diff --git a/app/controllers/registrar/payments/callbacks_controller.rb b/app/controllers/registrar/payments/callbacks_controller.rb deleted file mode 100644 index 208b380e9..000000000 --- a/app/controllers/registrar/payments/callbacks_controller.rb +++ /dev/null @@ -1,8 +0,0 @@ -class Registrar - module Payments - class CallbacksController < BaseController - def new - end - end - end -end diff --git a/app/controllers/registrar/payments/every_pay_controller.rb b/app/controllers/registrar/payments/every_pay_controller.rb deleted file mode 100644 index b0ed34f9d..000000000 --- a/app/controllers/registrar/payments/every_pay_controller.rb +++ /dev/null @@ -1,29 +0,0 @@ -class Registrar - module Payments - class EveryPayController < BaseController - load_resource class: Invoice - skip_authorization_check only: [:new, :update] - skip_before_action :verify_authenticity_token, only: :update - - def new - set_invoice - @every_pay = EveryPayPayment.new(@invoice) - end - - def create - set_invoice - end - - def update - set_invoice - render 'complete' - end - - private - - def set_invoice - @invoice = Invoice.find(params[:invoice_id]) - end - end - end -end diff --git a/app/controllers/registrar/payments_controller.rb b/app/controllers/registrar/payments_controller.rb index 2998ecbc7..793f0226b 100644 --- a/app/controllers/registrar/payments_controller.rb +++ b/app/controllers/registrar/payments_controller.rb @@ -4,27 +4,27 @@ class Registrar skip_authorization_check # actually anyone can pay, no problems at all skip_before_action :authenticate_user!, :check_ip_restriction, only: [:back, :callback] - # before_action :check_bank + before_action :check_supported_payment_method - # TODO: Refactor to :new def pay invoice = Invoice.find(params[:invoice_id]) opts = { - return_url: self.registrar_return_payment_with_url(params[:bank], invoice_id: invoice.id), - # TODO: Add required URL - response_url: "https://53e21cc8.ngrok.io/registrar/pay/callback/every_pay" + return_url: self.registrar_return_payment_with_url( + params[:bank], invoice_id: invoice.id + ), + response_url: self.registrar_response_payment_with_url( + params[:bank], invoice_id: invoice.id + ) } @payment = ::Payments.create_with_type(params[:bank], invoice, opts) @payment.create_transaction end - - # TODO: Refactor to be restful def back invoice = Invoice.find(params[:invoice_id]) opts = { response: params } @payment = ::Payments.create_with_type(params[:bank], invoice, opts) - if @payment.valid_response? && @payment.settled_payment? + if @payment.valid_response_from_intermediary? && @payment.settled_payment? @payment.complete_transaction if invoice.binded? @@ -43,7 +43,7 @@ class Registrar opts = { response: params } @payment = ::Payments.create_with_type(params[:bank], invoice, opts) - if @payment.valid_response? && @payment.settled_payment? + if @payment.valid_response_from_intermediary? && @payment.settled_payment? @payment.complete_transaction if invoice.binded? @@ -62,7 +62,7 @@ class Registrar def supported_payment_method? - raise StandardError.new("Not Implemented bank") unless banks.include?