/// <summary>
/// Creates some general payza button
/// </summary>
/// <param name="itemName">Name describing the item or service. Max Length: 50 characters</param>
/// <param name="amount">The price or cost of the product or service. The value for
/// amount must be positive. Null or negative numbers are not allowed.</param>
/// <param name="command">Describes how handler should handle IPN request.
/// Stored in field apc_1. Max Length: 100 characters</param>
/// <param name="args">
/// Custom values you can pass along with the payment button.
/// The values are not displayed to the payer on our Pay Process page.
/// Payza returns these fields back in the IPN.
/// Used by IIpnHandler ('command')
/// Stored in fields apc_2 - apc_6. Max Length: 100 characters
/// </param>
/// <returns>Http address where member should be redirected after clicking button.</returns>
protected override string generate(string itemName, Money amount, string command, object[] args)
{
string url = String.Empty;
var shooppingVoucher = new ShoppingVoucherEntity();
shooppingVoucher.Amount = amount.ToDecimal();
shooppingVoucher.ProductName = itemName;
shooppingVoucher.CategoryName = HashingManager.Base64Encode(command);
shooppingVoucher.TotalAmount = amount.ToDecimal();
shooppingVoucher.Quantity = 1;
int orderId = PaparaOrder.Create(amount, command, String.Join(ButtonGenerationStrategy.ArgsDelimeter.ToString(), args));
var client = new ApiRequestSoapClient();
var result = client.TransactionRequest(account.ApiName, account.ApiKey, account.Username, orderId.ToString(), amount.ToDecimal(), Money.Zero.ToDecimal(),
new ShoppingVoucherEntity[1] {
shooppingVoucher
}, AppSettings.Site.Url + "Handlers/Payment/Papara.ashx", 2);
client.Close();
if (result.ResultStatus && !String.IsNullOrEmpty(result.ResultObject))
{
url = result.ResultObject;
}
return(url);
}
protected override string generate(string itemName, Money amount, string command, object[] args)
{
//FOR BTC MIN AMOUNT IS 0.001
try
{
var ApiKey = account.APIKey;
var ApiSecret = account.APISecret;
var clientAPI = new LocalBitcoinsAPI(ApiKey, ApiSecret);
var currencyCode = AppSettings.Site.CurrencyCode;
//command#args
var customFields = string.Join(ArgsDelimeter.ToString(), args);
var hashingValues = HashingManager.Base64Encode(command + joinSymbol + customFields);
decimal finalAmount;
if (AppSettings.Site.CurrencyCode != "BTC")
{
finalAmount = Convert.ToDecimal(amount.ToShortClearString());
}
else
{
finalAmount = Convert.ToDecimal(amount.ToClearString());
}
var createdInvoiceDetails = clientAPI.NewInvoice(currencyCode, finalAmount, hashingValues, SUCCESS_URL).ToString();
var data = JObject.Parse(createdInvoiceDetails);
return(data.data.invoice.url);
}
catch (Exception e)
{
throw new MsgException(e.Message);
}
}
/// <summary>
/// Hash must be unique. REMOVES ASHX handler on client side
/// RUN FROM ADMIN PANEL
/// </summary>
/// <param name="Hash"></param>
public static void RemoveHandler(string Hash)
{
//Send request to proper handler
string url = AppSettings.Site.Url + HANDLER_LOCATION;
string data = String.Format("?h={0}&p={1}&r=1", Hash, HashingManager.GenerateSHA256(AppSettings.Offerwalls.UniversalHandlerPassword));
using (WebClient MyWebClient = new MyWebClient())
{
string resultStr = MyWebClient.DownloadString(url + data);
//All OK
if (resultStr == RESPONSE_OK_CODE)
{
return;
}
//Errors
if (resultStr == RESPONSE_ERROR_CODE)
{
throw new MsgException("There was a problem with removing ASHX handler. MAKE SURE that you enabled write permissions to "
