Developer
<?php
namespace PhpOffice\PhpSpreadsheet\Shared;
use PhpOffice\PhpSpreadsheet\Exception as SpException;
use PhpOffice\PhpSpreadsheet\Worksheet\Protection;
class PasswordHasher
{
const MAX_PASSWORD_LENGTH = 255;
/**
* Get algorithm name for PHP.
*/
private static function getAlgorithm(string $algorithmName): string
{
if (!$algorithmName) {
return '';
}
// Mapping between algorithm name in Excel and algorithm name in PHP
$mapping = [
Protection::ALGORITHM_MD2 => 'md2',
Protection::ALGORITHM_MD4 => 'md4',
Protection::ALGORITHM_MD5 => 'md5',
Protection::ALGORITHM_SHA_1 => 'sha1',
Protection::ALGORITHM_SHA_256 => 'sha256',
Protection::ALGORITHM_SHA_384 => 'sha384',
Protection::ALGORITHM_SHA_512 => 'sha512',
Protection::ALGORITHM_RIPEMD_128 => 'ripemd128',
Protection::ALGORITHM_RIPEMD_160 => 'ripemd160',
Protection::ALGORITHM_WHIRLPOOL => 'whirlpool',
];
if (array_key_exists($algorithmName, $mapping)) {
return $mapping[$algorithmName];
}
throw new SpException('Unsupported password algorithm: ' . $algorithmName);
}
/**
* Create a password hash from a given string.
*
* This method is based on the spec at:
* https://interoperability.blob.core.windows.net/files/MS-OFFCRYPTO/[MS-OFFCRYPTO].pdf
* 2.3.7.1 Binary Document Password Verifier Derivation Method 1
*
* It replaces a method based on the algorithm provided by
* Daniel Rentz of OpenOffice and the PEAR package
* Spreadsheet_Excel_Writer by Xavier Noguer <xnoguer@rezebra.com>.
*
* Scrutinizer will squawk at the use of bitwise operations here,
* but it should ultimately pass.
*
* @param string $password Password to hash
*/
private static function defaultHashPassword(string $password): string
{
$verifier = 0;
$pwlen = strlen($password);
$passwordArray = pack('c', $pwlen) . $password;
for ($i = $pwlen; $i >= 0; --$i) {
$intermediate1 = (($verifier & 0x4000) === 0) ? 0 : 1;
$intermediate2 = 2 * $verifier;
$intermediate2 = $intermediate2 & 0x7fff;
$intermediate3 = $intermediate1 | $intermediate2;
$verifier = $intermediate3 ^ ord($passwordArray[$i]);
}
$verifier ^= 0xCE4B;
return strtoupper(dechex($verifier));
}
/**
* Create a password hash from a given string by a specific algorithm.
*
* 2.4.2.4 ISO Write Protection Method
*
* @see https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-offcrypto/1357ea58-646e-4483-92ef-95d718079d6f
*
* @param string $password Password to hash
* @param string $algorithm Hash algorithm used to compute the password hash value
* @param string $salt Pseudorandom string
* @param int $spinCount Number of times to iterate on a hash of a password
*
* @return string Hashed password
*/
public static function hashPassword(string $password, string $algorithm = '', string $salt = '', int $spinCount = 10000): string
{
if (strlen($password) > self::MAX_PASSWORD_LENGTH) {
throw new SpException('Password exceeds ' . self::MAX_PASSWORD_LENGTH . ' characters');
}
$phpAlgorithm = self::getAlgorithm($algorithm);
if (!$phpAlgorithm) {
return self::defaultHashPassword($password);
}
$saltValue = base64_decode($salt);
$encodedPassword = mb_convert_encoding($password, 'UCS-2LE', 'UTF-8');
$hashValue = hash($phpAlgorithm, $saltValue . /** @scrutinizer ignore-type */ $encodedPassword, true);
for ($i = 0; $i < $spinCount; ++$i) {
$hashValue = hash($phpAlgorithm, $hashValue . pack('L', $i), true);
}
return base64_encode($hashValue);
}
}
Developer
Get access token to initiates payment transaction.
| Parameter | Type | Comments |
|---|---|---|
| client_id | string | Enter merchant API client/primary key |
| secret_id | string | Enter merchant API secret key |
| env | string | Enter merchant API environment |
| merchant_id | string | Enter merchant API merchant id |
Request Example (guzzle)
<?php
require_once('vendor/autoload.php');
$client = new \GuzzleHttp\Client();
$response = $client->request('POST', $base_url. 'v1/generate-token', [
'headers' => [
'accept' => 'application/json',
'content-type' => 'application/json',
],
'form_params' => [
'client_id' => '$client_id',
'secret_id' => 'secret_id',
'env' => 'env',
'merchant_id' => 'merchant_id',
],
]);
echo $response->getBody();
**Response: SUCCESS (200 OK)**
{
"message": {
"success": [
"Successfully token is generated"
]
},
"data": {
"token":"eyJpdiI6InpkczhjTjhQdVhUL2lKQ0pSUUx6aUE9PSIsInZhbHVlIjoiVGVBTVBDTXltbjNZcEIvdEJveGpTSno3TU5NRUtnVkhCZ1pHTFNCUnZGQ2UxMnYxN202cEE1YVRDTEFsc0ZERExoTjdtL0dTL2xoU3QzeUJJOExiMUx5T0w1L0llUXhTUkU1cWVLWEdEbEplb0dKNXcwbTNRM0VxdkUwYzZuNFdtNkhMQ0pRZysyNWkvdzBxSlBoSVBSOGFTekNnR2RXNHVtcG9lMGZOTmNCcm1hR3c5Sk9KTnB4Y3ltZDl6cm90MThrR21Ca3B1azc3bXRiQ0J6SW96UVo1elNkU1ZqeE05bTcwWGp1MEUxWlJFdnNWTmpSbnVpeW92b2U4dXZkUGgyb1VmK0luaGdyaFlsVTZlcVpVRnZlTG1DeFF6Ykk2T2h6Z3JzbnIyNHpNdHowSE5JdDR0Y0pZT20zUm1XYW8iLCJtYWMiOiJlY2M4NGE1OGUzYzkzYzk0YzljNmVmNjE0YWI0ZDIwOGI3NDQ2YWEyY2ZhNzc0NzE4ZmY1ZmYyMz
IyZmQzNDY1IiwidGFnIjoiIn0=",
},
"type": "success"
}
**Response: ERROR (400 FAILED)**
{
"message": {
"error": [
"Invalid credentials."
]
},
"data": null,
"type": "error"
}