/// <summary>
 /// Initializes a new instance of the <see cref="QuickpayPageBuilder"/> class.
 /// </summary>
 public QuickpayPageBuilder(QuickpayMd5Computer md5Computer, IAbsoluteUrlService absoluteUrlService, ICallbackUrl callbackUrl)
 {
     _absoluteUrlService = absoluteUrlService;
     _callbackUrl        = callbackUrl;
     LocalizationContext = new CustomGlobalization();
     Md5Computer         = md5Computer;
 }
        /// <summary>
        /// Refunds the payment from the payment provider. This is often used when you need to call external services to handle the refund process.
        /// </summary>
        /// <param name="payment">The payment.</param>
        /// <param name="status">The status.</param>
        /// <returns></returns>
        protected override bool RefundPaymentInternal(Payment payment, out string status)
        {
            string merchant  = payment.PaymentMethod.DynamicProperty <string>().Merchant.ToString();
            string apiKey    = payment.PaymentMethod.DynamicProperty <string>().ApiKey.ToString();
            string md5Secret = payment.PaymentMethod.DynamicProperty <string>().Md5secret.ToString();

            var postValues = GetDefaultPostValues(payment.PaymentMethod);

            postValues.Add("msgtype", "refund");
            postValues.Add("amount", payment.Amount.ToCents().ToString());
            postValues.Add("transaction", payment.TransactionId);
            postValues.Add("md5check", QuickpayMd5Computer.GetRefundPreMd5Key(PROTOCOL, payment.Amount.ToCents().ToString(), payment.TransactionId, merchant, apiKey, md5Secret));

            var httpPost = new HttpPost(API_ENDPOINT_URL, postValues);

            string postResponse = httpPost.GetString();
            bool   callStatus   = ValidateApiCall(postResponse, payment.PaymentMethod);

            if (callStatus)
            {
                status = PaymentMessages.RefundSuccess + " >> " + postResponse;
            }
            else
            {
                status = String.Format("{0} >> {1} >> {2}", PaymentMessages.RefundFailed, GetCallStatusMessage(postResponse), postResponse);
            }

            return(callStatus);
        }
        /// <summary>
        /// Determines if the API operation was successful
        /// </summary>
        /// <param name="message">The XML response string.</param>
        /// <param name="paymentMethod">The payment method.</param>
        /// <returns>The call status</returns>
        private bool ValidateApiCall(string message, PaymentMethod paymentMethod)
        {
            string md5Secret = paymentMethod.DynamicProperty <string>().Md5secret;

            string md5ResponseString = "";
            string md5Check          = "";

            var responseElement = XDocument.Parse(message).Element("response");

            if (responseElement == null)
            {
                return(false);
            }

            // Concat all elements for MD5 check to
            // validate the returned response.
            // Make sure to exclude to sent MD5 value.
            md5ResponseString = responseElement.Descendants()
                                .Where(x => x.Name.ToString() != "md5check")
                                .Select(x => x.Value)
                                .Aggregate((a, b) => a + b);

            md5Check = responseElement.Element("md5check").Value;

            string status = responseElement.Element("qpstat").Value;

            string md5CheckResponse = QuickpayMd5Computer.GetMd5KeyFromResponseValueString(md5ResponseString, md5Secret);

            return(status.Equals("000") &&
                   !String.IsNullOrEmpty(md5Check) &&
                   !String.IsNullOrEmpty(md5CheckResponse) &&
                   md5Check.Equals(md5CheckResponse));
        }
        private bool ValidateCallback(PaymentMethod paymentMethod)
        {
            string md5Secret = paymentMethod.DynamicProperty <string>().Md5secret;

            string[] requestFieldNames =
            {
                "msgtype",
                "ordernumber",
                "amount",
                "currency",
                "time",
                "state",
                "qpstat",
                "qpstatmsg",
                "chstat",
                "chstatmsg",
                "merchant",
                "merchantemail",
                "transaction",
                "cardtype",
                "cardnumber",
                "cardexpire",
                "splitpayment",
                "fraudprobability",
                "fraudremarks",
                "fraudreport",
                "fee"
            };

            var sb = new StringBuilder();

            foreach (string field in requestFieldNames)
            {
                sb.Append(HttpContext.Current.Request[field]);
            }

            string md5Response    = QuickpayMd5Computer.GetMd5KeyFromResponseValueString(sb.ToString(), md5Secret);
            string md5Check       = HttpContext.Current.Request["md5check"];
            string quickPayStatus = HttpContext.Current.Request["qpstat"];

            return(quickPayStatus.Equals("000") && md5Response.Equals(md5Check));
        }
 /// <summary>
 /// Initializes a new instance of the <see cref="QuickpayPaymentMethodService"/> class.
 /// </summary>
 public QuickpayPaymentMethodService(QuickpayPageBuilder pageBuilder, QuickpayMd5Computer md5Computer, IWebRuntimeInspector webRuntimeInspector)
 {
     _webRuntimeInspector = webRuntimeInspector;
     QuickpayMd5Computer  = md5Computer;
     PageBuilder          = pageBuilder;
 }