src/Api/OrderCallbackApi.php line 96

Open in your IDE?
  1. <?php
  3. namespace App\Api;
  4. use App\Middleware\OrdersMiddleware;
  5. use App\Middleware\UserMiddleware;
  6. use Exception;
  7. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  8. use Symfony\Component\HttpFoundation\JsonResponse;
  9. use Symfony\Component\HttpFoundation\RedirectResponse;
  10. use Symfony\Component\HttpFoundation\Request;
  11. use Symfony\Component\HttpKernel\Exception\MethodNotAllowedHttpException;
  12. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  13. use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
  14. use Symfony\Component\Routing\Annotation\Route;
  16. class OrderCallbackApi extends AbstractController
  17. {
  19.   private $store_id;
  20.   private $order_id;
  21.   private $user_id;
  22.   private $hmac;
  23.   private $postdata;
  24.   private $userMiddleware;
  26.   public function __construct(
  27.     UserMiddleware $userMiddleware
  28.   ) {
  29.     $this->userMiddleware $userMiddleware;
  30.     $this->store_id = isset($_SERVER['HTTP_X_SHOPIFY_SHOP_DOMAIN']) ? $_SERVER['HTTP_X_SHOPIFY_SHOP_DOMAIN'] : null;
  31.     $this->order_id = isset($_SERVER['HTTP_X_SHOPIFY_ORDER_ID']) ? $_SERVER['HTTP_X_SHOPIFY_ORDER_ID'] : null;
  32.     $this->hmac = isset($_SERVER['HTTP_X_SHOPIFY_HMAC_SHA256']) ? $_SERVER['HTTP_X_SHOPIFY_HMAC_SHA256'] : "";
  33.     $this->postdata file_get_contents("php://input");
  35.     $log_path '/var/www/symfony/src/Api/shopify.log';
  36.     $fp fopen($log_path'a');
  37.     fwrite($fp'--------------Order Callback Starts-------------- ');
  38.     fwrite($fpPHP_EOL);
  39.     fwrite($fpjson_encode($this->postdata));
  40.     fwrite($fpPHP_EOL);
  41.     fwrite($fpjson_encode($_SERVER));
  42.     fwrite($fpPHP_EOL);
  43.     fwrite($fpPHP_EOL);
  44.     fwrite($fp'--------------Order Callback Ends-------------- ');
  45.     fclose($fp);
  46.   }
  48.   public function verifyWebhook($data$hmac)
  49.   {
  50.     $calculated_hmac base64_encode(hash_hmac('sha256'$data$this->getParameter('SHOPIFY_SECRET'), true));
  51.     return hash_equals($calculated_hmac$hmac);
  52.   }
  54.   /**
  55.    * @Route("/api/shopify/callback/create/order", name="api_shopify_callback_create_order", methods={"POST"})
  56.    */
  57.   public function createOrder(Request $requestOrdersMiddleware $ordersMiddleware): JsonResponse
  58.   {
  59.     if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  60.       throw new MethodNotAllowedHttpException(["error" => "Invalid Request Method"], 405);
  61.     } else if (!$this->hmac) {
  62.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  63.     } else if (!$this->postdata) {
  64.       throw new NotFoundHttpException("Request Body not present");
  65.     } else if (!$this->store_id) {
  66.       throw new NotFoundHttpException("Store Id not present");
  67.     } else if (!$this->order_id) {
  68.       throw new NotFoundHttpException("Order Id not present");
  69.     } else if (!$this->verifyWebhook($this->postdata$this->hmac)) {
  70.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  71.     }
  73.     $shopifyUserData $this->userMiddleware->get(array('store' => $this->store_id));
  74.     if (!$shopifyUserData || !$shopifyUserData->getId()) {
  75.       throw new NotFoundHttpException("No user-id found in store");
  76.     }
  77.     $this->user_id $shopifyUserData->getId();
  79.     $parameter = array(
  80.       'storeId' => $this->store_id,
  81.       'orderId' => $this->order_id,
  82.       'json' => $this->postdata,
  83.       'userId' => $this->user_id,
  84.       'aedSync' => 'TO_BE_SYNCED',
  85.       'status' => 'ACTIVE',
  86.       'createdDate' => new \DateTime(),
  87.       'updatedDate' => new \DateTime()
  88.     );
  90.     return new JsonResponse($ordersMiddleware->save($parameter));
  91.   }
  93.   /**
