToString(), "Order " + order.OrderNumber + " status updated"); _unitOfWork.SaveChanges(); } } } return(HttpStatusCode.OK); }