private YandexResponceModel _CheckRequest(YandexRequestModel model, string action) { YandexResponceModel responce = new YandexResponceModel() { code = 200, performedDatetime = DateTime.Now.ToString("O"), shopId = model.shopId, invoiceId = model.invoiceId }; try { responce.orderSumAmount = decimal.Parse(model.orderSumAmount, CultureInfo.InvariantCulture); Order order = _orderService.GetOrderById(Convert.ToInt32(model.orderNumber)); if (order == null) { responce.code = 100; responce.message = "Ордер не найден"; } else if (order.PaymentStatus == PaymentStatus.Pending) { var storeScope = this.GetActiveStoreScopeConfiguration(_storeService, _workContext); var yandexKassaPaymentSettings = _settingService.LoadSetting <YandexKassaPaymentSettings>(storeScope); if (!_VerifyMd5(action, model, order, yandexKassaPaymentSettings)) { responce.code = 1; } else { if (yandexKassaPaymentSettings.ShopId != model.shopId) { throw new Exception(); } if (Math.Abs(_currencyService.ConvertFromPrimaryStoreCurrency(order.OrderTotal, _workContext.WorkingCurrency) - responce.orderSumAmount) > 0.01M) { throw new Exception(); } responce.code = 0; } } } catch { responce.code = 200; } return(responce); }
private bool _VerifyMd5(string action, YandexRequestModel model, Order order, YandexKassaPaymentSettings settings) { StringBuilder sb = new StringBuilder(); sb.AppendFormat("{0};", action.Trim()); sb.AppendFormat("{0};", Math.Round(_currencyService.ConvertFromPrimaryStoreCurrency(order.OrderTotal, _workContext.WorkingCurrency), 2).ToString(CultureInfo.InvariantCulture).Trim()); sb.AppendFormat("{0};", model.orderSumCurrencyPaycash.Trim()); sb.AppendFormat("{0};", model.orderSumBankPaycash.Trim()); sb.AppendFormat("{0};", settings.ShopId.ToString().Trim()); sb.AppendFormat("{0};", model.invoiceId.ToString().Trim()); sb.AppendFormat("{0};", order.BillingAddress.Email.Trim()); sb.AppendFormat("{0}", settings.ShopPassword.Trim()); return(sb.ToString().VerifyMd5Hash(model.md5.Trim())); }
public ActionResult CallBack(YandexRequestModel model) { YandexResponceModel responce = _CheckRequest(model, model.action); string responseType = ""; switch (this.Request.Form["action"]) { case "checkOrder": responseType = "checkOrderResponse"; break; case "paymentAviso": responseType = "paymentAvisoResponse"; if (responce.code == 0) { try { Order order = _orderService.GetOrderById(Convert.ToInt32(model.orderNumber)); if (order != null && _orderProcessingService.CanMarkOrderAsPaid(order)) { order.AuthorizationTransactionId = model.invoiceId.ToString(); _orderService.UpdateOrder(order); _orderProcessingService.MarkOrderAsPaid(order); responce.code = 0; } else { responce.code = 200; } } catch { responce.code = 200; } } break; } return(new XmlActionResult(MakeXml(responseType, responce))); }