+ AppSettings.Site.Url + HANDLER_LOCATION + ", " + "~/" + HANDLER_FOLDER + " directory and all subdirectories and try again.");
}
else
{
throw new MsgException("!" + resultStr);
}
}
}
protected void CheckIncomeHash()
{
List <PayeerAccountDetails> gateWays = TableHelper.SelectRows <PayeerAccountDetails>(TableHelper.MakeDictionary("IsActive", true));
bool isOk = false;
foreach (var gateway in gateWays)
{
try
{
string toHash = TransactionID + ":" + PaymentMethod + ":" + context.Request["m_operation_date"] + ":" + context.Request["m_operation_pay_date"]
+ ":" + MerchantAccount + ":" + OrderID + ":" + Amount + ":" + Currency + ":" + Args + ":" + Status + ":"
+ gateway.SecretKey;
string hash = HashingManager.SHA256(toHash).ToUpper();
CheckHash(SentHash, hash);
isOk = true;
}
catch (Exception ex) { }
}
//if (!isOk)
// throw new MsgException("Bad income hash");
}
/// <summary>
/// Creates some general payza button
/// </summary>
/// <param name="itemName">Name describing the item or service. Max Length: 50 characters</param>
/// <param name="amount">The price or cost of the product or service. The value for
/// amount must be positive. Null or negative numbers are not allowed.</param>
/// <param name="command">Describes how handler should handle IPN request.
/// Stored in field apc_1. Max Length: 100 characters</param>
/// <param name="args">
/// Custom values you can pass along with the payment button.
/// The values are not displayed to the payer on our Pay Process page.
/// Payza returns these fields back in the IPN.
/// Used by IIpnHandler ('command')
/// Stored in fields apc_2 - apc_6. Max Length: 100 characters
/// </param>
/// <returns>Http address where member should be redirected after clicking button.</returns>
protected override string generate(string itemName, Money amount, string command, object[] args)
{
string orderId = HashingManager.GenerateMD5(AppSettings.Site.Name + DateTime.Now).ToLower();
string signature = String.Format("{0}:{1}:{2}:{3}:{4}:{5}", account.AccountEmail,
account.SCIName, amount.ToShortClearString(), AppSettings.Site.CurrencyCode,
AdvCashAccount.APIPassword, orderId);
signature = HashingManager.SHA256(signature).ToLower();
NVPStringBuilder nvps = new NVPStringBuilder();
nvps.Append("ac_account_email", account.AccountEmail)
.Append("ac_sci_name", account.SCIName)
.Append("ac_comments", itemName.Substring(0, Math.Min(itemName.Length, ItemNameMaxLength)))
.Append("ac_amount", amount.ToShortClearString())
.Append("ac_currency", AppSettings.Site.CurrencyCode)
.Append("ac_status_url", AppSettings.Site.Url + "Handlers/Payment/AdvCash.ashx")
.Append("ac_success_url ", ButtonGenerationStrategy.SUCCESS_URL)
.Append("ac_fail_url", ButtonGenerationStrategy.FAILURE_URL)
.Append("ac_sign", signature)
.Append("ac_order_id", orderId)
.Append("acm_command", command)
.Append("acm_args", String.Join(ArgsDelimeter + "", args));
return(Handler + '?' + nvps.Build());
}
protected void Check2Activate()
{
//Disable the refreshbutton
var refreshbutton = (Button)InstallWizard.FindControl("StepNavigationTemplateContainerID").FindControl("RefreshButton");
refreshbutton.Visible = true;
//Disable skip button
var skipButton = (Button)InstallWizard.FindControl("StepNavigationTemplateContainerID").FindControl("SkipButton");
skipButton.Visible = false;
//CRON
if (File.Exists(Server.MapPath("~/Handlers/RENAME_ME_SCHEDULED_TASK.ashx")))
{
