Merge pull request 'Using IFormCollection for VerifyIncomingSignatureFromForm' (#112 ) from payments into master

Reviewed-on: #112
Using IFormCollection for VerifyIncomingSignatureFromForm
2026-06-13 16:05:57 +02:00 · 2026-06-13 16:03:31 +02:00 · 2026-06-13 15:58:58 +02:00 · 2026-06-13 15:58:30 +02:00
1 changed files with 10 additions and 12 deletions
@@ -48,26 +48,24 @@ public sealed partial class PayfastService(IDbContextFactory<MidrandBooksDbConte
        }
    }

-    public static bool VerifyIncomingSignature(HttpRequest request, string passphrase)
+    public static bool VerifyIncomingSignatureFromForm(IFormCollection formCollection, string passphrase)
    {
-        var formFields = new Dictionary<string, string>(StringComparer.Ordinal);
+        var sortedFields = new Dictionary<string, string>(StringComparer.Ordinal);

-        foreach (var file in request.Form)
-            formFields.Add(file.Key, file.Value.ToString());
+        foreach (var field in formCollection)
+        {
+            sortedFields.Add(field.Key, field.Value.ToString());
+        }

-        if (!formFields.TryGetValue("signature", out string? incomingSignature))
-            return false;
+        if (!sortedFields.TryGetValue("signature", out var incomingSignature)) return false;

        var stringBuilder = new StringBuilder();

-        foreach (var key in formFields.Keys)
+        foreach (var key in sortedFields.Keys)
        {
-            if (key.Equals("signature", StringComparison.OrdinalIgnoreCase))
-                continue;
+            if (key.Equals("signature", StringComparison.OrdinalIgnoreCase)) continue;

-            string rawValue = formFields[key] ?? string.Empty;
-
-            string encodedVal = HttpUtility.UrlEncode(rawValue.Trim());
+            string encodedVal = HttpUtility.UrlEncode(sortedFields[key].Trim());
            string cleanVal = PercentEncodingRegex.Replace(encodedVal, m => m.Value.ToUpperInvariant());

            stringBuilder.Append($"{key}={cleanVal}&");
Author	SHA1	Message	Date
khwezi	0d5702f0fe	Merge pull request 'Using IFormCollection for VerifyIncomingSignatureFromForm' (#112 ) from payments into master Reviewed-on: #112	2026-06-13 16:05:57 +02:00
Khwezi Mngoma	e4c3779092	Using IFormCollection for VerifyIncomingSignatureFromForm continuous-integration/drone/pr Build is passing Details	2026-06-13 16:03:31 +02:00
khwezi	da5f233c3b	Merge pull request 'refactored incoming signature validator to use form fields instead of httprequest' (#111 ) from payments into master Reviewed-on: #111	2026-06-13 15:58:58 +02:00
Khwezi Mngoma	02d89eec4f	refactored incoming signature validator to use form fields instead of httprequest continuous-integration/drone/pr Build is passing Details	2026-06-13 15:58:30 +02:00