From 7961d934ba2d55dce7e5015a43c08b77929f3b58 Mon Sep 17 00:00:00 2001 From: Khwezi Mngoma Date: Wed, 3 Jun 2026 00:37:59 +0200 Subject: [PATCH] Added loopback address whitelisting override --- .../PayfastPaymentConfirmationReceivedEventHandler.cs | 2 +- .../Events/PayfastPaymentConfirmationReceivedEvent.cs | 9 ++++++--- .../Payments/PayfastService.cs | 8 +++++++- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/LiteCharms.Features.MidrandBooks/Payments/Events/Handlers/PayfastPaymentConfirmationReceivedEventHandler.cs b/LiteCharms.Features.MidrandBooks/Payments/Events/Handlers/PayfastPaymentConfirmationReceivedEventHandler.cs index fb785f8..dcd943a 100644 --- a/LiteCharms.Features.MidrandBooks/Payments/Events/Handlers/PayfastPaymentConfirmationReceivedEventHandler.cs +++ b/LiteCharms.Features.MidrandBooks/Payments/Events/Handlers/PayfastPaymentConfirmationReceivedEventHandler.cs @@ -61,7 +61,7 @@ public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvi if (notification.PerformBackgroundChecks) { - var isHostValid = await payfastService.ValidateReferrerIpAsync(notification.RemoteIpAddress!, cancellationToken); + var isHostValid = await payfastService.ValidateReferrerIpAsync(notification.RemoteIpAddress!, notification.AllowLoopback, cancellationToken); if (isHostValid.IsFailed) throw new Exception("Security validation exception: Webhook packet source address failed cluster validation checks."); diff --git a/LiteCharms.Features.MidrandBooks/Payments/Events/PayfastPaymentConfirmationReceivedEvent.cs b/LiteCharms.Features.MidrandBooks/Payments/Events/PayfastPaymentConfirmationReceivedEvent.cs index b95d292..edd0f71 100644 --- a/LiteCharms.Features.MidrandBooks/Payments/Events/PayfastPaymentConfirmationReceivedEvent.cs +++ b/LiteCharms.Features.MidrandBooks/Payments/Events/PayfastPaymentConfirmationReceivedEvent.cs @@ -13,15 +13,18 @@ public sealed class PayfastPaymentConfirmationReceivedEvent : EventBase, IEvent public bool PerformBackgroundChecks { get; set; } + public bool AllowLoopback { get; set; } + public PayfastPaymentConfirmationReceivedEvent() { } - private PayfastPaymentConfirmationReceivedEvent(PayfastWebhookPayload? payload, string paymentId, bool performBackgroundChecks = true) + private PayfastPaymentConfirmationReceivedEvent(PayfastWebhookPayload? payload, string paymentId, bool performBackgroundChecks = true, bool allowLoopback = false) { Payload = payload; CorrelationId = paymentId; PerformBackgroundChecks = performBackgroundChecks; + AllowLoopback = allowLoopback; } - public static PayfastPaymentConfirmationReceivedEvent Create(PayfastWebhookPayload? payload, string paymentId, bool performBackgroundChecks = true) => - new(payload, paymentId, performBackgroundChecks); + public static PayfastPaymentConfirmationReceivedEvent Create(PayfastWebhookPayload? payload, string paymentId, bool performBackgroundChecks = true, bool allowLoopback = false) => + new(payload, paymentId, performBackgroundChecks, allowLoopback); } diff --git a/LiteCharms.Features.MidrandBooks/Payments/PayfastService.cs b/LiteCharms.Features.MidrandBooks/Payments/PayfastService.cs index 3329c99..7167285 100644 --- a/LiteCharms.Features.MidrandBooks/Payments/PayfastService.cs +++ b/LiteCharms.Features.MidrandBooks/Payments/PayfastService.cs @@ -49,7 +49,7 @@ public sealed partial class PayfastService(IDbContextFactory> ValidateReferrerIpAsync(string remoteIpAddress, CancellationToken cancellationToken = default) + public async ValueTask> ValidateReferrerIpAsync(string remoteIpAddress, bool allowLoopback = false, CancellationToken cancellationToken = default) { if (string.IsNullOrWhiteSpace(remoteIpAddress)) return Result.Fail("Remote IP address is null or whitespace."); @@ -74,6 +74,12 @@ public sealed partial class PayfastService(IDbContextFactory