string newlocation = HashingManager.GenerateMD5(DateTime.Now + DomainName + BaseUrl);
File.Move(Server.MapPath("~/Handlers/RENAME_ME_SCHEDULED_TASK.ashx"), Server.MapPath("~/Handlers/cron" + newlocation + ".ashx"));
}
string[] files = System.IO.Directory.GetFiles(Server.MapPath("~/Handlers/"), "*.ashx");
foreach (var file in files)
{
if (Path.GetFileName(file).StartsWith("cron"))
{
CRONFile.Text = BaseUrl + "Handlers/" + Path.GetFileName(file);
}
}
}
protected override string generate(string itemName, Money amount, string command, object[] args)
{
NVPStringBuilder nvps = new NVPStringBuilder();
string orderId = HashingManager.GenerateMD5(AppSettings.Site.Name + DateTime.Now).ToLower();
orderId = orderId.Substring(0, Math.Min(orderId.Length, 31));
string description = command + "#" + String.Join(ArgsDelimeter + "", args);
description = itemName + " **" + description;
string toHash = account.MerchantID + ":" + orderId + ":" + amount.ToShortClearString() + ":" + AppSettings.Site.CurrencyCode
+ ":" + HashingManager.Base64Encode(description) + ":" + account.SecretKey;
string hash = HashingManager.SHA256(toHash).ToUpper();
nvps.Append("m_shop", account.MerchantID)
.Append("m_orderid", orderId)
.Append("m_amount", amount.ToShortClearString())
.Append("m_curr", AppSettings.Site.CurrencyCode)
.Append("m_desc", HashingManager.Base64Encode(description))
.Append("m_sign", hash);
return(HandlerUrl + '?' + nvps.Build());
}
//Add role when user signs up.. too lazy to do now
public void Add(User entity)
{
//Idea: Maybe insert something to a junction table(booking or something), and make sure to implement the correct isolation level, to prevent overbooking,
//ADO and/or TransactionScope
TransactionOptions opt = new TransactionOptions();
//Could probably read if the user exists first to visualize that another transaction isolation level will be needed
//BUt in this case the email is unique, and it isnt needed here
opt.IsolationLevel = IsolationLevel.ReadCommitted;
using (TransactionScope scope = new TransactionScope(TransactionScopeOption.RequiresNew))
{
using (SqlConnection conn = new SqlConnection(CONNECTION_STRING))
{
conn.Open();
using (SqlCommand cmd = conn.CreateCommand())
{
string sql = "INSERT INTO [Users] (Email,Password,Salt) VALUES(@email,@password,@salt)";
cmd.CommandText = sql;
cmd.Parameters.AddWithValue("@email", entity.Email);
var newSalt = HashingManager.GenerateSalt();
var newHash = HashingManager.HashPassword(entity.Password, newSalt);
cmd.Parameters.AddWithValue("@password", newHash);
cmd.Parameters.AddWithValue("@salt", newSalt);
cmd.ExecuteNonQuery();
}
scope.Complete();
}
}
}
//Function to create Test Accounts
public void CreateTestAccounts()
{
//inits the HashManager
hashManager = new HashingManager();
//inits the DatabaseManager
dbManager = new DatabaseManager();
//ints a userList to create multiple accounts
List <User> uL = new List <User>();
uL.Add(new User("Adam", "1234"));
uL.Add(new User("Leif", "4321"));
uL.Add(new User("Lars", "asd123"));
uL.Add(new User("Jens", "321dsa"));
uL.Add(new User("Frank", "qwerty12"));
uL.Add(new User("Ole", "21ytrewq"));
uL.Add(new User("Andy", "5x03Meu7J38"));
foreach (User u in uL)
{
//creates custom salt for each user
byte[] bsalt = hashManager.CreateSalt();
//creates salted hash for each user
byte[] hpassword = hashManager.CreateHash(u.Password, bsalt);
//Inserts user into database, with the username in plaintext and salted hash with the salt, format salt:saltedHash which is base64 encoded.
