diff --git a/lib/generators/rubykassa/templates/rubykassa.rb b/lib/generators/rubykassa/templates/rubykassa.rb index 0fe90ac..7add41e 100644 --- a/lib/generators/rubykassa/templates/rubykassa.rb +++ b/lib/generators/rubykassa/templates/rubykassa.rb @@ -1,10 +1,11 @@ Rubykassa.configure do |config| - config.login = ENV["ROBOKASSA_LOGIN"] - config.first_password = ENV["ROBOKASSA_FIRST_PASSWORD"] - config.second_password = ENV["ROBOKASSA_SECOND_PASSWORD"] + config.login = ENV['ROBOKASSA_LOGIN'] + config.first_password = ENV['ROBOKASSA_FIRST_PASSWORD'] + config.second_password = ENV['ROBOKASSA_SECOND_PASSWORD'] config.mode = :test # or :production config.http_method = :get # or :post config.xml_http_method = :get # or :post + config.hash_algorithm = :md5 # or :ripemd160, :sha1, :sha256, :sha384, :sha512 # Result callback is called in RobokassaController#result action if valid signature diff --git a/lib/rubykassa/client.rb b/lib/rubykassa/client.rb index 0d2ed0f..a70489a 100644 --- a/lib/rubykassa/client.rb +++ b/lib/rubykassa/client.rb @@ -6,6 +6,10 @@ class ConfigurationError < StandardError 'Invalid mode: only :test or :production are allowed'.freeze HTTP_METHOD_MESSAGE = 'Invalid http method: only :get or :post are allowed'.freeze + HASH_ALGORITHM_MESSAGE = <<-MESSAGE.squish.freeze + Invalid hash algorithm: only + #{Configuration::HASH_ALGORITHMS.map(&:upcase).join ', '} are allowed + MESSAGE def self.raise_errors_for(configuration) if !configuration.correct_mode? @@ -15,6 +19,9 @@ def self.raise_errors_for(configuration) !configuration.correct_xml_http_method? raise ConfigurationError, HTTP_METHOD_MESSAGE end + if !configuration.correct_hash_algorithm? + raise ConfigurationError, HASH_ALGORITHM_MESSAGE + end end end diff --git a/lib/rubykassa/configuration.rb b/lib/rubykassa/configuration.rb index 1195730..5550149 100644 --- a/lib/rubykassa/configuration.rb +++ b/lib/rubykassa/configuration.rb @@ -2,8 +2,10 @@ module Rubykassa class Configuration ATTRIBUTES = [ :login, :first_password, :second_password, :mode, :http_method, - :xml_http_method, :success_callback, :fail_callback, :result_callback + :xml_http_method, :success_callback, :fail_callback, :result_callback, + :hash_algorithm ] + HASH_ALGORITHMS = [:md5, :ripemd160, :sha1, :sha256, :sha384, :sha512] attr_accessor *ATTRIBUTES @@ -14,6 +16,7 @@ def initialize self.mode = :test self.http_method = :get self.xml_http_method = :get + self.hash_algorithm = :md5 self.success_callback = ->(notification) { render text: 'success' } self.fail_callback = ->(notification) { render text: 'fail' } self.result_callback = ->(notification) do @@ -32,5 +35,9 @@ def correct_http_method? def correct_xml_http_method? [:get, :post].include?(xml_http_method) end + + def correct_hash_algorithm? + HASH_ALGORITHMS.include?(hash_algorithm) + end end end diff --git a/lib/rubykassa/signature_generator.rb b/lib/rubykassa/signature_generator.rb index a82a7cb..e8d0776 100644 --- a/lib/rubykassa/signature_generator.rb +++ b/lib/rubykassa/signature_generator.rb @@ -7,7 +7,7 @@ def generate_signature_for(kind) unless [:success, :payment, :result].include?(kind) raise ArgumentError, KIND_ERROR_MESSAGE end - Digest::MD5.hexdigest(params_string(kind)) + method(Rubykassa.hash_algorithm).call params_string(kind) end def params_string kind @@ -29,5 +29,31 @@ def custom_params result end end + + protected + + def md5(data) + Digest::MD5.hexdigest data + end + + def ripemd160(data) + Digest::RMD160.hexdigest data + end + + def sha1(data) + Digest::SHA1.hexdigest data + end + + def sha265(data) + Digest::SHA256.hexdigest data + end + + def sha384(data) + Digest::SHA384.hexdigest data + end + + def sha512(data) + Digest::SHA512.hexdigest data + end end end diff --git a/spec/rubykassa/client_configuration_spec.rb b/spec/rubykassa/client_configuration_spec.rb index e660849..5959853 100644 --- a/spec/rubykassa/client_configuration_spec.rb +++ b/spec/rubykassa/client_configuration_spec.rb @@ -9,6 +9,7 @@ config.mode = :production config.http_method = :post config.xml_http_method = :post + config.hash_algorithm = :md5 end end @@ -29,7 +30,8 @@ expect(Rubykassa.second_password).to eq 'second_password' expect(Rubykassa.mode).to eq :test expect(Rubykassa.http_method).to eq :get - expect(Rubykassa.http_method).to eq :get + expect(Rubykassa.xml_http_method).to eq :get + expect(Rubykassa.hash_algorithm).to eq :md5 expect(Rubykassa.success_callback).to be_instance_of(Proc) expect(Rubykassa.fail_callback).to be_instance_of(Proc) end @@ -67,4 +69,13 @@ }.to raise_error(Rubykassa::ConfigurationError, Rubykassa::ConfigurationError::HTTP_METHOD_MESSAGE) end + + it 'should raise error when wrong hash_algorithms is set' do + expect { + Rubykassa.configure do |config| + config.hash_algorithm = :bullshit + end + }.to raise_error(Rubykassa::ConfigurationError, + Rubykassa::ConfigurationError::HASH_ALGORITHM_MESSAGE) + end end diff --git a/spec/rubykassa/notification_spec.rb b/spec/rubykassa/notification_spec.rb index 6e8f509..05a1b61 100644 --- a/spec/rubykassa/notification_spec.rb +++ b/spec/rubykassa/notification_spec.rb @@ -1,6 +1,11 @@ require 'spec_helper' describe Rubykassa::Notification do + before(:each) do + Rubykassa.configure do |config| + end + end + it 'should return correct valid_result_signature?' do params = { 'InvId' => '12', 'OutSum' => '1200',