  94.    * @Route("/api/shopify/callback/update/order", name="api_shopify_callback_update_order", methods={"POST"})
  95.    */
  96.   public function updateOrder(Request $requestOrdersMiddleware $ordersMiddleware): JsonResponse
  97.   {
  98.     if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  99.       throw new MethodNotAllowedHttpException(["error" => "Invalid Request Method"], 405);
  100.     } else if (!$this->hmac) {
  101.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  102.     } else if (!$this->postdata) {
  103.       throw new NotFoundHttpException("Request Body not present");
  104.     } else if (!$this->store_id) {
  105.       throw new NotFoundHttpException("Store Id not present");
  106.     } else if (!$this->order_id) {
  107.       throw new NotFoundHttpException("Order Id not present");
  108.     } else if (!$this->verifyWebhook($this->postdata$this->hmac)) {
  109.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  110.     }
  112.     $shopifyUserData $this->userMiddleware->get(array('store' => $this->store_id));
  113.     if (!$shopifyUserData || !$shopifyUserData->getId()) {
  114.       throw new NotFoundHttpException("No user-id found in store");
  115.     }
  116.     $this->user_id $shopifyUserData->getId();
  118.     $parameter = array(
  119.       'storeId' => $this->store_id,
  120.       'orderId' => $this->order_id,
  121.       'json' => $this->postdata,
  122.       'userId' => $this->user_id,
  123.       'aedSync' => 'TO_BE_SYNCED',
  124.       'status' => 'ACTIVE',
  125.       'createdDate' => new \DateTime(),
  126.       'updatedDate' => new \DateTime()
  127.     );
  129.     return new JsonResponse($ordersMiddleware->save($parameter));
  130.   }
  132.   /**
  133.    * @Route("/api/shopify/callback/delete/order", name="api_shopify_callback_delete_order", methods={"POST"})
  134.    */
  135.   public function deleteOrder(Request $requestOrdersMiddleware $ordersMiddleware): JsonResponse
  136.   {
  137.     if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  138.       throw new MethodNotAllowedHttpException(["error" => "Invalid Request Method"], 405);
  139.     } else if (!$this->hmac) {
  140.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  141.     } else if (!$this->postdata) {
  142.       throw new NotFoundHttpException("Request Body not present");
  143.     } else if (!$this->store_id) {
  144.       throw new NotFoundHttpException("Store Id not present");
  145.     } else if (!$this->order_id) {
  146.       throw new NotFoundHttpException("Order Id not present");
  147.     } else if (!$this->verifyWebhook($this->postdata$this->hmac)) {
  148.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  149.     }
  151.     $shopifyUserData $this->userMiddleware->get(array('store' => $this->store_id));
  152.     if (!$shopifyUserData || !$shopifyUserData->getId()) {
  153.       throw new NotFoundHttpException("No user-id found in store");
  154.     }
  155.     $this->user_id $shopifyUserData->getId();
  157.     $parameter = array(
  158.       'storeId' => $this->store_id,
  159.       'orderId' => $this->order_id,
  160.       'userId' => $this->user_id,
  161.       'aedSync' => 'TO_BE_SYNCED',
  162.       'status' => 'ACTIVE',
  163.       'createdDate' => new \DateTime(),
  164.       'updatedDate' => new \DateTime()
  165.     );
  166.     return new JsonResponse($ordersMiddleware->save($parameter));
  167.   }
  169.   /**
  170.    * @Route("/api/shopify/callback/cancel/order", name="api_shopify_callback_cancel_order", methods={"POST"})
  171.    */
  172.   public function cancelOrder(Request $requestOrdersMiddleware $ordersMiddleware): JsonResponse
  173.   {
  174.     if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  175.       throw new MethodNotAllowedHttpException(["error" => "Invalid Request Method"], 405);
  176.     } else if (!$this->hmac) {
