Merge branch 'Future' of https://github.com/AuthorizeNet/sdk-php into Future

Author: brianmc

classmap.php

@@ -1,6 +1,6 @@
 <?php
-    spl_autoload_extensions(".php"); // comma-separated list
-    spl_autoload_register();
+spl_autoload_extensions(".php"); // comma-separated list
+spl_autoload_register();
 
 /**
  * A map of classname => filename for SPL autoloading.
@@ -219,6 +219,11 @@
     //'net\authorize\util\ObjectToXml' => $libDir . 'net/authorize/util/ObjectToXml.php',
     'net\authorize\util\HttpClient' => $libDir . 'net/authorize/util/HttpClient.php',
     'net\authorize\util\Helpers' => $libDir . 'net/authorize/util/Helpers.php',
+    'net\authorize\util\Log' => $libDir . 'net/authorize/util/Log.php',
+    'net\authorize\util\LogFactory' => $libDir . 'net/authorize/util/LogFactory.php',
+    'net\authorize\util\ANetSensitiveFields' => $libDir . 'net/authorize/util/ANetSensitiveFields.php',
+    'net\authorize\util\SensitiveTag' => $libDir . 'net/authorize/util/SensitiveTag.php',
+
 
     //constants
     'net\authorize\api\constants\ANetEnvironment' => $libDir . 'net/authorize/api/constants/ANetEnvironment.php',
@@ -437,4 +442,4 @@
     'net\authorize\api\controller\UpdateSplitTenderGroupController' => $libDir . 'net/authorize/api/controller/UpdateSplitTenderGroupController.php',
     'net\authorize\api\controller\ValidateCustomerPaymentProfileController' => $libDir . 'net/authorize/api/controller/ValidateCustomerPaymentProfileController.php',
 
-);
+);

lib/AuthorizeNetAIM.php

@@ -2,6 +2,7 @@
 /**
  * Easily interact with the Authorize.Net AIM API.
  *
+ * 
  * Example Authorize and Capture Transaction against the Sandbox:
  * <code>
  * <?php require_once 'AuthorizeNet.php'

lib/AuthorizeNetCIM.php

@@ -488,7 +488,10 @@ public function getValidationResponse()
     public function getCustomerProfileIds()
     {
         $ids = (array)$this->xml->ids;
-        return $ids["numericString"];
+        if(!empty($ids))
+            return $ids["numericString"];
+        else
+            return $ids;
     }
 
     /**
@@ -497,7 +500,10 @@ public function getCustomerProfileIds()
     public function getCustomerPaymentProfileIds()
     {
         $ids = (array)$this->xml->customerPaymentProfileIdList;
-        return $ids["numericString"];
+        if(!empty($ids))
+            return $ids["numericString"];
+        else
+            return $ids;
     }
 
     /**
@@ -506,7 +512,10 @@ public function getCustomerPaymentProfileIds()
     public function getCustomerShippingAddressIds()
     {
         $ids = (array)$this->xml->customerShippingAddressIdList;
-        return $ids["numericString"];
+        if(!empty($ids))
+            return $ids["numericString"];
+        else
+            return $ids;
     }
 
     /**

lib/net/authorize/api/controller/base/ApiOperationBase.php

@@ -8,14 +8,17 @@
 use Goetas\Xsd\XsdToPhp\Jms\Handler\XmlSchemaDateHandler;
 
 use \net\authorize\util\HttpClient;
+use \net\authorize\util\Helpers;
+use \net\authorize\util\LogFactory as LogFactory;
+
 
 abstract class ApiOperationBase implements IApiOperation
 {
     /**
      * @var \net\authorize\api\contract\v1\AnetApiRequestType
      */
     private $apiRequest = null;
-    
+
     /**
      * @var \net\authorize\api\contract\v1\AnetApiResponseType
      */
@@ -35,9 +38,7 @@ abstract class ApiOperationBase implements IApiOperation
      * @var \net\authorize\util\HttpClient;
      */
     public $httpClient = null;
-
-    private $_log_file = false;
-
+    private $logger = null;
     /**
      * Constructor.
      *
@@ -48,7 +49,7 @@ abstract class ApiOperationBase implements IApiOperation
     public function __construct(\net\authorize\api\contract\v1\AnetApiRequestType $request, $responseType)
     {
         date_default_timezone_set('UTC');
-        $this->_log_file = (defined('AUTHORIZENET_LOG_FILE') ? AUTHORIZENET_LOG_FILE : false);
+        $this->logger = LogFactory::getLog(get_class($this));
 
