HEX
Server: Apache
System: Linux WWW 6.1.0-40-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.153-1 (2025-09-20) x86_64
User: web11 (1011)
PHP: 8.2.29
Disabled: NONE
$ pwd: /var/www/payments-gateway/src/Controller/
Upload Files
File: /var/www/payments-gateway/src/Controller/PaymentController.php
<?php

namespace App\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use App\Service\PaymentService;

final class PaymentController extends AbstractController
{
    public function __construct(private PaymentService $paymentService) {}

    #[Route('/', name: 'home')]
    public function index(): Response
    {
        return $this->render('index.html.twig', [
            'title' => 'Sveiki atvykę!',
        ]);
    }

    #[Route('/hello', name: 'test')]
    public function index2(): Response
    {
        return $this->render('index.html.twig', [
            'title' => 'Sveiki atvykę!',
        ]);
    }

    #[Route('/api/labas', name: 'api')]
    public function api(): Response
    {
        return $this->render('index.html.twig', [
            'title' => 'Sveiki atvykę!',
        ]);
    }

    #[Route('/api/payment/initiate', name: 'payment_initiate', methods: ['POST'])]
    public function initiate(Request $request): JsonResponse
    {
        $data = json_decode($request->getContent(), true);

        if (!isset($data['order_reference'], $data['student_id'], $data['amount'])) {
            return $this->json(['error' => 'Trūksta privalomų laukų'], 400);
        }

        try {
            $result = $this->paymentService->initiatePayment($data);
            return $this->json(['payment_link' => $result['payment_link']]);
        } catch (\Exception $e) {
            return $this->json(['error' => 'EveryPay klaida: ' . $e->getMessage()], 500);
        }
    }

    #[Route('/payment/return', name: 'payment_return')]
    public function returnFromPayment(Request $request): Response
    {
        $orderRef = $request->query->get('order_ref');
        $payment = $this->paymentService->getPaymentRepository()->find($orderRef);

        if (!$payment || $payment->getStatus() !== 'completed') {
            return new Response('Mokėjimas nepatvirtintas arba neegzistuoja.', 400);
        }

        return $this->redirect('https://ps.university.lt/psp/CS91DEV/?cmd=payment_complete&ref=' . $orderRef);
    }

    #[Route('/api/payment/webhook', name: 'payment_webhook', methods: ['POST'])]
    public function webhook(Request $request): JsonResponse
    {
        $body = $request->getContent();
        $signature = $request->headers->get('Authorization');

        if (!$this->paymentService->verifyHmac($body, $signature)) {
            return $this->json(['error' => 'Invalid HMAC signature'], 403);
        }

        $data = json_decode($body, true);
        $this->paymentService->processWebhook($data);

        return $this->json(['status' => 'OK']);
    }
}
@ Telegram