forked from Shopify/hosted-payment-sim
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp.rb
91 lines (78 loc) · 2.49 KB
/
app.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
require 'rubygems'
require 'bundler/setup'
require 'sinatra'
require 'httparty'
require 'json'
require 'addressable/uri'
require 'byebug' if development?
class OffsiteGatewaySim < Sinatra::Base
def initialize(base_path: '')
@base_path = base_path
@key = 'iU44RWxeik'
super
end
def fields
@fields ||= request.params.select {|k, v| k.start_with? 'x_'}
end
def request_fields
YAML.load_file('request_fields.yml')
end
def response_fields
YAML.load_file('response_fields.yml')
end
def sign(fields, key=@key)
Digest::HMAC.hexdigest(fields.sort.join, key, Digest::SHA256)
end
get '/' do
erb :get, :locals => {key: @key}
end
post '/' do
provided_signature = fields['x_signature']
expected_signature = sign(fields.reject{|k,_| k == 'x_signature'})
signature_ok = provided_signature && provided_signature.casecmp(expected_signature) == 0
erb :post, :locals => {signature_ok: signature_ok}
end
post '/incontext' do
provided_signature = fields['x_signature']
expected_signature = sign(fields.reject{|k,_| k == 'x_signature'})
signature_ok = provided_signature && provided_signature.casecmp(expected_signature) == 0
erb :incontext, :locals => {signature_ok: signature_ok}
end
get '/calculator' do
erb :calculator, :locals => {
request_fields: request_fields,
response_fields: response_fields,
signature: sign(fields.delete_if { |_, v| v.nil? }, params['secret_key'] || @key)
}
end
post '/execute/:action' do |action|
ts = Time.now.utc.iso8601
payload = {
'x_account_id' => fields['x_account_id'],
'x_reference' => fields['x_reference'],
'x_currency' => fields['x_currency'],
'x_test' => fields['x_test'],
'x_amount' => fields['x_amount'],
'x_result' => action,
'x_gateway_reference' => SecureRandom.hex,
'x_timestamp' => ts
}
payload['x_signature'] = sign(payload)
result = {timestamp: ts}
redirect_url = Addressable::URI.parse(fields['x_url_complete'])
redirect_url.query_values = payload
if request.params['fire_callback'] == 'true'
callback_url = fields['x_url_callback']
response = HTTParty.post(callback_url, body: payload)
if response.code == 200
result[:redirect] = redirect_url
else
result[:error] = response
end
else
result[:redirect] = redirect_url
end
result.to_json
end
run! if app_file == $0
end