vovafeldman · December 16, 2018 12:47
diff --git a/.env b/.env
 FS_API_SCOPE="developer"
 FS_API_DEV_ID=000
 FS_API_PUBLIC_KEY=""
 FS_API_SECRET_KEY=""

 TICKSY_SECRET_KEY=""
diff --git a/class-xt-fremius-api.php b/class-xt-fremius-api.php
 <?php
 require_once 'freemius/FreemiusBase.php';
 require_once 'freemius/Freemius.php';

 use Carbon\Carbon;

 class XT_Freemius_Api
 {
    
    /**
     * 
     * @var Singleton
     */
    private static $instance;
    
    protected $freemius;
    
    public function __construct()
    {
        
        // Init Freemius API.
        $this->freemius = new Freemius_Api(getenv('FS_API_SCOPE'), getenv('FS_API_DEV_ID'), getenv('FS_API_PUBLIC_KEY'), getenv('FS_API_SECRET_KEY'));
    }
    
    public static function instance()
    {
        if (is_null(self::$instance)) {
            self::$instance = new self();
        }
        return self::$instance;
    }
    
    public function api($endpoint, $method, $args = array())
    {
        
        return $this->freemius->Api($endpoint, $method, $args);
    }
    
    public function verifyPurchase($product_id, $license_key)
    {
        
        $response = $this->api('/plugins/' . $product_id . '/licenses.json', 'GET', array(
            'search' => $license_key
        ));
        
        $license = !empty($response->licenses) ? array_shift($response->licenses) : null;
        
        // License found and matches product id / license key
        if (!empty($license) && ($license->plugin_id === $product_id) && $license->secret_key === $license_key) {
            
            $expiration = Carbon::parse($license->expiration);
            $today      = Carbon::now();
            
            // Check if expired
            return $expiration >= $today;
        }
        
        // License not found
        return false;
    }
    
 }
diff --git a/composer.json b/composer.json
 {
    "require": {
        "vlucas/phpdotenv": "^2.5",
        "nesbot/carbon": "^2.7"
    }
 }
diff --git a/freemius-ticksy.php b/freemius-ticksy.php
 <?php
 require 'vendor/autoload.php';

 $dotenv = new Dotenv\Dotenv(__DIR__);
 $dotenv->load();

 require_once('class-xt-fremius-api.php');

 use Carbon\Carbon;

 $request_body = file_get_contents('php://input');
 $data         = json_decode($request_body, true);

 $hash = base64_encode(hash_hmac('sha256', $request_body, getenv('TICKSY_SECRET_KEY'), true));

 // In case of a match, the data is guaranteed to be authentic and is intact.

 if (!empty($_SERVER['HTTP_X_TICKSY_SIGNATURE']) && $hash === $_SERVER['HTTP_X_TICKSY_SIGNATURE']) {
    
    // If envato_id is available in the payload, Fail the request, Customer probably selected the wrong category.
    
    if (!empty($data['envato_id'])) {
        
        $return = array(
            'success' => false,
            'message' => 'Please connect using your Envato account to validate your purchase!'
        );
        
    } else {
        
        // Ticksy Category IDs to Freemius product IDs mapping
        $products_map = array(
            '100014149' => '2907',
            '100014155' => '2905'
        );
        
        // Customer License Code
        $license_key = $data['code'];
        
        // Ticksy Category ID
        $category_id = $data['category_id'];
        
        // Check if a valid freemius product
        if (!empty($products_map[$category_id])) {
            
            $product_id = $products_map[$category_id];
            
            // Validate Freemius License
            $valid = XT_Freemius_Api::instance()->verifyPurchase($product_id, $license_key);
            
            if ($valid) {
                
                // Valid freemius license
                $return = array(
                    'success' => true,
                    'message' => 'License validated successfully!'
                );
                
            } else {
                
                // Invalid freemius license
                $return = array(
                    'success' => false,
                    'message' => 'Invalid license!'
                );
            }
            
        } else {
            
            // If not a freemius product, it means it's a ticksy category not related to any paid products. 
            // Return as succeeded to allow support for other free products. (optional)
            $return = array(
                'success' => true,
                'message' => 'License validated successfully!'
            );
        }
    }
    