         if ( null == $request)
         {
@@ -109,21 +110,22 @@ public function execute($endPoint = \net\authorize\api\constants\ANetEnvironment
     {
         $this->beforeExecute();
 
-        file_put_contents($this->_log_file, sprintf("\n%s: Request Serialization Begin", $this->now()), FILE_APPEND);
+        $this->logger->info("Request Serialization Begin");
+        $this->logger->debug($this->apiRequest);
         $xmlRequest = $this->serializer->serialize($this->apiRequest, 'xml');
-        file_put_contents($this->_log_file, sprintf("\n%s: Request  Serialization End", $this->now()), FILE_APPEND);
-/*
-        //$xmlRequest = '<?xml version="1.0" encoding="UTF-8"?>  <ARBGetSubscriptionListRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">  <merchantAuthentication>  <name>4YJmeW7V77us</name>  <transactionKey>4qHK9u63F753be4Z</transactionKey>  </merchantAuthentication>  <refId><![CDATA[ref1416999093]]></refId>  <searchType><![CDATA[subscriptionActive]]></searchType>  <sorting>  <orderBy><![CDATA[firstName]]></orderBy>  <orderDescending>false</orderDescending>  </sorting>  <paging>  <limit>10</limit>  <offset>1</offset>  </paging>  </ARBGetSubscriptionListRequest>  ';
-*/
+        $this->logger->info("Request  Serialization End");
+        /*
+                //$xmlRequest = '<?xml version="1.0" encoding="UTF-8"?>  <ARBGetSubscriptionListRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">  <merchantAuthentication>  <name>4YJmeW7V77us</name>  <transactionKey>4qHK9u63F753be4Z</transactionKey>  </merchantAuthentication>  <refId><![CDATA[ref1416999093]]></refId>  <searchType><![CDATA[subscriptionActive]]></searchType>  <sorting>  <orderBy><![CDATA[firstName]]></orderBy>  <orderDescending>false</orderDescending>  </sorting>  <paging>  <limit>10</limit>  <offset>1</offset>  </paging>  </ARBGetSubscriptionListRequest>  ';
+        */
         $this->httpClient->setPostUrl( $endPoint);
         $xmlResponse = $this->httpClient->_sendRequest($xmlRequest);
         if ( null == $xmlResponse)
         {
             throw new \Exception( "Error getting valid response from api. Check log file for error details");
         }
-        file_put_contents($this->_log_file, sprintf("\n%s: Response De-Serialization Begin", $this->now()), FILE_APPEND);
+        $this->logger->info("Response De-Serialization Begin");
         $this->apiResponse = $this->serializer->deserialize( $xmlResponse, $this->apiResponseType , 'xml');
-        file_put_contents($this->_log_file, sprintf("\n%s: Response De-Serialization End", $this->now()), FILE_APPEND);
+        $this->logger->info("Response De-Serialization End");
 
         $this->afterExecute();
     }
@@ -147,4 +149,4 @@ protected function now()
     {
         return date( DATE_RFC2822);
     }
-}
+}

