From ed7e03232f7ce6f142805227891aa5f0150a9c77 Mon Sep 17 00:00:00 2001
From: Mario Lorenz <mario.lorenz@oxid-esales.com>
Date: Fri, 15 Nov 2024 14:06:28 +0100
Subject: [PATCH 1/3] use validate response

---
 src/Exception/TeleCashException.php                       | 5 +++++
 .../Application/Controller/PaymentController.php          | 5 +++++
 src/Extension/Application/Model/PaymentGateway.php        | 8 +++++++-
 translations/de/module_de_lang.php                        | 5 +++--
 translations/en/module_en_lang.php                        | 5 +++--
 5 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/src/Exception/TeleCashException.php b/src/Exception/TeleCashException.php
index 4cd619a..1ccc3b1 100644
--- a/src/Exception/TeleCashException.php
+++ b/src/Exception/TeleCashException.php
@@ -20,4 +20,9 @@ public function serviceNotFound(): self
     {
         return new self('TELECASH_SERVICE_MISSING');
     }
+
+    public function noValidTransactionResult(): self
+    {
+        return new self('TELECASH_NO_VALID_TRANSACTION_RESULT');
+    }
 }
diff --git a/src/Extension/Application/Controller/PaymentController.php b/src/Extension/Application/Controller/PaymentController.php
index fbcb9e9..4a75f5b 100644
--- a/src/Extension/Application/Controller/PaymentController.php
+++ b/src/Extension/Application/Controller/PaymentController.php
@@ -46,6 +46,11 @@ public function __construct()
     public function showTeleCashError(): void
     {
         $telecashConnect = $this->getTeleCashConnect();
+        if (!$telecashConnect->isValidResponse($_POST)) {
+            /** Throw an Error is too hard, but Ok for the moment, Show an Error is better */
+            throw (new TeleCashException())->noValidTransactionResult();
+        }
+
         $telecashConnect->addPostData($_POST);
 
         /** TODO follow up the work ...
diff --git a/src/Extension/Application/Model/PaymentGateway.php b/src/Extension/Application/Model/PaymentGateway.php
index ccee035..7d1c065 100644
--- a/src/Extension/Application/Model/PaymentGateway.php
+++ b/src/Extension/Application/Model/PaymentGateway.php
@@ -63,9 +63,15 @@ protected function executeTeleCashPayment(float $amount, Order $order): bool
         if (!$payment->isTeleCashPayment()) {
             return true;
         }
-        $result = false;
 
         $telecashConnect = $this->getTeleCashConnect();
+
+        if (!$telecashConnect->isValidResponse($_POST)) {
+            return false;
+        }
+
+        $result = false;
+
         $telecashConnect->addPostData($_POST);
 
         /** TODO follow up the work ... */
diff --git a/translations/de/module_de_lang.php b/translations/de/module_de_lang.php
index 03268ef..7c78107 100644
--- a/translations/de/module_de_lang.php
+++ b/translations/de/module_de_lang.php
@@ -10,8 +10,9 @@
 $aLang = [
     'charset' => 'UTF-8',
 
-    'TELECASHPAYMENT_EXISTS_FAIL' => 'Die Telecash-Zahlart konnte nicht mit dem Telecash-Ident und dem Capture-Typ gespeichert werden. Sie existiert bereits.',
-    'TELECASH_SERVICE_MISSING'    => 'Ein benötigter Service wurde nicht gefunden.',
+    'TELECASHPAYMENT_EXISTS_FAIL'          => 'Die Telecash-Zahlart konnte nicht mit dem Telecash-Ident und dem Capture-Typ gespeichert werden. Sie existiert bereits.',
+    'TELECASH_SERVICE_MISSING'             => 'Ein benötigter Service wurde nicht gefunden.',
+    'TELECASH_NO_VALID_TRANSACTION_RESULT' => 'Die Antwort von TeleCash is nicht valide. Die Hash-Prüfung ergab Fehler.',
 
     'TELECASH_ASTERISK' => '*',
 
diff --git a/translations/en/module_en_lang.php b/translations/en/module_en_lang.php
index bc13851..781871f 100644
--- a/translations/en/module_en_lang.php
+++ b/translations/en/module_en_lang.php
@@ -10,8 +10,9 @@
 $aLang = [
     'charset' => 'UTF-8',
 
