Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 khwezi
|
8cc4425dfb | ||
 Khwezi Mngoma
|
60579c6230 | ||
|
Khwezi Mngoma
|
f3478270fb | ||
|
khwezi
|
1039f6f2d5 | ||
|
Khwezi Mngoma
|
765eee2060 | ||
|
khwezi
|
ee250a18f0 | ||
|
Khwezi Mngoma
|
5972f8906b | ||
|
khwezi
|
b90c6381a0 | ||
|
Khwezi Mngoma
|
c65398bdf6 |
@@ -16,7 +16,8 @@ public sealed class PayfastConfirmationEndpoint : IEndpoint
|
|||||||
public void Map(IEndpointRouteBuilder builder)
|
public void Map(IEndpointRouteBuilder builder)
|
||||||
{
|
{
|
||||||
builder.MapPost("payments/payfast/confirm", async (HttpRequest request, PayfastService payfastService,
|
builder.MapPost("payments/payfast/confirm", async (HttpRequest request, PayfastService payfastService,
|
||||||
IJobOrchestrator jobOrchestrator, IConfiguration configuration, IHostEnvironment hostEnvironment, CancellationToken cancellationToken) =>
|
IJobOrchestrator jobOrchestrator, IConfiguration configuration, IHostEnvironment hostEnvironment,
|
||||||
|
ILogger<PayfastConfirmationEndpoint> logger, CancellationToken cancellationToken) =>
|
||||||
{
|
{
|
||||||
using Activity? activity = PaymentActivitySource.StartActivity("ReceivePayfastWebhook", ActivityKind.Server);
|
using Activity? activity = PaymentActivitySource.StartActivity("ReceivePayfastWebhook", ActivityKind.Server);
|
||||||
|
|
||||||
@@ -25,10 +26,6 @@ public sealed class PayfastConfirmationEndpoint : IEndpoint
|
|||||||
|
|
||||||
string? remoteIp = request.HttpContext.Connection.RemoteIpAddress?.ToString();
|
string? remoteIp = request.HttpContext.Connection.RemoteIpAddress?.ToString();
|
||||||
|
|
||||||
var ipValidation = await payfastService.ValidateReferrerIpAsync(remoteIp!, !hostEnvironment.IsProduction(), cancellationToken);
|
|
||||||
|
|
||||||
if (ipValidation.IsFailed || !ipValidation.Value) return Results.Unauthorized();
|
|
||||||
|
|
||||||
var formCollection = await request.ReadFormAsync(cancellationToken);
|
var formCollection = await request.ReadFormAsync(cancellationToken);
|
||||||
|
|
||||||
if (!formCollection.TryGetValue("signature", out var signatureValues) || string.IsNullOrWhiteSpace(signatureValues.ToString()))
|
if (!formCollection.TryGetValue("signature", out var signatureValues) || string.IsNullOrWhiteSpace(signatureValues.ToString()))
|
||||||
@@ -43,7 +40,11 @@ public sealed class PayfastConfirmationEndpoint : IEndpoint
|
|||||||
var signatureCheck = PayfastService.GenerateSignature(paramDictionary, passphrase);
|
var signatureCheck = PayfastService.GenerateSignature(paramDictionary, passphrase);
|
||||||
|
|
||||||
if (signatureCheck.IsFailed || !string.Equals(signatureCheck.Value, incomingSignature, StringComparison.OrdinalIgnoreCase))
|
if (signatureCheck.IsFailed || !string.Equals(signatureCheck.Value, incomingSignature, StringComparison.OrdinalIgnoreCase))
|
||||||
|
{
|
||||||
|
logger.LogCritical("Incoming sugnature failed validation: {signature}, {errors}", incomingSignature, signatureCheck.Errors.Select(e => e.Message).ToList());
|
||||||
|
|
||||||
return Results.Unauthorized();
|
return Results.Unauthorized();
|
||||||
|
}
|
||||||
|
|
||||||
var formPairs = formCollection.Select(kvp => $"{kvp.Key}={HttpUtility.UrlEncode(kvp.Value.ToString())}");
|
var formPairs = formCollection.Select(kvp => $"{kvp.Key}={HttpUtility.UrlEncode(kvp.Value.ToString())}");
|
||||||
|
|
||||||
@@ -54,7 +55,11 @@ public sealed class PayfastConfirmationEndpoint : IEndpoint
|
|||||||
var serverConfirmation = await payfastService.ValidateServerConfirmationAsync(rawQueryParamString, isSandbox, cancellationToken);
