def test_config_errors(self): api = PayerPostAPI(agent_id=None, key_1=None, key_2=None) # Checksums (keys 1 & 2) self.assertRaises(PayerPostAPIError, api.get_checksum, "data") api.key_1 = "key1" self.assertRaises(PayerPostAPIError, api.get_checksum, "data") api.key_2 = "key2" raised = False try: api.get_checksum("data") except: raised = True try: api.get_post_data() except PayerPostAPIError as e: self.assertEqual(e.code, PayerPostAPIError.ERROR_MISSING_ORDER) api.set_order(self.getOrder()) self.assertFalse(raised, 'Exception raised') self.assertIsNotNone(api.get_checksum("data")) # Order, Processing control, agent ID self.assertRaises(PayerPostAPIError, api.get_post_data) try: api.get_post_data() except PayerPostAPIError as e: self.assertEqual( e.code, PayerPostAPIError.ERROR_MISSING_PROCESSING_CONTROL) self.assertEqual( str(e), repr("Error %s: %s" % (e.code, e.ERROR_MESSAGES.get(e.code, "Unknown Error")))) api.agent_id = "AGENT_ID" api.set_processing_control(self.getProcessingControl()) raised = False try: api.get_post_data() except: raised = True self.assertFalse(raised, 'Exception raised') api.agent_id = None self.assertRaises(PayerPostAPIError, api._generate_xml)
class TestPayerPostAPI(TestCase): def setUp(self): self.api = PayerPostAPI( agent_id="AGENT_ID", key_1="6866ef97a972ba3a2c6ff8bb2812981054770162", key_2="1388ac756f07b0dda2961436ba8596c7b7995e94", ) self.api.set_processing_control(self.getProcessingControl()) self.api.set_order(self.getOrder()) def getOrder(self): return PayerOrder(order_id="123456", buyer_details=PayerBuyerDetails( first_name="John", last_name="Doe", address_line_1="1234 Main Street", postal_code="12345", city="Anywhere", phone_mobile="012345678", email="*****@*****.**", ), order_items=[ PayerOrderItem( description='A product', price_including_vat=123.50, vat_percentage=25, quantity=4, ), PayerOrderItem( description='Another product', price_including_vat=123.0, vat_percentage=12.5, quantity=2, ), ], info_lines=[ "Shipping with 5 work days", "Additional line of order info", ]) def getProcessingControl(self): return PayerProcessingControl( success_redirect_url="http://localhost/webshop/thankyou/", authorize_notification_url="http://localhost/webshop/auth/", settle_notification_url="http://localhost/webshop/settle/", redirect_back_to_shop_url="http://localhost/webshop/", ) def test_settings(self): self.assertEqual(self.api.get_post_url(), self.api.PAYER_POST_URL) self.assertEqual(self.api.get_post_url(), "https://secure.payer.se/PostAPI_V1/InitPayFlow") def test_checksums(self): def check_checksums(xml_data, b64_data): checksum = self.api.get_checksum(b64_data) expected_checksum = hashlib.md5( "6866ef97a972ba3a2c6ff8bb2812981054770162" + base64.b64encode(xml_data) + "1388ac756f07b0dda2961436ba8596c7b7995e94").hexdigest() self.assertEqual(checksum, expected_checksum) xml_data = self.api.get_xml_data() b64_data = self.api.get_base64_data() check_checksums(xml_data, b64_data) check_checksums("foo bar", self.api.get_base64_data("foo bar")) def test_callback_validation(self): xml = self.api.xml_document auth_url = xml.get_authorize_notification_url( order_id=self.api.order.order_id) settle_url = xml.get_settle_notification_url( order_id=self.api.order.order_id) ad = { 'payer_callback_type': 'auth', 'payer_testmode': 'false', 'payer_payment_type': 'card', 'payer_merchant_reference_id': self.api.order.order_id, } sd = ad sd.update({ 'payer_callback_type': 'settle', 'payer_added_fee': 0, 'payer_payment_id': 'yYkYOKFf_Z@hbJj3nS41Q2xE9dVm', 'payread_payment_id': 'yYkYOKFf_Z@hbJj3nS41Q2xE9dVm', }) # We avoid using urllib.erlencode() here as incoming URL's are known to # be erroneously encoded, e.g. enecoded @ characters in query string def add_query_params(url, params): qsl = ["%s=%s" % ( k, v, ) for