lib/net/authorize/util/ANetSensitiveFields.php

@@ -0,0 +1,64 @@
+<?php
+namespace net\authorize\util;
+
+define("ANET_SENSITIVE_XMLTAGS_JSON_FILE","AuthorizedNetSensitiveTagsConfig.json");
+
+class ANetSensitiveFields
+{
+    private static $applySensitiveTags = NULL;
+    private static $sensitiveStringRegexes = NULL;
+
+    private static function fetchFromConfigFiles(){
+        $configFilePath = dirname(__FILE__) . "/" . ANET_SENSITIVE_XMLTAGS_JSON_FILE;
+        $userConfigFilePath = ANET_SENSITIVE_XMLTAGS_JSON_FILE;
+        $presentUserConfigFile = file_exists($userConfigFilePath);
+        if ($presentUserConfigFile) { //client config for tags
+            //read list of tags(and associate regex-patterns and replacements) from .json file
+            $jsonFileObejct = json_decode(file_get_contents($userConfigFilePath));
+            $sensitiveTags = $jsonFileObejct->sensitiveTags;
+            self::$sensitiveStringRegexes = $jsonFileObejct->sensitiveStringRegexes;
+            if (json_last_error() === JSON_ERROR_NONE) {// JSON is valid
+            }
+            else{
+                echo "ERROR: Invalid json in: " . $userConfigFilePath  . " json_last_error_msg : " . json_last_error_msg();
+                $presentUserConfigFile = false;
+            }
+        }
+        if (!$presentUserConfigFile) { //default sdk config for tags
+            if(!file_exists($configFilePath)){
+                exit("ERROR: No config file: " . $configFilePath);
+            }
+            $jsonFileObejct = json_decode(file_get_contents($configFilePath));
+            file_put_contents($userConfigFilePath, json_encode($jsonFileObejct, JSON_PRETTY_PRINT));
+            $sensitiveTags = $jsonFileObejct->sensitiveTags;
+            self::$sensitiveStringRegexes = $jsonFileObejct->sensitiveStringRegexes;
+            if (json_last_error() === JSON_ERROR_NONE) {
+            }
+            else{
+                exit("ERROR: Invalid json in: " . $configFilePath  . " json_last_error_msg : " . json_last_error_msg());
+            }
+        }
+        //Check for disableMask flag in case of client json.
+        self::$applySensitiveTags = array();
+        foreach($sensitiveTags as $sensitiveTag){
+            if($sensitiveTag->disableMask){
+                //skip masking continue;
+            }
+            else{
+                array_push(self::$applySensitiveTags,$sensitiveTag);
+            }
+        }
+    }
+    public static function getSensitiveStringRegexes(){
+        if(NULL == self::$sensitiveStringRegexes) {
+            self::fetchFromConfigFiles();
+        }
+        return self::$sensitiveStringRegexes;
+    }
+    public static function getSensitiveXmlTags(){
+        if(NULL == self::$applySensitiveTags) {
+            self::fetchFromConfigFiles();
+        }
+        return self::$applySensitiveTags;
+    }
+}

lib/net/authorize/util/AuthorizedNetSensitiveTagsConfig.json

@@ -0,0 +1,49 @@
+{
+    "sensitiveTags": [
+        {
+            "tagName": "cardCode",
+            "pattern": "",
+            "replacement": "",
+            "disableMask": false
+        },
+        {
+            "tagName": "cardNumber",
+            "pattern": "(\\p{N}+)(\\p{N}{4})",
+            "replacement": "xxxx-$2",
+            "disableMask": false
+        },
+        {
+            "tagName": "expirationDate",
+            "pattern": "",
+            "replacement": "",
+            "disableMask": false
+        },
+        {
+            "tagName": "accountNumber",
+            "pattern": "(\\p{N}+)(\\p{N}{4})",
+            "replacement": "xxxx-$2",
+            "disableMask": false
+        },
+        {
+            "tagName": "nameOnAccount",
+            "pattern": "",
+            "replacement": "",
+            "disableMask": false
+        },
+        {
+            "tagName": "transactionKey",
+            "pattern": "",
+            "replacement": "",
+            "disableMask": false
+        }
+    ],
+    "sensitiveStringRegexes": [
+        "4\\p{N}{3}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+        "4\\p{N}{3}([\\ \\-]?)(?:\\p{N}{4}\\1){2}\\p{N}(?:\\p{N}{3})?",
+        "5[1-5]\\p{N}{2}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+        "6(?:011|22(?:1(?=[\\ \\-]?(?:2[6-9]|[3-9]))|[2-8]|9(?=[\\ \\-]?(?:[01]|2[0-5])))|4[4-9]\\p{N}|5\\p{N}\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+        "35(?:2[89]|[3-8]\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
+        "3[47]\\p{N}\\p{N}([\\ \\-]?)\\p{N}{6}\\1\\p{N}{5}"
+    ]
+}
+

lib/net/authorize/util/HttpClient.php

@@ -1,6 +1,9 @@
 <?php
 namespace net\authorize\util;
 
