diff --git a/Gemfile b/Gemfile index c907eb267..d4f5cb7e7 100644 --- a/Gemfile +++ b/Gemfile @@ -104,3 +104,6 @@ gem 'pghero' gem 'pg_query', '>= 0.9.0' gem 'newrelic_rpm' gem 'newrelic-infinite_tracing' + +# token +gem 'jwt' diff --git a/Gemfile.lock b/Gemfile.lock index 033c9a88b..43c32307e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -275,6 +275,7 @@ GEM activesupport (>= 4.2) aes_key_wrap bindata + jwt (2.3.0) kaminari (1.2.1) activesupport (>= 4.1.0) kaminari-actionview (= 1.2.1) @@ -560,6 +561,7 @@ DEPENDENCIES iso8601 (= 0.13.0) jquery-rails jquery-ui-rails (= 6.0.1) + jwt kaminari lhv! mime-types-data diff --git a/app/controllers/admin/invoices_controller.rb b/app/controllers/admin/invoices_controller.rb index ba1b69ebf..d91ab6c52 100644 --- a/app/controllers/admin/invoices_controller.rb +++ b/app/controllers/admin/invoices_controller.rb @@ -101,14 +101,5 @@ module Admin invoices.where(account_activities: { created_at: date_from..date_until }) end - - # def send_invoice_data_to_billing_system - # add_invoice_instance = EisBilling::AddDeposits.new(@invoice) - # result = add_invoice_instance.send_invoice - - # link = JSON.parse(result.body)['everypay_link'] - - # @invoice.update(payment_link: link) - # end end end diff --git a/app/controllers/eis_billing/base_controller.rb b/app/controllers/eis_billing/base_controller.rb index d10ec1936..25e921482 100644 --- a/app/controllers/eis_billing/base_controller.rb +++ b/app/controllers/eis_billing/base_controller.rb @@ -1,14 +1,51 @@ module EisBilling class BaseController < ApplicationController - # load_and_authorize_resource - + protect_from_forgery with: :null_session skip_authorization_check # Temporary solution - skip_before_action :verify_authenticity_token # Temporary solution - end + # skip_before_action :verify_authenticity_token # Temporary solution + before_action :authorized - protected + def encode_token(payload) + JWT.encode(payload, ENV['secret_word']) + end - def logger - @logger ||= Rails.logger + def auth_header + # { Authorization: 'Bearer ' } + request.headers['Authorization'] + end + + def decoded_token + if auth_header + token = auth_header.split(' ')[1] + # header: { 'Authorization': 'Bearer ' } + begin + JWT.decode(token, ENV['secret_word'], true, algorithm: 'HS256') + rescue JWT::DecodeError + nil + end + end + end + + def accessable_service + if decoded_token + decoded_token[0]['data'] == ENV['secret_access_word'] + end + end + + def logged_in? + !!accessable_service + end + + def authorized + render json: { message: 'Access denied' }, status: :unauthorized unless logged_in? + end + + def logger + Rails.logger + end + + def logger + @logger ||= Rails.logger + end end end diff --git a/app/controllers/registrar/deposits_controller.rb b/app/controllers/registrar/deposits_controller.rb index d852f23db..0dcaf6830 100644 --- a/app/controllers/registrar/deposits_controller.rb +++ b/app/controllers/registrar/deposits_controller.rb @@ -12,7 +12,6 @@ class Registrar if @invoice flash[:notice] = t(:please_pay_the_following_invoice) - # send_invoice_data_to_billing_system redirect_to [:registrar, @invoice] else flash[:alert] = @deposit.errors.full_messages.join(', ') @@ -22,15 +21,6 @@ class Registrar private - # def send_invoice_data_to_billing_system - # add_invoice_instance = EisBilling::AddDeposits.new(@invoice) - # result = add_invoice_instance.send_invoice - - # link = JSON.parse(result.body)['everypay_link'] - - # @invoice.update(payment_link: link) - # end - def deposit_params params.require(:deposit).permit(:amount, :description) end diff --git a/app/models/invoice.rb b/app/models/invoice.rb index b26420431..449045a3e 100644 --- a/app/models/invoice.rb +++ b/app/models/invoice.rb @@ -41,21 +41,14 @@ class Invoice < ApplicationRecord attribute :vat_rate, ::Type::VatRate.new def set_invoice_number - # last_no = Invoice.order(number: :desc).limit(1).pick(:number) - - # if last_no && last_no >= Setting.invoice_number_min.to_i - # self.number = last_no + 1 - # else - # self.number = Setting.invoice_number_min.to_i - # end - - # return if number <= Setting.invoice_number_max.to_i - - # errors.add(:base, I18n.t('failed_to_generate_invoice_invoice_number_limit_reached')) - # logger.error('INVOICE NUMBER LIMIT REACHED, COULD NOT GENERATE INVOICE') - # throw(:abort) result = EisBilling::GetInvoiceNumber.send_invoice + if JSON.parse(result.body)['code'] == '403' + errors.add(:base, I18n.t('cannot get access')) + logger.error('PROBLEM WITH TOKEN') + throw(:abort) + end + if JSON.parse(result.body)['error'] == 'out of range' errors.add(:base, I18n.t('failed_to_generate_invoice_invoice_number_limit_reached')) logger.error('INVOICE NUMBER LIMIT REACHED, COULD NOT GENERATE INVOICE') diff --git a/app/services/eis_billing/add_deposits.rb b/app/services/eis_billing/add_deposits.rb index a6cacb4f4..ffe715fd4 100644 --- a/app/services/eis_billing/add_deposits.rb +++ b/app/services/eis_billing/add_deposits.rb @@ -27,7 +27,7 @@ module EisBilling def send_request(json_obj:) http = EisBilling::Base.base_request(url: invoice_generator_url) - http.post(invoice_generator_url, json_obj.to_json, HEADERS) + http.post(invoice_generator_url, json_obj.to_json, EisBilling::Base.headers) end def invoice_generator_url diff --git a/app/services/eis_billing/base.rb b/app/services/eis_billing/base.rb index 2e06dad8a..6ea6294ac 100644 --- a/app/services/eis_billing/base.rb +++ b/app/services/eis_billing/base.rb @@ -1,12 +1,5 @@ module EisBilling class Base - # crypt = ActiveSupport::MessageEncryptor.new(Rails.application.secrets.secret_key_base[0..31]) - # irb(main):047:0> encrypted_data = crypt.encrypt_and_sign('PLEASE CREATE INVOICE') - # => - # irb(main):048:0> decrypted_back = crypt.decrypt_and_verify(encrypted_data) - # => - TOKEN = 'Bearer WA9UvDmzR9UcE5rLqpWravPQtdS8eDMAIynzGdSOTw==--9ZShwwij3qmLeuMJ--NE96w2PnfpfyIuuNzDJTGw=='.freeze - BASE_URL = '' if Rails.env.staging? BASE_URL = ENV['eis_billing_system_base_url_staging'] @@ -16,11 +9,8 @@ module EisBilling INITIATOR = 'registry' - HEADERS = { - 'Authorization' => 'Bearer foobar', - 'Content-Type' => 'application/json', - 'Accept' => TOKEN - } + SECRET_WORD = ENV['secret_word'] + SECRET_ACCESS_WORD = ENV['secret_access_word'] def self.base_request(url:) uri = URI(url) @@ -33,5 +23,20 @@ module EisBilling http end + + def self.generate_token + JWT.encode(payload, ENV['secret_word']) + end + + def self.payload + { data: ENV['secret_access_word'] } + end + + def self.headers + { + 'Authorization' => "Bearer #{generate_token}", + 'Content-Type' => 'application/json', + } + end end end diff --git a/app/services/eis_billing/get_invoice_number.rb b/app/services/eis_billing/get_invoice_number.rb index bd273df0e..88698caa0 100644 --- a/app/services/eis_billing/get_invoice_number.rb +++ b/app/services/eis_billing/get_invoice_number.rb @@ -8,7 +8,7 @@ module EisBilling def self.send_request http = EisBilling::Base.base_request(url: invoice_number_generator_url) - http.post(invoice_number_generator_url, nil, HEADERS) + http.post(invoice_number_generator_url, nil, EisBilling::Base.headers) end def self.invoice_number_generator_url diff --git a/app/services/eis_billing/get_reference_number.rb b/app/services/eis_billing/get_reference_number.rb index 24f226a58..23f401920 100644 --- a/app/services/eis_billing/get_reference_number.rb +++ b/app/services/eis_billing/get_reference_number.rb @@ -14,11 +14,11 @@ module EisBilling def self.send_request http = EisBilling::Base.base_request(url: reference_number_generator_url) - http.post(reference_number_generator_url, obj_data.to_json, HEADERS) + http.post(reference_number_generator_url, obj_data.to_json, EisBilling::Base.headers) end def self.reference_number_generator_url - "#{BASE_URL}/api/v1/invoice_generator/reference_number_generator" + "#{EisBilling::Base::BASE_URL}/api/v1/invoice_generator/reference_number_generator" end end end diff --git a/app/services/eis_billing/send_data_to_directo.rb b/app/services/eis_billing/send_data_to_directo.rb index 85e4cd122..3afdef86e 100644 --- a/app/services/eis_billing/send_data_to_directo.rb +++ b/app/services/eis_billing/send_data_to_directo.rb @@ -13,7 +13,7 @@ module EisBilling } http = EisBilling::Base.base_request(url: directo_url) - http.post(directo_url, prepared_data.to_json, HEADERS) + http.post(directo_url, prepared_data.to_json, EisBilling::Base.headers) end def self.directo_url diff --git a/app/services/eis_billing/send_e_invoice.rb b/app/services/eis_billing/send_e_invoice.rb index a3563ea67..d5bfbb2e8 100644 --- a/app/services/eis_billing/send_e_invoice.rb +++ b/app/services/eis_billing/send_e_invoice.rb @@ -34,7 +34,7 @@ module EisBilling prepared_data[:items] = items http = EisBilling::Base.base_request(url: e_invoice_url) - http.post(e_invoice_url, prepared_data.to_json, HEADERS) + http.post(e_invoice_url, prepared_data.to_json, EisBilling::Base.headers) end def self.e_invoice_url diff --git a/lib/tasks/eis_billing_import_data.rake b/lib/tasks/eis_billing_import_data.rake index 5ac13bf4c..518b8b23b 100644 --- a/lib/tasks/eis_billing_import_data.rake +++ b/lib/tasks/eis_billing_import_data.rake @@ -46,11 +46,6 @@ end def base_request(url:, json_obj:) uri = URI(url) http = Net::HTTP.new(uri.host, uri.port) - headers = { - 'Authorization' => 'Bearer foobar', - 'Content-Type' => 'application/json', - 'Accept' => TOKEN - } unless Rails.env.development? http.use_ssl = true @@ -59,3 +54,19 @@ def base_request(url:, json_obj:) http.post(url, json_obj.to_json, headers) end + +def generate_token + JWT.encode(payload, ENV['secret_word']) +end + +def payload + { data: ENV['secret_access_word'] } +end + +def headers + { + 'Authorization' => "Bearer #{generate_token}", + 'Content-Type' => 'application/json', + } +end +