k, v in params.iteritems()] return "&".join([url] + qsl) auth_url = add_query_params(auth_url, ad) settle_url = add_query_params(settle_url, sd) def get_md5_sum(url): return hashlib.md5( "6866ef97a972ba3a2c6ff8bb2812981054770162" + url + "1388ac756f07b0dda2961436ba8596c7b7995e94").hexdigest() auth_url_test = "%s&md5sum=%s" % (auth_url, get_md5_sum(auth_url)) auth_url_api = "%s&md5sum=%s" % (auth_url, self.api.get_checksum(auth_url)) settle_url_test = "%s&md5sum=%s" % (settle_url, get_md5_sum(settle_url)) settle_url_api = "%s&md5sum=%s" % (settle_url, self.api.get_checksum(settle_url)) self.assertTrue(self.api.validate_callback_url(auth_url_test)) self.assertTrue(self.api.validate_callback_url(auth_url_api)) self.assertTrue(self.api.validate_callback_url(settle_url_test)) self.assertTrue(self.api.validate_callback_url(settle_url_api)) self.api.suppress_validation_checks = True self.assertTrue(self.api.validate_callback_url("fake url")) self.api.suppress_validation_checks = False self.assertEqual(auth_url_test, auth_url_api) self.assertEqual(settle_url_test, settle_url_api) self.assertRaises(PayerURLValidationError, self.api.validate_callback_url, (self.api, auth_url)) self.assertRaises(PayerURLValidationError, self.api.validate_callback_url, (self.api, settle_url)) self.assertRaises( PayerURLValidationError, self.api.validate_callback_url, (self.api, auth_url + "&md5sum=79acb36d5a10837c377e6f3f1cf9fc9c")) self.assertRaises(PayerURLValidationError, self.api.validate_callback_url, (self.api, settle_url + "&md5sum=79acb36d5a10837c377e6f3f1cf9fc9c")) try: self.api.validate_callback_url( settle_url + "&md5sum=79acb36d5a10837c377e6f3f1cf9fc9c") except PayerURLValidationError as e: self.assertTrue(str(e).startswith("MD5 checksums did not match.")) # IP white/blacklists for ip in self.api.ip_whitelist: self.assertTrue(self.api.validate_callback_ip(ip)) new_ip = "123.123.123.123" self.assertRaises(PayerIPNotOnWhitelistException, self.api.validate_callback_ip, new_ip) self.api.suppress_validation_checks = True self.assertTrue(self.api.validate_callback_ip("fake ip")) self.api.suppress_validation_checks = False self.api.add_whitelist_ip(new_ip) self.assertTrue(self.api.validate_callback_ip(new_ip)) self.api.add_blacklist_ip(new_ip) self.api.add_blacklist_ip("234.234.234.234") for ip in self.api.ip_blacklist: self.assertRaises(PayerIPBlacklistedException, self.api.validate_callback_ip, ip) def test_config_errors(self): api = PayerPostAPI(agent_id=None, key_1=None, key_2=None) # Checksums (keys 1 & 2) self.assertRaises(PayerPostAPIError, api.get_checksum, "data") api.key_1 = "key1" self.assertRaises(PayerPostAPIError, api.get_checksum, "data") api.key_2 = "key2" raised = False try: api.get_checksum("data") except: raised = True try: api.get_post_data() except PayerPostAPIError as e: self.assertEqual(e.code, PayerPostAPIError.ERROR_MISSING_ORDER) api.set_order(self.getOrder()) self.assertFalse(raised, 'Exception raised') self.assertIsNotNone(api.get_checksum("data")) # Order, Processing control, agent ID self.assertRaises(PayerPostAPIError, api.get_post_data) try: api.get_post_data() except PayerPostAPIError as e: self.assertEqual( e.code, PayerPostAPIError.ERROR_MISSING_PROCESSING_CONTROL) self.assertEqual( str(e), repr("Error %s: %s" % (e.code, e.ERROR_MESSAGES.get(e.code, "Unknown Error")))) api.agent_id = "AGENT_ID" api.set_processing_control(self.getProcessingControl()) raised = False try: api.get_post_data() except: raised = True self.assertFalse(raised, 'Exception raised') api.agent_id = None self.assertRaises(PayerPostAPIError, api._generate_xml) def test_xml_error(self): data = self.api.get_xml_data() assert data self.api.xml_document = "Fake XML document" self.assertRaises(PayerPostAPIError, self.api.get_xml_data)