-    'TELECASHPAYMENT_EXISTS_FAIL' => 'The Telecash payment method could not be saved with the Telecash Ident and the Capture type. It already exists.',
-    'TELECASH_SERVICE_MISSING'    => 'A required service was not found.',
+    'TELECASHPAYMENT_EXISTS_FAIL'          => 'The Telecash payment method could not be saved with the Telecash Ident and the Capture type. It already exists.',
+    'TELECASH_SERVICE_MISSING'             => 'A required service was not found.',
+    'TELECASH_NO_VALID_TRANSACTION_RESULT' => 'The response from TeleCash is not valid. The hash check resulted in errors.',
 
     'TELECASH_ASTERISK' => '*',
 

From 60bbecaab0966aa52acfe22389f61e0f69dfa1e3 Mon Sep 17 00:00:00 2001
From: Mario Lorenz <mario.lorenz@oxid-esales.com>
Date: Fri, 15 Nov 2024 14:07:03 +0100
Subject: [PATCH 2/3] add XDEBUG to all URLs for better Debugging

---
 src/Core/Service/Context.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/Core/Service/Context.php b/src/Core/Service/Context.php
index db2a352..1735284 100644
--- a/src/Core/Service/Context.php
+++ b/src/Core/Service/Context.php
@@ -137,12 +137,6 @@ public function getNotificationUrl(): string
             "fnc" => "receiveNotifications",
         ];
 
-        // add xdebug in sandbox for better testing
-        $sandboxMode = !$this->moduleSettings->isLiveApiMode();
-        if ($sandboxMode) {
-            $parameter['XDEBUG_SESSION_START'] = "1";
-        }
-
         return $this->prepareUrl($parameter);
     }
 
@@ -153,6 +147,12 @@ public function getNotificationUrl(): string
      */
     private function prepareUrl(array $parameter): string
     {
+        // add xdebug in sandbox for better testing
+        $sandboxMode = !$this->moduleSettings->isLiveApiMode();
+        if ($sandboxMode) {
+            $parameter['XDEBUG_SESSION_START'] = "1";
+        }
+
         return html_entity_decode(
             $this->shopConfig->getCurrentShopUrl(false) . 'index.php?' . http_build_query($parameter)
         );

From 51c27f5eacd57be92fde3d2d704e8e4ab2abdfe3 Mon Sep 17 00:00:00 2001
From: Mario Lorenz <mario.lorenz@oxid-esales.com>
Date: Fri, 15 Nov 2024 14:15:31 +0100
Subject: [PATCH 3/3] use correct set response

---
 src/Extension/Application/Controller/PaymentController.php | 5 ++---
 src/Extension/Application/Model/PaymentGateway.php         | 4 ++--
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/Extension/Application/Controller/PaymentController.php b/src/Extension/Application/Controller/PaymentController.php
index 4a75f5b..6f6d246 100644
--- a/src/Extension/Application/Controller/PaymentController.php
+++ b/src/Extension/Application/Controller/PaymentController.php
@@ -46,13 +46,12 @@ public function __construct()
     public function showTeleCashError(): void
     {
         $telecashConnect = $this->getTeleCashConnect();
-        if (!$telecashConnect->isValidResponse($_POST)) {
+        $telecashConnect->setResponseData($_POST);
+        if (!$telecashConnect->isValidResponse()) {
             /** Throw an Error is too hard, but Ok for the moment, Show an Error is better */
             throw (new TeleCashException())->noValidTransactionResult();
         }
 
-        $telecashConnect->addPostData($_POST);
-
         /** TODO follow up the work ...
          * We´ve got TeleCashPost-Data
          * The transaction result contains error codes and error texts that we should map to the OXID variables.
diff --git a/src/Extension/Application/Model/PaymentGateway.php b/src/Extension/Application/Model/PaymentGateway.php
index 7d1c065..c5f97f2 100644
--- a/src/Extension/Application/Model/PaymentGateway.php
+++ b/src/Extension/Application/Model/PaymentGateway.php
@@ -65,8 +65,8 @@ protected function executeTeleCashPayment(float $amount, Order $order): bool
         }
 
         $telecashConnect = $this->getTeleCashConnect();
-
-        if (!$telecashConnect->isValidResponse($_POST)) {
+        $telecashConnect->setResponseData($_POST);
+        if (!$telecashConnect->isValidResponse()) {
             return false;
         }