CODEWITHSUNDEEP
phprubycallbackpostbackhmacsha1
Quentin
Quentin

Reputation: 305

Converting code to Ruby in PHP for Callback file

As part of an integration of OfferWall, I am asked by my service provider to provide a Callback file making it possible to return parameters from servers to servers (S2S) once an investigation is complete, for example. The provider in question, however, requests to use a signature verification system using the HMAC SHA-1 hash protocol. This one provided me with an example file, problem they only have Ruby developers and I would need the equivalence in PHP. I tried to convert from what I received in Ruby to PHP but I still cannot verify the signature through a condition which will then make a request to the server of my website.

Here is the code provided by the service provider in Ruby:

def index

    url = request.original_url

    Alerts::Notify.delay.send(1,"#{params} - IP: #{request.ip} - #{request.fullpath}", "#callback_testing")

    app = App.find(params[:app_id])
    secret_key = app.secret_key

    signature = Base64.encode64(OpenSSL::HMAC.digest('sha1', secret_key, url.split("&hash=")[0]))

    enc = signature.gsub("+", "-").gsub("/","_").gsub("=","").gsub("\n", "")
    encoded_hash = "#{enc}"

    if encoded_hash == params[:hash]
      #puts "Golden boy"
    else
      #puts "You dun messed up son"
    end

    render plain: "foogile"

  end

Here is my code in PHP:

    $key = "my-secret-key";

    $URL = array(
        'user_id' => $_GET['user_id'],
        'app_id' => '16982',
        'reward' => $_GET['reward'],
        'status' => $_GET['status'],
        'currency' => $_GET['currency'],
        'screenout' => $_GET['screenout'],
        'tx_id' => $_GET['tx_id'],
        'debug' => 'true',
        'hash' => $_GET['hash'],
    );

    $URL = 'https://fortool.fr/win/surveys/theoremreach/index.php?'. http_build_query($URL);


    $encoded_key = utf8_encode($key);
    $encoded_URL = utf8_encode($URL);
    $hashed = hash_hmac('sha1', $encoded_URL, $encoded_key);
    $digested_hash = pack('H*',$hashed);
    $base64_encoded_result = base64_encode($digested_hash);
    $final_result = str_replace(["+","/","="],["-","_",""],utf8_decode($base64_encoded_result));

    if($hash == $base64_encoded_result) {
        echo "1";
    } else {
        echo "0";
    } // It always returns 0

Thank you in advance for your help

Upvotes: 0

Views: 162

Answers (1)

Leone Caramanica
Leone Caramanica

Reputation: 11

I hope this answer will be helpful for anyone who is facing the same problem. I was struggling for 1 day trying to solve that $final_result is different from $hash, coming to the conclusion that from the url you have to remove the hash, so it will become

$URL = array(
    'user_id' => $_GET['user_id'],
    'app_id' => $_GET['app_id'],
    'reward' => $_GET['reward'],
    'status' => $_GET['status'],
    'currency' => $_GET['currency'],
    'screenout' => $_GET['screenout'],
    'profiler' => $_GET['profiler'],
    'tx_id' => $_GET['tx_id'],
    'debug' => $_GET['debug']
);

Upvotes: 1

Related Questions