|
var serverConfirmation = await payfastService.ValidateServerConfirmationAsync(rawQueryParamString, isSandbox, cancellationToken);
|
||||||
|
|
||||||
if (serverConfirmation.IsFailed || !serverConfirmation.Value)
|
if (serverConfirmation.IsFailed || !serverConfirmation.Value)
|
||||||
|
{
|
||||||
|
logger.LogCritical("Server confirmation failed: {rawstring}, {errors}", rawQueryParamString, serverConfirmation.Errors.Select(e => e.Message).ToList());
|
||||||
|
|
||||||
return Results.Unauthorized();
|
return Results.Unauthorized();
|
||||||
|
}
|
||||||
|
|
||||||
var notification = PayfastPaymentConfirmationReceivedEvent.Create(payload, payload.MerchantPaymentId!,
|
var notification = PayfastPaymentConfirmationReceivedEvent.Create(payload, payload.MerchantPaymentId!,
|
||||||
allowLoopback: !hostEnvironment.IsProduction(), performBackgroundChecks: false);
|
allowLoopback: !hostEnvironment.IsProduction(), performBackgroundChecks: false);
|
||||||
|
|||||||
+8
-10
@@ -22,11 +22,9 @@ data:
|
|||||||
PayfastSettings__CheckoutUrl: "https://sandbox.payfast.co.za/eng/process"
|
PayfastSettings__CheckoutUrl: "https://sandbox.payfast.co.za/eng/process"
|
||||||
PayfastSettings__ValidHosts__0: "www.payfast.co.za"
|
PayfastSettings__ValidHosts__0: "www.payfast.co.za"
|
||||||
PayfastSettings__ValidHosts__1: "sandbox.payfast.co.za"
|
PayfastSettings__ValidHosts__1: "sandbox.payfast.co.za"
|
||||||
PayfastSettings__ValidHosts__2: "w1w.payfast.co.za"
|
PayfastSettings__ValidHosts__2: "ips.payfast.co.za"
|
||||||
PayfastSettings__ValidHosts__3: "w2w.payfast.co.za"
|
PayfastSettings__ValidHosts__3: "api.payfast.co.za"
|
||||||
PayfastSettings__ValidHosts__4: "ips.payfast.co.za"
|
PayfastSettings__ValidHosts__4: "payment.payfast.io"
|
||||||
PayfastSettings__ValidHosts__5: "api.payfast.co.za"
|
|
||||||
PayfastSettings__ValidHosts__6: "payment.payfast.io"
|
|
||||||
LiteCharmsSettings__Authority: "https://sts.security.khongisa.co.za"
|
LiteCharmsSettings__Authority: "https://sts.security.khongisa.co.za"
|
||||||
LiteCharmsSettings__Audience: "midrandbooks-api"
|
LiteCharmsSettings__Audience: "midrandbooks-api"
|
||||||
---
|
---
|
||||||
@@ -128,17 +126,17 @@ spec:
|
|||||||
- name: PayfastSettings__Passphrase
|
- name: PayfastSettings__Passphrase
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: scheduler-secrets
|
name: midrandbooksapi-secrets
|
||||||
key: payfast-passphrase
|
key: payfast-passphrase
|
||||||
- name: PayfastSettings__MerchantId
|
- name: PayfastSettings__MerchantId
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: scheduler-secrets
|
name: midrandbooksapi-secrets
|
||||||
key: payfast-merchantid
|
key: payfast-merchantid
|
||||||
- name: PayfastSettings__MerchantKey
|
- name: PayfastSettings__MerchantKey
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: scheduler-secrets
|
name: midrandbooksapi-secrets
|
||||||
key: payfast-merchantkey
|
key: payfast-merchantkey
|
||||||
- name: ConnectionStrings__PostgresScheduler
|
- name: ConnectionStrings__PostgresScheduler
|
||||||
valueFrom:
|
valueFrom:
|
||||||
@@ -163,8 +161,8 @@ spec:
|
|||||||
httpGet:
|
httpGet:
|
||||||
path: /health
|
path: /health
|
||||||
port: 8080
|
port: 8080
|
||||||
initialDelaySeconds: 5
|
initialDelaySeconds: 10
|
||||||
periodSeconds: 10
|
periodSeconds: 15
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
httpGet:
|
httpGet:
|
||||||
path: /health
|
path: /health
|
||||||
|
|||||||
Reference in New Issue
Block a user