2012-10-01 12:28:57 -07:00
|
|
|
<?php
|
|
|
|
|
2014-01-28 13:29:34 -08:00
|
|
|
/**
|
|
|
|
* ©2011,2012,2013,2014 BITPAY, INC.
|
|
|
|
*
|
|
|
|
* Permission is hereby granted to any person obtaining a copy of this software
|
|
|
|
* and associated documentation for use and/or modification in association with
|
|
|
|
* the bitpay.com service.
|
|
|
|
*
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
|
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
|
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
|
|
* THE SOFTWARE.
|
|
|
|
*
|
|
|
|
* Bitcoin payment plugin using the bitpay.com service.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2013-12-12 10:48:35 -08:00
|
|
|
require_once 'bp_config_default.php';
|
2012-10-01 12:28:57 -07:00
|
|
|
require_once 'bp_options.php';
|
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
/**
|
|
|
|
* @param string $url
|
|
|
|
* @param string $apiKey
|
|
|
|
* @param bool $post
|
|
|
|
*
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
function bpCurl($url, $apiKey, $post = false)
|
|
|
|
{
|
|
|
|
global $bpOptions, $bpconfig;
|
|
|
|
|
|
|
|
$curl = curl_init($url);
|
|
|
|
$length = 0;
|
|
|
|
|
|
|
|
if ($post)
|
|
|
|
{
|
|
|
|
curl_setopt($curl, CURLOPT_POST, 1);
|
|
|
|
curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
|
|
|
|
$length = strlen($post);
|
|
|
|
}
|
|
|
|
|
|
|
|
$uname = base64_encode($apiKey);
|
|
|
|
$header = array(
|
|
|
|
'Content-Type: application/json',
|
|
|
|
'Content-Length: ' . $length,
|
|
|
|
'Authorization: Basic ' . $uname,
|
|
|
|
'X-BitPay-Plugin-Info: magento5',
|
|
|
|
);
|
|
|
|
|
|
|
|
curl_setopt($curl, CURLOPT_PORT, $bpconfig['port']);
|
|
|
|
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
|
|
|
|
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
|
|
|
|
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC ) ;
|
|
|
|
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $bpconfig['ssl_verifypeer']); // verify certificate
|
|
|
|
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $bpconfig['ssl_verifyhost']); // check existence of CN and verify that it matches hostname
|
|
|
|
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
|
|
|
|
curl_setopt($curl, CURLOPT_FORBID_REUSE, 1);
|
|
|
|
curl_setopt($curl, CURLOPT_FRESH_CONNECT, 1);
|
|
|
|
|
|
|
|
$responseString = curl_exec($curl);
|
|
|
|
|
|
|
|
if($responseString == false)
|
|
|
|
{
|
|
|
|
$response = array('error' => curl_error($curl));
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
$response = json_decode($responseString, true);
|
|
|
|
if (!$response)
|
|
|
|
{
|
|
|
|
$response = array('error' => 'invalid json: '.$responseString);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
curl_close($curl);
|
|
|
|
|
|
|
|
return $response;
|
2012-10-01 12:28:57 -07:00
|
|
|
}
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
/**
|
|
|
|
* $orderId: Used to display an orderID to the buyer. In the account summary view, this value is used to
|
|
|
|
* identify a ledger entry if present.
|
|
|
|
*
|
|
|
|
* $price: by default, $price is expressed in the currency you set in bp_options.php. The currency can be
|
|
|
|
* changed in $options.
|
|
|
|
*
|
|
|
|
* $posData: this field is included in status updates or requests to get an invoice. It is intended to be used by
|
|
|
|
* the merchant to uniquely identify an order associated with an invoice in their system. Aside from that, Bit-Pay does
|
|
|
|
* not use the data in this field. The data in this field can be anything that is meaningful to the merchant.
|
|
|
|
*
|
|
|
|
* $options keys can include any of:
|
|
|
|
* ('itemDesc', 'itemCode', 'notificationEmail', 'notificationURL', 'redirectURL', 'apiKey'
|
|
|
|
* 'currency', 'physical', 'fullNotifications', 'transactionSpeed', 'buyerName',
|
|
|
|
* 'buyerAddress1', 'buyerAddress2', 'buyerCity', 'buyerState', 'buyerZip', 'buyerEmail', 'buyerPhone')
|
|
|
|
* If a given option is not provided here, the value of that option will default to what is found in bp_options.php
|
|
|
|
* (see api documentation for information on these options).
