-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkinesis-pay.php
550 lines (483 loc) · 22.6 KB
/
kinesis-pay.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
<?php
/**
* Kinesis Pay
* Author: R Woodgate, Cogmentis Ltd.
* Author URI: https://www.cogmentis.com/.
*
* @desc Kinesis Pay lets you accept payments in Gold and Silver
*
* @am_payment_api 6.0
*/
class Am_Paysystem_KinesisPay extends Am_Paysystem_ManualRebill
{
public const PLUGIN_STATUS = self::STATUS_BETA;
public const PLUGIN_REVISION = '3.2';
public const AMOUNT_PAID = 'kinesis-pay-amount_paid';
public const PAYMENT_ID = 'kinesis-pay-payment_id';
public const API_BASE_URL = 'https://apip.kinesis.money';
public const KMS_BASE_URL = 'https://kms.kinesis.money';
protected $defaultTitle = 'Kinesis Pay';
protected $defaultDescription = 'Pay with Gold or Silver';
public function init(): void
{
// Add Payment amount/currency to invoice for reference
$this->getDi()->blocks->add(
'admin/user/invoice/details',
new Am_Block_Base('KPay Amount Paid', 'kinesis-pay-paid', $this, function (Am_View $v) {
$paid = $v->invoice->data()->get(static::AMOUNT_PAID);
if ($paid && $v->invoice->paysys_id == $this->getId()) {
return 'KPay Amount: <a target="_blank" href="https://kms.kinesis.money/merchant/dashboard">'.$paid.'</a>';
}
})
);
// We shouldn't *really* need this, but if the customer sneakily navigates
// to the thanks page, we can at least continue to poll for payment status
$this->getDi()->blocks->add(
'thanks/notstarted',
new Am_Block_Base('KPay Check Payment', 'kpay-payment-status', $this, [$this, 'checkPaymentStatus'])
);
}
public function checkPaymentStatus(Am_View $v)
{
if (isset($v->invoice) && $v->invoice->paysys_id == $this->getId()) {
$this->invoice = $v->invoice; // for the urls
$cancel_url = $this->getCancelUrl();
$status_url = $this->getPluginUrl('status', [
'id' => $v->invoice->getSecureId($this->getId()),
]);
return <<<CUT
<script>
jQuery.ajax({
type : "GET",
url : "{$status_url}",
success: function(data, textStatus, request){
console.log(data.status);
if ('rejected' === data.status){
alert('Payment has been rejected. Please try again.');
window.location.href = "{$cancel_url}";
} else if ('expired' === data.status){
alert('Payment request has expired. Please try again.');
window.location.href = "{$cancel_url}";
}
return false;
},
error: function( error ) {
console.log('ajax error: ', error);
}
});
</script>
CUT;
}
}
public function getSupportedCurrencies()
{
// Kinesis v2 API only allows Merchant account currency to be used
// @see https://github.com/bullioncapital/kinesis-pay-woocommerce/issues/1
return [$this->getConfig('currency', 'USD')];
}
public function _initSetupForm(Am_Form_Setup $form): void
{
$form->addText('merchant_id', ['class' => 'am-el-wide'])
->setLabel("Merchant ID\n".'From the Merchant Profile Box in the <a href="https://kms.kinesis.money/merchant/dashboard" target="_blank">Merchant menu</a> menu of your Kinesis account.')
->addRule('required')
;
$form->addText('access_token', ['class' => 'am-el-wide'])
->setLabel("Merchant Access Token\n".'Via the "Merchant API Keys" link in the <a href="https://kms.kinesis.money/merchant/dashboard" target="_blank">Merchant menu</a> menu of your Kinesis account.')
->addRule('required')
;
$form->addSecretText('secret_token', ['class' => 'am-el-wide'])
->setLabel("Merchant Secret Token\n".'Via the "Merchant API Keys" link in the <a href="https://kms.kinesis.money/merchant/dashboard" target="_blank">Merchant menu</a> menu of your Kinesis account.')