(params[:bank]) + Payments::PAYMENT_METHODS.include?(params[:bank]) end end end diff --git a/app/models/payments.rb b/app/models/payments.rb index 5d0e8f0a8..f379bd455 100644 --- a/app/models/payments.rb +++ b/app/models/payments.rb @@ -9,7 +9,6 @@ module Payments if PAYMENT_BANKLINK_BANKS.include?(type) BankLink.new(type, invoice, opts) elsif type == 'every_pay' - # TODO: refactor to be variable EveryPay.new(type, invoice, opts) end end diff --git a/app/models/payments/bank_link.rb b/app/models/payments/bank_link.rb index 624cd757f..35004e487 100644 --- a/app/models/payments/bank_link.rb +++ b/app/models/payments/bank_link.rb @@ -1,11 +1,25 @@ module Payments class BankLink < Base - # TODO: Remove magic numbers, convert certain fields to proper constants - # DONE: Remove hashrockets + BANK_LINK_VERSION = '008' + + NEW_TRANSACTION_SERVICE_NUMBER = '1012' + SUCCESSFUL_PAYMENT_SERVICE_NUMBER = '1111' + CANCELLED_PAYMENT_SERVICE_NUMBER = '1911' + + NEW_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_STAMP VK_AMOUNT + VK_CURR VK_REF VK_MSG VK_RETURN VK_CANCEL + VK_DATETIME).freeze + SUCCESS_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP + VK_T_NO VK_AMOUNT VK_CURR VK_REC_ACC VK_REC_NAME + VK_SND_ACC VK_SND_NAME VK_REF VK_MSG + VK_T_DATETIME).freeze + CANCEL_MESSAGE_KEYS = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP + VK_REF VK_MSG).freeze + def form_fields - @fields ||= hash = {} - hash["VK_SERVICE"] = "1012" - hash["VK_VERSION"] = "008" + hash = {} + hash["VK_SERVICE"] = NEW_TRANSACTION_SERVICE_NUMBER + hash["VK_VERSION"] = BANK_LINK_VERSION hash["VK_SND_ID"] = seller_account hash["VK_STAMP"] = invoice.number hash["VK_AMOUNT"] = number_with_precision(invoice.total, precision: 2, separator: ".") @@ -14,78 +28,105 @@ module Payments hash["VK_MSG"] = invoice.order hash["VK_RETURN"] = return_url hash["VK_CANCEL"] = return_url - hash["VK_DATETIME"] = Time.now.strftime("%Y-%m-%dT%H:%M:%S%z") + hash["VK_DATETIME"] = Time.zone.now.strftime("%Y-%m-%dT%H:%M:%S%z") hash["VK_MAC"] = calc_mac(hash) hash["VK_ENCODING"] = "UTF-8" hash["VK_LANG"] = "ENG" hash end - def valid_response? + def valid_response_from_intermediary? return false unless response case response["VK_SERVICE"] - when "1111" - validate_success && validate_amount && validate_currency - when "1911" - validate_cancel + when SUCCESSFUL_PAYMENT_SERVICE_NUMBER + valid_successful_transaction? + when CANCELLED_PAYMENT_SERVICE_NUMBER + valid_cancel_notice? else false end end + def complete_transaction + return unless valid_successful_transaction? + + transaction = BankTransaction.find_by( + description: invoice.order, + currency: invoice.currency, + iban: invoice.seller_iban + ) + + transaction.sum = response['VK_AMOUNT'] + transaction.bank_reference = response['VK_T_NO'] + transaction.buyer_bank_code = response["VK_SND_ID"] + transaction.buyer_iban = response["VK_SND_ACC"] + transaction.buyer_name = response["VK_SND_NAME"] + transaction.paid_at = Time.parse(response["VK_T_DATETIME"]) + + transaction.save! + transaction.autobind_invoice + end + + def settled_payment? + response["VK_SERVICE"] == SUCCESSFUL_PAYMENT_SERVICE_NUMBER + end + private - def validate_success - pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP VK_T_NO VK_AMOUNT VK_CURR - VK_REC_ACC VK_REC_NAME VK_SND_ACC VK_SND_NAME VK_REF VK_MSG VK_T_DATETIME).freeze - - @validate_success ||= begin - data = pars.map { |e| prepend_size(response[e]) }.join - verify_mac(data, response["VK_MAC"]) - end + def valid_successful_transaction? + return false unless valid_success_notice? + return false unless valid_amount? + return false unless valid_currency? + true end - def validate_cancel - pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_REC_ID VK_STAMP VK_REF VK_MSG).freeze - @validate_cancel ||= begin - data = pars.map { |e| prepend_size(response[e]) }.join - verify_mac(data, response["VK_MAC"]) - end + def valid_cancel_notice? + valid_mac?(response, CANCEL_MESSAGE_KEYS) end - def validate_amount - source = number_with_precision(BigDecimal.new(response["VK_AMOUNT"].to_s), precision: 2, separator: ".") - target = number_with_precision(invoice.total, precision: 2, separator: ".") + def valid_success_notice? + valid_mac?(response, SUCCESS_MESSAGE_KEYS) + end + + def valid_amount? + source = number_with_precision( + BigDecimal.new(response["VK_AMOUNT"]), precision: 2, separator: "." + ) + target = number_with_precision( + invoice.total, precision: 2, separator: "." + ) source == target end - def validate_currency + def valid_currency? invoice.currency == response["VK_CURR"] end def sign(data) private_key = OpenSSL::PKey::RSA.new(File.read(seller_certificate)) - signed_data = private_key.sign(OpenSSL::Digest::SHA1.new, data) signed_data = Base64.encode64(signed_data).gsub(/\n|\r/, '') signed_data end + def calc_mac(fields) + pars = NEW_MESSAGE_KEYS + data = pars.map { |e| prepend_size(fields[e]) }.join + sign(data) + end + + def valid_mac?(hash, keys) + data = keys.map { |e| prepend_size(hash[e]) }.join + verify_mac(data, hash["VK_MAC"]) + end + def verify_mac(data, mac) bank_public_key = OpenSSL::X509::Certificate.new(File.read(bank_certificate)).public_key bank_public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(mac), data) end - def calc_mac(fields) - pars = %w(VK_SERVICE VK_VERSION VK_SND_ID VK_STAMP VK_AMOUNT VK_CURR VK_REF - VK_MSG VK_RETURN VK_CANCEL VK_DATETIME).freeze - data = pars.map { |e| prepend_size(fields[e]) }.join - - sign(data) - end - def prepend_size(value) value = (value || "").to_s.strip string = "" diff --git a/app/models/payments/every_pay.rb b/app/models/payments/every_pay.rb