zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-08-12 04:29:33 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'story/107571572-seb' into staging

Browse source
This commit is contained in:
Vladimir Krylov 2015-11-12 09:42:58 +02:00
commit 5adf38a485
7 changed files with 243 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

9
app/assets/stylesheets/registrar/registrar.sass
View file

@ -32,3 +32,12 @@ h1, h2, h3, h4
.semifooter .semifooter
padding: 42px 0 80px 0 padding: 42px 0 80px 0
.payment-form
text-align: center
input[type="submit"]
cursor: pointer
top: 50%
position: absolute

46
app/controllers/registrar/payments_controller.rb Normal file
View file

@ -0,0 +1,46 @@
class Registrar::PaymentsController < RegistrarController
protect_from_forgery except: :back
skip_authorization_check # actually anyone can pay, no problems at all
skip_before_action :authenticate_user!, :check_ip, only: [:back]
before_action :check_bank
# to handle existing model we should
# get invoice_id and then get number
# build BankTransaction without connection with right reference number
# do not connect transaction and invoice
def pay
invoice = Invoice.find(params[:invoice_id])
@bank_link = BankLink::Request.new(params[:bank], invoice, self)
@bank_link.make_transaction
end
# connect invoice and transaction
# both back and IPN
def back
@bank_link = BankLink::Response.new(params[:bank], params)
if @bank_link.valid?
@bank_link.complete_payment
if @bank_link.invoice.binded?
flash[:notice] = t(:pending_applieds)
else
flash[:error] = t(:something_wrong)
end
else
flash[:error] = t(:something_wrong)
end
redirect_to registrar_invoice_path(@bank_link.invoice)
end
private
def banks
ENV['payments_banks'].split(",").map(&:strip)
end
def check_bank
raise StandardError.new("Not Implemented bank") unless banks.include?(params[:bank])
end
end

153
app/models/bank_link.rb Normal file
View file

@ -0,0 +1,153 @@
class BankLink
module Base
def prepend_size(value)
value = (value || "").to_s.strip
string = ""
string << sprintf("%03i", value.size)
string << value
end
end
class Request
include Base
include ActionView::Helpers::NumberHelper
# need controller here in order to handle random ports and domains
# I don't want to do it but has to
attr_accessor :type, :invoice, :controller
def initialize(type, invoice, controller)
@type, @invoice, @controller = type, invoice, controller
end
def url
ENV["payments_#{type}_url"]
end
def fields
@fields ||= (hash = {}
hash["VK_SERVICE"] = "1012"
hash["VK_VERSION"] = "008"
hash["VK_SND_ID"] = ENV["payments_#{type}_seller_account"]
hash["VK_STAMP"] = invoice.number
hash["VK_AMOUNT"] = number_with_precision(invoice.sum_cache, :precision => 2, :separator => ".")
hash["VK_CURR"] = invoice.currency
hash["VK_REF"] = ""
hash["VK_MSG"] = "Order nr. #{invoice.number}"
hash["VK_RETURN"] = controller.registrar_return_payment_with_url(type)
hash["VK_CANCEL"] = controller.registrar_return_payment_with_url(type)
hash["VK_DATETIME"] = Time.now.strftime("%Y-%m-%dT%H:%M:%S%z")
hash["VK_MAC"] = calc_mac(hash)
hash["VK_ENCODING"] = "UTF-8"
hash["VK_LANG"] = "ENG"
hash)
end
def calc_mac(fields)
pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_STAMP VK_AMOUNT VK_CURR VK_REF
VK_MSG VK_RETURN VK_CANCEL VK_DATETIME).freeze
data = pars.map{|e| prepend_size(fields[e]) }.join
sign(data)
end
def make_transaction
transaction = BankTransaction.where(description: fields["VK_MSG"]).first_or_initialize(
reference_no: invoice.reference_no,
currency: invoice.currency,
iban: invoice.seller_iban
)
transaction.save!
end
private
def sign(data)
private_key = OpenSSL::PKey::RSA.new(File.read(ENV["payments_#{type}_seller_private"]))
signed_data = private_key.sign(OpenSSL::Digest::SHA1.new, data)
signed_data = Base64.encode64(signed_data).gsub(/\n|\r/, '')
signed_data
end
end
class Response
include Base
include ActionView::Helpers::NumberHelper
attr_accessor :type, :params, :invoice
def initialize(type, params)
@type, @params = type, params
@invoice = Invoice.find_by(number: params["VK_STAMP"]) if params["VK_STAMP"].present?
end
def valid?
!!validate
end
def complete_payment
if valid?
transaction = BankTransaction.find_by(description: params["VK_MSG"])
transaction.sum = BigDecimal.new(params["VK_AMOUNT"].to_s)
transaction.bank_reference = params['VK_T_NO']
transaction.buyer_bank_code = params["VK_SND_ID"]
transaction.buyer_iban = params["VK_SND_ACC"]
transaction.buyer_name = params["VK_SND_NAME"]
transaction.paid_at = Time.parse(params["VK_T_DATETIME"])
transaction.autobind_invoice
end
end
def validate
case params["VK_SERVICE"]
when "1111"
validate_success && validate_amount && validate_currency
when "1911"
validate_cancel
else
false
end
end
def validate_success
pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP VK_T_NO VK_AMOUNT VK_CURR
VK_REC_ACC VK_REC_NAME VK_SND_ACC VK_SND_NAME VK_REF VK_MSG VK_T_DATETIME).freeze
@validate_success ||= (
data = pars.map{|e| prepend_size(params[e]) }.join
verify_mac(data, params["VK_MAC"])
)
end
def validate_cancel
pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP VK_REF VK_MSG).freeze
@validate_cancel ||= (
data = pars.map{|e| prepend_size(params[e]) }.join
verify_mac(data, params["VK_MAC"])
)
end
def validate_amount
source = number_with_precision(BigDecimal.new(params["VK_AMOUNT"].to_s), precision: 2, separator: ".")
target = number_with_precision(invoice.sum_cache, precision: 2, separator: ".")
source == target
end
def validate_currency
invoice.currency == params["VK_CURR"]
end
def verify_mac(data, mac)
bank_public_key = OpenSSL::X509::Certificate.new(File.read(ENV["payments_#{type}_bank_certificate"])).public_key
bank_public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(mac), data)
end
end
end