->addRule('required')
;
$currency = $form->addSelect('currency', ['size' => 1, 'class' => 'am-combobox'])
->setLabel(___("Merchant Preference Currency\n".
'The currency set in your Kinesis Merchant account. Default: USD'))
->loadOptions(Am_Currency::getFullList())
;
$form->setDefault('currency', 'USD');
// Add Extra fields
$fs = $this->getExtraSettingsFieldSet($form);
$fs->addText('percentage', ['size' => 4])->setLabel(___("Price Adjustment (% multiplier)\nAllows you to offer a discount (eg: 85 = 15% discount) or premium (eg: 120 = 20% premium) for KPay payments. Default: 100 (no adjustment)."));
$form->setDefault('percentage', '100');
}
public function isConfigured()
{
return $this->getConfig('merchant_id') && $this->getConfig('access_token') && $this->getConfig('secret_token');
}
public function _process($invoice, $request, $result): void
{
// Handle free trial: KPay doesn't handle free transactions, so
// we simply bypass KPay and activate the subscription here
if (doubleval($invoice->first_total) <= 0 && $invoice->isFirstPayment()) {
$result->setSuccess(new Am_Paysystem_Transaction_Free($this));
return;
}
// Get KAU and KAG amounts
// * This was implemented because it is in the original "SDK", but
// * it is not actually used in the V2 API, so is disabled for efficiency
// $kau_rate = $this->getExchangeRate('KAU', $invoice->currency);
// $kag_rate = $this->getExchangeRate('KAG', $invoice->currency);
// Calculate adjusted total to pay
$multiplier = abs($this->getConfig('percentage', 100)) / 100;
$total = $invoice->isFirstPayment() ? $invoice->first_total : $invoice->second_total;
$total = $total * $multiplier;
$total = number_format($total, 2, '.', '');
// Send request for a payment ID
$params = [
'globalMerchantId' => $this->getConfig('merchant_id'),
'amount' => $total,
// The following are no longer used in the V2 API:
// 'paymentKauAmount' => number_format($total / $kau_rate, 5, '.', ''),
// 'paymentKagAmount' => number_format($total / $kag_rate, 5, '.', ''),
// 'amountCurrency' => $invoice->currency,
];
$resp = $this->_sendRequest('/api/merchants/payment', $params, 'GET PAYMENT ID');
if (!in_array($resp->getStatus(), [200, 201])) {
$level = (int) floor($resp->getStatus() / 100);
// 4XX - Client errors, show API error message onscreen
// as these can be instructive (eg: minimum order amount)
if (4 === $level) {
$payload = $resp->getBody();
// Errors seems to be plain text in V2 API, but used to be JSON
// so double check the payload isn't a JSON message
if ($obj = json_decode($payload)) {
$payload = $obj->message;
}
throw new Am_Exception_InputError((string) $payload);
}
// Show a generic error in all other cases
throw new Am_Exception_InputError('Failed to connect to Kinesis. Please try later.');
}
// Decode, check and save payment ID
$body = json_decode($resp->getBody(), true);
$gpid = $body['globalPaymentId'] ?? null;
if (!$gpid) {
throw new Am_Exception_InputError('Failed to create Kinesis payment id');
}
$invoice->data()->set(static::PAYMENT_ID, $gpid)->update();
// Open pay page
$kms_url = static::KMS_BASE_URL.'?paymentId='.$gpid;
$assets_url = $this->getDi()->url(
'application/default/plugins/payment/'.$this->getId().'/assets'
);
$img_base = $assets_url.'/images/';
$css_url = $assets_url.'/css/style.css';
$qrc_url = $assets_url.'/js/qrcode.min.js';
$success_url = $this->getReturnUrl();