dbManager.CreateUser(u.Username, Convert.ToBase64String(bsalt) + ":" + Convert.ToBase64String(hpassword));
}
}
protected void VideoImageButton_Click(object sender, EventArgs e)
{
var fileName = HashingManager.GenerateMD5(DateTime.Now + "miniVideoImg");
const string filePath = "~/Images/b_ads/";
try
{
Banner videoImage;
var inputStream = ImageFileUpload.PostedFile.InputStream;
if (!Banner.TryFromStream(inputStream, out videoImage) || videoImage.Width > MiniVideoManager.VideoImageMaxWidth ||
videoImage.Height > MiniVideoManager.VideoImageImageMaxHeight)
{
throw new MsgException(string.Format(U6003.INVALIDIMAGEORDIMENSION, MiniVideoManager.VideoImageMaxWidth, MiniVideoManager.VideoImageImageMaxHeight));
}
videoImage.Save(filePath, fileName);
VideoImage.ImageUrl = Banner.GetTemporaryBannerPath(videoImage);
VideoImage.DescriptionUrl = videoImage.Path;
ImageFileUpload.Dispose();
}
catch (Exception ex)
{
ErrorMessagePanel.Visible = true;
ErrorMessage.Text = ex.Message;
}
}
protected void createPTCImage_UploadSubmit_Click(object sender, EventArgs e)
{
var fileName = HashingManager.GenerateMD5(DateTime.Now + "ptcImg");
const string filePath = "~/Images/b_ads/";
try
{
Banner ptcImage;
var inputStream = PTCImage_Upload.PostedFile.InputStream;
if (!Banner.TryFromStream(inputStream, out ptcImage) || ptcImage.Width > ImagesHelper.PTC.ImageWidth ||
ptcImage.Height > ImagesHelper.PTC.ImageHeight)
{
throw new MsgException(string.Format(U6003.INVALIDIMAGEORDIMENSION, ImagesHelper.PTC.ImageWidth, ImagesHelper.PTC.ImageHeight));
}
ptcImage.Save(filePath, fileName);
PTCImage_Image.ImageUrl = Banner.GetTemporaryBannerPath(ptcImage);
PTCImage_Image.DescriptionUrl = ptcImage.Path;
PTCImage_Upload.Dispose();
}
catch (Exception ex)
{
ErrorMessagePanel.Visible = true;
ErrorMessage.Text = ex.Message;
}
}
protected BaseController()
{
hasher = new HashingManager();
encrypter = new Encrypter();
db = new CakeContext();
ViewData = new Dictionary <string, object>();
}
protected void ProcessorLogoImage_UploadSubmit_Click(object sender, EventArgs e)
{
var fileName = HashingManager.GenerateMD5(DateTime.Now + "paymentLogoImg");
const string filePath = "~/Images/RepPaymentsLogos/";
ErrorMessagePanel.Visible = false;
try
{
if (!Page.IsValid)
{
return;
}
Banner logoImage;
var inputStream = ProcessorLogoImage_Upload.PostedFile.InputStream;
if (!Banner.TryFromStream(inputStream, out logoImage) || logoImage.Width > ImagesHelper.RepresentativesPaymentsLogo.LogoImageMaxWidth ||
logoImage.Height > ImagesHelper.RepresentativesPaymentsLogo.LogoImageMaxHeight)
{
throw new MsgException(string.Format(U6003.INVALIDIMAGEORDIMENSION, ImagesHelper.RepresentativesPaymentsLogo.LogoImageMaxWidth, ImagesHelper.RepresentativesPaymentsLogo.LogoImageMaxHeight));
}
logoImage.Save(filePath, fileName);
ProcessorLogoImage.ImageUrl = Banner.GetTemporaryBannerPath(logoImage);
ProcessorLogoImage.DescriptionUrl = logoImage.Path;
ProcessorLogoImage.Dispose();
}
catch (Exception ex)
{
ErrorMessagePanel.Visible = true;
ErrorMessage.Text = ex.Message;
}
}
public dynamic CreatePayment(string username, string phoneNumber, decimal amount)
{
using (WebClient client = new WebClient())
{
try
{
var url = CreateURL("pay");
var webRequest = (HttpWebRequest)WebRequest.Create(url);
var responseString = string.Empty;
//requestId - max 40 chars
