jenkins-bot has submitted this change and it was merged. Change subject: Astropay result switcher ......................................................................
Astropay result switcher * override isResponse * list params we expect to get POSTed back to resultswitcher * resultswitcher sets txn and feeds params to adapter * check signatures (using appropriate login) Bug: T90504 Change-Id: I323966c9ac7899989c8a54303bc9e84745d13935 --- M astropay_gateway/astropay.adapter.php M astropay_gateway/astropay_resultswitcher.body.php M tests/Adapter/Astropay/AstropayTest.php 3 files changed, 104 insertions(+), 1 deletion(-) Approvals: Awight: Looks good to me, approved jenkins-bot: Verified diff --git a/astropay_gateway/astropay.adapter.php b/astropay_gateway/astropay.adapter.php index 74278e9..90b2f2e 100644 --- a/astropay_gateway/astropay.adapter.php +++ b/astropay_gateway/astropay.adapter.php @@ -219,6 +219,20 @@ 'x_currency', ) ); + + // Not for running with do_transaction, just a handy place to keep track + // of what we expect POSTed to the resultswitcher. + $this->transactions[ 'ProcessReturn' ] = array( + 'request' => array( + 'result', + 'x_invoice', + 'x_iduser', + 'x_description', + 'x_document', + 'x_amount', + 'x_control', + ) + ); } public function definePaymentMethods() { @@ -462,6 +476,21 @@ function processResponse( $response = null, &$retryVars = null ) { switch( $this->getCurrentTransaction() ) { + case 'PaymentStatus': + if ( !$this->verifyStatusSignature( $response['data'] ) ) { + $this->logger->error( 'Bad signature in response to PaymentStatus call.' ); + return 'BAD_SIGNATURE'; + } + break; + case 'ProcessReturn': + if ( !$this->verifyStatusSignature( $this->staged_data ) ) { + $this->logger->error( 'Bad signature in data POSTed to resultswitcher' ); + return 'BAD_SIGNATURE'; + } + $status = $this->findCodeAction( 'PaymentStatus', 'result', $this->staged_data['result'] ); + $this->logger->info( "Payment status $status coming back to ResultSwitcher" ); + $this->finalizeInternalStatus( $status ); + break; case 'NewInvoice': $errors = $this->getTransactionErrors(); if ( isset( $errors[self::DUPLICATE_ORDER_ID_ERROR] ) ) { @@ -481,7 +510,13 @@ * @return boolean true when signature is valid, otherwise false */ function verifyStatusSignature( $data ) { - $message = $this->accountInfo['Status']['Login'] . + if ( $this->getCurrentTransaction() === 'ProcessReturn' ) { + $login = $this->accountInfo['Create']['Login']; + } else { + $login = $this->accountInfo['Status']['Login']; + } + + $message = $login . $data['result'] . $data['x_amount'] . $data['x_invoice']; @@ -496,4 +531,13 @@ hash_hmac( 'sha256', pack( 'A*', $message ), pack( 'A*', $key ) ) ); } + + function isResponse() { + // We expect the resultswitcher page has fed us with enough POSTed + // params to verify a signature + return isset( $this->staged_data['result'] ) && + isset( $this->staged_data['x_amount'] ) && + isset( $this->staged_data['x_invoice'] ) && + isset( $this->staged_data['x_control'] ); + } } diff --git a/astropay_gateway/astropay_resultswitcher.body.php b/astropay_gateway/astropay_resultswitcher.body.php index cc27a88..b335908 100644 --- a/astropay_gateway/astropay_resultswitcher.body.php +++ b/astropay_gateway/astropay_resultswitcher.body.php @@ -8,6 +8,11 @@ } protected function handleRequest() { + $this->adapter->setCurrentTransaction( 'ProcessReturn' ); + + $params = $this->getRequest()->getValues(); + $this->adapter->addResponseData( $params ); + $this->handleResultRequest(); } } diff --git a/tests/Adapter/Astropay/AstropayTest.php b/tests/Adapter/Astropay/AstropayTest.php index 55c38ed..9c57262 100644 --- a/tests/Adapter/Astropay/AstropayTest.php +++ b/tests/Adapter/Astropay/AstropayTest.php @@ -197,4 +197,58 @@ $valid = $gateway->verifyStatusSignature( $results ); $this->assertFalse( $valid, 'Signature should not be interpreted as valid' ); } + + /** + * If status is paid and signature is correct, processResponse should return + * null and final status should be 'completed' + */ + function testSuccessfulReturn() { + $init = $this->getDonorTestData( 'BR' ); + $_SESSION['Donor']['order_id'] = '123456789'; + $gateway = $this->getFreshGatewayObject( $init ); + + // Next lines mimic Astropay resultswitcher + $gateway->setCurrentTransaction( 'ProcessReturn' ); + $gateway->addResponseData( array( + 'result' => '9', + 'x_amount' => '100.00', + 'x_amount_usd' => '42.05', + 'x_control' => 'DDF89085AC70C0B0628150C51D64419D8592769F2439E3936570E26D24881730', + 'x_description' => 'Donation to the Wikimedia Foundation', + 'x_document' => '32869', + 'x_iduser' => '08feb2d12771bbcfeb86', + 'x_invoice' => '123456789', + ) ); + + $result = $gateway->processResponse( null ); + $status = $gateway->getFinalStatus(); + $this->assertNull( $result ); + $this->assertEquals( 'complete', $status ); + } + + /** + * If payment is rejected, final status should be 'failed' + */ + function testRejectedReturn() { + $init = $this->getDonorTestData( 'BR' ); + $_SESSION['Donor']['order_id'] = '123456789'; + $gateway = $this->getFreshGatewayObject( $init ); + + $gateway->setCurrentTransaction( 'ProcessReturn' ); + $gateway->addResponseData( array( + 'result' => '8', // rejected by bank + 'x_amount' => '100.00', + 'x_amount_usd' => '42.05', + 'x_control' => '706F57BC3E74906B14B1DEB946F027104513797CC62AC0F5107BC98F42D5DC95', + 'x_description' => 'Donation to the Wikimedia Foundation', + 'x_document' => '32869', + 'x_iduser' => '08feb2d12771bbcfeb86', + 'x_invoice' => '123456789', + ) ); + + $result = $gateway->processResponse( null ); + $status = $gateway->getFinalStatus(); + $this->assertNull( $result ); + $this->assertEquals( 'failed', $status ); + } } -- To view, visit https://gerrit.wikimedia.org/r/205646 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I323966c9ac7899989c8a54303bc9e84745d13935 Gerrit-PatchSet: 8 Gerrit-Project: mediawiki/extensions/DonationInterface Gerrit-Branch: master Gerrit-Owner: Ejegg <eeggles...@wikimedia.org> Gerrit-Reviewer: Awight <awi...@wikimedia.org> Gerrit-Reviewer: Ejegg <eeggles...@wikimedia.org> Gerrit-Reviewer: Ssmith <ssm...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits