def process_pay_req(request, data=None):
data = request.GET if data is None else data
form = VerifyForm(data)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
if len(codes) > 1:
# This will probably break something, like maybe paymentFailed().
log.error('multiple error codes: {codes}'.format(codes=codes))
codes = ', '.join(codes)
return app_error(request, code=codes)
if (disabled_by_user_agent(request.META.get('HTTP_USER_AGENT', None))
or (settings.ONLY_SIMULATIONS and not form.is_simulation)):
return custom_error(request,
_('Payments are temporarily disabled.'),
code=msg.PAY_DISABLED,
status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=(
'request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
er = msg.EXPIRED_JWT
def process_pay_req(request, data=None):
data = request.GET if data is None else data
form = VerifyForm(data)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
if len(codes) > 1:
# This will probably break something, like maybe paymentFailed().
log.error('multiple error codes: {codes}'.format(codes=codes))
codes = ', '.join(codes)
return app_error(request, code=codes)
if (disabled_by_user_agent(request.META.get('HTTP_USER_AGENT', None)) or
(settings.ONLY_SIMULATIONS and not form.is_simulation)):
return custom_error(request,
_('Payments are temporarily disabled.'),
code=msg.PAY_DISABLED, status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
algorithms=settings.SUPPORTED_JWT_ALGORITHMS,
required_keys=('request.id',
'request.pricePoint', # A price tier we'll look up.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
log.debug('exception in mozpay.verify_jwt(): {e}'.format(e=exc))
er = msg.EXPIRED_JWT
def process_pay_req(request, data=None):
data = request.GET if data is None else data
form = VerifyForm(data)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
if len(codes) > 1:
# This will probably break something, like maybe paymentFailed().
log.error('multiple error codes: {codes}'.format(codes=codes))
codes = ', '.join(codes)
return app_error(request, code=codes)
if settings.ONLY_SIMULATIONS and not form.is_simulation:
# Real payments are currently disabled.
# Only simulated payments are allowed.
return custom_error(request, _('Payments are temporarily disabled.'),
code=msg.PAY_DISABLED, status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=('request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
er = msg.EXPIRED_JWT
def process_pay_req(request):
form = VerifyForm(request.GET)
if not form.is_valid():
return _error(request, msg=form.errors.as_text(),
is_simulation=form.is_simulation)
if settings.ONLY_SIMULATIONS and not form.is_simulation:
# Real payments are currently disabled.
# Only simulated payments are allowed.
return render(request, 'error.html',
{'error': _('Payments are temporarily disabled.')},
status=503)
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=('request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except (TypeError, InvalidJWT, RequestExpired), exc:
log.exception('calling verify_jwt')
return _error(request, exception=exc,
is_simulation=form.is_simulation)
def process_pay_req(request):
form = VerifyForm(request.GET)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
codes = ', '.join(codes)
return _error(request, code=codes)
if settings.ONLY_SIMULATIONS and not form.is_simulation:
# Real payments are currently disabled.
# Only simulated payments are allowed.
return render(request, 'error.html',
{'error': _('Payments are temporarily disabled.')},
status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=('request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
er = msg.EXPIRED_JWT
def process_pay_req(request):
form = VerifyForm(request.GET)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
codes = ', '.join(codes)
return _error(request, code=codes)
if settings.ONLY_SIMULATIONS and not form.is_simulation:
# Real payments are currently disabled.
# Only simulated payments are allowed.
return render(request,
'error.html',
{'error': _('Payments are temporarily disabled.')},
status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=(
'request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except RequestExpired, exc:
er = msg.EXPIRED_JWT
def process_pay_req(request):
form = VerifyForm(request.GET)
if not form.is_valid():
return _error(request,
msg=form.errors.as_text(),
is_simulation=form.is_simulation)
if settings.ONLY_SIMULATIONS and not form.is_simulation:
# Real payments are currently disabled.
# Only simulated payments are allowed.
return render(request,
'error.html',
{'error': _('Payments are temporarily disabled.')},
status=503)
try:
pay_req = verify_jwt(
form.cleaned_data['req'],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=(
'request.id',
'request.pricePoint', # A price tier we'll lookup.
'request.name',
'request.description',
'request.postbackURL',
'request.chargebackURL'))
except (TypeError, InvalidJWT, RequestExpired), exc:
log.exception('calling verify_jwt')
return _error(request, exception=exc, is_simulation=form.is_simulation)
def process_pay_req(request, data=None):
data = request.GET if data is None else data
form = VerifyForm(data)
if not form.is_valid():
codes = []
for erlist in form.errors.values():
codes.extend(erlist)
if len(codes) > 1:
# This will probably break something, like maybe paymentFailed().
log.error("multiple error codes: {codes}".format(codes=codes))
codes = ", ".join(codes)
return app_error(request, code=codes)
if disabled_by_user_agent(request.META.get("HTTP_USER_AGENT", None)) or (
settings.ONLY_SIMULATIONS and not form.is_simulation
):
return custom_error(request, _("Payments are temporarily disabled."), code=msg.PAY_DISABLED, status=503)
exc = er = None
try:
pay_req = verify_jwt(
form.cleaned_data["req"],
settings.DOMAIN, # JWT audience.
form.secret,
required_keys=(
"request.id",
"request.pricePoint", # A price tier we'll lookup.
"request.name",
"request.description",
"request.postbackURL",
"request.chargebackURL",
),
)
except RequestExpired, exc:
er = msg.EXPIRED_JWT
'caught sig_check exc: {0.__class__.__name__}: {0}'.format(
exc))
raise forms.ValidationError('INVALID_JWT_OR_UNKNOWN_ISSUER')
try:
secret, active_product = lookup_issuer(jwt_data.get('iss', ''))
except UnknownIssuer, exc:
log.info(
'caught sig_check exc: {0.__class__.__name__}: {0}'.format(
exc))
raise forms.ValidationError('INVALID_JWT_OR_UNKNOWN_ISSUER')
try:
clean_jwt = verify_jwt(
enc_jwt,
settings.DOMAIN, # JWT audience.
secret,
required_keys=[])
except InvalidJWT, exc:
log.info(
'caught sig_check exc: {0.__class__.__name__}: {0}'.format(
exc))
raise forms.ValidationError('INVALID_JWT_OR_UNKNOWN_ISSUER')
if clean_jwt.get('typ', '') != settings.SIG_CHECK_TYP:
raise forms.ValidationError('INCORRECT_JWT_TYP')
return clean_jwt
class ErrorLegendForm(ParanoidForm):
def clean_sig_check_jwt(self):
enc_jwt = self.cleaned_data['sig_check_jwt'].encode('ascii', 'ignore')
try:
jwt_data = jwt.decode(enc_jwt, verify=False)
except jwt.DecodeError, exc:
log.info('caught sig_check exc: {0.__class__.__name__}: {0}'
.format(exc))
raise forms.ValidationError('INVALID_JWT_OR_UNKNOWN_ISSUER')
try:
secret, active_product = lookup_issuer(jwt_data.get('iss', ''))
except UnknownIssuer, exc:
log.info('caught sig_check exc: {0.__class__.__name__}: {0}'
.format(exc))
raise forms.ValidationError('INVALID_JWT_OR_UNKNOWN_ISSUER')
try:
clean_jwt = verify_jwt(enc_jwt,
settings.DOMAIN, # JWT audience.
secret,
required_keys=[])
except InvalidJWT, exc:
log.info('caught sig_check exc: {0.__class__.__name__}: {0}'
.format(exc))
raise forms.ValidationError('INVALID_JWT_OR_UNKNOWN_ISSUER')
if clean_jwt.get('typ', '') != settings.SIG_CHECK_TYP:
raise forms.ValidationError('INCORRECT_JWT_TYP')
return clean_jwt