|
|
|
|
*
|
|
|
|
* @param string $orderId
|
|
|
|
* @param string $price
|
|
|
|
* @param string $posData
|
|
|
|
* @param array $options
|
|
|
|
*
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
function bpCreateInvoice($orderId, $price, $posData, $options = array())
|
|
|
|
{
|
|
|
|
global $bpOptions, $bpconfig;
|
|
|
|
|
|
|
|
$options = array_merge($bpOptions, $options); // $options override any options found in bp_options.php
|
|
|
|
$pos = array('posData' => $posData);
|
|
|
|
|
|
|
|
if ($bpOptions['verifyPos'])
|
|
|
|
{
|
|
|
|
$pos['hash'] = crypt(serialize($posData), $options['apiKey']);
|
|
|
|
}
|
|
|
|
|
|
|
|
$options['posData'] = json_encode($pos);
|
|
|
|
$options['orderID'] = $orderId;
|
|
|
|
$options['price'] = $price;
|
|
|
|
|
|
|
|
$postOptions = array('orderID', 'itemDesc', 'itemCode', 'notificationEmail', 'notificationURL', 'redirectURL',
|
|
|
|
'posData', 'price', 'currency', 'physical', 'fullNotifications', 'transactionSpeed', 'buyerName',
|
|
|
|
'buyerAddress1', 'buyerAddress2', 'buyerCity', 'buyerState', 'buyerZip', 'buyerEmail', 'buyerPhone');
|
|
|
|
|
|
|
|
foreach($postOptions as $o)
|
|
|
|
{
|
|
|
|
if (array_key_exists($o, $options))
|
|
|
|
{
|
|
|
|
$post[$o] = $options[$o];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$post = json_encode($post);
|
|
|
|
$response = bpCurl('https://'.$bpconfig['hostAndPort'].'/api/invoice/', $options['apiKey'], $post);
|
|
|
|
|
|
|
|
return $response;
|
2012-10-01 12:28:57 -07:00
|
|
|
}
|
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
/**
|
|
|
|
* Call from your notification handler to convert $_POST data to an object containing invoice data
|
|
|
|
*
|
|
|
|
* @param boolean|string $apiKey
|
|
|
|
*
|
|
|
|
* @return string|array
|
|
|
|
*/
|
|
|
|
function bpVerifyNotification($apiKey = false)
|
|
|
|
{
|
|
|
|
global $bpOptions, $bpconfig;
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
if (!$apiKey)
|
|
|
|
{
|
|
|
|
$apiKey = $bpOptions['apiKey'];
|
|
|
|
}
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
$post = file_get_contents("php://input");
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
if (!$post)
|
|
|
|
{
|
|
|
|
return 'No post data';
|
|
|
|
}
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
$json = json_decode($post, true);
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
if (is_string($json))
|
|
|
|
{
|
|
|
|
return $json; // error
|
|
|
|
}
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
if (!array_key_exists('posData', $json))
|
|
|
|
{
|
|
|
|
return 'no posData';
|
|
|
|
}
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
$posData = json_decode($json['posData'], true);
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
if($bpOptions['verifyPos'] and $posData['hash'] != crypt(serialize($posData['posData']), $apiKey))
|
|
|
|
{
|
|
|
|
return 'authentication failed (bad hash)';
|
|
|
|
}
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
$json['posData'] = $posData['posData'];
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
return $json;
|
2012-10-01 12:28:57 -07:00
|
|
|
}
|
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
/**
|
|
|
|
* $options can include ('apiKey')
|
|
|
|
*
|
|
|
|
* @param string $invoiceId
|
|
|
|
* @param boolean|string $apiKey
|
|
|
|
*
|
|
|
|
* @return string|array
|
|
|
|
*/
|
|
|
|
function bpGetInvoice($invoiceId, $apiKey=false)
|
|
|
|
{
|
|
|
|
global $bpOptions, $bpconfig;
|
2012-10-01 12:28:57 -07:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
if (!$apiKey)
|
|
|
|
{
|
|
|
|
$apiKey = $bpOptions['apiKey'];
|
|
|
|
}
|
2012-10-30 14:29:43 -07:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
$response = bpCurl('https://'.$bpconfig['hostAndPort'].'/api/invoice/'.$invoiceId, $apiKey);
|
2012-10-01 12:28:57 -07:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
if (is_string($response))
|
|
|
|
{
|
|
|
|
return $response; // error
|
|
|
|
}
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
$response['posData'] = json_decode($response['posData'], true);
|
|
|
|
$response['posData'] = $response['posData']['posData'];
|
2014-01-28 13:29:34 -08:00
|
|
|
|
2014-07-02 10:15:41 -07:00
|
|
|
return $response;
|
2014-01-28 13:29:34 -08:00
|
|
|
}
|