Merge pull request 'refactored incoming signature validator to use form fields instead of httprequest' (#111 ) from payments into master

Reviewed-on: #111
refactored incoming signature validator to use form fields instead of httprequest
2026-06-13 15:58:58 +02:00 · 2026-06-13 15:58:30 +02:00 · 2026-06-13 15:50:20 +02:00 · 2026-06-13 15:49:45 +02:00 · 2026-06-13 15:45:59 +02:00 · 2026-06-13 12:08:23 +02:00
3 changed files with 31 additions and 2 deletions
@@ -148,6 +148,7 @@

  <!-- Shared Usings -->
  <ItemGroup>
+    <Using Include="Microsoft.AspNetCore.Http" />
    <Using Include="System.Net.Sockets" />
    <Using Include="System.Text.RegularExpressions" />
    <Using Include="System.Web" />
@@ -48,6 +48,36 @@ public sealed partial class PayfastService(IDbContextFactory<MidrandBooksDbConte
        }
    }

+    public static bool VerifyIncomingSignature(IDictionary<string, string> formFields, string passphrase)
+    {
+        if (!formFields.TryGetValue("signature", out string? incomingSignature))
+            return false;
+
+        var stringBuilder = new StringBuilder();
+
+        foreach (var key in formFields.Keys)
+        {
+            if (key.Equals("signature", StringComparison.OrdinalIgnoreCase))
+                continue;
+
+            string rawValue = formFields[key] ?? string.Empty;
+
+            string encodedVal = HttpUtility.UrlEncode(rawValue.Trim());
+            string cleanVal = PercentEncodingRegex.Replace(encodedVal, m => m.Value.ToUpperInvariant());
+
+            stringBuilder.Append($"{key}={cleanVal}&");
+        }
+
+        string encodedPassphrase = HttpUtility.UrlEncode(passphrase.Trim());
+        string safePassphrase = PercentEncodingRegex.Replace(encodedPassphrase, m => m.Value.ToUpperInvariant());
+
+        stringBuilder.Append($"passphrase={safePassphrase}");
+
+        string generatedSignature = HashService.ToMd5Hash(stringBuilder.ToString()).Value;
+
+        return incomingSignature.Equals(generatedSignature, StringComparison.OrdinalIgnoreCase);
+    }
+
    public async ValueTask<Result<bool>> ValidateReferrerIpAsync(string remoteIpAddress, bool allowLoopback = false, CancellationToken cancellationToken = default)
    {
        if(payfastOptions.Value?.ValidHosts?.Length == 0)
@@ -4,8 +4,6 @@
    "ValidHosts": [
      "www.payfast.co.za",
      "sandbox.payfast.co.za",
-      "w1w.payfast.co.za",
-      "w2w.payfast.co.za",
      "ips.payfast.co.za",
      "api.payfast.co.za",
      "payment.payfast.io"
Author	SHA1	Message	Date
khwezi	da5f233c3b	Merge pull request 'refactored incoming signature validator to use form fields instead of httprequest' (#111 ) from payments into master Reviewed-on: #111	2026-06-13 15:58:58 +02:00
Khwezi Mngoma	02d89eec4f	refactored incoming signature validator to use form fields instead of httprequest continuous-integration/drone/pr Build is passing Details	2026-06-13 15:58:30 +02:00
khwezi	95dc2e2da2	Merge pull request 'payments' (#110 ) from payments into master Reviewed-on: #110	2026-06-13 15:50:20 +02:00
Khwezi Mngoma	59fc0432b4	ensure alphabetical sorting continuous-integration/drone/pr Build is passing Details	2026-06-13 15:49:45 +02:00
Khwezi Mngoma	99c0508f6f	Implemented separate signature validator	2026-06-13 15:45:59 +02:00
Khwezi Mngoma	b984dab2be	Updated valid payfast addresses	2026-06-13 12:08:23 +02:00