var requestId = HashingManager.Base64Encode(AppSettings.ServerTime.TimeOfDay.ToString());
var counterpartyId = AddCounterparty(username, phoneNumber);
var description = "test";
var handlerUrl = string.Format("{0}Handlers/Revolut.ashx", AppSettings.Site.Url);
dynamic receiverInfo = new JObject
{
{ "counterparty_id", counterpartyId },
{ "account_id", GetAccount().Id }
};
var dataToSend = new JObject
{
{ "request_id", requestId },
{ "account_id", GetAccount().Id }, // the ID of the account to pay from
{ "receiver", receiverInfo },
{ "amount", amount },
{ "currency", AppSettings.Site.CurrencyCode },
{ "description", description }
//{ "webhook", handlerUrl }
};
ErrorLogger.Log(dataToSend.ToString());
webRequest.Method = "POST";
webRequest.Headers.Add("Authorization", " Bearer " + APIKey);
using (var stream = new StreamWriter(webRequest.GetRequestStream()))
{
stream.Write(dataToSend);
}
using (var response = (HttpWebResponse)webRequest.GetResponse())
using (var stream = response.GetResponseStream())
using (var reader = new StreamReader(stream))
{
responseString = reader.ReadToEnd();
}
return(JsonConvert.DeserializeObject <dynamic>(responseString));
}
catch (WebException ex)
{
ErrorLogger.Log(ex);
var resp = new StreamReader(ex.Response.GetResponseStream()).ReadToEnd();
throw new MsgException(resp);
}
}
}
protected BaseController()
{
hasher = new HashingManager();
db = new IRunesContext();
ViewData = new Dictionary <string, object>();
}
public void CreateSalt_Does_Not_Generate_Null()
{
// Arrange
var salt = HashingManager.CreateSalt();
// Assert
Assert.IsNotNull(salt);
}
public void Calling_CreateSalt_Consecutively_Generates_Different_Salt_Strings()
{
// Arrange
var salt1 = HashingManager.CreateSalt();
var salt2 = HashingManager.CreateSalt();
// Assert
Assert.AreNotEqual(salt1, salt2);
}
public override void ProcessRequest()
{
string strRequest = context.Request.GetFromBodyString();
//Set variables
dynamic json = JObject.Parse(strRequest);
Amount = json.data.invoice.amount;
Currency = json.data.invoice.currency;
State = json.data.invoice.state;
Id = json.data.invoice.id;
CustomFields = json.data.invoice.description;
try
{
//Parse Args & CommandName
var values = HashingManager.Base64Decode(CustomFields);
var splitedValues = values.Split('#');
CommandName = splitedValues[0];
Args = splitedValues[1];
//Check IPs
//CheckIP();
//Check security hash
//CheckIncomeHash();
//Check duplicated transactions
CheckIfNotDoneYet(Id);
//Check if we are the merchant
//CheckMerchant(LocalBitcoinsAccountDetails.Exists(WalletId));
//Check currency
CheckCurrency(Currency);
//Check status
//CheckStatus(Status, "completed");
if (!CheckInvoice())
{
return;
}
//All OK, let's proceed
Assembly assembly = Assembly.GetAssembly(typeof(IIpnHandler));
var type = assembly.GetType(CommandName, true, true);
IIpnHandler command = Activator.CreateInstance(type) as IIpnHandler;
command.HandleLocalBitcoins(Args, Id, Amount);
}
catch (Exception ex)
{
ErrorLogger.Log(ex);
context.Response.Write(Id + "|error");
}
}
protected void CheckIncomeHash()
{
string toHash = TransactionID + ":" + context.Request.QueryString["ac_start_date"] + ":" + context.Request.QueryString["ac_sci_name"] +
":" + context.Request.QueryString["ac_src_wallet"]
