hutko/assets/components/minishop2/payment/hutko.php

<?php
define('MODX_API_MODE', true);
require dirname(dirname(dirname(dirname(dirname(__FILE__))))) . '/index.php';

$modx->getService('error', 'error.modError');
$modx->setLogLevel(modX::LOG_LEVEL_ERROR);
$modx->setLogTarget('FILE');

$miniShop2 = $modx->getService('minishop2');
$miniShop2->loadCustomClasses('payment');

if (!class_exists('Hutko')) {
	header("HTTP/1.0 400 Bad Request");
	exit('Error: could not load payment class "Hutko".');
}

$callbackContent = $_POST;
if (empty($callbackContent)) {
	$callbackContent = json_decode(file_get_contents("php://input"), true);
}
if (empty($callbackContent) || !isset($callbackContent['order_id'])) {
	header("HTTP/1.0 400 Bad Request");
	die();
}

// 2. Extract Order ID safely. We need order to retrieve proper payment config for further signature validation
$order_id_parts = explode(Hutko::ORDER_SEPARATOR, $callbackContent['order_id']);
$order_id = (int)$order_id_parts[0];
if ($order_id < 1) {
	header("HTTP/1.0 400 Bad Request");
	die();
}
// 3. Fetch the Order
$order = $modx->getObject('msOrder', $order_id);
if (!$order) {
	header("HTTP/1.0 400 Bad Request");
	die();
}

$payment = $order->getOne('Payment');
if (!$payment) {
	header("HTTP/1.0 400 Bad Request");
	die();
}

if ($payment = $order->getOne('Payment')) {
	if ($class = $payment->get('class')) {
		$miniShop2->loadCustomClasses('payment');
		if (class_exists($class)) {
			/** @var msPaymentHandler|PayPal $handler */
			$handler = new $class($order);
			if (method_exists($handler, 'processCallback')) {
				$link = $handler->processCallback($order, $callbackContent);
				
			}
		}
	}
}

// it should exit in processCallback, but to be shure we safely end execution here too
die('OK');