Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
2.13.2
  • Loading branch information
braintreeps committed Jan 3, 2012
1 parent 7badb16 commit 1616289
Show file tree
Hide file tree
Showing 5 changed files with 62 additions and 11 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.rdoc
@@ -1,3 +1,9 @@
== 2.13.2

* Added error code for invalid purchase order number
* Changes transparent redirect query string regexp to allow hash to appear
anywhere in params string

== 2.13.1

* Made the production endpoint configurable
Expand Down
1 change: 1 addition & 0 deletions lib/braintree/error_codes.rb
Expand Up @@ -188,6 +188,7 @@ module Transaction
ProcessorDoesNotSupportCredits = "91546"
ProcessorDoesNotSupportVoiceAuthorizations = "91545"
PurchaseOrderNumberIsTooLong = "91537"
PurchaseOrderNumberIsInvalid = "91548"
RefundAmountIsTooLarge = "91521"
SettlementAmountIsTooLarge = "91522"
SubscriptionDoesNotBelongToCustomer = "91529"
Expand Down
2 changes: 1 addition & 1 deletion lib/braintree/transparent_redirect_gateway.rb
Expand Up @@ -39,7 +39,7 @@ def create_customer_data(params)

def parse_and_validate_query_string(query_string) # :nodoc:
params = Util.symbolize_keys(Util.parse_query_string(query_string))
query_string_without_hash = query_string[/(.*)&hash=.*/, 1]
query_string_without_hash = query_string.split("&").reject{|param| param =~ /\Ahash=/}.join("&")

if params[:http_status] == nil
raise UnexpectedError, "expected query string to have an http_status param"
Expand Down
46 changes: 36 additions & 10 deletions spec/integration/braintree/transaction_spec.rb
Expand Up @@ -713,19 +713,45 @@
result.transaction.purchase_order_number.should be_nil
end

it "has validation errors" do
result = Braintree::Transaction.sale(
:amount => Braintree::Test::TransactionAmounts::Authorize,
:credit_card => {
context "validations" do
it "tax_amount" do
result = Braintree::Transaction.sale(
:amount => Braintree::Test::TransactionAmounts::Authorize,
:credit_card => {
:number => Braintree::Test::CreditCardNumbers::Visa,
:expiration_date => "05/2009"
},
:tax_amount => 'abcd',
:purchase_order_number => 'a' * 18
)
result.success?.should == false
result.errors.for(:transaction).on(:tax_amount)[0].code.should == Braintree::ErrorCodes::Transaction::TaxAmountFormatIsInvalid
result.errors.for(:transaction).on(:purchase_order_number)[0].code.should == Braintree::ErrorCodes::Transaction::PurchaseOrderNumberIsTooLong
:tax_amount => 'abcd'
)
result.success?.should == false
result.errors.for(:transaction).on(:tax_amount)[0].code.should == Braintree::ErrorCodes::Transaction::TaxAmountFormatIsInvalid
end

it "purchase_order_number length" do
result = Braintree::Transaction.sale(
:amount => Braintree::Test::TransactionAmounts::Authorize,
:credit_card => {
:number => Braintree::Test::CreditCardNumbers::Visa,
:expiration_date => "05/2009"
},
:purchase_order_number => 'a' * 18
)
result.success?.should == false
result.errors.for(:transaction).on(:purchase_order_number)[0].code.should == Braintree::ErrorCodes::Transaction::PurchaseOrderNumberIsTooLong
end

it "purchase_order_number format" do
result = Braintree::Transaction.sale(
:amount => Braintree::Test::TransactionAmounts::Authorize,
:credit_card => {
:number => Braintree::Test::CreditCardNumbers::Visa,
:expiration_date => "05/2009"
},
:purchase_order_number => "\303\237\303\245\342\210\202"
)
result.success?.should == false
result.errors.for(:transaction).on(:purchase_order_number)[0].code.should == Braintree::ErrorCodes::Transaction::PurchaseOrderNumberIsInvalid
end
end
end

Expand Down
18 changes: 18 additions & 0 deletions spec/unit/braintree/transparent_redirect_spec.rb
Expand Up @@ -31,6 +31,24 @@
result.should == {:one => "1", :two => "2", :http_status => "200", :hash => hash}
end

it "returns the parsed query string params if the hash is valid and hash is first parameter" do
query_string_without_hash = "one=1&two=2&http_status=200"
hash = Braintree::Digest.hexdigest(Braintree::Configuration.private_key, query_string_without_hash)

query_string_with_hash = "hash=#{hash}&#{query_string_without_hash}"
result = Braintree::Configuration.gateway.transparent_redirect.parse_and_validate_query_string query_string_with_hash
result.should == {:one => "1", :two => "2", :http_status => "200", :hash => hash}
end

it "returns the parsed query string params regardless of hash position if the hash is valid" do
query_string_without_hash = "one=1&two=2&http_status=200"
hash = Braintree::Digest.hexdigest(Braintree::Configuration.private_key, query_string_without_hash)

query_string_with_hash = "one=1&hash=#{hash}&two=2&http_status=200"
result = Braintree::Configuration.gateway.transparent_redirect.parse_and_validate_query_string query_string_with_hash
result.should == {:one => "1", :two => "2", :http_status => "200", :hash => hash}
end

it "raises Braintree::ForgedQueryString if the hash param is not valid" do
query_string_without_hash = "http_status=200&one=1&two=2"
hash = Digest::SHA1.hexdigest("invalid#{query_string_without_hash}")
Expand Down

0 comments on commit 1616289

Please sign in to comment.