+ ":" + MerchantAccount + ":" + OrderID + ":" + context.Request.QueryString["ac_amount"] + ":" + Currency + ":" + AdvCashAccount.APIPassword;
string hash = HashingManager.SHA256(toHash);
CheckHash(SentHash, hash);
}
public static void CreateRedirect()
{
string key = HashingManager.SHA256(DateTime.Now + AppSettings.Offerwalls.UniversalHandlerPassword + SessionStateKey).ToLower();
HttpContext.Current.Session[SessionStateKey] = key;
var systemRedirectUri = GetRedirectUrl(key);
HttpContext.Current.Response.Redirect(systemRedirectUri);
}
public override void ProcessRequest()
{
string pre1 = context.Request["pre1"];
string pre2 = context.Request["pre2"];
pre1 = HashingManager.Base64Decode(pre1);
string orderId = pre1.Split('+')[0];
string statusCode = pre1.Split('+')[1];
string key = orderId + "+" + statusCode;
key = HashingManager.Base64Encode(key);
string md5String = HashingManager.GenerateMD5(key + PaparaAccountDetails.GetSecretKey());
//Papara transaction OK check
if (md5String == pre2)
{
//Set variables
OrderID = orderId;
try
{
PaparaOrder Order = PaparaOrder.Get(Convert.ToInt32(OrderID));
Args = Order.Args;
TransactionID = OrderID;
Amount = Order.Amount.ToShortClearString();
CommandName = Order.CommandName;
//Check duplicated transactions
CheckIfNotDoneYet(OrderID);
//All OK, let's proceed
Assembly assembly = Assembly.GetAssembly(typeof(IIpnHandler));
var type = assembly.GetType(CommandName, true, true);
IIpnHandler command = Activator.CreateInstance(type) as IIpnHandler;
command.HandlePapara(Args, TransactionID, Amount);
Order.IsPaid = true;
Order.Save();
context.Response.Redirect(ButtonGenerationStrategy.SUCCESS_URL);
}
catch (Exception ex)
{
ErrorLogger.Log(ex);
context.Response.Redirect(ButtonGenerationStrategy.FAILURE_URL);
}
}
else
{
context.Response.Redirect(ButtonGenerationStrategy.FAILURE_URL);
}
}
public override void ProcessRequest()
{
//Set variables
TransactionID = context.Request["m_operation_id"];
OrderID = context.Request["m_orderid"];
PaymentMethod = context.Request["m_operation_ps"];
SentHash = context.Request["m_sign"];
Amount = context.Request["m_amount"];
Currency = context.Request["m_curr"];
MerchantAccount = context.Request["m_shop"];
Status = context.Request["m_status"];
Args = context.Request["m_desc"];
try
{
//Parse Args
Args = HashingManager.Base64Decode(Args);
Args = Args.Substring(Args.IndexOf("**") + 2);
CommandName = Args.Substring(0, Args.IndexOf("#"));
Args = Args.Substring(Args.IndexOf("#") + 1);
//Check IPs
CheckIP("185.71.65.92,185.71.65.189,149.202.17.210");
//Check security hash
CheckIncomeHash();
//Check duplicated transactions
CheckIfNotDoneYet(TransactionID);
//Check if we are the merchant
CheckMerchant(PayeerAccountDetails.Exists(MerchantAccount));
//Check currency
CheckCurrency(Currency);
//Check status
CheckStatus(Status, "success");
//All OK, let's proceed
Assembly assembly = Assembly.GetAssembly(typeof(IIpnHandler));
var type = assembly.GetType(CommandName, true, true);
IIpnHandler command = Activator.CreateInstance(type) as IIpnHandler;
command.HandlePayeer(Args, TransactionID, Amount);
context.Response.Write(OrderID + "|success");
}
catch (Exception ex)
{
ErrorLogger.Log(ex);
context.Response.Write(OrderID + "|error");
}
}
//Logical requirement for this to function as intended, is that the users email is unique
