Permalink
Browse files

Updates to support FPS API changes.

  • Loading branch information...
1 parent 5361e35 commit 1d83915ef1c62da5b534733713df8ba0d2fad00d @jmoses jmoses committed May 5, 2010
Showing with 35 additions and 7 deletions.
  1. +1 −0 lib/remit.rb
  2. +21 −0 lib/remit/common.rb
  3. +2 −2 lib/remit/operations/pay.rb
  4. +10 −5 lib/remit/pipeline_response.rb
  5. +1 −0 rails/init.rb
View
@@ -121,6 +121,7 @@ def query(request)
end
private :query
+ # signature version 2
def sign(values)
keys = values.keys.sort { |a, b| a.to_s.downcase <=> b.to_s.downcase }
View
@@ -85,4 +85,25 @@ def parse(uri, secret_key, query_string)
end
end
end
+
+ class VerifySignature
+ require 'open-uri'
+ require 'cgi'
+
+ attr_reader :valid
+
+ def initialize( api, uri )
+ begin
+ service_url = api.endpoint.to_s + "?Action=VerifySignature&" + "UrlEndPoint=" + CGI.escape(uri.split('?', 2)[0]) +
+ "&HttpParameters=" + CGI.escape(uri.split('?', 2)[1]) + "&Version=" + Remit::API::API_VERSION
+
+ STDOUT.puts( "Checking signature against: #{service_url}")
+
+ open( service_url ) {|f| @valid = ( f.read =~ %r{<VerificationStatus>Success</VerificationStatus>})}
+ rescue
+ STDERR.puts( $!.message )
+ STDERR.puts( $!.backtrace.join("\n") )
+ end
+ end
+ end
end
@@ -6,15 +6,15 @@ class Request < Remit::Request
action :Pay
parameter :caller_description
parameter :caller_reference, :required => true
- parameter :caller_token_id, :required => true
+ # parameter :caller_token_id, :required => true
parameter :charge_fee_to, :required => true
parameter :descriptor_policy, :type => Remit::RequestTypes::DescriptorPolicy
parameter :marketplace_fixed_fee, :type => Remit::RequestTypes::Amount
parameter :marketplace_variable_fee
parameter :meta_data
parameter :recipient_description
parameter :recipient_reference
- parameter :recipient_token_id, :required => true
+ # parameter :recipient_token_id, :true
parameter :sender_description
parameter :sender_reference
parameter :sender_token_id, :required => true
@@ -11,9 +11,9 @@ def initialize(uri, secret_key)
# The unescape_value method is used here because the awsSignature value
# pulled from the request is filtered through the same method.
#++
- def valid?
+ def valid?( api = nil)
return false unless given_signature
- Relax::Query.unescape_value(correct_signature) == given_signature
+ Relax::Query.unescape_value(correct_signature(api)) == given_signature
end
# Returns +true+ if the response returns a successful state.
@@ -40,12 +40,17 @@ def request_query(reload = false)
private :request_query
def given_signature
- request_query[:awsSignature]
+ request_query[:signature]
end
private :given_signature
- def correct_signature
- Remit::SignedQuery.new(@uri.path, @secret_key, request_query).sign
+ def correct_signature( api = nil)
+ return nil unless api
+
+ Rails.logger.debug "FPS: Computed signature: " + Remit::SignedQuery.new(@uri.path, @secret_key, request_query).sign
+ Rails.logger.debug "FPS: Real signature: " + request_query[:signature]
+ # Verifign a responses signature against a webservice seems....silly?
+ Remit::VerifySignature.new(api, @uri.to_s).valid
end
private :correct_signature
end
View
@@ -0,0 +1 @@
+require File.join( File.dirname(__FILE__), '..', 'lib', 'remit.rb' )

0 comments on commit 1d83915

Please sign in to comment.