Incoviba/oficial
1
0
Fork 0
Code Issues Pull Requests 2 Releases Wiki Activity

HMAC not static

Browse Source
This commit is contained in:
Juan Pablo Vial
2025-06-03 23:04:57 -04:00
parent 1c3052219c
commit c5188a1feb
3 changed files with 12 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/setup/setups/services.php
View File

@ -154,7 +154,8 @@ return [
Incoviba\Service\Venta\MediosPago\Toku::class => function(ContainerInterface $container) {
return (new Incoviba\Service\Venta\MediosPago\Toku(
$container->get('externalLogger'),
$container->get(Incoviba\Common\Define\Connection::class)
$container->get(Incoviba\Common\Define\Connection::class),
$container->get(Incoviba\Service\HMAC::class)
))
->register('customer', $container->get(Incoviba\Service\Venta\MediosPago\Toku\Customer::class))
->register('subscription', $container->get(Incoviba\Service\Venta\MediosPago\Toku\Subscription::class))

8
app/src/Service/HMAC.php
View File

@ -5,13 +5,19 @@ use Incoviba\Common\Ideal;
class HMAC extends Ideal\Service
{
public static function validate(string $timestamp, string $requestSignature, string $requestId, string $secret): bool
public function validate(string $timestamp, string $requestSignature, string $requestId, string $secret): bool
{
$message = "{$timestamp}.{$requestId}";
$encodedSecret = mb_convert_encoding($secret, 'UTF-8');
$encodedMessage = mb_convert_encoding($message, 'UTF-8');
$hmacObject = hash_hmac('sha256', $encodedMessage, $encodedSecret);
$computedSignature = base64_encode($hmacObject);
$this->logger->info('Validating HMAC', [
'requestSignature' => $requestSignature,
'computedSignature' => $hmacObject,
'compare1' => hash_equals($hmacObject, $requestSignature),
'compare2' => hash_equals($computedSignature, $requestSignature),
]);
return hash_equals($computedSignature, $requestSignature);
}
}

18
app/src/Service/Venta/MediosPago/Toku.php
View File

@ -27,7 +27,7 @@ class Toku extends Ideal\Service
protected Subscription $subscription;
protected Invoice $invoice;
public function __construct(LoggerInterface $logger, protected Connection $connection)
public function __construct(LoggerInterface $logger, protected Connection $connection, protected HMAC $hmac)
{
parent::__construct($logger);
}
@ -446,21 +446,9 @@ class Toku extends Ideal\Service
return false;
}
foreach ($results as $secret) {
$this->logger->info('Toku webhook validated', [
'timestamp' => $timestamp,
'signature' => $signature,
'eventId' => $eventId,
'eventType' => $eventType,
'secret' => $secret,
]);
if (HMAC::validate($timestamp, $signature, $eventId, $secret)) {
return true;
}
}
/*if (array_any($results, fn($secret) => HMAC::validate($timestamp, $signature, $eventId, $secret))) {
if (array_any($results, fn($secret) => $this->hmac->validate($timestamp, $signature, $eventId, $secret))) {
return true;
}*/
}
} catch (Throwable $throwable) {
$this->logger->error($throwable);