示例#1
0
        /// <summary>
        /// Validate IPN callback
        /// </summary>
        /// <param name="form">Form parameters</param>
        /// <param name="storeId">Store identifier; pass null to use "all stores" identifier</param>
        /// <param name="order">Order</param>
        /// <returns>true if there are no errors; otherwise false</returns>
        protected bool ValidateIPN(FormCollection form, int?storeId, out Order order)
        {
            //validate order guid
            order = null;
            Guid orderGuid;

            if (!Guid.TryParse(form["userOrderId"], out orderGuid))
            {
                return(false);
            }

            //check that order exists
            order = _orderService.GetOrderByGuid(orderGuid);
            if (order == null)
            {
                _logger.Error(string.Format("G2A Pay IPN error: Order with guid {0} is not found", orderGuid));
                return(false);
            }

            //validate order total
            decimal orderTotal;

            if (!decimal.TryParse(form["amount"], out orderTotal) || Math.Round(order.OrderTotal, 2) != Math.Round(orderTotal, 2))
            {
                _logger.Error("G2A Pay IPN error: order totals not match");
                return(false);
            }

            //validate hash
            var g2apayPaymentSettings = _settingService.LoadSetting <G2APayPaymentSettings>(storeId ?? 0);
            var stringToHash          = string.Format("{0}{1}{2}{3}", form["transactionId"], form["userOrderId"], form["amount"], g2apayPaymentSettings.SecretKey);
            var hash = new SHA256Managed().ComputeHash(Encoding.Default.GetBytes(stringToHash))
                       .Aggregate(string.Empty, (current, next) => string.Format("{0}{1}", current, next.ToString("x2")));

            if (!hash.Equals(form["hash"]))
            {
                _logger.Error("G2A Pay IPN error: hashes not match");
                return(false);
            }

            return(true);
        }