Merge pull request 'Refactored shasher payfast confirmation response handling' (#55 ) from payments into master

Reviewed-on: #55
Refactored shasher payfast confirmation response handling
2026-06-01 16:38:44 +02:00 · 2026-06-01 16:36:33 +02:00
4 changed files with 95 additions and 15 deletions
@@ -1,4 +1,6 @@
 using LiteCharms.Features.Hasher;
+using LiteCharms.Features.Models;
+using static LiteCharms.Features.Extensions.Hash;

 namespace LiteCharms.Features.Tests;

@@ -65,17 +67,18 @@ public class HashServiceFeatureTests(Fixture fixture) : IClassFixture<Fixture>
    {
        var paymentId = hashService.HashEncodeLongId(1001).Value;

-        var incomingForm = new Dictionary<string, string>
+        var payload = new PayfastWebhookPayload
        {
-            { "m_payment_id", paymentId },
-            { "amount", "350.00" },
-            { "item_name", "System Architecture Book" }
+            Amount = "350.00",
+            ItemName = "System Architecture Book",
+            MPaymentId = paymentId,            
        };

-        var rawPayload = $"amount=350.00&item_name=System+Architecture+Book&m_payment_id={paymentId}&passphrase={payfastPassphrase}";
+        var rawPayload = payload.ToRawPayfastPayload(payfastPassphrase);
+
        var generatedSignature = HashService.ToMd5Hash(rawPayload).Value;

-        var result = hashService.VerifyPayfastWebhookSignature(incomingForm, generatedSignature);
+        var result = hashService.VerifyPayfastWebhookSignature(payload, generatedSignature);

        Assert.True(result.IsSuccess);
        Assert.True(result.Value);
@@ -1,5 +1,6 @@
 using LiteCharms.Features.Hasher;
 using LiteCharms.Features.Hasher.Configuration;
+using LiteCharms.Features.Models;

 namespace LiteCharms.Features.Extensions;

@@ -20,4 +21,65 @@ public static class Hash

        return services;
    }
+
+    public static string ToRawPayfastPayload(this PayfastWebhookPayload input, string passphrase)
+    {
+        var parameters = new List<string>();
+
+        if (!string.IsNullOrWhiteSpace(input.Amount))
+            parameters.Add($"amount={WebUtility.UrlEncode(input.Amount)}");
+
+        if (!string.IsNullOrWhiteSpace(input.ItemName))
+            parameters.Add($"item_name={WebUtility.UrlEncode(input.ItemName)}");
+
+        if (!string.IsNullOrWhiteSpace(input.MPaymentId))
+            parameters.Add($"m_payment_id={WebUtility.UrlEncode(input.MPaymentId)}");
+
+        string payload = string.Join("&", parameters);
+
+        if (!string.IsNullOrWhiteSpace(passphrase))
+            payload += $"&passphrase={WebUtility.UrlEncode(passphrase)}";
+
+        return payload;
+    }
+
+    public static (PayfastWebhookPayload Payload, string Passphrase) FromRawPayfastPayload(this string rawPayload)
+    {
+        string passphrase = string.Empty;
+        var payload = new PayfastWebhookPayload();
+
+        if (string.IsNullOrWhiteSpace(rawPayload)) return (payload, passphrase);
+
+        var segments = rawPayload.Split('&', StringSplitOptions.RemoveEmptyEntries);
+
+        foreach (var segment in segments)
+        {
+            int delimiterIndex = segment.IndexOf('=');
+            if (delimiterIndex == -1)
+                continue;
+
+            string key = segment[..delimiterIndex].Trim();
+            string rawValue = segment[(delimiterIndex + 1)..];
+
+            string decodedValue = WebUtility.UrlDecode(rawValue);
+
+            switch (key.ToLowerInvariant())
+            {
+                case "amount":
+                    payload.Amount = decodedValue;
+                    break;
+                case "item_name":
+                    payload.ItemName = decodedValue;
+                    break;
+                case "m_payment_id":
+                    payload.MPaymentId = decodedValue;
+                    break;
+                case "passphrase":
+                    passphrase = decodedValue;
+                    break;
+            }
+        }
+
+        return (payload, passphrase);
+    }
 }
@@ -1,5 +1,6 @@
 using LiteCharms.Features.Abstractions;
 using LiteCharms.Features.Hasher.Configuration;
+using LiteCharms.Features.Models;

 namespace LiteCharms.Features.Hasher;

@@ -40,24 +41,30 @@ public sealed partial class HashService(IHashids hasher, IOptions<HasherSettings
        return Result.Ok(Convert.ToHexString(bytes).ToLowerInvariant());
    }

-    public Result<bool> VerifyPayfastWebhookSignature(IDictionary<string, string> incomingFormData, string incomingSignature)
+    public Result<bool> VerifyPayfastWebhookSignature(PayfastWebhookPayload payload, string incomingSignature)
    {
        try
        {
            if (string.IsNullOrWhiteSpace(incomingSignature))
                return Result.Fail<bool>("Validation failed: Missing signature string parameter.");

-            var sortedFields = incomingFormData
-                .Where(field => !string.Equals(field.Key, "signature", StringComparison.OrdinalIgnoreCase))
-                .OrderBy(field => field.Key, StringComparer.Ordinal)
-                .Select(field => $"{field.Key}={WebUtility.UrlEncode(field.Value)}");
+            var parameters = new List<string>();

-            string payload = string.Join("&", sortedFields);
+            if (!string.IsNullOrWhiteSpace(payload.Amount))
+                parameters.Add($"amount={WebUtility.UrlEncode(payload.Amount)}");
+
+            if (!string.IsNullOrWhiteSpace(payload.ItemName))
+                parameters.Add($"item_name={WebUtility.UrlEncode(payload.ItemName)}");
+
+            if (!string.IsNullOrWhiteSpace(payload.MPaymentId))
+                parameters.Add($"m_payment_id={WebUtility.UrlEncode(payload.MPaymentId)}");
+
+            string signatureString = string.Join("&", parameters);

            if (!string.IsNullOrWhiteSpace(settings.PayfastPassphrase))
-                payload += $"&passphrase={WebUtility.UrlEncode(settings.PayfastPassphrase)}";
+                signatureString += $"&passphrase={WebUtility.UrlEncode(settings.PayfastPassphrase)}";

-            var localHashResult = ToMd5Hash(payload);
+            var localHashResult = ToMd5Hash(signatureString);

            if (!localHashResult.IsSuccess)
                return Result.Fail<bool>(localHashResult.Errors);
@@ -68,7 +75,7 @@ public sealed partial class HashService(IHashids hasher, IOptions<HasherSettings
        }
        catch (Exception ex)
        {
-            return Result.Fail<bool>(new Error("An error occurred during MD5 verification loop.").CausedBy(ex));
+            return Result.Fail<bool>(new Error("An error occurred during Payfast MD5 verification.").CausedBy(ex));
        }
    }

@@ -0,0 +1,8 @@
+namespace LiteCharms.Features.Models;
+
+public sealed class PayfastWebhookPayload
+{
+    public string? Amount { get; set; }
+    public string? ItemName { get; set; }
+    public string? MPaymentId { get; set; }
+}
Author	SHA1	Message	Date
khwezi	c938bfec09	Merge pull request 'Refactored shasher payfast confirmation response handling' (#55 ) from payments into master Reviewed-on: #55	2026-06-01 16:38:44 +02:00
Khwezi Mngoma	5eb6dbc8b2	Refactored shasher payfast confirmation response handling continuous-integration/drone/pr Build is passing Details	2026-06-01 16:36:33 +02:00