Merge branch 2.3-develop into ENGCOM-4502-magento-magento2-21774

Author: magento-engcom-team

CHANGELOG.md

@@ -626,7 +626,7 @@ Tests:
     * Fixed an issue where filters were not shown on product reviews report grid
     * Fixed an issue where second customer address was not deleted from customer account
     * Fixed an issue where custom options pop-up was still displayed after submit
-    * Fixed an issue where Second Product was not added to Shopping Cart from Wishlist at first atempt
+    * Fixed an issue where Second Product was not added to Shopping Cart from Wishlist at first attempt
     * Fixed an issue where customer invalid email message was not displayed
     * Fixed an issue where All Access Tokens for Customer without Tokens could not be revoked
     * Fixed an issue where it was impossible to add Product to Shopping Cart from shared Wishlist

app/code/Magento/AdvancedPricingImportExport/Model/Import/AdvancedPricing.php

@@ -185,6 +185,7 @@ class AdvancedPricing extends \Magento\ImportExport\Model\Import\Entity\Abstract
      * @param AdvancedPricing\Validator\Website $websiteValidator
      * @param AdvancedPricing\Validator\TierPrice $tierPriceValidator
      * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+     * @throws \Exception
      */
     public function __construct(
         \Magento\Framework\Json\Helper\Data $jsonHelper,
@@ -255,6 +256,7 @@ public function getEntityTypeCode()
      * @param array $rowData
      * @param int $rowNum
      * @return bool
+     * @throws \Zend_Validate_Exception
      */
     public function validateRow(array $rowData, $rowNum)
     {
@@ -308,6 +310,7 @@ protected function _importData()
      * Save advanced pricing
      *
      * @return $this
+     * @throws \Exception
      */
     public function saveAdvancedPricing()
     {
@@ -319,6 +322,7 @@ public function saveAdvancedPricing()
      * Deletes Advanced price data from raw data.
      *
      * @return $this
+     * @throws \Exception
      */
     public function deleteAdvancedPricing()
     {
@@ -347,6 +351,7 @@ public function deleteAdvancedPricing()
      * Replace advanced pricing
      *
      * @return $this
+     * @throws \Exception
      */
     public function replaceAdvancedPricing()
     {
@@ -360,6 +365,7 @@ public function replaceAdvancedPricing()
      * @return $this
      * @SuppressWarnings(PHPMD.CyclomaticComplexity)
      * @SuppressWarnings(PHPMD.NPathComplexity)
+     * @throws \Exception
      */
     protected function saveAndReplaceAdvancedPrices()
     {
@@ -368,8 +374,8 @@ protected function saveAndReplaceAdvancedPrices()
             $this->_cachedSkuToDelete = null;
         }
         $listSku = [];
+        $tierPrices = [];
         while ($bunch = $this->_dataSourceModel->getNextBunch()) {
-            $tierPrices = [];
             foreach ($bunch as $rowNum => $rowData) {
                 if (!$this->validateRow($rowData, $rowNum)) {
                     $this->addRowError(ValidatorInterface::ERROR_SKU_IS_EMPTY, $rowNum);
@@ -397,15 +403,8 @@ protected function saveAndReplaceAdvancedPrices()
                     ];
                 }
             }
-            if (\Magento\ImportExport\Model\Import::BEHAVIOR_REPLACE == $behavior) {
-                if ($listSku) {
-                    $this->processCountNewPrices($tierPrices);
-                    if ($this->deleteProductTierPrices(array_unique($listSku), self::TABLE_TIER_PRICE)) {
-                        $this->saveProductPrices($tierPrices, self::TABLE_TIER_PRICE);
-                        $this->setUpdatedAt($listSku);
-                    }
-                }
-            } elseif (\Magento\ImportExport\Model\Import::BEHAVIOR_APPEND == $behavior) {
+
+            if (\Magento\ImportExport\Model\Import::BEHAVIOR_APPEND == $behavior) {
                 $this->processCountExistingPrices($tierPrices, self::TABLE_TIER_PRICE)
                     ->processCountNewPrices($tierPrices);
 