index a7b28099a..0556f3c5a 100644 --- a/app/models/payments/every_pay.rb +++ b/app/models/payments/every_pay.rb @@ -1,7 +1,5 @@ module Payments class EveryPay < Base - - # TODO: Move to setting or environment USER = ENV['payments_every_pay_api_user'].freeze KEY = ENV['payments_every_pay_api_key'].freeze ACCOUNT_ID = ENV['payments_every_pay_seller_account'].freeze @@ -21,7 +19,7 @@ module Payments base_json end - def valid_response? + def valid_response_from_intermediary? return false unless response valid_hmac? && valid_amount? && valid_account? end @@ -31,7 +29,7 @@ module Payments end def complete_transaction - return unless valid_response? && settled_payment? + return unless valid_response_from_intermediary? && settled_payment? transaction = BankTransaction.find_by( description: invoice.order, diff --git a/test/fixtures/files/seb_bank_cert.pem b/test/fixtures/files/seb_bank_cert.pem index 09a8d326b..a98508d36 100644 --- a/test/fixtures/files/seb_bank_cert.pem +++ b/test/fixtures/files/seb_bank_cert.pem @@ -1,16 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICmTCCAgICCQC9Iax+je2Q9DANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMC -RUUxETAPBgNVBAgMCEhhcmp1bWFhMRAwDgYDVQQHDAdUYWxsaW5uMREwDwYDVQQK -DAhFZGljeSBPVTERMA8GA1UECwwIYmFua2xpbmsxFjAUBgNVBAMMDXBhbmdhbGlu -ay5uZXQxHjAcBgkqhkiG9w0BCQEWD3RhbmVsQGVkaWN5LmNvbTAeFw0xNTAyMDIw -OTAyMzZaFw0zNTAxMjgwOTAyMzZaMIGQMQswCQYDVQQGEwJFRTERMA8GA1UECAwI -SGFyanVtYWExEDAOBgNVBAcMB1RhbGxpbm4xETAPBgNVBAoMCEVkaWN5IE9VMREw -DwYDVQQLDAhiYW5rbGluazEWMBQGA1UEAwwNcGFuZ2FsaW5rLm5ldDEeMBwGCSqG -SIb3DQEJARYPdGFuZWxAZWRpY3kuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB -iQKBgQDTwWcJvpfFkPmSYXVCUJLoCya2YPeuzBcQww19KG+ErKLr+lAjhoER5ViW -UD7KMDhViBzWpJZ0LqvAkamWyyjM5e0a2aUe71qI8yU8W2oZXRrmKQ4H1UxhaOGt -aSGLIycY31y+aaKrRM8teMDvRSyBq08Lvk0e0cC/nbVIVvaS7QIDAQABMA0GCSqG -SIb3DQEBBQUAA4GBAKhMeT9HhdOvmWy17kQjVYg4I0b/9bO/0DI6MqTiyziaSvcz -DXTRwWKCa+dqx9yQ4aM7YBBK3d2y+aRnfdxxAQ1ThnIHuzoYSTlmFYhfpp6KroTz -/01tSFqMZ9dZemSspCWgkXkEiBiUA45AEmOFSRSzWv7H8IOmFhe5ijmGmdna ------END CERTIFICATE----- \ No newline at end of file +MIICVTCCAb4CCQCdHk6fGGIg9DANBgkqhkiG9w0BAQsFADBvMQswCQYDVQQGEwJF +RTERMA8GA1UECAwISGFyanVtYWExEDAOBgNVBAcMB1RhbGxpbm4xJTAjBgNVBAoM +HEVzdG9uaWFuIEludGVybmV0IEZvdW5kYXRpb24xFDASBgNVBAMMC2ludGVybmV0 +LmVlMB4XDTE4MDQyMTEyNDEyMloXDTE4MDUyMTEyNDEyMlowbzELMAkGA1UEBhMC +RUUxETAPBgNVBAgMCEhhcmp1bWFhMRAwDgYDVQQHDAdUYWxsaW5uMSUwIwYDVQQK +DBxFc3RvbmlhbiBJbnRlcm5ldCBGb3VuZGF0aW9uMRQwEgYDVQQDDAtpbnRlcm5l +dC5lZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4QPTaFdN+03vC63vgcSd +OsURjrt/eslJkPXr53VgkcFoD2AI+z1AoUbOMJ/FfXb+iY4o70we3YeRP8SeaDFn +pjOlSmS+DTsh5s3DCahbdbFzvyBDD5A4yKRaVRSCWFEjC684Uvg9Pf/ifP6GxHN6 +uVFg9/YhkS9XwfE0deJhxUUCAwEAATANBgkqhkiG9w0BAQsFAAOBgQCKC6bL+4Eu ++Dz+RQEZ9IEerZSKnnV2mygN9usddg46BnMqceWCA19Ei71C2UQsVD2e+7XkLjrl +0IDGciQqAjOUp4KKG+jQbtlcP0BBvP6CnirwqFfeV0XLWKapLetDjtdlmACAtHXj +8U0YFVbj5GGPJWAfAPnzpsiTxnQIinXNZw== +-----END CERTIFICATE----- diff --git a/test/fixtures/files/seb_seller_key.pem b/test/fixtures/files/seb_seller_key.pem index 827d669ea..be1febf79 100644 --- a/test/fixtures/files/seb_seller_key.pem +++ b/test/fixtures/files/seb_seller_key.pem @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQDk3bIdDgZzsQQ697A5F2ZTOJppp6jGHig3pCsXf7qNBZr4Icjd -PNpnfjYTXXg4/50yXQZu1Gz4bfNNJf6pKyS19U5SM+vAs4CA6rr1E4mxv9nfSIBA -I0Vc+I2pXw2HAhvUiDryPv9meAHcVbKjQ0Q3944yFUhTMfbPxEYvx89uswIDAQAB -AoGAajmDu/yQfg4BGqVvw2/a7HFvKe7JZPsGS50E6yk7msypOtXjdtwRustXqfFO -JZZujbujirlJwpy1um8SHc6KgJEJ7Dg/j6Q2rFQvErmCwqf+hEjF0s1ZCcKL5WvY -MZ76qTFQ3gYfWGh/7pFJn7cdbDxFo1KzfoXhvieH4SJhEtECQQD5UuR5uI2SmvGT -n5XkQY+p0Ba8vUSdCTyOYCOkmUXc9ytuxH+Hf2Ad01iFQbjeo8NMjlbRADSlyobI -XqP5FVqtAkEA6v6QzdhOngYxYETFb1215krapX9A6dT8ncVuxX/OSh78lkoRO8oI -AMzYiXVVga+xvM8Uk8o0YlN4UnR+K9t63wJABVddRa5KeiWPn1X/5A/zf/PRSOHV -IngcMACnQtN1x7IT4B+di82SxZDNiK1LxJlFidJS0c9rUVHxaUF9ycxHUQJAElVk -BLtAfvGqvoD/Ck48V8g1QL4p2VRllQWHO99Zv8ylFjCXIZwEfdN9fVPrJOAJNNrP -FyyqY5VxiLVP9qn77wJAEzTyrw3WO09wphaA2daTAAwiui6h+J5gac0rgsocp1OI -vs4c+iqi7UdxCSic7HvlwdLxjnIPIrmC6t3xwRBFxQ== ------END RSA PRIVATE KEY----- \ No newline at end of file +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAOED02hXTftN7wut +74HEnTrFEY67f3rJSZD16+d1YJHBaA9gCPs9QKFGzjCfxX12/omOKO9MHt2HkT/E +nmgxZ6YzpUpkvg07IebNwwmoW3Wxc78gQw+QOMikWlUUglhRIwuvOFL4PT3/4nz+ +hsRzerlRYPf2IZEvV8HxNHXiYcVFAgMBAAECgYEAxLXAgm4YaUK3YOF9CVgmD/Oq +Jrp5dpEzs/uZcO4nLyUCYLaXA3SH5LXumYmDb+ywFvbliFVmgkn6y+GKjhHqxjhx +KtyK3w1vGVkk6RyA076vgnOEp3un7j9XXM5U93Osk25Ezzb4pqslU7nDPb1OGg2A +q4UG+zHyj9UkI2S1V10CQQD39JtA3eiSlJ4jtr7QP3/KFV3O7Sku5TTmc6aMUhja +9qZCUMaK/67aMFjl62E9vdNBb1gGg28dBo/zV0uZAdsrAkEA6FCvyzaMOOzWqz6N +/uzeU7NTW9cHNQRx1d7e3vjWhYxvvknNrFim3sH+tbTock5MeNr4d4yCYFM72Zc5 +wH/pTwJBAIrD7OMnjZIC9GGeUzluYBDzVjWJCmRBSBK0pH+hLmHUaYVxeTuvDebz +6bx6t0f7ZTAYpRW4FsYStxsDPr6ZiFMCQFh7SslKSFPyGLz2QVzj2LXmagxjtLID +tFux3A7ulb4dw/2k3HoU9dGH77xDX/kRS10IgXP/BzUq3nO8flmMHk8CQQCCnqcJ +CEA+kqwPvgQ8YdeJOBFEc4spQ+OFbLUAtMt8+9YfeWtHyUlyNhtGXmwN8kGAHcPz +qtfPVIDR4dU0uvCw +-----END PRIVATE KEY----- diff --git a/test/integration/registrar/invoices/payment_callback_test.rb b/test/integration/registrar/invoices/payment_callback_test.rb index e69de29bb..b341168d8 100644 --- a/test/integration/registrar/invoices/payment_callback_test.rb +++ b/test/integration/registrar/invoices/payment_callback_test.rb @@ -0,0 +1,47 @@ +require 'test_helper' + +class PaymentCallbackTest < ActionDispatch::IntegrationTest + setup do + @user = users(:api_bestnames) + login_as @user + end + + def create_invoice_with_items + @invoice = invoices(:for_payments_test) + invoice_item = invoice_items(:one) + + @invoice.invoice_items << invoice_item + @invoice.invoice_items << invoice_item + @user.registrar.invoices << @invoice + end + + def every_pay_request_params + { + nonce: "392f2d7748bc8cb0d14f263ebb7b8932", + timestamp: "1524136727", + api_username: "ca8d6336dd750ddb", + transaction_result: "completed", + payment_reference: "fd5d27b59a1eb597393cd5ff77386d6cab81ae05067e18d530b10f3802e30b56", + payment_state: "settled", + amount: "12.00", + order_reference: "e468a2d59a731ccc546f2165c3b1a6", + account_id: "EUR3D1", + cc_type: "master_card", + cc_last_four_digits: "0487", + cc_month: "10", + cc_year: "2018", + cc_holder_name: "John Doe", + hmac_fields: "account_id,amount,api_username,cc_holder_name,cc_last_four_digits,cc_month,cc_type,cc_year,hmac_fields,nonce,order_reference,payment_reference,payment_state,timestamp,transaction_result", + hmac: "efac1c732835668cd86023a7abc140506c692f0d", + invoice_id: "12900000", + payment_method: "every_pay" + } + end + + def test_every_pay_callback_returns_status_200 + create_invoice_with_items + request_params = every_pay_request_params.merge(invoice_id: @invoice.id) + post "/registrar/pay/callback/every_pay", request_params + assert_equal(200, response.status) + end +end diff --git a/test/integration/registrar/invoices/payment_return_test.rb b/test/integration/registrar/invoices/payment_return_test.rb index d897bc0ed..9d24fa987 100644 --- a/test/integration/registrar/invoices/payment_return_test.rb +++ b/test/integration/registrar/invoices/payment_return_test.rb @@ -34,27 +34,31 @@ class PaymentReturnTest < ActionDispatch::IntegrationTest hmac_fields: "account_id,amount,api_username,cc_holder_name,cc_last_four_digits,cc_month,cc_type,cc_year,hmac_fields,nonce,order_reference,payment_reference,payment_state,timestamp,transaction_result", hmac: "efac1c732835668cd86023a7abc140506c692f0d", invoice_id: "12900000", + payment_method: "every_pay" } end def bank_link_request_params { - "VK_SERVICE": "1111", - "VK_VERSION": "008", - "VK_SND_ID": "KIAupMEE's", + "VK_SERVICE": "1111", + "VK_VERSION": "008", + "VK_SND_ID": "testvpos", + "VK_REC_ID": "seb", + "VK_STAMP": 1, + "VK_T_NO": "1", "VK_AMOUNT": "12.00", - "VK_REC_ID": "1235", "VK_CURR": "EUR", - "VK_T_NO": "1234", - "VK_STAMP": "ahdfjkadsfhjk", "VK_REC_ACC": "1234", - "VK_REC_NAME": "John Doe", + "VK_REC_NAME": "Eesti Internet", "VK_SND_ACC": "1234", - "VK_SND_NAME": "Doe John", - "VK_REF": "1234", - "VK_MSG": "Foo", - "VK_T_DATETIME": "2018-04-19T15:52:59+0300", - invoice_id: "12900000", + "VK_SND_NAME": "John Doe", + "VK_REF": "", + "VK_MSG": "Order nr 1", + "VK_T_DATETIME": "2018-04-01T00:30:00+0300", + "VK_MAC": "CZZvcptkxfuOxRR88JmT4N+Lw6Hs4xiQfhBWzVYldAcRTQbcB/lPf9MbJzBE4e1/HuslQgkdCFt5g1xW2lJwrVDBQTtP6DAHfvxU3kkw7dbk0IcwhI4whUl68/QCwlXEQTAVDv1AFnGVxXZ40vbm/aLKafBYgrirB5SUe8+g9FE=", + "VK_ENCODING": "UTF-8", + "VK_LANG": "ENG", + payment_method: "seb" } end @@ -62,11 +66,9 @@ class PaymentReturnTest < ActionDispatch::IntegrationTest create_invoice_with_items request_params = every_pay_request_params.merge(invoice_id: @invoice.id) - account_activity_count = AccountActivity.count