18
app/views/registrar/invoices/partials/_banklinks.haml
View file

@ -1,16 +1,6 @@
%h4= t(:pay_by_bank_link) %h4= t(:pay_by_bank_link)
%hr %hr
= link_to '#' do - ENV['payments_banks'].split(",").each do |meth|
= image_tag('swed.png') - meth = meth.strip
= link_to registrar_payment_with_path(meth, invoice_id: params[:id]) do
= link_to '#' do = image_tag("#{meth}.png")
= image_tag('seb.png')
= link_to '#' do
= image_tag('nordea.png')
= link_to '#' do
= image_tag('lhv.png')
= link_to '#' do
= image_tag('danske.png')

10
app/views/registrar/payments/pay.html.haml Normal file
View file

@ -0,0 +1,10 @@
.payment-form
= form_tag @bank_link.url, method: :post do
- @bank_link.fields.each do |k, v|
= hidden_field_tag k, v
= submit_tag "Mine maksma"
:coffeescript
$(document).ready ->
$('.payment-form form').submit()

16
config/application-example.yml
View file

@ -109,6 +109,22 @@ new_relic_license_key: '42d1c2ba4ed17a9cf6297c59d80e563a3dd3c4fa'
secret_key_base: 'please-change-it-you-can-generate-it-with-rake-secret' secret_key_base: 'please-change-it-you-can-generate-it-with-rake-secret'
devise_secret: 'please-change-it-you-can-generate-it-with-rake-secret' devise_secret: 'please-change-it-you-can-generate-it-with-rake-secret'
payments_banks: >
seb,
swed,
lhv
payments_seb_url: 'https://www.seb.ee/cgi-bin/dv.sh/ipank.r'
payments_seb_bank_certificate: 'eyp_pub.pem'
payments_seb_seller_private: 'kaupmees_priv.pem'
payments_seb_seller_account: 'testvpos'
payments_swed_url: 'https://www.seb.ee/cgi-bin/dv.sh/ipank.r'
payments_swed_bank_certificate: 'eyp_pub.pem'
payments_swed_seller_private: 'kaupmees_priv.pem'
payments_swed_seller_account: 'testvpos'
payments_lhv_url: 'https://www.seb.ee/cgi-bin/dv.sh/ipank.r'
payments_lhv_bank_certificate: 'eyp_pub.pem'
payments_lhv_seller_private: 'kaupmees_priv.pem'
payments_lhv_seller_account: 'testvpos'
# #
# AUTOTEST overwrites # AUTOTEST overwrites

5
config/routes.rb
View file

@ -91,6 +91,11 @@ Rails.application.routes.draw do
get 'load_xml' get 'load_xml'
end end
end end
get 'pay/return/:bank' => 'payments#back', as: 'return_payment_with'
post 'pay/return/:bank' => 'payments#back'
get 'pay/go/:bank' => 'payments#pay', as: 'payment_with'
end end
# REGISTRANT ROUTES # REGISTRANT ROUTES