@@ -415,6 +414,17 @@ protected function saveAndReplaceAdvancedPrices()
                 }
             }
         }
+
+        if (\Magento\ImportExport\Model\Import::BEHAVIOR_REPLACE == $behavior) {
+            if ($listSku) {
+                $this->processCountNewPrices($tierPrices);
+                if ($this->deleteProductTierPrices(array_unique($listSku), self::TABLE_TIER_PRICE)) {
+                    $this->saveProductPrices($tierPrices, self::TABLE_TIER_PRICE);
+                    $this->setUpdatedAt($listSku);
+                }
+            }
+        }
+
         return $this;
     }
 
@@ -424,6 +434,7 @@ protected function saveAndReplaceAdvancedPrices()
      * @param array $priceData
      * @param string $table
      * @return $this
+     * @throws \Exception
      */
     protected function saveProductPrices(array $priceData, $table)
     {
@@ -455,6 +466,7 @@ protected function saveProductPrices(array $priceData, $table)
      * @param array $listSku
      * @param string $table
      * @return boolean
+     * @throws \Exception
      */
     protected function deleteProductTierPrices(array $listSku, $table)
     {
@@ -532,6 +544,7 @@ protected function getCustomerGroupId($customerGroup)
      * Retrieve product skus
      *
      * @return array
+     * @throws \Exception
      */
     protected function retrieveOldSkus()
     {
@@ -552,6 +565,7 @@ protected function retrieveOldSkus()
      * @param array $prices
      * @param string $table
      * @return $this
+     * @throws \Exception
      */
     protected function processCountExistingPrices($prices, $table)
     {

app/code/Magento/Authorizenet/Model/Directpost.php

@@ -546,15 +546,16 @@ public function setResponseData(array $postData)
     public function validateResponse()
     {
         $response = $this->getResponse();
-        //md5 check
-        if (!$this->getConfigData('trans_md5')
-            || !$this->getConfigData('login')
-            || !$response->isValidHash($this->getConfigData('trans_md5'), $this->getConfigData('login'))
+        $hashConfigKey = !empty($response->getData('x_SHA2_Hash')) ? 'signature_key' : 'trans_md5';
+
+        //hash check
+        if (!$response->isValidHash($this->getConfigData($hashConfigKey), $this->getConfigData('login'))
         ) {
             throw new \Magento\Framework\Exception\LocalizedException(
                 __('The transaction was declined because the response hash validation failed.')
             );
         }
+
         return true;
     }
 

app/code/Magento/Authorizenet/Model/Directpost/Request.php

@@ -8,6 +8,8 @@
 namespace Magento\Authorizenet\Model\Directpost;
 
 use Magento\Authorizenet\Model\Request as AuthorizenetRequest;
+use Magento\Framework\App\ObjectManager;
+use Magento\Framework\Intl\DateTimeFactory;
 
 /**
  * Authorize.net request model for DirectPost model
@@ -20,10 +22,35 @@ class Request extends AuthorizenetRequest
      */
     protected $_transKey = null;
 
+    /**
+     * Hexadecimal signature key.
+     *
+     * @var string
+     */
+    private $signatureKey = '';
+
+    /**
+     * @var DateTimeFactory
+     */
+    private $dateTimeFactory;
+
+    /**
+     * @param array $data
+     * @param DateTimeFactory $dateTimeFactory
+     */
+    public function __construct(
+        array $data = [],
+        DateTimeFactory $dateTimeFactory = null
+    ) {
+        $this->dateTimeFactory = $dateTimeFactory ?? ObjectManager::getInstance()
+                ->get(DateTimeFactory::class);
+        parent::__construct($data);
+    }
+
     /**
      * Return merchant transaction key.
      *
-     * Needed to generate sign.
+     * Needed to generate MD5 sign.
      *
      * @return string
      */
@@ -35,7 +62,7 @@ protected function _getTransactionKey()
     /**
      * Set merchant transaction key.
      *
-     * Needed to generate sign.
+     * Needed to generate MD5 sign.
      *
      * @param string $transKey
      * @return $this
@@ -47,7 +74,7 @@ protected function _setTransactionKey($transKey)
     }
 
