PK!src/DPMGateway.phpnu[createRequest('\Omnipay\AuthorizeNet\Message\DPMAuthorizeRequest', $parameters); } /** * Get, validate, interpret and respond to the Authorize.Net callback. */ public function completeAuthorize(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\DPMCompleteRequest', $parameters); } /** * Helper to generate the purchase direct-post form. */ public function purchase(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\DPMPurchaseRequest', $parameters); } /** * Get, validate, interpret and respond to the Authorize.Net callback. */ public function completePurchase(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\DPMCompleteRequest', $parameters); } } PK!src/SIMGateway.phpnu[getParameter('hashSecret'); } public function setHashSecret($value) { return $this->setParameter('hashSecret', $value); } public function authorize(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\SIMAuthorizeRequest', $parameters); } public function completeAuthorize(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\SIMCompleteAuthorizeRequest', $parameters); } public function purchase(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\SIMPurchaseRequest', $parameters); } public function completePurchase(array $parameters = array()) { return $this->completeAuthorize($parameters); } } PK!N'||src/Message/AIMResponse.phpnu[request = $request; $rawFields = substr($data, 1, - 1); if ($rawFields !== false) { $temp = explode('|,|', $rawFields); } else { $temp = array(); } $response_fields = array( 'Response Code', 'Response Subcode', 'Response Reason Code', 'Response Reason Text', 'Authorization Code', 'AVS Response', 'Transaction ID', 'Invoice Number', 'Description', 'Amount', 'Method', 'Transaction Type', 'Customer ID', 'First Name', 'Last Name', 'Company', 'Address', 'City', 'State', 'ZIP Code', 'Country', 'Phone', 'Fax', 'Email Address', 'Ship To First Name', 'Ship To Last Name', 'Ship To Company', 'Ship To Address', 'Ship To City', 'Ship To State', 'Ship To ZIP Code', 'Ship To Country', 'Tax', 'Duty', 'Freight', 'Tax Exempt', 'Purchase Order Number', 'MD5 Hash', 'Card Code Response', 'Cardholder Authentication Verification Response', 'Account Number', 'Card Type', 'Split Tender ID', 'Requested Amount', 'Balance On Card' ); $response = array(); foreach ($response_fields as $field) { $responseField = array_shift($temp); if (!is_null($responseField)) { $response[$field] = $responseField; } } $response_codes = array( 1 => 'Approved', 2 => 'Declined', 3 => 'Error', 4 => 'Held for Review' ); $avs_response_codes = array( 'A' => 'Address (Street) matches, ZIP does not', 'B' => 'Address information not provided for AVS check', 'E' => 'AVS error', 'G' => 'Non-U.S. Card Issuing Bank', 'N' => 'No Match on Address (Street) or ZIP', 'P' => 'AVS not applicable for this transaction', 'R' => 'Retry?System unavailable or timed out', 'S' => 'Service not supported by issuer', 'U' => 'Address information is unavailable', 'W' => 'Nine digit ZIP matches, Address (Street) does not', 'X' => 'Address (Street) and nine digit ZIP match', 'Y' => 'Address (Street) and five digit ZIP match', 'Z' => 'Five digit ZIP matches, Address (Street) does not' ); if (isset($response['Response Code']) && isset($response_codes[$response['Response Code']])) { $response['Response Code Message'] = $response_codes[$response['Response Code']]; } else { $response['Response Code Message'] = null; } if (isset($response['AVS Response']) && isset($avs_response_codes[$response['AVS Response']])) { $response['AVS Response Message'] = $avs_response_codes[$response['AVS Response']]; } else { $response['AVS Response Message'] = null; } $this->data = $response; if (count($this->data) < 10) { throw new InvalidResponseException(); } } public function isSuccessful() { return $this->getCodeMessage() == 'Approved'; } public function getCode() { return $this->data['Response Code']; } public function getCodeMessage() { return $this->data['Response Code Message']; } public function getReasonCode() { return $this->data['Response Reason Code']; } public function getMessage() { return $this->data['Response Reason Text']; } public function getAuthorizationCode() { return $this->data['Authorization Code']; } public function getAVSCode() { return $this->data['AVS Response']; } public function getAVSCodeMessage() { return $this->data['AVS Response Message']; } public function getTransactionReference() { return $this->data['Transaction