Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 khwezi
|
b369dad452 | ||
 Khwezi Mngoma
|
ac31c6ada8 | ||
|
khwezi
|
c938bfec09 | ||
|
Khwezi Mngoma
|
5eb6dbc8b2 |
@@ -1,4 +1,6 @@
|
||||
using LiteCharms.Features.Hasher;
|
||||
using LiteCharms.Features.Models;
|
||||
using static LiteCharms.Features.Extensions.Hash;
|
||||
|
||||
namespace LiteCharms.Features.Tests;
|
||||
|
||||
@@ -65,17 +67,18 @@ public class HashServiceFeatureTests(Fixture fixture) : IClassFixture<Fixture>
|
||||
{
|
||||
var paymentId = hashService.HashEncodeLongId(1001).Value;
|
||||
|
||||
var incomingForm = new Dictionary<string, string>
|
||||
var payload = new PayfastWebhookPayload
|
||||
{
|
||||
{ "m_payment_id", paymentId },
|
||||
{ "amount", "350.00" },
|
||||
{ "item_name", "System Architecture Book" }
|
||||
Amount = "350.00",
|
||||
ItemName = "System Architecture Book",
|
||||
MPaymentId = paymentId,
|
||||
};
|
||||
|
||||
var rawPayload = $"amount=350.00&item_name=System+Architecture+Book&m_payment_id={paymentId}&passphrase={payfastPassphrase}";
|
||||
var rawPayload = payload.ToRawPayfastPayload(payfastPassphrase);
|
||||
|
||||
var generatedSignature = HashService.ToMd5Hash(rawPayload).Value;
|
||||
|
||||
var result = hashService.VerifyPayfastWebhookSignature(incomingForm, generatedSignature);
|
||||
var result = hashService.VerifyPayfastWebhookSignature(payload, generatedSignature);
|
||||
|
||||
Assert.True(result.IsSuccess);
|
||||
Assert.True(result.Value);
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
using LiteCharms.Features.Hasher;
|
||||
using LiteCharms.Features.Hasher.Configuration;
|
||||
using LiteCharms.Features.Models;
|
||||
|
||||
namespace LiteCharms.Features.Extensions;
|
||||
|
||||
@@ -20,4 +21,82 @@ public static class Hash
|
||||
|
||||
return services;
|
||||
}
|
||||
|
||||
public static string ToRawPayfastPayload(this PayfastWebhookPayload input, string passphrase)
|
||||
{
|
||||
var parameters = new List<string>();
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(input.Amount))
|
||||
parameters.Add($"amount={WebUtility.UrlEncode(input.Amount)}");
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(input.ItemName))
|
||||
parameters.Add($"item_name={WebUtility.UrlEncode(input.ItemName)}");
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(input.MPaymentId))
|
||||
parameters.Add($"m_payment_id={WebUtility.UrlEncode(input.MPaymentId)}");
|
||||
|
||||
string payload = string.Join("&", parameters);
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(passphrase))
|
||||
payload += $"&passphrase={WebUtility.UrlEncode(passphrase)}";
|
||||
|
||||
return payload;
|
||||
}
|
||||
|
||||
public static (PayfastWebhookPayload Payload, string Passphrase) FromRawPayfastPayload(this string rawPayload)
|
||||
{
|
||||
string passphrase = string.Empty;
|
||||
var payload = new PayfastWebhookPayload();
|
||||
|
||||
if (string.IsNullOrWhiteSpace(rawPayload)) return (payload, passphrase);
|
||||
|
||||
var segments = rawPayload.Split('&', StringSplitOptions.RemoveEmptyEntries);
|
||||
|
||||
foreach (var segment in segments)
|
||||
{
|
||||
int delimiterIndex = segment.IndexOf('=');
|
||||
if (delimiterIndex == -1)
|
||||
continue;
|
||||
|
||||
string key = segment[..delimiterIndex].Trim();
|
||||
string rawValue = segment[(delimiterIndex + 1)..];
|
||||
|
||||
string decodedValue = WebUtility.UrlDecode(rawValue);
|
||||
|
||||
switch (key.ToLowerInvariant())
|
||||
{
|
||||
case "amount":
|
||||
payload.Amount = decodedValue;
|
||||
break;
|
||||
case "item_name":
|
||||
payload.ItemName = decodedValue;
|
||||
break;
|
||||
case "m_payment_id":
|
||||
payload.MPaymentId = decodedValue;
|
||||
break;
|
||||
case "passphrase":
|
||||
passphrase = decodedValue;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return (payload, passphrase);
|
||||
}
|
||||
|
||||
public static (PayfastWebhookPayload Payload, string Passphrase) FromRawPayfastPayload(this IFormCollection form)
