def test_keys(self):
self.setup_package()
verify_keys(self.pay_jwt_dict(),
('iss',
'typ',
'aud',
'iat',
'exp',
'request.name',
'request.description',
'request.pricePoint',
'request.postbackURL',
'request.chargebackURL',
'request.productData'))
def test_keys(self):
verify_keys(self.pay_jwt_dict(),
('iss',
'typ',
'aud',
'iat',
'exp',
'request.name',
'request.description',
'request.price',
'request.defaultPrice',
'request.postbackURL',
'request.chargebackURL',
'request.productData'))
def postback(request):
"""Verify signature from BlueVia and set contribution to paid."""
signed_jwt = request.raw_post_data
if waffle.flag_is_active(request, 'solitude-payments'):
result = client.verify_bluevia_jwt(signed_jwt)
else:
result = verify_bluevia_jwt(signed_jwt)
if not result['valid']:
ip = (request.META.get('HTTP_X_FORWARDED_FOR', '') or
request.META.get('REMOTE_ADDR', ''))
if not ip:
ip = '(unknown)'
log.info('Received invalid bluevia postback from IP %s' % ip)
return http.HttpResponseBadRequest('invalid request')
# From here on, let all exceptions raise. The JWT comes from BlueVia
# so if anything fails we want to know ASAP.
data = jwt.decode(signed_jwt, verify=False)
verify_claims(data)
iss, aud, product_data, trans_id = verify_keys(data,
('iss',
'aud',
'request.productData',
'response.transactionID'))
log.info('received BlueVia postback JWT: iss:%s aud:%s '
'trans_id:%s product_data:%s'
% (iss, aud, trans_id, product_data))
pd = urlparse.parse_qs(product_data)
contrib_uuid = pd['contrib_uuid'][0]
try:
contrib = Contribution.objects.get(uuid=contrib_uuid)
except Contribution.DoesNotExist:
etype, val, tb = sys.exc_info()
raise LookupError('BlueVia JWT (iss:%s, aud:%s) for trans_id %s '
'links to contrib %s which doesn\'t exist'
% (iss, aud, trans_id, contrib_uuid)), None, tb
contrib.update(type=amo.CONTRIB_PURCHASE,
bluevia_transaction_id=trans_id)
tasks.purchase_notify.delay(signed_jwt, contrib.pk)
return http.HttpResponse(trans_id)
def test_keys(self):
verify_keys(self.pay_jwt_dict(),
('iss', 'typ', 'aud', 'iat', 'exp', 'request.name',
'request.description', 'request.price',
'request.defaultPrice', 'request.postbackURL',
'request.chargebackURL', 'request.productData'))
def verify_webpay_jwt(signed_jwt):
# This can probably be deleted depending upon solitude.
try:
jwt.decode(signed_jwt.encode('ascii'), secret)
except Exception, e:
log.error('Error decoding webpay jwt: %s' % e, exc_info=True)
return {'valid': False}
return {'valid': True}
def sign_webpay_jwt(data):
return jwt.encode(data, secret)
def parse_from_webpay(signed_jwt, ip):
try:
data = jwt.decode(signed_jwt.encode('ascii'), secret)
except Exception, e:
log.info('Received invalid webpay postback from IP %s: %s' %
(ip or '(unknown)', e), exc_info=True)
raise InvalidSender()
verify_claims(data)
iss, aud, product_data, trans_id = verify_keys(
data,
('iss', 'aud', 'request.productData', 'response.transactionID'))
log.info('Received webpay postback JWT: iss:%s aud:%s '
'trans_id:%s product_data:%s'
% (iss, aud, trans_id, product_data))
return data
def verify_bluevia_jwt(signed_jwt):
# This can probably be deleted depending upon solitude.
try:
jwt.decode(signed_jwt.encode('ascii'), secret)
except Exception, e:
log.error('Error decoding bluevia jwt: %s' % e, exc_info=True)
return {'valid': False}
return {'valid': True}
def sign_bluevia_jwt(data):
return jwt.encode(data, secret)
def parse_from_bluevia(signed_jwt, ip):
try:
data = jwt.decode(signed_jwt.encode('ascii'), secret)
except Exception, e:
log.info('Received invalid bluevia postback from IP %s: %s' %
(ip or '(unknown)', e),
exc_info=True)
raise InvalidSender()
verify_claims(data)
iss, aud, product_data, trans_id = verify_keys(
data, ('iss', 'aud', 'request.productData', 'response.transactionID'))
log.info('Received BlueVia postback JWT: iss:%s aud:%s '
'trans_id:%s product_data:%s' %
(iss, aud, trans_id, product_data))
return data
