tuutti/php-tupas

This package is abandoned and no longer maintained. No replacement package was suggested.
There is no license information available for the latest version (1.0.0) of this package.

Maintainers

Details

github.com/tuutti/php-tupas

Source

Issues

Installs: 2 714

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 1

Forks: 1

Open Issues: 0

1.0.0 2019-11-04 16:23 UTC

Requires

Requires (Dev)

Unknown License c7c0d9171cda914fea9249708409f320c4436ddf

  • Lari Rauno <tuutti.woop@iki.fi>

This package is auto-updated.

Last update: 2022-01-04 21:44:07 UTC

README

Build Status codecov

Install

composer require tuutti/php-tupas

Testing

Run tests with phpunit.

./vendor/bin/phpunit

Usage

Building tupas button/form

Create a new class that implements \Tupas\Entity\BankInterface.

<?php
class YourBankClass implements \Tupas\Entity\BankInterface {
    // Add required getters and populate required values.
}
...
/** @var \Tupas\Entity\BankInterface $bank */
$bank = new YourBankClass();
...

$form = new \Tupas\Form\TupasForm($bank);
$form->setCancelUrl('http://example.com/tupas/cancel')
    ->setRejectedUrl('http://example.com/tupas/rejected')
    ->setReturnUrl('http://example.com/tupas/return')
    ->setLanguage('FI');

Generate and store transaction id in a storage that persists over multiple requests, for example:

<?php
$_SESSION['transaction_id'] = $form->getTransactionId();

Note: This is not required, but highly recommended as otherwise users can reuse their valid authentication urls as many times they want.

Build your form:

<?php
foreach ($form->build() as $key => $value) {
    // Your form logic should generate a hidden input field:
    // <input type="hidden" name="$key", value="$value">
}

Set form action:

<form method="..." action="$bank->getActionUrl();">

Validating returning customer

<?php
...
// You should always use the bank number (three first
// characters of B02K_TIMESTMP) to validate the bank.
// Something like:
$bank_number = substr($_GET['B02K_TIMESTMP'], 0, 3);
...

$tupas = new \Tupas\Tupas($bank, $_GET);
// Compare transaction id stored in a persistent storage against
// the one returned by the Tupas service.
if (!$tupas->isValidTransaction($_SESSION['transaction_id'])) {
    // Transaction id validation failed.
}
try {
    $tupas->validate();
}
catch (\Tupas\Exception\TupasGenericException $e) {
    // Validation failed due to missing parameters.
}
catch (\Tupas\Exception\HashMatchException $e) {
    // Validation failed due to hash mismatch.
}

Invalidate transaction id after a successful authentication:

<?php
unset($_SESSION['transaction_id']);

Examples

https://github.com/tuutti/tupas