ID']; } } PK!ZJsrc/Message/CaptureRequest.phpnu[validate('amount', 'transactionReference'); $data = $this->getBaseData(); $data['x_amount'] = $this->getAmount(); $data['x_trans_id'] = $this->getTransactionReference(); return $data; } } PK!b_J$src/Message/SIMAuthorizeResponse.phpnu[request = $request; $this->data = $data; $this->redirectUrl = $redirectUrl; } public function isSuccessful() { return false; } public function isRedirect() { return true; } public function getRedirectUrl() { return $this->redirectUrl; } public function getRedirectMethod() { return 'POST'; } public function getRedirectData() { return $this->getData(); } } PK!:"src/Message/SIMPurchaseRequest.phpnu[getParameter('apiLoginId'); } public function setApiLoginId($value) { return $this->setParameter('apiLoginId', $value); } public function getTransactionKey() { return $this->getParameter('transactionKey'); } public function setTransactionKey($value) { return $this->setParameter('transactionKey', $value); } public function getDeveloperMode() { return $this->getParameter('developerMode'); } public function setDeveloperMode($value) { return $this->setParameter('developerMode', $value); } public function getCustomerId() { return $this->getParameter('customerId'); } public function setCustomerId($value) { return $this->setParameter('customerId', $value); } public function getHashSecret() { return $this->getParameter('hashSecret'); } public function setHashSecret($value) { return $this->setParameter('hashSecret', $value); } public function getLiveEndpoint() { return $this->getParameter('liveEndpoint'); } public function setLiveEndpoint($value) { return $this->setParameter('liveEndpoint', $value); } public function setDeveloperEndpoint($value) { return $this->setParameter('developerEndpoint', $value); } public function getDeveloperEndpoint() { return $this->getParameter('developerEndpoint'); } /** * Base data used only for the AIM API. */ protected function getBaseData() { $data = array(); $data['x_login'] = $this->getApiLoginId(); $data['x_tran_key'] = $this->getTransactionKey(); $data['x_type'] = $this->action; $data['x_version'] = '3.1'; $data['x_delim_data'] = 'TRUE'; $data['x_delim_char'] = ','; $data['x_encap_char'] = '|'; $data['x_relay_response'] = 'FALSE'; return $data; } protected function getBillingData() { $data = array(); $data['x_amount'] = $this->getAmount(); // This is deprecated. The invoice number field is reserved for the invoice number. $data['x_invoice_num'] = $this->getTransactionId(); // A custom field can be used to pass over the merchant site transaction ID. $data[static::TRANSACTION_ID_PARAM] = $this->getTransactionId(); $data['x_description'] = $this->getDescription(); if ($card = $this->getCard()) { // customer billing details $data['x_first_name'] = $card->getBillingFirstName(); $data['x_last_name'] = $card->getBillingLastName(); $data['x_company'] = $card->getBillingCompany(); $data['x_address'] = trim( $card->getBillingAddress1()." \n". $card->getBillingAddress2() ); $data['x_city'] = $card->getBillingCity(); $data['x_state'] = $card->getBillingState(); $data['x_zip'] = $card->getBillingPostcode(); $data['x_country'] = $card->getBillingCountry(); $data['x_phone'] = $card->getBillingPhone(); $data['x_email'] = $card->getEmail(); // customer shipping details $data['x_ship_to_first_name'] = $card->getShippingFirstName(); $data['x_ship_to_last_name'] = $card->getShippingLastName(); $data['x_ship_to_company'] = $card->getShippingCompany(); $data['x_ship_to_address'] = trim( $card->getShippingAddress1()." \n". $card->getShippingAddress2() ); $data['x_ship_to_city'] = $card->getShippingCity(); $data['x_ship_to_state'] = $card->getShippingState(); $data['x_ship_to_zip'] = $card->getShippingPostcode(); $data['x_ship_to_country'] = $card->getShippingCountry(); } return $data; } public function sendData($data) { // Force TLS 1.2 $config = $this->httpClient->getConfig(); $curlOptions = $config->get('curl.options'); $curlOptions[CURLOPT_SSLVERSION] = 6; $config->set('curl.options', $curlOptions); $this->httpClient->setConfig($config); $httpResponse = $this->httpClient->post($this->getEndpoint(), null, $data)->send(); return $this->response = new AIMResponse($this, $httpResponse->getBody()); } public function getEndpoint() { if ($this->getDeveloperMode()) { return $this->getParameter('developerEndpoint'); } else { return $this->getParameter('liveEndpoint'); } } } PK!vӅsrc/Message/AIMVoidRequest.phpnu[validate('transactionReference'); $data = $this->getBaseData(); $data['x_trans_id'] = $this->getTransactionReference(); return $data; } } PK!