Implemented separate signature validator
This commit is contained in:
Khwezi Mngoma
@@ -148,6 +148,7 @@
|
|||||||
|
|
||||||
<!-- Shared Usings -->
|
<!-- Shared Usings -->
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
|
<Using Include="Microsoft.AspNetCore.Http" />
|
||||||
<Using Include="System.Net.Sockets" />
|
<Using Include="System.Net.Sockets" />
|
||||||
<Using Include="System.Text.RegularExpressions" />
|
<Using Include="System.Text.RegularExpressions" />
|
||||||
<Using Include="System.Web" />
|
<Using Include="System.Web" />
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ using LiteCharms.Features.Api.Configuration;
|
|||||||
using LiteCharms.Features.Hasher;
|
using LiteCharms.Features.Hasher;
|
||||||
using LiteCharms.Features.MidrandBooks.Payments.Models;
|
using LiteCharms.Features.MidrandBooks.Payments.Models;
|
||||||
using LiteCharms.Features.MidrandBooks.Postgres;
|
using LiteCharms.Features.MidrandBooks.Postgres;
|
||||||
|
using Microsoft.AspNetCore.Http;
|
||||||
|
|
||||||
namespace LiteCharms.Features.MidrandBooks.Payments;
|
namespace LiteCharms.Features.MidrandBooks.Payments;
|
||||||
|
|
||||||
@@ -48,6 +49,35 @@ public sealed partial class PayfastService(IDbContextFactory<MidrandBooksDbConte
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static bool VerifyIncomingSignature(HttpRequest request, string passphrase)
|
||||||
|
{
|
||||||
|
var formFields = request.Form.ToDictionary(x => x.Key, x => x.Value.ToString());
|
||||||
|
|
||||||
|
if (!formFields.TryGetValue("signature", out string? incomingSignature))
|
||||||
|
return false;
|
||||||
|
|
||||||
|
var stringBuilder = new StringBuilder();
|
||||||
|
|
||||||
|
foreach (var key in formFields.Keys)
|
||||||
|
{
|
||||||
|
if (key.Equals("signature", StringComparison.OrdinalIgnoreCase))
|
||||||
|
continue;
|
||||||
|
|
||||||
|
string encodedVal = HttpUtility.UrlEncode(formFields[key].Trim());
|
||||||
|
string cleanVal = PercentEncodingRegex.Replace(encodedVal, m => m.Value.ToUpperInvariant());
|
||||||
|
|
||||||
|
stringBuilder.Append($"{key}={cleanVal}&");
|
||||||
|
}
|
||||||
|
|
||||||
|
string encodedPassphrase = HttpUtility.UrlEncode(passphrase.Trim());
|
||||||
|
string safePassphrase = PercentEncodingRegex.Replace(encodedPassphrase, m => m.Value.ToUpperInvariant());
|
||||||
|
|
||||||
|
stringBuilder.Append($"passphrase={safePassphrase}");
|
||||||
|
|
||||||
|
string generatedSignature = HashService.ToMd5Hash(stringBuilder.ToString()).Value;
|
||||||
|
return incomingSignature.Equals(generatedSignature, StringComparison.OrdinalIgnoreCase);
|
||||||
|
}
|
||||||
|
|
||||||
public async ValueTask<Result<bool>> ValidateReferrerIpAsync(string remoteIpAddress, bool allowLoopback = false, CancellationToken cancellationToken = default)
|
public async ValueTask<Result<bool>> ValidateReferrerIpAsync(string remoteIpAddress, bool allowLoopback = false, CancellationToken cancellationToken = default)
|
||||||
{
|
{
|
||||||
if(payfastOptions.Value?.ValidHosts?.Length == 0)
|
if(payfastOptions.Value?.ValidHosts?.Length == 0)
|
||||||
|
|||||||
Reference in New Issue
Block a user