post "/registrar/pay/return/every_pay", request_params assert_equal(302, response.status) assert_redirected_to(registrar_invoice_path(@invoice)) - assert_equal(account_activity_count + 1, AccountActivity.count) end def test_Every_Pay_return_raises_RecordNotFound @@ -78,9 +80,8 @@ class PaymentReturnTest < ActionDispatch::IntegrationTest end def test_bank_link_return_redirects_to_invoice_paths - skip("Need credentials to model the expected request") create_invoice_with_items - request_params = every_pay_request_params.merge(invoice_id: @invoice.id) + request_params = bank_link_request_params.merge(invoice_id: @invoice.id) account_activity_count = AccountActivity.count post "/registrar/pay/return/seb", request_params diff --git a/test/models/payments/bank_link_test.rb b/test/models/payments/bank_link_test.rb index 943d7f37a..a4655a30d 100644 --- a/test/models/payments/bank_link_test.rb +++ b/test/models/payments/bank_link_test.rb @@ -1,13 +1,22 @@ require 'test_helper' class BankLinkTest < ActiveSupport::TestCase + # Note: Files stored in: test/fixtures/files/seb_seller_key.pem + # test/fixtures/files/seb_bank_cert.pem + # are autogenerated, they will not work against production or even staging. def setup super - @invoice = invoices(:valid) - params = { return_url: 'return.url', response_url: 'response.url' } - @bank_link = Payments::BankLink.new('seb', @invoice, params) - travel_to '2018-04-01 00:30' + @invoice = invoices(:for_payments_test) + invoice_item = invoice_items(:one) + + @invoice.invoice_items << invoice_item + @invoice.invoice_items << invoice_item + + travel_to '2018-04-01 00:30 +0300' + create_new_bank_link + create_completed_bank_link + create_cancelled_bank_link end def teardown @@ -15,7 +24,97 @@ class BankLinkTest < ActiveSupport::TestCase travel_back end - def test_response_is_not_valid_without_response - assert_equal false, @bank_link.valid_response? + def create_completed_bank_link + params = { + "VK_SERVICE": "1111", + "VK_VERSION": "008", + "VK_SND_ID": "testvpos", + "VK_REC_ID": "seb", + "VK_STAMP": 1, + "VK_T_NO": "1", + "VK_AMOUNT": "12.00", + "VK_CURR": "EUR", + "VK_REC_ACC": "1234", + "VK_REC_NAME": "Eesti Internet", + "VK_SND_ACC": "1234", + "VK_SND_NAME": "John Doe", + "VK_REF": "", + "VK_MSG": "Order nr 1", + "VK_T_DATETIME": "2018-04-01T00:30:00+0300", + "VK_MAC": "CZZvcptkxfuOxRR88JmT4N+Lw6Hs4xiQfhBWzVYldAcRTQbcB/lPf9MbJzBE4e1/HuslQgkdCFt5g1xW2lJwrVDBQTtP6DAHfvxU3kkw7dbk0IcwhI4whUl68/QCwlXEQTAVDv1AFnGVxXZ40vbm/aLKafBYgrirB5SUe8+g9FE=", + "VK_ENCODING": "UTF-8", + "VK_LANG": "ENG" + }.with_indifferent_access + + @completed_bank_link = Payments::BankLink.new( + 'seb', @invoice, { response: params } + ) + end + + def create_cancelled_bank_link + params = { + "VK_SERVICE": "1911", + "VK_VERSION": "008", + "VK_SND_ID": "testvpos", + "VK_REC_ID": "seb", + "VK_STAMP": 1, + "VK_REF": "", + "VK_MSG": "Order nr 