Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/DEV-23903 Changes getHeadersV2 parameter to path instead of url #155

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Feature/DEV-23903 Changes getHeadersV2 parameter to path instead of url #155

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
87829da
DEV-23903 Transition from header V1 to header V2
May 22, 2024
3b62ec7
DEV-23903 remove unused import
May 22, 2024
4296933
DEV-23903 Changes getHeadersV2 parameter to path instead of uri
May 22, 2024
3148d54
DEV-23903 Changes parameter name uri to path
May 23, 2024
e0c9ac6
DEV-23903 Adds response checksum signature
Jun 13, 2024
be28449
DEV-23903 Changes response field checksum to signature
Jun 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions src/main/java/com/iyzipay/HashValidator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
package com.iyzipay;


import org.apache.commons.lang3.StringUtils;

public class HashValidator {
private HashValidator() {
}

public static boolean hashValid(String calculatedHash, String hash) {
return StringUtils.equals(calculatedHash, hash);
}
}
15 changes: 6 additions & 9 deletions src/main/java/com/iyzipay/IyziAuthV2Generator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,18 +15,18 @@ public final class IyziAuthV2Generator {
private IyziAuthV2Generator() {
}

public static String generateAuthContent(String uri, String apiKey, String secretKey, String randomString, Object request) {
public static String generateAuthContent(String path, String apiKey, String secretKey, String randomString, Object request) {
try {
String input = "apiKey:" + apiKey + "&randomKey:" + randomString + "&signature:" + getHmacSHA256Signature(uri, secretKey, randomString, request);
String input = "apiKey:" + apiKey + "&randomKey:" + randomString + "&signature:" + getHmacSHA256Signature(path, secretKey, randomString, request);
return DatatypeConverter.printBase64Binary(input.getBytes("UTF-8"));
} catch (UnsupportedEncodingException e) {
throw new HttpClientException("Authentication content couldn't be generated", e);
}
}

private static String getHmacSHA256Signature(String uri, String secretKey, String randomString, Object request) {
private static String getHmacSHA256Signature(String path, String secretKey, String randomString, Object request) {
try {
String dataToSign = randomString + getPayload(uri, request);
String dataToSign = randomString + getPayload(path, request);
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(secretKey.getBytes("UTF-8"), "HmacSHA256"));
return DatatypeConverter.printHexBinary(mac.doFinal(dataToSign.getBytes("UTF-8"))).toLowerCase();
Expand All @@ -39,10 +39,7 @@ private static String getHmacSHA256Signature(String uri, String secretKey, Strin
}
}

private static String getPayload(String uri, Object request) {
int startIndex = uri.indexOf("/v2");
int endIndex = uri.indexOf("?");
String uriPath = endIndex == -1 ? uri.substring(startIndex) : uri.substring(startIndex, endIndex);
return request == null ? uriPath : uriPath + new Gson().toJson(request);
private static String getPayload(String path, Object request) {
return request == null ? path : path + new Gson().toJson(request);
}
}
12 changes: 8 additions & 4 deletions src/main/java/com/iyzipay/IyzipayResource.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ public class IyzipayResource {
private static final String CLIENT_VERSION_HEADER_NAME = "x-iyzi-client-version";
private static final String IYZIWS_HEADER_NAME = "IYZWS ";
private static final String IYZIWS_V2_HEADER_NAME = "IYZWSv2 ";
private static final String AUTHORIZATION_FALLBACK_HEADER = "Authorization_Fallback";
private static final String CLIENT_VERSION = IyzipayResource.class.getPackage().getImplementationVersion();
private static final String CLIENT_TITLE = IyzipayResource.class.getPackage().getImplementationTitle();
private static final String COLON = ":";
Expand All @@ -36,6 +37,7 @@ public class IyzipayResource {
public IyzipayResource() {
}

@Deprecated
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is no explanation provided for why it has been deprecated or what should be used instead.
Could you add information about it?

protected static Map<String, String> getHttpHeaders(Request request, Options options) {
Map<String, String> headers = new HashMap<String, String>();

Expand All @@ -47,11 +49,13 @@ protected static Map<String, String> getHttpHeaders(Request request, Options opt
return headers;
}

protected static Map<String, String> getHttpHeadersV2(String uri, Request request, Options options) {
protected static Map<String, String> getHttpHeadersV2(String path, Request request, Options options) {
Map<String, String> headers = new HashMap<String, String>();

