Rapyd: fixing issue with json encoding and signatures (#4892)

activemerchant · Sep 14, 2023 · 120f215 · 120f215
1 parent 71ee93e
commit 120f215
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 0 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -12,6 +12,7 @@
 * CyberSource (SOAP): Added support for 3DS exemption request fields [BritneyS] #4881
 * StripePI: Adding network tokenization fields to Stripe PaymentIntents [BritneyS] #4867
 * Shift4: Fixing currency bug [Heavyblade] #4887
+* Rapyd: fixing issue with json encoding and signatures [Heavyblade] #4892
 
 == Version 1.135.0 (August 24, 2023)
 * PaymentExpress: Correct endpoints [steveh] #4827

diff --git a/lib/active_merchant/billing/gateways/rapyd.rb b/lib/active_merchant/billing/gateways/rapyd.rb
@@ -302,8 +302,19 @@ def commit(method, action, parameters)
         )
       end
 
+      # We need to revert the work of ActiveSupport JSON encoder to prevent discrepancies
+      # Between the signature and the actual request body
+      def revert_json_html_encoding!(string)
+        {
+          '\\u003e' => '>',
+          '\\u003c' => '<',
+          '\\u0026' => '&'
+        }.each { |k, v| string.gsub! k, v }
+      end
+
       def api_request(method, url, rel_path, params)
         params == {} ? body = '' : body = params.to_json
+        revert_json_html_encoding!(body) if defined?(ActiveSupport::JSON::Encoding) && ActiveSupport::JSON::Encoding.escape_html_entities_in_json
         parse(ssl_request(method, url, body, headers(rel_path, body)))
       end
 

diff --git a/test/remote/gateways/remote_rapyd_test.rb b/test/remote/gateways/remote_rapyd_test.rb
@@ -368,12 +368,16 @@ def test_successful_purchase_without_3ds_v2_gateway_specific
   end
 
   def test_successful_authorize_with_execute_threed
+    ActiveSupport::JSON::Encoding.escape_html_entities_in_json = true
+    @options[:complete_payment_url] = 'http://www.google.com?param1=1&param2=2'
     options = @options.merge(pm_type: 'gb_visa_card', execute_threed: true)
     response = @gateway.authorize(105000, @credit_card, options)
     assert_success response
     assert_equal 'ACT', response.params['data']['status']
     assert_equal '3d_verification', response.params['data']['payment_method_data']['next_action']
     assert response.params['data']['redirect_url']
+  ensure
+    ActiveSupport::JSON::Encoding.escape_html_entities_in_json = false
   end
 
   def test_successful_purchase_without_cvv