 } else {
    
    $return = array(
        'success' => false,
        'message' => 'Restricted Area!'
    );
 }

 die(json_encode($return));
	FS_API_SCOPE="developer"
	FS_API_DEV_ID=000
	FS_API_PUBLIC_KEY=""
	FS_API_SECRET_KEY=""

	TICKSY_SECRET_KEY=""
	<?php
	require_once 'freemius/FreemiusBase.php';
	require_once 'freemius/Freemius.php';

	use Carbon\Carbon;

	class XT_Freemius_Api
	{

	/**
	*
	* @var Singleton
	*/
	private static $instance;

	protected $freemius;

	public function __construct()
	{

	// Init Freemius API.
	$this->freemius = new Freemius_Api(getenv('FS_API_SCOPE'), getenv('FS_API_DEV_ID'), getenv('FS_API_PUBLIC_KEY'), getenv('FS_API_SECRET_KEY'));
	}

	public static function instance()
	{
	if (is_null(self::$instance)) {
	self::$instance = new self();
	}
	return self::$instance;
	}

	public function api($endpoint, $method, $args = array())
	{

	return $this->freemius->Api($endpoint, $method, $args);
	}

	public function verifyPurchase($product_id, $license_key)
	{

	$response = $this->api('/plugins/' . $product_id . '/licenses.json', 'GET', array(
	'search' => $license_key
	));

	$license = !empty($response->licenses) ? array_shift($response->licenses) : null;

	// License found and matches product id / license key
	if (!empty($license) && ($license->plugin_id === $product_id) && $license->secret_key === $license_key) {

	$expiration = Carbon::parse($license->expiration);
	$today = Carbon::now();

	// Check if expired
	return $expiration >= $today;
	}

	// License not found
	return false;
	}

	}
	{
	"require": {
	"vlucas/phpdotenv": "^2.5",
	"nesbot/carbon": "^2.7"
	}
	}
	<?php
	require 'vendor/autoload.php';

	$dotenv = new Dotenv\Dotenv(__DIR__);
	$dotenv->load();

	require_once('class-xt-fremius-api.php');

	use Carbon\Carbon;

	$request_body = file_get_contents('php://input');
	$data = json_decode($request_body, true);

	$hash = base64_encode(hash_hmac('sha256', $request_body, getenv('TICKSY_SECRET_KEY'), true));

	// In case of a match, the data is guaranteed to be authentic and is intact.

	if (!empty($_SERVER['HTTP_X_TICKSY_SIGNATURE']) && $hash === $_SERVER['HTTP_X_TICKSY_SIGNATURE']) {

	// If envato_id is available in the payload, Fail the request, Customer probably selected the wrong category.

	if (!empty($data['envato_id'])) {

	$return = array(
	'success' => false,
	'message' => 'Please connect using your Envato account to validate your purchase!'
	);

	} else {

	// Ticksy Category IDs to Freemius product IDs mapping
	$products_map = array(
	'100014149' => '2907',
	'100014155' => '2905'
	);

	// Customer License Code
	$license_key = $data['code'];

	// Ticksy Category ID
	$category_id = $data['category_id'];

	// Check if a valid freemius product
	if (!empty($products_map[$category_id])) {

	$product_id = $products_map[$category_id];

	// Validate Freemius License
	$valid = XT_Freemius_Api::instance()->verifyPurchase($product_id, $license_key);

	if ($valid) {

	// Valid freemius license
	$return = array(
	'success' => true,
	'message' => 'License validated successfully!'
	);

	} else {

	// Invalid freemius license
	$return = array(
	'success' => false,
	'message' => 'Invalid license!'
	);
	}

	} else {

	// If not a freemius product, it means it's a ticksy category not related to any paid products.
	// Return as succeeded to allow support for other free products. (optional)
	$return = array(
	'success' => true,
	'message' => 'License validated successfully!'
	);
	}
	}

	} else {

	$return = array(
	'success' => false,
	'message' => 'Restricted Area!'
	);
	}

	die(json_encode($return));