String randomString = UUID.randomUUID().toString();
headers.put(AUTHORIZATION, prepareAuthorizationStringV2(uri, request, randomString, options));
headers.put(AUTHORIZATION, prepareAuthorizationStringV2(path, request, randomString, options));
headers.put(RANDOM_HEADER_NAME, randomString);
headers.put(AUTHORIZATION_FALLBACK_HEADER, prepareAuthorizationString(request, randomString, options));

putClientVersionHeader(headers);
return headers;
Expand All @@ -75,8 +79,8 @@ private static String prepareAuthorizationString(Request request, String randomS
return IYZIWS_HEADER_NAME + options.getApiKey() + COLON + hash;
}

private static String prepareAuthorizationStringV2(String uri, Request request, String randomString, Options options) {
String authContent = IyziAuthV2Generator.generateAuthContent(uri, options.getApiKey(), options.getSecretKey(), randomString, request);
private static String prepareAuthorizationStringV2(String path, Request request, String randomString, Options options) {
String authContent = IyziAuthV2Generator.generateAuthContent(path, options.getApiKey(), options.getSecretKey(), randomString, request);
return IYZIWS_V2_HEADER_NAME + authContent;
}

Expand Down
50 changes: 50 additions & 0 deletions src/main/java/com/iyzipay/ResponseSignatureGenerator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
package com.iyzipay;

import com.iyzipay.exception.HttpClientException;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import java.math.BigDecimal;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.List;
import java.util.Locale;
import java.util.Objects;
import java.util.stream.Collectors;

public interface ResponseSignatureGenerator {
String SEPARATOR = ":";
String HMAC_SHA_256 = "HmacSHA256";
String EMPTY_PARAM = "";

default String generateSignature(String secretKey, List<Object> params) {
try {
String dataToSign = appendSignatureParams(params);
Mac mac = Mac.getInstance(HMAC_SHA_256);
mac.init(new SecretKeySpec(secretKey.getBytes(StandardCharsets.UTF_8), HMAC_SHA_256));
return DatatypeConverter.printHexBinary(mac.doFinal(dataToSign.getBytes(StandardCharsets.UTF_8))).toLowerCase(Locale.ENGLISH);
} catch (NoSuchAlgorithmException e) {
throw new HttpClientException("HMAC couldn't be generated", e);
} catch (InvalidKeyException e) {
throw new HttpClientException("Authentication content couldn't be generated", e);
}
}

default String appendSignatureParams(List<Object> signatureParameters) {
return signatureParameters.stream()
.map(this::convertParamToString)
.collect(Collectors.joining(SEPARATOR));
}

default String convertParamToString(Object parameter) {
if (Objects.isNull(parameter)) {
return EMPTY_PARAM;
} else if (parameter instanceof BigDecimal) {
return ((BigDecimal) parameter).stripTrailingZeros().toPlainString();
} else {
return parameter.toString();
}
}
}
29 changes: 24 additions & 5 deletions src/main/java/com/iyzipay/model/Apm.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,43 @@
package com.iyzipay.model;

import com.iyzipay.HashValidator;
import com.iyzipay.HttpClient;
import com.iyzipay.Options;
import com.iyzipay.ResponseSignatureGenerator;
import com.iyzipay.request.CreateApmInitializeRequest;
import com.iyzipay.request.RetrieveApmRequest;

public class Apm extends ApmResource {
import java.util.Arrays;

public class Apm extends ApmResource implements ResponseSignatureGenerator {

public boolean verifySignatureForCreate(String secretKey) {
String calculated = generateSignature(secretKey, Arrays.asList(getPaymentId(), getRedirectUrl()));
return HashValidator.hashValid(getSignature(), calculated);
}

public static Apm create(CreateApmInitializeRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/apm/initialize",
String path = "/payment/apm/initialize";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
Apm.class);
}

public boolean verifySignatureForRetrieve(String secretKey) {
String calculated = generateSignature(secretKey,
Arrays.asList(getCurrency(), getBasketId(),
getConversationId(), getPaidPrice(),
getPrice(), getPaymentId(), getRedirectUrl()));
return HashValidator.hashValid(getSignature(), calculated);
}

public static Apm retrieve(RetrieveApmRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/apm/retrieve",
String path = "/payment/apm/retrieve";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
Apm.class);
}
Expand Down
9 changes: 9 additions & 0 deletions src/main/java/com/iyzipay/model/ApmResource.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ public class ApmResource extends IyzipayResource {
private String apm;
private String mobilePhone;
private String paymentStatus;
private String signature;

public String getRedirectUrl() {
return redirectUrl;
Expand Down Expand Up @@ -219,6 +220,14 @@ public void setPaymentStatus(String paymentStatus) {
this.paymentStatus = paymentStatus;
}

public String getSignature() {
return signature;
}

public void setSignature(String signature) {
this.signature = signature;
}

@Override
public String toString() {
return ToStringBuilder.reflectionToString(this, ToStringStyle.MULTI_LINE_STYLE);
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/Approval.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,10 @@ public class Approval extends IyzipayResource {
private String paymentTransactionId;