$cancel_url = $this->getCancelUrl();
$status_url = $this->getPluginUrl('status', [
'id' => $invoice->getSecureId($this->getId()),
]);
$a = new Am_Paysystem_Action_HtmlTemplate('pay.phtml');
$a->invoice = $invoice;
$a->form = <<<CUT
<div id="kinesis-pay-content">
<div class="kinesis-pay-logo-wrapper">
<img id="kpay-logo" src="{$img_base}Kinesis-Pay-logo.png">
<span class="kinesis-pay-logo-title">Pay with K-Pay</span>
</div>
<span class="kinesis-pay-instructions">Scan the QR code with the Kinesis mobile app to complete the payment
<img id="kpay-instruction-img" src="{$img_base}Scan-QRCode.png">
</span>
<div id="kpay-qrcode"></div>
<a id="kpay-payment-link" href="{$kms_url}" target="_blank">OR make the payment using the KMS</a>
<div class="kinesis-pay-payment-id-copy-wrapper">
<span>Payment ID</span>
<div class="kinesis-pay-payment-info">
<input id="payment-id-text" type="text" value="{$gpid}" id="payment_id_value" readonly>
<button id="copy-button" onclick="copyPaymentId()">Copy</button>
</div>
<span class="kinesis-pay-expires">Payment ID expires in <span id="kinesis-pay-expires">10 minutes</span></span>
<a id="payment-cancel-link" href="{$cancel_url}">Cancel</a>
</div>
</div>
<script>
const qrcode_elem = document.getElementById("kpay-qrcode");
new QRCode(qrcode_elem, {
text: "{$kms_url}",
width: 160,
height: 160,
colorDark : "#000000",
colorLight : "#ffffff",
correctLevel : QRCode.CorrectLevel.L
});
function copyPaymentId() {
var copyText = document.getElementById("payment-id-text");
copyText.select();
document.execCommand("Copy");
alert("Payment ID has been copied.");
}
let pollCount = 0;
const checkStatusTimer = setInterval(function () {
pollCount++;
jQuery.ajax({
type : "GET",
url : "{$status_url}&poll="+pollCount,
success: function(data, textStatus, request){
console.log(data.status);
if ('processed' === data.status){
window.location.href = "{$success_url}";
} else if ('rejected' === data.status){
clearInterval(checkStatusTimer);
alert('Payment has been rejected. Please try again.');
window.location.href = "{$cancel_url}";
} else if ('expired' === data.status){
clearInterval(checkStatusTimer);
alert('Payment request has expired. Please try again.');
window.location.href = "{$cancel_url}";
}
// Show expiry time
let expires = new Date(data.expiryAt);
let diffTime = expires - new Date();
let minutes = Math.ceil(diffTime / (60*1000));
let minLabel = (1 == minutes) ? "minute" : "minutes";
jQuery('#kinesis-pay-expires').html('less than '+minutes+' '+minLabel+'<br>'+expires.toLocaleString());
return false;
},
error: function( error ) {
console.log('ajax error: ', error);
}
});
}, 10000);
// Failsafe: quit after 10.5 mins
setTimeout(function() {
clearInterval(checkStatusTimer);
window.location.href = "{$cancel_url}";
}, 630000);
</script>
CUT;
// Add in CSS
$v = new Am_View();
$v->headLink()->appendStylesheet($css_url);
$v->headScript()->appendFile($qrc_url);
$result->setAction($a);
}
public function createTransaction($request, $response, array $invokeArgs)
{
// crickets... KPay doesn't notify, so we poll for status and handle
// successful transactions separately. @see directAction()
}
public function directAction($request, $response, $invokeArgs)
{
// Check payment status
if ('status' == $request->getActionName()) {
// Get vars
$inv_id = $request->getFiltered('id');
$pcount = $request->getFiltered('poll');