|
||||
{
|
||||
string passphrase = string.Empty;
|
||||
var payload = new PayfastWebhookPayload();
|
||||
|
||||
if (form.IsNullOrEmpty()) return (payload, passphrase);
|
||||
|
||||
payload = new PayfastWebhookPayload
|
||||
{
|
||||
Amount = form.TryGetValue("amount", out var amountValues) ? amountValues.ToString() : null,
|
||||
ItemName = form.TryGetValue("item_name", out var itemValues) ? itemValues.ToString() : null,
|
||||
MPaymentId = form.TryGetValue("m_payment_id", out var paymentIdValues) ? paymentIdValues.ToString() : null,
|
||||
};
|
||||
|
||||
return (payload, passphrase);
|
||||
}
|
||||
}
|
||||
@@ -1,5 +1,6 @@
|
||||
using LiteCharms.Features.Abstractions;
|
||||
using LiteCharms.Features.Hasher.Configuration;
|
||||
using LiteCharms.Features.Models;
|
||||
|
||||
namespace LiteCharms.Features.Hasher;
|
||||
|
||||
@@ -40,24 +41,30 @@ public sealed partial class HashService(IHashids hasher, IOptions<HasherSettings
|
||||
return Result.Ok(Convert.ToHexString(bytes).ToLowerInvariant());
|
||||
}
|
||||
|
||||
public Result<bool> VerifyPayfastWebhookSignature(IDictionary<string, string> incomingFormData, string incomingSignature)
|
||||
public Result<bool> VerifyPayfastWebhookSignature(PayfastWebhookPayload payload, string incomingSignature)
|
||||
{
|
||||
try
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(incomingSignature))
|
||||
return Result.Fail<bool>("Validation failed: Missing signature string parameter.");
|
||||
|
||||
var sortedFields = incomingFormData
|
||||
.Where(field => !string.Equals(field.Key, "signature", StringComparison.OrdinalIgnoreCase))
|
||||
.OrderBy(field => field.Key, StringComparer.Ordinal)
|
||||
.Select(field => $"{field.Key}={WebUtility.UrlEncode(field.Value)}");
|
||||
var parameters = new List<string>();
|
||||
|
||||
string payload = string.Join("&", sortedFields);
|
||||
if (!string.IsNullOrWhiteSpace(payload.Amount))
|
||||
parameters.Add($"amount={WebUtility.UrlEncode(payload.Amount)}");
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(payload.ItemName))
|
||||
parameters.Add($"item_name={WebUtility.UrlEncode(payload.ItemName)}");
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(payload.MPaymentId))
|
||||
parameters.Add($"m_payment_id={WebUtility.UrlEncode(payload.MPaymentId)}");
|
||||
|
||||
string signatureString = string.Join("&", parameters);
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(settings.PayfastPassphrase))
|
||||
payload += $"&passphrase={WebUtility.UrlEncode(settings.PayfastPassphrase)}";
|
||||
signatureString += $"&passphrase={WebUtility.UrlEncode(settings.PayfastPassphrase)}";
|
||||
|
||||
var localHashResult = ToMd5Hash(payload);
|
||||
var localHashResult = ToMd5Hash(signatureString);
|
||||
|
||||
if (!localHashResult.IsSuccess)
|
||||
return Result.Fail<bool>(localHashResult.Errors);
|
||||
@@ -68,7 +75,7 @@ public sealed partial class HashService(IHashids hasher, IOptions<HasherSettings
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
return Result.Fail<bool>(new Error("An error occurred during MD5 verification loop.").CausedBy(ex));
|
||||
return Result.Fail<bool>(new Error("An error occurred during Payfast MD5 verification.").CausedBy(ex));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -147,6 +147,8 @@
|
||||
|
||||
<!-- Shared Usings -->
|
||||
<ItemGroup>
|
||||
<Using Include="Microsoft.IdentityModel.Tokens" />
|
||||
<Using Include="Microsoft.AspNetCore.Http" />
|
||||
<Using Include="HashidsNet" />
|
||||
<Using Include="System.Net" />
|
||||
<Using Include="System.Text.RegularExpressions" />
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
namespace LiteCharms.Features.Models;
|
||||
|
||||
public sealed class PayfastWebhookPayload
|
||||
{
|
||||
public string? Amount { get; set; }
|
||||
public string? ItemName { get; set; }
|
||||
public string? MPaymentId { get; set; }
|
||||
}
|
||||
Reference in New Issue
Block a user