     /**
-     * Generates the fingerprint for request.
+     * Generates the MD5 fingerprint for request.
      *
      * @param string $merchantApiLoginId
      * @param string $merchantTransactionKey
@@ -67,7 +94,7 @@ public function generateRequestSign(
     ) {
         return hash_hmac(
             "md5",
-            $merchantApiLoginId . "^" . $fpSequence . "^" . $fpTimestamp . "^" . $amount . "^" . $currencyCode,
+            $merchantApiLoginId . '^' . $fpSequence . '^' . $fpTimestamp . '^' . $amount . '^' . $currencyCode,
             $merchantTransactionKey
         );
     }
@@ -82,7 +109,7 @@ public function setConstantData(\Magento\Authorizenet\Model\Directpost $paymentM
     {
         $this->setXVersion('3.1')->setXDelimData('FALSE')->setXRelayResponse('TRUE');
 
-        $this->setXTestRequest($paymentMethod->getConfigData('test') ? 'TRUE' : 'FALSE');
+        $this->setSignatureKey($paymentMethod->getConfigData('signature_key'));
 
         $this->setXLogin($paymentMethod->getConfigData('login'))
             ->setXMethod(\Magento\Authorizenet\Model\Authorizenet::REQUEST_METHOD_CC)
@@ -173,17 +200,81 @@ public function setDataFromOrder(
      */
     public function signRequestData()
     {
-        $fpTimestamp = time();
-        $hash = $this->generateRequestSign(
-            $this->getXLogin(),
-            $this->_getTransactionKey(),
-            $this->getXAmount(),
-            $this->getXCurrencyCode(),
-            $this->getXFpSequence(),
-            $fpTimestamp
-        );
+        $fpDate = $this->dateTimeFactory->create('now', new \DateTimeZone('UTC'));
+        $fpTimestamp = $fpDate->getTimestamp();
+
+        if (!empty($this->getSignatureKey())) {
+            $hash = $this->generateSha2RequestSign(
+                (string)$this->getXLogin(),
+                (string)$this->getSignatureKey(),
+                (string)$this->getXAmount(),
+                (string)$this->getXCurrencyCode(),
+                (string)$this->getXFpSequence(),
+                $fpTimestamp
+            );
+        } else {
+            $hash = $this->generateRequestSign(
+                $this->getXLogin(),
+                $this->_getTransactionKey(),
+                $this->getXAmount(),
+                $this->getXCurrencyCode(),
+                $this->getXFpSequence(),
+                $fpTimestamp
+            );
+        }
+
         $this->setXFpTimestamp($fpTimestamp);
         $this->setXFpHash($hash);
+
         return $this;
     }
+
+    /**
+     * Generates the SHA2 fingerprint for request.
+     *
+     * @param string $merchantApiLoginId
+     * @param string $merchantSignatureKey
+     * @param string $amount
+     * @param string $currencyCode
+     * @param string $fpSequence An invoice number or random number.
+     * @param int $fpTimestamp
+     * @return string The fingerprint.
+     */
+    private function generateSha2RequestSign(
+        string $merchantApiLoginId,
+        string $merchantSignatureKey,
+        string $amount,
+        string $currencyCode,
+        string $fpSequence,
+        int $fpTimestamp
+    ): string {
+        $message = $merchantApiLoginId . '^' . $fpSequence . '^' . $fpTimestamp . '^' . $amount . '^' . $currencyCode;
+
+        return strtoupper(hash_hmac('sha512', $message, pack('H*', $merchantSignatureKey)));
+    }
+
+    /**
+     * Return merchant hexadecimal signature key.
+     *
+     * Needed to generate SHA2 sign.
+     *
+     * @return string
+     */
+    private function getSignatureKey(): string
+    {
+        return $this->signatureKey;
+    }
+
+    /**
+     * Set merchant hexadecimal signature key.
+     *
+     * Needed to generate SHA2 sign.
+     *
+     * @param string $signatureKey
+     * @return void
+     */
+    private function setSignatureKey(string $signatureKey)
+    {
+        $this->signatureKey = $signatureKey;
+    }
 }