Permalink
Browse files

Fix for using certificate based api access versus signature based.

  • Loading branch information...
1 parent 3af59f7 commit 065b7b39aacefbfa19f79f6085662c5230cb5263 @tonyla tonyla committed Feb 7, 2012
Showing with 21 additions and 11 deletions.
  1. +3 −3 lib/paypal_adaptive/config.rb
  2. +12 −7 lib/paypal_adaptive/ipn_notification.rb
  3. +6 −1 lib/paypal_adaptive/request.rb
@@ -16,7 +16,7 @@ class Config
} unless defined? API_BASE_URL_MAPPING
attr_accessor :paypal_base_url, :api_base_url, :headers, :ssl_cert_path, :ssl_cert_file
-
+
def initialize(env=nil, config_override={})
config = YAML.load(ERB.new(File.new(config_filepath).read).result)[env]
raise "Could not load settings from config file" unless config
@@ -31,17 +31,17 @@ def initialize(env=nil, config_override={})
@ssl_cert_file = nil
@paypal_base_url = PAYPAL_BASE_URL_MAPPING[pp_env]
@api_base_url = API_BASE_URL_MAPPING[pp_env]
-
+
# http.rb requires headers to be strings. Protect against ints in paypal_adaptive.yml
config.update(config){ |key,v| v.to_s }
@headers = {
"X-PAYPAL-SECURITY-USERID" => config['username'],
"X-PAYPAL-SECURITY-PASSWORD" => config['password'],
- "X-PAYPAL-SECURITY-SIGNATURE" => config['signature'],
"X-PAYPAL-APPLICATION-ID" => config['application_id'],
"X-PAYPAL-REQUEST-DATA-FORMAT" => "JSON",
"X-PAYPAL-RESPONSE-DATA-FORMAT" => "JSON"
}
+ @headers.merge!({"X-PAYPAL-SECURITY-SIGNATURE" => config['signature']}) if config['signature']
if config['ssl_cert_file'] && config['ssl_cert_file'].length > 0
@ssl_cert_file = config['ssl_cert_file']
@@ -4,32 +4,37 @@
module PaypalAdaptive
class IpnNotification
-
+
def initialize(env=nil)
config = PaypalAdaptive.config(env)
@paypal_base_url = config.paypal_base_url
@ssl_cert_path = config.ssl_cert_path
@ssl_cert_file = config.ssl_cert_file
end
-
+
def send_back(data)
data = "cmd=_notify-validate&#{data}"
url = URI.parse @paypal_base_url
http = Net::HTTP.new(url.host, 443)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
http.ca_path = @ssl_cert_path unless @ssl_cert_path.nil?
- http.ca_file = @ssl_cert_file unless @ssl_cert_file.nil?
-
+
+ if @ssl_cert_file
+ cert = File.read(@ssl_cert_file)
+ http.cert = OpenSSL::X509::Certificate.new(cert)
+ http.key = OpenSSL::PKey::RSA.new(cert)
+ end
+
path = "#{@paypal_base_url}/cgi-bin/webscr"
response_data = http.post(path, data).body
-
+
@verified = response_data == "VERIFIED"
end
-
+
def verified?
@verified
end
-
+
end
end
@@ -82,8 +82,13 @@ def post(data, path)
http = Net::HTTP.new(url.host, 443)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+
+ if @ssl_cert_file
+ cert = File.read(@ssl_cert_file)
+ http.cert = OpenSSL::X509::Certificate.new(cert)
+ http.key = OpenSSL::PKey::RSA.new(cert)
+ end
http.ca_path = @ssl_cert_path unless @ssl_cert_path.nil?
- http.ca_file = @ssl_cert_file unless @ssl_cert_file.nil?
response_data = http.post(path, api_request_data, @headers).body

0 comments on commit 065b7b3

Please sign in to comment.