#@"src/Message/DPMPurchaseRequest.phpnu[response = new DPMCompleteResponse($this, $data); } } PK!Kf: : +src/Message/SIMCompleteAuthorizeRequest.phpnu[httpRequest->request->get(static::TRANSACTION_ID_PARAM); } public function getData() { // The hash sent in the callback from the Authorize.Net gateway. $hash_posted = strtolower($this->httpRequest->request->get('x_MD5_Hash')); // The transaction reference generated by the Authorize.Net gateway and sent in the callback. $posted_transaction_reference = $this->httpRequest->request->get('x_trans_id'); // The amount that the callback has authorized. $posted_amount = $this->httpRequest->request->get('x_amount'); // Calculate the hash locally, using the shared "hash secret" and login ID. $hash_calculated = $this->getHash($posted_transaction_reference, $posted_amount); if ($hash_posted !== $hash_calculated) { // If the hash is incorrect, then we can't trust the source nor anything sent. // Throwing exceptions here is probably a bad idea. We are trying to get the data, // and if it is invalid, then we need to be able to log that data for analysis. // Except we can't, baceuse the exception means we can't get to the data. // For now, this is consistent with other OmniPay gateway drivers. throw new InvalidRequestException('Incorrect hash'); } // The hashes have passed, but the amount should also be validated against the // amount in the stored and retrieved transaction. If the application has the // ability to retrieve the transaction (using the transaction_id sent as a custom // form field, or perhaps in an otherwise unused field such as x_invoice_id. $amount = $this->getAmount(); if (isset($amount) && $amount != $posted_amount) { // The amounts don't match. Someone may have been playing with the // transaction references. throw new InvalidRequestException('Incorrect amount'); } return $this->httpRequest->request->all(); } /** * CHECKME: should this be the transactionReference in the hash, not the transactionId? * The transaction reference and the amount are both sent by the remote gateway (x_trans_id * and x_amount) and it is those that should be checked against. */ public function getHash($transaction_reference, $amount) { $key = array( $this->getHashSecret(), $this->getApiLoginId(), $transaction_reference, $amount, ); return md5(implode('', $key)); } public function sendData($data) { return $this->response = new SIMCompleteAuthorizeResponse($this, $data); } } PK!3 "src/Message/AIMPurchaseRequest.phpnu[getCode(); } /** * If there is an error in the form, then the user should be able to go back * to the form and give it another shot. */ public function isError() { return static::RESPONSE_CODE_ERROR === $this->getCode(); } public function getTransactionReference() { return isset($this->data['x_trans_id']) ? $this->data['x_trans_id'] : null; } public function getMessage() { return isset($this->data['x_response_reason_text']) ? $this->data['x_response_reason_text'] : null; } public function getReasonCode() { return isset($this->data['x_response_reason_code']) ? $this->data['x_response_reason_code'] : null; } public function getCode() { return isset($this->data['x_response_code']) ? $this->data['x_response_code'] : null; } /** * This message is handled in a notify, where a HTML redirect must be performed. */ public function isRedirect() { return true; } /** * The merchant site notify handler needs to set the returnUrl in the complete request. */ public function getRedirectUrl() { return $this->request->getReturnUrl(); } public function getRedirectMethod() { return 'GET'; } /** * There is no redirect data to send; the aim is just to get the user to a URL * by delivering a HTML page. */ public function getRedirectData() { return array(); } /** * Authorize.Net requires a redirect in a HTML page. * The OmniPay redirect helper will only provide a HTML page for the POST method * and then implements that through a self-submitting form, which will generate * browser warnings if returning to a non-SSL page. This JavScript and meta refresh * page avoids the security warning. No data is sent in this redirect, as that will * have all been saved with the transaction in storage. */ public function getRedirectResponse() { $output = << Redirecting...

Redirecting to payment complete page...

