sphere/token.php

   1 <?php
   2
   3 /**
   4  * token.php
   5  *
   6  * Collect a token for Sphere.
   7  *
   8  * @package   OpenEMR
   9  * @link      http://www.open-emr.org
  10  * @author    Brady Miller <brady.g.miller@gmail.com>
  11  * @copyright Copyright (c) 2021 Brady Miller <brady.g.miller@gmail.com>
  12  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  13  */
  14
  15 require_once(__DIR__ . "/../interface/globals.php");
  16
  17 use OpenEMR\Common\Acl\AclMain;
  18 use OpenEMR\Common\Csrf\CsrfUtils;
  19 use OpenEMR\PaymentProcessing\PaymentProcessing;
  20 use OpenEMR\PaymentProcessing\Sphere\SphereRevert;
  21
  22 if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token"], 'sphere_revert_token')) {
  23     CsrfUtils::csrfNotVerified();
  24 }
  25
  26 if ($GLOBALS['payment_gateway'] != 'Sphere') {
  27     die(xlt("Feature not activated"));
  28 }
  29
  30 if (!AclMain::aclCheckCore('acct', 'rep_a')) {
  31     die("Unauthorized access.");
  32 }
  33
  34 $confirmPinPost = $_POST['pin_code'] ?? null;
  35 $action = $_POST['action'] ?? null;
  36 $front = $_POST['front'] ?? null;
  37 $transid = $_POST['trans_id'] ?? null;
  38 $uuidTx = $_POST['uuid_tx'] ?? null;
  39
  40 if (empty($confirmPinPost) || empty($action) || empty($front) || empty($transid) || empty($uuidTx)) {
  41     die("Missing data.");
  42 }
  43
  44 header('Content-Type: application/json');
  45
  46 try {
  47     $token = (new SphereRevert($front))->getToken($action, $transid, $confirmPinPost, $uuidTx);
  48     echo json_encode(['success' => $token]);
  49 } catch (Exception $e) {
  50     $errorAudit = [];
  51     $errorAudit['token_request_error'] = $e->getMessage();
  52     $errorAudit['get']['front'] = $front;
  53     PaymentProcessing::saveRevertAudit($uuidTx, $action, $errorAudit, 0);
  54     echo json_encode(['error' => $e->getMessage()]);
  55 }
  56 exit;