Merge pull request 'payments' (#22 ) from payments into master

Reviewed-on: #22
Slowed down health check stream
2026-06-13 13:14:50 +02:00 · 2026-06-13 13:14:27 +02:00 · 2026-06-13 13:13:01 +02:00 · 2026-06-13 12:48:52 +02:00 · 2026-06-13 12:48:08 +02:00
2 changed files with 12 additions and 7 deletions
@@ -16,7 +16,8 @@ public sealed class PayfastConfirmationEndpoint : IEndpoint
    public void Map(IEndpointRouteBuilder builder)
    {
        builder.MapPost("payments/payfast/confirm", async (HttpRequest request, PayfastService payfastService,
-            IJobOrchestrator jobOrchestrator, IConfiguration configuration, IHostEnvironment hostEnvironment, CancellationToken cancellationToken) =>
+            IJobOrchestrator jobOrchestrator, IConfiguration configuration, IHostEnvironment hostEnvironment,
+            ILogger<PayfastConfirmationEndpoint> logger, CancellationToken cancellationToken) =>
        {
            using Activity? activity = PaymentActivitySource.StartActivity("ReceivePayfastWebhook", ActivityKind.Server);

@@ -25,10 +26,6 @@ public sealed class PayfastConfirmationEndpoint : IEndpoint

            string? remoteIp = request.HttpContext.Connection.RemoteIpAddress?.ToString();

-            var ipValidation = await payfastService.ValidateReferrerIpAsync(remoteIp!, !hostEnvironment.IsProduction(), cancellationToken);
-
-            if (ipValidation.IsFailed || !ipValidation.Value) return Results.Unauthorized();
-
            var formCollection = await request.ReadFormAsync(cancellationToken);

            if (!formCollection.TryGetValue("signature", out var signatureValues) || string.IsNullOrWhiteSpace(signatureValues.ToString()))
@@ -43,7 +40,11 @@ public sealed class PayfastConfirmationEndpoint : IEndpoint
            var signatureCheck = PayfastService.GenerateSignature(paramDictionary, passphrase);

            if (signatureCheck.IsFailed || !string.Equals(signatureCheck.Value, incomingSignature, StringComparison.OrdinalIgnoreCase))
+            {
+                logger.LogCritical("Incoming sugnature failed validation: {signature}, {errors}", incomingSignature, signatureCheck.Errors.Select(e => e.Message).ToList());
+
                return Results.Unauthorized();
+            }

            var formPairs = formCollection.Select(kvp => $"{kvp.Key}={HttpUtility.UrlEncode(kvp.Value.ToString())}");

@@ -54,7 +55,11 @@ public sealed class PayfastConfirmationEndpoint : IEndpoint
            var serverConfirmation = await payfastService.ValidateServerConfirmationAsync(rawQueryParamString, isSandbox, cancellationToken);

            if (serverConfirmation.IsFailed || !serverConfirmation.Value)
+            {
+                logger.LogCritical("Server confirmation failed: {rawstring}, {errors}", rawQueryParamString, serverConfirmation.Errors.Select(e => e.Message).ToList());
+
                return Results.Unauthorized();
+            }

            var notification = PayfastPaymentConfirmationReceivedEvent.Create(payload, payload.MerchantPaymentId!,
                allowLoopback: !hostEnvironment.IsProduction(), performBackgroundChecks: false);
@@ -161,8 +161,8 @@ spec:
            httpGet:
              path: /health
              port: 8080
-            initialDelaySeconds: 5
-            periodSeconds: 10
+            initialDelaySeconds: 10
+            periodSeconds: 15
          readinessProbe:
            httpGet:
              path: /health
Author	SHA1	Message	Date
khwezi	8cc4425dfb	Merge pull request 'payments' (#22 ) from payments into master Reviewed-on: #22	2026-06-13 13:14:50 +02:00
Khwezi Mngoma	60579c6230	Slowed down health check stream continuous-integration/drone/pr Build is passing Details	2026-06-13 13:14:27 +02:00
Khwezi Mngoma	f3478270fb	Added logging to endpoint	2026-06-13 13:13:01 +02:00
khwezi	1039f6f2d5	Merge pull request 'Removed ipValidation checks' (#21 ) from payments into master Reviewed-on: #21	2026-06-13 12:48:52 +02:00
Khwezi Mngoma	765eee2060	Removed ipValidation checks continuous-integration/drone/pr Build is passing Details	2026-06-13 12:48:08 +02:00