ENDHTML; $output = sprintf( $output, htmlentities($this->getRedirectUrl(), ENT_QUOTES, 'UTF-8', false) ); return HttpResponse::create($output); } } PK!IL< src/Message/AIMRefundRequest.phpnu[getBaseData('RefundTransaction'); $this->validate('amount', 'transactionReference'); $data['x_trans_id'] = $this->getTransactionReference(); $data['x_card_num'] = $this->getCard()->getNumber(); $expiryMonth = $this->getCard()->getExpiryMonth(); if (!empty($expiryMonth)) { $data['x_exp_date'] = $this->getCard()->getExpiryDate('my'); } $data['x_amount'] = $this->getAmount(); return $data; } } PK!RB%#src/Message/DPMAuthorizeRequest.phpnu[getCard()) { $data['x_card_num'] = $this->getCard()->getNumber(); // Workaround for https://github.com/thephpleague/omnipay-common/issues/29 $expiry_date = $this->getCard()->getExpiryDate('my'); $data['x_exp_date'] = ($expiry_date === '1299' ? '' : $expiry_date); $data['x_card_code'] = $this->getCard()->getCvv(); } else { $data['x_card_num'] = ''; $data['x_exp_date'] = ''; $data['x_card_code'] = ''; } return $data; } /** * Given the DPM data, we want to turn it into a form for the user to submit to Authorize.net * The form may have most of the fields hidden, or may allow the user to change some details - * that depends on the use-case. * So this method will provide us with an object used to build the form. */ public function sendData($data) { return $this->response = new DPMResponse($this, $data, $this->getEndpoint()); } } PK!D)  #src/Message/AIMAuthorizeRequest.phpnu[validate('amount', 'card'); $this->getCard()->validate(); $data = $this->getBaseData(); $data['x_customer_ip'] = $this->getClientIp(); $data['x_card_num'] = $this->getCard()->getNumber(); $data['x_exp_date'] = $this->getCard()->getExpiryDate('my'); $data['x_card_code'] = $this->getCard()->getCvv(); $data['x_cust_id'] = $this->getCustomerId(); if ($this->getTestMode()) { $data['x_test_request'] = 'TRUE'; } return array_merge($data, $this->getBillingData()); } } PK!$ #src/Message/SIMAuthorizeRequest.phpnu[validate('amount'); // Either the nodifyUrl or the returnUrl can be provided. // The returnUrl is deprecated, as strictly this is a notifyUrl. if (!$this->getNotifyUrl()) { $this->validate('returnUrl'); } $data = array(); $data['x_login'] = $this->getApiLoginId(); $data['x_type'] = $this->action; $data['x_version'] = '3.1'; $data['x_method'] = 'CC'; $data['x_fp_sequence'] = mt_rand(); $data['x_fp_timestamp'] = time(); $data['x_delim_data'] = 'FALSE'; $data['x_show_form'] = 'PAYMENT_FORM'; $data['x_relay_response'] = 'TRUE'; if ($this->getClientIp()) { $data['x_customer_ip'] = $this->getClientIp(); } // The returnUrl MUST be whitelisted in Authorize.net admin panel under // "Response/Receipt URLs". // Use the notifyUrl if available, as that is strictly what this is. // Fall back to returnUrl for BC support. $data['x_relay_url'] = $this->getNotifyUrl() ?: $this->getReturnUrl(); $data['x_cancel_url'] = $this->getCancelUrl(); if ($this->getCustomerId() !== null) { $data['x_cust_id'] = $this->getCustomerId(); } if ($this->getCurrency() !== null) { $data['x_currency_code'] = $this->getCurrency(); } if ($this->getTestMode()) { $data['x_test_request'] = 'TRUE'; } $data = array_merge($data, $this->getBillingData()); $data['x_fp_hash'] = $this->getHash($data); return $data; } /** * This hash is put into the form to confirm the amount has not been * modified en-route. * It uses the TransactionKey, which is a shared secret between the merchant * and Authorize.Net The sequence and timestamp provide additional salt. */ public function getHash($data) { $fingerprint = implode( '^', array( $this->getApiLoginId(), $data['x_fp_sequence'], $data['x_fp_timestamp'], $data['x_amount'] ) ).'^'; // If x_currency_code is specified, then it must follow the final trailing carat. if ($this->getCurrency()) { $fingerprint .= $this->getCurrency(); } return hash_hmac('md5', $fingerprint, $this->getTransactionKey()); } public function sendData($data) { return $this->response = new SIMAuthorizeResponse($this, $data, $this->getEndpoint()); } } PK!v)e~~src/Message/DPMResponse.phpnu[request = $request; $this->data = $data; $this->postUrl = $postUrl; } /** * Return false to indicate that more action is needed to complete * the transaction, a transparent redirect form in this case. */ public function isSuccessful() { return false; } /** * This is a transparent redirect transaction type, where a local form * will POST direct to the remote gateway. */ public function isTransparentRedirect() { return true; } public function isRedirect() { return true; } // Helpers to build the form. /** * The URL the form will POST to. */ public function getRedirectUrl() { return $this->postUrl; } public function getRedirectMethod() { return 'POST'; } /** * Data that must be included as hidden fields. */ public function getRedirectData() { return array_intersect_key($this->getData(), array_flip($this->hiddenFields)); } /** * Move a field to the list of hidden form fields. * The hidden fields are those we don't want to show the user, but * must still be posted. */ public function hideField($field_name) { if (!in_array($field_name, $this->hiddenFields)) { $this->hiddenFields[] = $field_name; } } /** * Remove a field from the list of hidden fields. */ public function unhideField($field_name) { if (($key = array_search($field_name, $this->hiddenFields)) !