Issue #19 extend test to include additional signature fields in callback.

Author: judgej

src/Message/ServerCompleteAuthorizeRequest.php

@@ -9,14 +9,25 @@
  */
 class ServerCompleteAuthorizeRequest extends AbstractRequest
 {
-    public function getData()
+    /**
+     * Get the signature calculated from the three pieces of saved local
+     * information:
+     * * VendorTxCode - merchant site ID (aka transactionId).
+     * * VPSTxId - SagePay ID (aka transactionReference)
+     * * SecurityKey - SagePay one-use token.
+     * and the POSTed transaction results.
+     * Note that the three items above are passed in as a single JSON structure
+     * as the transactionReference. Would be nice if that were just the fallback,
+     * if not passed in as three separate items to the relevant fields.
+     */
+    public function getSignature()
     {
         $this->validate('transactionId', 'transactionReference');
 
         $reference = json_decode($this->getTransactionReference(), true);
 
-        // validate VPSSignature
-        $signature = md5(
+        // Re-create the VPSSignature
+        $signature_string =
             $reference['VPSTxId'].
             $reference['VendorTxCode'].
             $this->httpRequest->request->get('Status').
@@ -40,8 +51,17 @@ public function getData()
             $this->httpRequest->request->get('DeclineCode', '').
             $this->httpRequest->request->get('ExpiryDate', '').
             $this->httpRequest->request->get('FraudResponse', '').
-            $this->httpRequest->request->get('BankAuthCode', '')
-        );
+            $this->httpRequest->request->get('BankAuthCode', '');
+
+        return md5($signature_string);
+    }
+
+    /**
+     * Get the POSTed data, checking that the signature is valid.
+     */
+    public function getData()
+    {
+        $signature = $this->getSignature();
 
         if (strtolower($this->httpRequest->request->get('VPSSignature')) !== $signature) {
             throw new InvalidResponseException;

tests/Message/ServerCompleteAuthorizeResponseTest.php

@@ -25,6 +25,9 @@ public function testServerCompleteAuthorizeResponseSuccess()
                 'PayerStatus' => 'k',
                 'CardType' => 'l',
                 'Last4Digits' => 'm',
+                'DeclineCode' => '00',
+                'ExpiryDate' => '0722',
+                'BankAuthCode' => '999777',
             )
         );
 

tests/ServerGatewayTest.php

@@ -76,14 +76,24 @@ public function testCompleteAuthorizeSuccess()
                 'PayerStatus' => 'k',
                 'CardType' => 'l',
                 'Last4Digits' => 'm',
-                'VPSSignature' => md5('{F955C22E-F67B-4DA3-8EA3-6DAC68FA59D2}438791OKbexamplecJEUPDN1N7Edefghijklm'),
+                // New fields for protocol v3.00
+                'DeclineCode' => '00',
+                'ExpiryDate' => '0722',
+                'BankAuthCode' => '999777',
+                'VPSSignature' => md5(
+                    '{F955C22E-F67B-4DA3-8EA3-6DAC68FA59D2}'
+                    . '438791' . 'OK' . 'bexamplecJEUPDN1N7Edefghijklm' . '00' . '0722' . '999777'
+                ),
             )
         );
 
         $response = $this->gateway->completeAuthorize($this->completePurchaseOptions)->send();
 
         $this->assertTrue($response->isSuccessful());
-        $this->assertSame('{"SecurityKey":"JEUPDN1N7E","TxAuthNo":"b","VPSTxId":"{F955C22E-F67B-4DA3-8EA3-6DAC68FA59D2}","VendorTxCode":"123"}', $response->getTransactionReference());
+        $this->assertSame(
+            '{"SecurityKey":"JEUPDN1N7E","TxAuthNo":"b","VPSTxId":"{F955C22E-F67B-4DA3-8EA3-6DAC68FA59D2}","VendorTxCode":"123"}',
+            $response->getTransactionReference()
+        );
         $this->assertNull($response->getMessage());
     }