def test_validate_signature(self):
params = {"key1": "val1", "key2": "val2"}
sig = utils.generate_signature(params, self.secret)
params["signature"] = sig
self.assertTrue(utils.signature_valid(params, self.secret))
params["signature"] = "123482494523435"
self.assertFalse(utils.signature_valid(params, self.secret))
def confirm_resource(self, params):
"""Confirm a payment
This send a post request to the confirmation URI for a payment.
params should contain these elements from the request
- resource_uri
- resource_id
- resource_type
- signature
- state (if any)
"""
keys = ["resource_uri", "resource_id", "resource_type", "state"]
to_check = dict([[k, v] for k, v in six.iteritems(params)
if k in keys])
signature = generate_signature(to_check, self._app_secret)
if not signature == params["signature"]:
raise SignatureError("Invalid signature when confirming resource")
auth_string = base64.b64encode(
six.b("{0}:{1}".format(self._app_id, self._app_secret)))
to_post = {
"resource_id": params["resource_id"],
"resource_type": params["resource_type"],
}
auth_details = (self._app_id, self._app_secret)
return self.api_post("/confirm", to_post, auth=auth_details)
def test_validate_signature(self):
params = {"key1": "val1", "key2": "val2"}
sig = utils.generate_signature(params, self.secret)
params["signature"] = sig
self.assertTrue(utils.signature_valid(params, self.secret))
params["signature"] = "123482494523435"
self.assertFalse(utils.signature_valid(params, self.secret))
def test_hmac(self):
# make sure our signature function
# works correctly
sig = utils.generate_signature({
"foo": "bar",
"example": [1, "a"]
}, self.secret)
self.assertEqual(
sig,
'5a9447aef2ebd0e12d80d80c836858c6f9c13219f615ef5d135da408bcad453d')
def verify_signature(self, request):
data = self.get_payload(request)
if not data:
logger.warning('No payload or request data found')
return False
pms = data.copy()
pms.pop('signature')
signature = generate_signature(pms, settings.GOCARDLESS_APP_SECRET)
if signature == data['signature']:
return True
return False
def test_resource_posts(self):
self.params["signature"] = utils.generate_signature(self.params,
mock_account_details["app_secret"])
with patch.object(self.client, 'api_post') as mock_post:
expected_data = {
"resource_type":self.params["resource_type"],
"resource_id":self.params["resource_id"]
}
expected_auth = (mock_account_details["app_id"],
mock_account_details["app_secret"])
self.client.confirm_resource(self.params)
expected_path = "/confirm"
mock_post.assert_called_with(expected_path,
expected_data, auth=expected_auth)
def test_resource_posts(self):
self.params["signature"] = utils.generate_signature(self.params,
mock_account_details["app_secret"])
with patch.object(self.client, 'api_post') as mock_post:
expected_data = {
"resource_type":self.params["resource_type"],
"resource_id":self.params["resource_id"]
}
expected_auth = (mock_account_details["app_id"],
mock_account_details["app_secret"])
self.client.confirm_resource(self.params)
expected_path = "/confirm"
mock_post.assert_called_with(expected_path,
expected_data, auth=expected_auth)
def confirm_resource(self, params):
"""Confirm a payment
This send a post request to the confirmation URI for a payment.
params should contain these elements from the request
- resource_uri
- resource_id
- resource_type
- signature
- state (if any)
"""
keys = ["resource_uri", "resource_id", "resource_type", "state"]
to_check = dict([[k, v] for k, v in params.items() if k in keys])
signature = generate_signature(to_check, self._app_secret)
if not signature == params["signature"]:
raise SignatureError("Invalid signature when confirming resource")
auth_string = base64.b64encode("{0}:{1}".format(self._app_id, self._app_secret))
to_post = {"resource_id": params["resource_id"], "resource_type": params["resource_type"]}
auth_details = (self._app_id, self._app_secret)
self.api_post("/confirm", to_post, auth=auth_details)
def test_hmac(self):
# make sure our signature function
# works correctly
sig = utils.generate_signature({"foo": "bar", "example": [1, "a"]}, self.secret)
self.assertEqual(sig, "5a9447aef2ebd0e12d80d80c836858c6f9c13219f615ef5d135da408bcad453d")
'BBYKKNKEK4WKN9YVK0BRARGS4QHDRVJB'
'8JWYM84XTR9XQ591RGFSEFQ82B0ZKKYM')
js = """
{
"payload": {
"resource_type": "bill",
"action": "refunded",
"bills": [
{
"id": "AKJ398H8KA",
"status": "refunded",
"source_type": "subscription",
"source_id": "KKJ398H8K8",
"amount": "20.0",
"amount_minus_fees": "19.8",
"paid_at": "2011-12-01T12:00:00Z",
"uri": "https://gocardless.com/api/v1/bills/AKJ398H8KA"
}
],
"signature": "7b2bc20d10ef8322e580205fea0056524e22a862f90ffdd14ab069affd680f3e"
}
}
"""
payload = json.loads(js)['payload']
pms = payload.copy()
pms.pop('signature')
print generate_signature(pms, GOCARDLESS_APP_SECRET)
