Class: Adyen::HPP::Response

Inherits:

Object

Object
Adyen::HPP::Response

show all

Defined in:: lib/adyen/hpp/response.rb

Instance Attribute Summary collapse

#params ⇒ Object readonly

Returns the value of attribute params.
#shared_secret ⇒ Object readonly

Returns the value of attribute shared_secret.

Instance Method Summary collapse

#has_valid_signature? ⇒ true, false

Checks the redirect signature for this request by calculating the signature from the provided parameters, and comparing it to the signature provided in the merchantSig parameter.
#initialize(params, shared_secret: nil) ⇒ Response constructor

Initialize the HPP response.

Constructor Details

#initialize(params, shared_secret: nil) ⇒ `Response`

Initialize the HPP response

Parameters:

params (Hash) —

params A hash of HTTP GET parameters for the redirect request. This should include the :merchantSig parameter, which contains the signature.
shared_secret (String) (defaults to: nil) —

Optional shared secret; if not provided, the shared secret of the skin determined by params will be used

Raises:

(ArgumentError)

# File 'lib/adyen/hpp/response.rb', line 13

def initialize(params, shared_secret: nil)
  raise ArgumentError, "params should be a Hash" unless params.is_a?(Hash)
  raise ArgumentError, "params should contain :merchantSig" unless params.key?('merchantSig')

  @params = params
  skin = Adyen.configuration.form_skin_by_code(params['skinCode']) || {}
  @shared_secret = shared_secret || skin[:shared_secret]
end

Instance Attribute Details

#params ⇒ `Object` (readonly)

Returns the value of attribute params.



5
6
7

# File 'lib/adyen/hpp/response.rb', line 5

def params
  @params
end

#shared_secret ⇒ `Object` (readonly)

Returns the value of attribute shared_secret.



5
6
7

# File 'lib/adyen/hpp/response.rb', line 5

def shared_secret
  @shared_secret
end

Instance Method Details

#has_valid_signature? ⇒ `true`, `false`

Checks the redirect signature for this request by calculating the signature from the provided parameters, and comparing it to the signature provided in the merchantSig parameter.

If this method returns false, the request could be a forgery and should not be handled. Therefore, you should include this check in a before_filter, and raise an error of the signature check fails.

Examples:

class PaymentsController < ApplicationController
  before_filter :check_signature, :only => [:return_from_adyen]

  def return_from_adyen
    @invoice = Invoice.find(params[:merchantReference])
    @invoice.set_paid! if params[:authResult] == 'AUTHORISED'
  end

  private

  def check_signature
    raise "Forgery!" unless Adyen::HPP::Response.new(params).has_valid_signature?
  end
end

Returns:

(true, false) —

Returns true only if the signature in the parameters is correct.



47
48
49

# File 'lib/adyen/hpp/response.rb', line 47

def has_valid_signature?
  Adyen::HPP::Signature.verify(params, shared_secret)
end