1", + "VK_MAC": "PElE2mYXXN50q2UBvTuYU1rN0BmOQcbafPummDnWfNdm9qbaGQkGyOn0XaaFGlrdEcldXaHBbZKUS0HegIgjdDfl2NOk+wkLNNH0Iu38KzZaxHoW9ga7vqiyKHC8dcxkHiO9HsOnz77Sy/KpWCq6cz48bi3fcMgo+MUzBMauWoQ=", + "VK_ENCODING": "UTF-8", + "VK_LANG": "ENG" + }.with_indifferent_access + + @cancelled_bank_link = Payments::BankLink.new( + 'seb', @invoice, { response: params } + ) + end + + def create_new_bank_link + params = { return_url: 'return.url', response_url: 'response.url' } + @new_bank_link = Payments::BankLink.new('seb', @invoice, params) + end + + def test_response_is_not_valid_when_it_is_missing + refute(false, @new_bank_link.valid_response_from_intermediary?) + end + + def test_form_fields + expected_response = { + "VK_SERVICE": "1012", + "VK_VERSION": "008", + "VK_SND_ID": "testvpos", + "VK_STAMP": 1, + "VK_AMOUNT": "12.00", + "VK_CURR": "EUR", + "VK_REF": "", + "VK_MSG": "Order nr. 1", + "VK_RETURN": "return.url", + "VK_CANCEL": "return.url", + "VK_DATETIME": "2018-04-01T00:30:00+0300", + "VK_MAC": "q70UNFV4ih1qYij2+CyrHaApc3OE66igy3ijuR1m9dl0Cg+lIrAUsP47JChAF7PRErwZ78vSuZwrg0Vabhlp3WoC934ik2FiE04BBxUUTndONvguaNR1wvl0FiwfXFljLncX7TOmRraywJljKC5vTnIRNT2+1HXvmv0v576PGao=", + "VK_ENCODING": "UTF-8", + "VK_LANG": "ENG" + }.with_indifferent_access + + assert_equal(expected_response, @new_bank_link.form_fields) + end + + def test_valid_success_response_from_intermediary? + assert(@completed_bank_link.valid_response_from_intermediary?) + end + + def test_valid_cancellation_response_from_intermediary? + assert(@cancelled_bank_link.valid_response_from_intermediary?) + end + + def test_settled_payment? + assert(@completed_bank_link.settled_payment?) + refute(@cancelled_bank_link.settled_payment?) + end + + def test_complete_transaction_returns_account_activity_or_nil + assert_instance_of(AccountActivity, @completed_bank_link.complete_transaction) + assert_nil(@cancelled_bank_link.complete_transaction) end end diff --git a/test/models/payments/every_pay_test.rb b/test/models/payments/every_pay_test.rb index 6ed68fd9f..ad894b9fb 100644 --- a/test/models/payments/every_pay_test.rb +++ b/test/models/payments/every_pay_test.rb @@ -59,9 +59,9 @@ class EveryPayTest < ActiveSupport::TestCase end end - def test_valid_response? - assert(@every_pay.valid_response?) - refute(@other_pay.valid_response?) + def test_valid_response_from_intermediary? + assert(@every_pay.valid_response_from_intermediary?) + refute(@other_pay.valid_response_from_intermediary?) end def test_settled_payment? @@ -72,12 +72,8 @@ class EveryPayTest < ActiveSupport::TestCase refute(other_pay.settled_payment?) end - def test_valid_response? - assert(@every_pay.valid_response?) - refute(@other_pay.valid_response?) - end - def test_complete_transaction_returns_account_activity_or_nil + # skip('Figure out what fails in Travis') assert_instance_of(AccountActivity, @every_pay.complete_transaction) refute(@other_pay.complete_transaction) end