== false) { unset($this->hiddenFields[$key]); } } /** * Data not in the hidden fields list. * These are not all mandatory, so you do not have to present all these * to the user. You may also have custom fields you want to post, such * as the merchant transactionId (if not using invoiceId for this purpose). */ public function getVisibleData() { return array_diff_key($this->getData(), array_flip($this->hiddenFields)); } } PK!F.  src/AIMGateway.phpnu[ '', 'transactionKey' => '', 'testMode' => false, 'developerMode' => false, 'liveEndpoint' => 'https://secure2.authorize.net/gateway/transact.dll', 'developerEndpoint' => 'https://test.authorize.net/gateway/transact.dll', ); } public function getApiLoginId() { return $this->getParameter('apiLoginId'); } public function setApiLoginId($value) { return $this->setParameter('apiLoginId', $value); } public function getTransactionKey() { return $this->getParameter('transactionKey'); } public function setTransactionKey($value) { return $this->setParameter('transactionKey', $value); } public function getDeveloperMode() { return $this->getParameter('developerMode'); } public function setDeveloperMode($value) { return $this->setParameter('developerMode', $value); } public function setEndpoints($endpoints) { $this->setParameter('liveEndpoint', $endpoints['live']); return $this->setParameter('developerEndpoint', $endpoints['developer']); } public function getLiveEndpoint() { return $this->getParameter('liveEndpoint'); } public function setLiveEndpoint($value) { return $this->setParameter('liveEndpoint', $value); } public function getDeveloperEndpoint() { return $this->getParameter('developerEndpoint'); } public function setDeveloperEndpoint($value) { return $this->setParameter('developerEndpoint', $value); } public function authorize(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\AIMAuthorizeRequest', $parameters); } public function capture(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\CaptureRequest', $parameters); } public function purchase(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\AIMPurchaseRequest', $parameters); } public function void(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\AIMVoidRequest', $parameters); } public function refund(array $parameters = array()) { return $this->createRequest('\Omnipay\AuthorizeNet\Message\AIMRefundRequest', $parameters); } } PK!ō composer.jsonnu[{ "name": "omnipay/authorizenet", "type": "library", "description": "Authorize.Net gateway for the Omnipay payment processing library", "keywords": [ "authorize net", "authorize", "authorize.net", "gateway", "merchant", "omnipay", "pay", "payment" ], "homepage": "https://github.com/thephpleague/omnipay-authorizenet", "license": "MIT", "authors": [ { "name": "Adrian Macneil", "email": "adrian@adrianmacneil.com" }, { "name": "Omnipay Contributors", "homepage": "https://github.com/thephpleague/omnipay-authorizenet/contributors" } ], "autoload": { "psr-4": { "Omnipay\\AuthorizeNet\\" : "src/" } }, "require": { "omnipay/common": "~2.0" }, "require-dev": { "omnipay/tests": "~2.0" }, "extra": { "branch-alias": { "dev-master": "2.0.x-dev" } } } PK!src/DPMGateway.phpnu[PK!(src/SIMGateway.phpnu[PK!N'||R src/Message/AIMResponse.phpnu[PK!ZJsrc/Message/CaptureRequest.phpnu[PK!b_J$3src/Message/SIMAuthorizeResponse.phpnu[PK!:"7#src/Message/SIMPurchaseRequest.phpnu[PK!yH$src/Message/AbstractRequest.phpnu[PK!vӅV9src/Message/AIMVoidRequest.phpnu[PK!#@");src/Message/DPMPurchaseRequest.phpnu[PK!XX"X<src/Message/DPMCompleteRequest.phpnu[PK!Kf: : +>src/Message/SIMCompleteAuthorizeRequest.phpnu[PK!3 "Jsrc/Message/AIMPurchaseRequest.phpnu[PK!?#Ksrc/Message/DPMCompleteResponse.phpnu[PK!. ,Lsrc/Message/SIMCompleteAuthorizeResponse.phpnu[PK!IL< Zsrc/Message/AIMRefundRequest.phpnu[PK!RB%#+]src/Message/DPMAuthorizeRequest.phpnu[PK!D)  #iesrc/Message/AIMAuthorizeRequest.phpnu[PK!$ #hsrc/Message/SIMAuthorizeRequest.phpnu[PK!v)e~~9tsrc/Message/DPMResponse.phpnu[PK!F.  src/AIMGateway.phpnu[PK!ō \composer.jsonnu[PK