+use net\authorize\util\LogFactory;
+use net\authorize\util\Log;
+
 /**
  * A class to send a request to the XML API.
  *
@@ -13,14 +16,15 @@ class HttpClient
 
     public $VERIFY_PEER = true; // attempt trust validation of SSL certificates when establishing secure connections.
     private $_log_file = false;
-
+    private $logger = NULL;
     /**
      * Constructor.
      *
      */
     public function __construct()
     {
         $this->_log_file = (defined('AUTHORIZENET_LOG_FILE') ? AUTHORIZENET_LOG_FILE : false);
+        $this->logger = LogFactory::getLog(get_class($this));
         date_default_timezone_set('UTC');
     }
 
@@ -71,38 +75,38 @@ public function _sendRequest($xmlRequest)
         curl_setopt($curl_request, CURLOPT_RETURNTRANSFER, 1);
         curl_setopt($curl_request, CURLOPT_SSL_VERIFYHOST, 2);
 
-        file_put_contents($this->_log_file, sprintf("\n%s: Url: %s", $this->now(), $post_url), FILE_APPEND);
+        $this->logger->info(sprintf(" Url: %s", $post_url));
         // Do not log requests that could contain CC info.
-        file_put_contents($this->_log_file, sprintf("\n%s:Request to AnetApi: \n%s", $this->now(), $xmlRequest), FILE_APPEND);
+        $this->logger->info(sprintf("Request to AnetApi: \n%s", $xmlRequest));
 
         if ($this->VERIFY_PEER) {
             curl_setopt($curl_request, CURLOPT_CAINFO, dirname(dirname(__FILE__)) . '/../../ssl/cert.pem');
         } else {
-            if ($this->_log_file) {
-                file_put_contents($this->_log_file, "\nInvalid SSL option for the request", FILE_APPEND);
-            }
+            $this->logger("Invalid SSL option for the request");
             return false;
         }
 
         if (preg_match('/xml/',$post_url)) {
             curl_setopt($curl_request, CURLOPT_HTTPHEADER, Array("Content-Type: text/xml"));
-            file_put_contents($this->_log_file, "\nSending 'XML' Request type", FILE_APPEND);
+//            file_put_contents($this->_log_file, "\nSending 'XML' Request type", FILE_APPEND);
+            $this->logger->info("Sending 'XML' Request type");
         }
 
         try
         {
-            file_put_contents($this->_log_file, sprintf("\n%s:Sending http request via Curl", $this->now()), FILE_APPEND);
+            $this->logger->info("Sending http request via Curl");
             $xmlResponse = curl_exec($curl_request);
-            file_put_contents($this->_log_file, sprintf("\n%s:Response from AnetApi: \n%s\n", $this->now(), $xmlResponse), FILE_APPEND);
+            $this->logger->info("Response from AnetApi: $xmlResponse");
+
         } catch (\Exception $ex)
         {
             $errorMessage = sprintf("\n%s:Error making http request via curl: Code:'%s', Message:'%s', Trace:'%s', File:'%s':'%s'",
                 $this->now(), $ex->getCode(), $ex->getMessage(), $ex->getTraceAsString(), $ex->getFile(), $ex->getLine() );
-            file_put_contents($this->_log_file, $errorMessage, FILE_APPEND);
+            $this->logger->error($errorMessage);
         }
         if ($this->_log_file) {
             if ($curl_error = curl_error($curl_request)) {
-                file_put_contents($this->_log_file, sprintf("\n%s:CURL ERROR: %s", $this->now(), $curl_error), FILE_APPEND);
+                $this->logger->error("CURL ERROR: $curl_error");
             }
 
         }
@@ -115,4 +119,4 @@ private function now()
     {
         return date( DATE_RFC2822);
     }
-}
+}