<?php
$incoming=file_get_contents("php://input");
$details=json_decode($incoming,true);

$transactionId=$details['transactionId']; 
//$token=$details['token'];


$baseURL="https://devpayouts.tnmmpamba.co.mw/api";

$wallet="505073"; 
$password="N8O7L0vpl5mflfwHzf4DSle9bToV*";//CEDAR PASSWORD & All other wallets

$res=authenticate($baseURL, $wallet, $password); 

//echo print_r($res,true); 
$bearerToken=$res['token'];


$res=checkPaymentStatus($transactionId, $bearerToken, $baseURL);  
echo(print_r($res,true));

function checkPaymentStatus($transactionId, $bearerToken, $baseURL)
{
    $url = rtrim($baseURL, '/') . "/payments/" . urlencode($transactionId);

    $ch = curl_init();

    curl_setopt_array($ch, array(
        CURLOPT_URL            => $url,
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_HTTPHEADER     => array(
            "Authorization: Bearer " . $bearerToken,
            "Accept: application/json"
        ),
        CURLOPT_TIMEOUT        => 30
    ));

    $response = curl_exec($ch);

    if ($response === false) {
        $error = curl_error($ch);
        curl_close($ch);

        return array(
            "status"  => "ERROR",
            "message" => "cURL error: " . $error
        );
    }

    $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);

    $decoded = json_decode($response, true);

    if ($httpCode !== 200 || !$decoded) {
        return array(
            "status"     => "FAILED",
            "http_code"  => $httpCode,
            "raw"        => $response
        );
    }

    // Safely extract data
    $data = $decoded['data'] ?? [];

    $success     = $data['success'] ?? false;
    $resultCode  = $data['result_code'] ?? null;
    $receipt     = $data['receipt_number'] ?? null;

    // Determine final status
    if ($success === true && $resultCode === "0") {
        $finalStatus = "SUCCESS";
    } else {
        $finalStatus = "PENDING"; // default fallback
    }

    return array(
        "status"             => $finalStatus,
        "transaction_id"     => $data['transaction_id'] ?? $transactionId,
        "receipt_number"     => $receipt,
        "result_code"        => $resultCode,
        "result_description" => $data['result_description'] ?? null,
        "created_at"         => $data['created_at'] ?? null,
        "message"            => $decoded['message'] ?? null,
        "raw_response"       => $decoded
    );
}


function authenticate($baseURL, $wallet, $password)
{
    $url = rtrim($baseURL, '/') . '/authenticate';

    $postData = json_encode([
        'wallet' => $wallet,
        'password' => $password
    ]);

    
    $ch = curl_init($url);

    
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // Return the response
    curl_setopt($ch, CURLOPT_POST, true);           // Use POST method
    curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);// Set the request body
    curl_setopt($ch, CURLOPT_HTTPHEADER, [
        'Content-Type: application/json',
        'Content-Length: ' . strlen($postData)
    ]);

    // Execute the request
    $response = curl_exec($ch);

    // Check for cURL errors
    if (curl_errno($ch)) {
        curl_close($ch);
        return [
            'success' => false,
            'error' => 'Curl error: ' . curl_error($ch)
        ];
    }

    // Get HTTP status code
    $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); 
    curl_close($ch);

    // Decode JSON response
    $result = json_decode($response, true);

    // Check if token is present
    if ($httpCode === 200 && isset($result['data']['token'])) {
        return [
            'success' => true,
            'token' => $result['data']['token'],
            'expires_at' => $result['data']['expires_at']
        ];
    } else {
        return [
            'success' => false,
            'error' => $result['message'] ?? 'Unknown error',
            'details' => $result['errors'] ?? []
        ];
    }
}

?>