$this->invoice = $this->getDi()->invoiceTable->findBySecureId(
$inv_id,
$this->getId()
);
$txn_id = $this->invoice->data()->get(static::PAYMENT_ID);
if (!$this->invoice) {
throw new Am_Exception_InputError('Invalid link');
}
// Make request for status, log every 10th request
$logTitle = (0 == $pcount % 10) ? "POLL STATUS #{$pcount}: {$txn_id}" : '';
// $logTitle = "POLL STATUS #{$pcount}: {$txn_id}";
$resp = $this->_sendRequest(
"/api/merchants/payment/id/sdk/{$txn_id}",
null,
$logTitle,
Am_HttpRequest::METHOD_GET
);
// Check response
if (!in_array($resp->getStatus(), [200, 201])) {
throw new Am_Exception_InternalError(
'Unable to get payment status: '.$resp->getBody()
);
}
// Process payment if it is marked as processed at Kinesis
// We are effectively mimicking an "IPN" call here by passing in
// the Kinesis status response and handling it as a transaction
$body = json_decode($resp->getBody(), true);
if ('processed' === $body['status']) {
$invoiceLog = $this->_logDirectAction($request, $resp, $invokeArgs);
$transaction = new Am_Paysystem_KinesisPay_Transaction(
$this,
$request, // our status polling request
$resp, // the status response from Kinesis
$invokeArgs
);
$transaction->setInvoiceLog($invoiceLog);
try {
$transaction->process();
$this->approvePayment($txn_id, $this->invoice);
} catch (Exception $e) {
if ($invoiceLog) {
$invoiceLog->add($e);
}
throw $e;
}
if ($invoiceLog) {
$invoiceLog->setProcessed();
}
}
// Re-encode for return
$response->ajaxResponse($body);
return;
}
// Let parent process it
return parent::directAction($request, $response, $invokeArgs);
}
public function getReadme()
{
$version = self::PLUGIN_REVISION;
$ilog_url = Am_Di::getInstance()->url('default/admin-logs/p/invoice');
$elog_url = Am_Di::getInstance()->url('default/admin-logs/');
return <<<README
<strong>Kinesis Pay Plugin v{$version}</strong>
Kinesis Pay lets your customers pay for purchases using Gold and Silver.
If you do not already have a Kinesis Money account, please <a target="_blank" href="https://kms.kinesis.money/signup/robertw534">register using my referral link</a>.
You will then be eligible to get 1/2 KAG once you meet the verification and trade requirements.
<strong>Instructions</strong>
1. Upload this plugin's folder and files to the <strong>amember/application/default/plugins/payment/</strong> folder of your aMember installatiion.
2. Enable the plugin at <strong>aMember Admin -> Setup/Configuration -> Plugins</strong>
3. Configure the plugin at <strong>aMember Admin -> Setup/Configuration -> Kinesis Pay.</strong>
<strong>TROUBLESHOOTING</strong>
This plugin writes KPay responses to the aMember <a href="{$ilog_url}">Invoice log</a>.
In case of an error, please check there as well as in the aMember <a href="{$elog_url}">Error log</a>.
-------------------------------------------------------------------------------
Copyright 2024 (c) Rob Woodgate, Cogmentis Ltd.
This plugin is provided under the MIT License.
This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING
WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
<strong>Like this plugin?</strong> <a href="https://donate.cogmentis.com" target="_blank">Buy me a coffee</a>
-------------------------------------------------------------------------------
README;
}
/**
* Convenience method to send authenticated KPay API requests.