public static Approval create(CreateApprovalRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/iyzipos/item/approve",
String path = "/payment/iyzipos/item/approve";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
Approval.class);
}
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/BasicBkm.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,10 @@ public class BasicBkm extends BasicPaymentResource {
private String paymentStatus;

public static BasicBkm retrieve(RetrieveBkmRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/bkm/auth/detail/basic",
String path = "/payment/bkm/auth/detail/basic";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
BasicBkm.class);
}
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/BasicBkmInitialize.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,10 @@ public class BasicBkmInitialize extends IyzipayResource {
private String token;

public static BasicBkmInitialize create(CreateBasicBkmInitializeRequest request, Options options) {
BasicBkmInitialize response = HttpClient.create().post(options.getBaseUrl() + "/payment/bkm/initialize/basic",
String path = "/payment/bkm/initialize/basic";
BasicBkmInitialize response = HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
BasicBkmInitialize.class);
if (response != null) {
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/BasicPayment.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@
public class BasicPayment extends BasicPaymentResource {

public static BasicPayment create(CreateBasicPaymentRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/auth/basic",
String path = "/payment/auth/basic";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
BasicPayment.class);
}
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/BasicPaymentPostAuth.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@
public class BasicPaymentPostAuth extends BasicPaymentResource {

public static BasicPaymentPostAuth create(CreatePaymentPostAuthRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/postauth/basic",
String path = "/payment/postauth/basic";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
BasicPaymentPostAuth.class);
}
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/BasicPaymentPreAuth.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@
public class BasicPaymentPreAuth extends BasicPaymentResource {

public static BasicPaymentPreAuth create(CreateBasicPaymentRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/preauth/basic",
String path = "/payment/preauth/basic";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
BasicPaymentPreAuth.class);
}
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/BasicThreedsInitialize.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,10 @@ public class BasicThreedsInitialize extends IyzipayResource {
private String htmlContent;

public static BasicThreedsInitialize create(CreateBasicPaymentRequest request, Options options) {
BasicThreedsInitialize response = HttpClient.create().post(options.getBaseUrl() + "/payment/3dsecure/initialize/basic",
String path = "/payment/3dsecure/initialize/basic";
BasicThreedsInitialize response = HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
BasicThreedsInitialize.class);
if (response != null) {
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/BasicThreedsInitializePreAuth.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,10 @@ public class BasicThreedsInitializePreAuth extends IyzipayResource {
private String htmlContent;

public static BasicThreedsInitializePreAuth create(CreateBasicPaymentRequest request, Options options) {
BasicThreedsInitializePreAuth response = HttpClient.create().post(options.getBaseUrl() + "/payment/3dsecure/initialize/preauth/basic",
String path = "/payment/3dsecure/initialize/preauth/basic";
BasicThreedsInitializePreAuth response = HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
BasicThreedsInitializePreAuth.class);
if (response != null) {
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/BasicThreedsPayment.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@
public class BasicThreedsPayment extends BasicPaymentResource {

public static BasicThreedsPayment create(CreateThreedsPaymentRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/3dsecure/auth/basic",
String path = "/payment/3dsecure/auth/basic";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
BasicThreedsPayment.class);
}
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/iyzipay/model/BinNumber.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,10 @@ public class BinNumber extends IyzipayResource {
private Integer commercial;

public static BinNumber retrieve(RetrieveBinNumberRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/bin/check",
String path = "/payment/bin/check";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
BinNumber.class);
}
Expand Down
19 changes: 16 additions & 3 deletions src/main/java/com/iyzipay/model/Bkm.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,31 @@
package com.iyzipay.model;

import com.iyzipay.HashValidator;
import com.iyzipay.HttpClient;
import com.iyzipay.Options;
import com.iyzipay.ResponseSignatureGenerator;
import com.iyzipay.request.RetrieveBkmRequest;

public class Bkm extends PaymentResource {
import java.util.Arrays;

public class Bkm extends PaymentResource implements ResponseSignatureGenerator {

private String token;
private String callbackUrl;

public boolean verifySignature(String secretKey) {
String calculated = generateSignature(secretKey,
Arrays.asList(getPaymentId(), getPaymentStatus(),
getBasketId(), getConversationId(), getCurrency(),
getPaidPrice(), getPrice(), getToken()));
return HashValidator.hashValid(getSignature(), calculated);
}

public static Bkm retrieve(RetrieveBkmRequest request, Options options) {
return HttpClient.create().post(options.getBaseUrl() + "/payment/bkm/auth/detail",
String path = "/payment/bkm/auth/detail";
return HttpClient.create().post(options.getBaseUrl() + path,
getHttpProxy(options),
getHttpHeaders(request, options),
getHttpHeadersV2(path, request, options),
request,
Bkm.class);
}
Expand Down
Loading