Validating Modal Callback Data
Hash Verification
During the End to End Process, the transaction_logged or transaction_failed callbacks would have called with the transaction response passed to them. Should you wish to validate a response, you will need to obtain the values for id
, status
and total
as well as the channel secret for the channel you are using.
From there, you can use the TmtAuthstring\Validate
class on the TMT Github Page following the example shown.
Alternatively, you can write your own verification method based on the example below:
Example
$values = [
'id' => $id,
'status' => $status,
'total' => $total
];
$varString = implode('&', $values);
$authString = hash('sha256', $varString);
$validHash = hash('sha256', $authString . $channel_secret);
if (hash_equals($hash, $validHash)) {
// Valid hash.
};
API Verification
The "id" can be used to verify the transaction via a GET /transactions/id request to the TMTProtects API.