*
* @param string $url Endpoint url
* @param null|array $params Payload KVPs
* @param null|string $logTitle Invoice Log Title
* @param string $method HTTP Method (GET, POST etc)
* @param null|Invoice $invoice aMember Invoice (for logging)
*
* @return HTTP_Request2_Response KPay server response
*/
protected function _sendRequest(
$url,
?array $params = null,
?string $logTitle = null,
$method = Am_HttpRequest::METHOD_POST,
?Invoice $invoice = null
): HTTP_Request2_Response {
$req = $this->createHttpRequest();
$req->setUrl(static::API_BASE_URL.$url);
$req->setMethod($method);
// Calculate signature
$nonce = time() * 1000;
$message = $nonce.$method.$url.(empty($params) ? '{}' : json_encode($params));
$xsig = strtoupper(hash_hmac('SHA256', $message, $this->getConfig('secret_token')));
// Add headers
$headers = [
'X-Nonce' => $nonce,
'X-Api-Key' => $this->getConfig('access_token'),
'X-Signature' => $xsig,
'Accept' => 'application/json',
];
if ('DELETE' !== $method) {
$headers['Content-Type'] = 'application/json';
}
$req->setHeader($headers);
// $req->setHeader('User-Agent'); // unsets it
// Add params and send
if (!is_null($params)) {
$req->setBody(json_encode($params));
}
$resp = $req->send();
// Log it?
if ($logTitle) {
$log = $this->getDi()->invoiceLogTable->createRecord();
if ($this->getConfig('disable_postback_log')) {
$log->toggleDisablePostbackLog(true);
}
$invoice ??= $this->invoice;
if ($invoice) {
$log->setInvoice($invoice);
}
$log->paysys_id = $this->getId();
$log->remote_addr = $_SERVER['REMOTE_ADDR'];
$log->type = self::LOG_REQUEST;
$log->title = $logTitle;
$log->mask($this->getConfig('secret_token'), '***secret_token***');
$log->add($req);
$log->add($resp);
}
// Return response
return $resp;
}
protected function getExchangeRate($crypto_currency = 'KAU', $base_currency = 'USD')
{
$pair = $crypto_currency.'_'.$base_currency;
$resp = $this->_sendRequest(
'/api/v1/exchange/coin-market-cap/orderbook/'.$pair.'?level=1',
null,
"GET {$pair} XRATE",
Am_HttpRequest::METHOD_GET
);
if (!in_array($resp->getStatus(), [200, 201])) {
throw new Am_Exception_InternalError(
"Failed to get the {$pair} exchange rate: ".$resp->getBody()
);
}
$body = json_decode($resp->getBody(), true);
return $body['bids'][0];
}
protected function approvePayment($payment_id, $invoice)
{
// Mark payment as confirmed
$params = [
'globalPaymentId' => $payment_id,
'orderId' => $invoice->public_id,
];
$resp = $this->_sendRequest('/api/merchants/payment/confirm', $params, 'CONFIRM PAYMENT');
if (!in_array($resp->getStatus(), [200, 201])) {
throw new Am_Exception_InternalError('Unable to confirm payment. '.$resp->getBody());
}
// Decode, check and save payment ID
$body = json_decode($resp->getBody(), true);
$status = $body['status'] ?? null;
if ('processed' != $status) {
throw new Am_Exception_InternalError('Payment not approved. '.$resp->getBody());
}
// Save the payment amount to the invoice
$currency = $body['paymentCurrency'];
$amount = ('KAU' == $currency) ? $body['paymentKauAmount'] : $body['paymentKagAmount'];
$invoice->data()->set(static::AMOUNT_PAID, $amount.' '.$currency)->update();
}
}
class Am_Paysystem_KinesisPay_Transaction extends Am_Paysystem_Transaction_Incoming
{
public function getUniqId()
{
return $this->invoice->data()->get(Am_Paysystem_KinesisPay::PAYMENT_ID);
}
public function validateSource()
{
return true;
}
public function validateStatus()
{
// We need to look at the response we attached to this transaction
// not the incoming request (which is our status polling request)
$body = json_decode($this->response->getBody(), true);
$this->log->add('KPAY RESPONSE: '.$this->response->getBody());
return 'processed' === $body['status'];
}
public function validateTerms()
{
return true;
}
public function findInvoiceId()
{
$inv_id = $this->request->getFiltered('id');
$invoice = Am_Di::getInstance()->invoiceTable->findBySecureId(
$inv_id,
$this->getPlugin()->getId()
);
return $invoice ? $invoice->public_id : null;
}
}