  177.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  178.     } else if (!$this->postdata) {
  179.       throw new NotFoundHttpException("Request Body not present");
  180.     } else if (!$this->store_id) {
  181.       throw new NotFoundHttpException("Store Id not present");
  182.     } else if (!$this->order_id) {
  183.       throw new NotFoundHttpException("Order Id not present");
  184.     } else if (!$this->verifyWebhook($this->postdata$this->hmac)) {
  185.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  186.     }
  188.     $shopifyUserData $this->userMiddleware->get(array('store' => $this->store_id));
  189.     if (!$shopifyUserData || !$shopifyUserData->getId()) {
  190.       throw new NotFoundHttpException("No user-id found in store");
  191.     }
  192.     $this->user_id $shopifyUserData->getId();
  194.     $parameter = array(
  195.       'storeId' => $this->store_id,
  196.       'orderId' => $this->order_id,
  197.       'json' => $this->postdata,
  198.       'userId' => $this->user_id,
  199.       'aedSync' => 'TO_BE_SYNCED',
  200.       'status' => 'ACTIVE',
  201.       'createdDate' => new \DateTime(),
  202.       'updatedDate' => new \DateTime()
  203.     );
  204.     return new JsonResponse($ordersMiddleware->save($parameter));
  205.   }
  207.   /**
  208.    * @Route("/api/shopify/callback/payment/order", name="api_shopify_callback_payment_order", methods={"POST"})
  209.    */
  210.   public function orderPayment(Request $requestOrdersMiddleware $ordersMiddleware): JsonResponse
  211.   {
  212.     if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  213.       throw new MethodNotAllowedHttpException(["error" => "Invalid Request Method"], 405);
  214.     } else if (!$this->hmac) {
  215.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  216.     } else if (!$this->postdata) {
  217.       throw new NotFoundHttpException("Request Body not present");
  218.     } else if (!$this->store_id) {
  219.       throw new NotFoundHttpException("Store Id not present");
  220.     } else if (!$this->order_id) {
  221.       throw new NotFoundHttpException("Order Id not present");
  222.     } else if (!$this->verifyWebhook($this->postdata$this->hmac)) {
  223.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  224.     }
  226.     $shopifyUserData $this->userMiddleware->get(array('store' => $this->store_id));
  227.     if (!$shopifyUserData || !$shopifyUserData->getId()) {
  228.       throw new NotFoundHttpException("No user-id found in store");
  229.     }
  230.     $this->user_id $shopifyUserData->getId();
  232.     $parameter = array(
  233.       'storeId' => $this->store_id,
  234.       'orderId' => $this->order_id,
  235.       'json' => $this->postdata,
  236.       'userId' => $this->user_id,
  237.       'aedSync' => 'TO_BE_SYNCED',
  238.       'status' => 'ACTIVE',
  239.       'createdDate' => new \DateTime(),
  240.       'updatedDate' => new \DateTime()
  241.     );
  242.     return new JsonResponse($ordersMiddleware->save($parameter));
  243.   }
  245.   /**
  246.    * @Route("/api/shopify/callback/shop/update", name="api_shopify_callback_shop_update", methods={"POST"})
  247.    */
  248.   public function updateShop(Request $request): JsonResponse
  249.   {
  250.     if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  251.       throw new MethodNotAllowedHttpException(["error" => "Invalid Request Method"], 405);
  252.     } else if (!$this->hmac) {
  253.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  254.     } else if (!$this->postdata) {
  255.       throw new NotFoundHttpException("Request Body not present");
  256.     } else if (!$this->verifyWebhook($this->postdata$this->hmac)) {
  257.       throw new UnauthorizedHttpException("Unauthorized Request"401);
  258.     }
  260.     return new JsonResponse($this->postdata);
  261.   }
  262. }