verify signature function

RevenueMonster · May 18, 2023 · 16aca29 · 16aca29
1 parent 05c4955
commit 16aca29
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 1 deletion.
diff --git a/src/Modules/Module.php b/src/Modules/Module.php
@@ -51,6 +51,28 @@ public function generateSignature($method, $url, $nonceStr, $timestamp, $payload
         $signature = base64_encode($signature);
         return $signature;
     }
+
+    public function verifySignature($signature, $method, $url, $nonceStr, $timestamp, $base64Payload = null)
+    {
+        $res = openssl_pkey_get_public($this->rm->getPublicKey());
+        $signType = 'sha256';
+
+        $arr = array();
+        if ($base64Payload) {
+            array_push($arr, "data=$base64Payload");
+        }
+        array_push($arr, "method=$method");
+        array_push($arr, "nonceStr=$nonceStr");
+        array_push($arr, "requestUrl=$url");
+        array_push($arr, "signType=$signType");
+        array_push($arr, "timestamp=$timestamp");
+
+
+        $result = openssl_verify(join("&", $arr), base64_decode($signature), $res, OPENSSL_ALGO_SHA256);
+        openssl_free_key($res);
+
+        return $result;
+    }
 
     protected function callApi(string $method, $url, $payload = null)
     {

diff --git a/src/RevenueMonster.php b/src/RevenueMonster.php
@@ -39,6 +39,7 @@ class RevenueMonster
     // private $tokenPath = '/storage/access_token.json';
 
     private $modules = [
+        'module' => Modules\Module::class,
         'merchant' => Modules\MerchantModule::class,
         'store' => Modules\StoreModule::class,
         'user', Modules\UserModule::class,
@@ -124,6 +125,11 @@ public function getPrivateKey()
     {
         return $this->privateKey;
     }
+
+    public function getPublicKey()
+    {
+        return $this->publicKey;
+    }
 
     public function __get($name)
     {

diff --git a/tests/index.php b/tests/index.php
@@ -19,12 +19,26 @@
   'clientId' => '1553826822294112891',
   'clientSecret' => 'nbPqwJtxdiZBiSQkyWLOYPQEufOABAuv',
   'privateKey' => file_get_contents(__DIR__.'/private_key.pem'),
-  // 'publicKey' => file_get_contents(__DIR__.'/public_key.pem'),
+  'publicKey' => file_get_contents(__DIR__.'/public_key.pem'),
   'version' => 'stable',
   'isSandbox' => true,
 ]);
 
 
+// Verify Signature
+try {
+  $signature = 'AMDgYwP7kZQ03OP0dZolB9aKKU/zSE3mF7pSmuGSbclGDv2+2/83zZwiRUIj0apSzdn/zv02A8BAY9ubugfzhEAf5L4cOGIF2xPr6mUniODLAdDSImh8XFP8hflBMd8oZ1vo8RhouRwZWp2bomaQzdql12GawVhT9ItADbccaJ3yNfPm1cLfWG88KFctFn09VJqmXy0q71CYmh5/FjdsP8jEdfuN9YVPJj+vhEvkkXxI/PwVdRR0DCKidwCELK+A4NTnqe+RUARg/Ez3z/ChaktW6x5clTFn9LwA/V3QRlQSi2vWcfoBoSQWrSf1fd6ee29CkVFbiHMZShoke9w5wA==';
+  $method = 'post';
+  $url = 'https://sb-open.revenuemonster.my/v3/customer/1684129308191958988/order';
+  $nonceStr = 'xNNXvXgOfnLdWoPPaluemi5Y1Lz1MF2g';
+  $timestamp = '1684387287';
+  $base64Payload = 'eyJhbW91bnQiOjEwMCwiY3VycmVuY3kiOiJNWVIifQ==';
+
+  $response = $rm->module->verifySignature($signature, $method, $url, $nonceStr, $timestamp, $base64Payload);
+  echo $response;
+} catch(Exception $e) {
+  echo $e->getMessage();
+}
 
 
 // create Recurring Customer