Search by 
tuutti / php-tupas
This package is abandoned and no longer maintained.
No replacement package was suggested.
There is no license information available for the latest version (1.0.0) of this package.
Maintainers
1.0.0
2019-11-04 16:23 UTC
Requires
- paragonie/random_compat: ^1.0|^2.0|^9.99.99
- webmozart/assert: ~1.2
Requires (Dev)
- phpunit/phpunit: ^4.8 || ^5.0
- squizlabs/php_codesniffer: ^3.0
This package is auto-updated.
Last update: 2022-01-04 21:44:07 UTC
README
Install
composer require tuutti/php-tupas
Testing
Run tests with phpunit.
./vendor/bin/phpunit
Usage
Building tupas button/form
Create a new class that implements \Tupas\Entity\BankInterface.
<?php class YourBankClass implements \Tupas\Entity\BankInterface { // Add required getters and populate required values. } ... /** @var \Tupas\Entity\BankInterface $bank */ $bank = new YourBankClass(); ... $form = new \Tupas\Form\TupasForm($bank); $form->setCancelUrl('http://example.com/tupas/cancel') ->setRejectedUrl('http://example.com/tupas/rejected') ->setReturnUrl('http://example.com/tupas/return') ->setLanguage('FI');
Generate and store transaction id in a storage that persists over multiple requests, for example:
<?php $_SESSION['transaction_id'] = $form->getTransactionId();
Note: This is not required, but highly recommended as otherwise users can reuse their valid authentication urls as many times they want.
Build your form:
<?php foreach ($form->build() as $key => $value) { // Your form logic should generate a hidden input field: // <input type="hidden" name="$key", value="$value"> }
Set form action:
<form method="..." action="$bank->getActionUrl();">
Validating returning customer
<?php ... // You should always use the bank number (three first // characters of B02K_TIMESTMP) to validate the bank. // Something like: $bank_number = substr($_GET['B02K_TIMESTMP'], 0, 3); ... $tupas = new \Tupas\Tupas($bank, $_GET); // Compare transaction id stored in a persistent storage against // the one returned by the Tupas service. if (!$tupas->isValidTransaction($_SESSION['transaction_id'])) { // Transaction id validation failed. } try { $tupas->validate(); } catch (\Tupas\Exception\TupasGenericException $e) { // Validation failed due to missing parameters. } catch (\Tupas\Exception\HashMatchException $e) { // Validation failed due to hash mismatch. }
Invalidate transaction id after a successful authentication:
<?php unset($_SESSION['transaction_id']);