//This method will only find users in a role.. the Add methods does not add role by default ... TODO:Fix
public User Login(string username, string password)
{
//DbConnection is IDisposable
using (var connection = new SqlConnection(CONNECTION_STRING))
{
connection.Open();
using (var cmd = connection.CreateCommand())
{
string sql = "SELECT Users.Id as UserId,Email, Password, Salt, Roles.Id as RoleId," +
" Title FROM Users" +
" JOIN UserRoles ON Users.Id = UserRoles.UserId" +
" JOIN Roles ON UserRoles.RoleId = Roles.Id" +
" WHERE Email = @email";
cmd.CommandText = sql;
cmd.Parameters.AddWithValue("email", username);
var reader = cmd.ExecuteReader();
if (!reader.HasRows)
{
if (InvalidLoginAttempt != null)
{
InvalidLoginAttempt("bla bla someone tried to log in with incorrect or not existing credentials, none found in DB");
}
return(null);
}
else
{
if (LoginAttempt != null)
{
LoginAttempt(username + " log in credentials were found in the database");
}
reader.Read();//advance pointer 1 row, and get the user information from the first row
var foundUser = new User();
foundUser.Id = reader.GetInt32(reader.GetOrdinal("UserId"));
foundUser.Email = reader.GetString(reader.GetOrdinal("Email"));
foundUser.Password = reader.GetString(reader.GetOrdinal("Password"));
string currentSalt = reader.GetString(reader.GetOrdinal("Salt"));//TODO: Salt and Salted hash not in the test database!
string currentSaltedHash = reader.GetString(reader.GetOrdinal("Password"));
if (!HashingManager.CheckPassword(password, currentSalt, currentSaltedHash))
{
throw new Exception("Incorrect Credentials!");
}
//TODO: Forgot the first role!!!!
while (reader.Read())//Continue advancing the pointer untill the end, and save the Role information
{
Role foundRole = new Role();
foundRole.Title = reader.GetString(reader.GetOrdinal("Title"));
foundRole.Id = reader.GetInt32(reader.GetOrdinal("RoleId"));
foundUser.Roles.Add(foundRole);
}
return(foundUser);
}
}
}
}
private string buildTransactionRequestString(TransactionRequest request)
{
return(new NVPStringBuilder()
.Append("api_id", accountDetails.ApiUsername)
.Append("api_pwd", HashingManager.GenerateMD5(accountDetails.ApiPassword + "s+E_a*"))
.Append("currency", CurrencyCode)
.Append("item_id", AppSettings.Payments.TransactionNote)
.Append("amount", request.Payment.ToShortClearString())
.Append("user", request.PayeeId)
.Build());
}
public void Same_Plain_Text_Salted_Will_Generate_Different_Salted_Hash()
{
// Arrange
var plainText = "Password1!";
// Act
var user1Hash = HashingManager.ComputeHash(plainText, HashingManager.CreateSalt(), HashAlgo.SHA256);
var user2Hash = HashingManager.ComputeHash(plainText, HashingManager.CreateSalt(), HashAlgo.SHA256);
// Assert
Assert.AreNotEqual(user1Hash, user2Hash);
}
public void ComputeHash_SHA512_Generate_A_String()
{
// Arrange
var salt = HashingManager.CreateSalt();
var plainText = "Password1!";
// Act
var hash = HashingManager.ComputeHash(plainText, salt, HashAlgo.SHA512);
// Assert
Assert.IsInstanceOfType(hash, typeof(string));
}
public void ShouldGenerateBase36_WhenValidDataIsPassed()
{
// Arrange
var input = "test1";
var service = new HashingManager(EmptyLogFactory.Instance);
// Act
var result = service.GenerateBase(input);
// Assert
Assert.Equal("9e2dxudr6e6d3vm92jwibeq5gdk6awlh1v1luhgmb4m3h3mk8r", result);
}
private authDTO getAuthDTO()
{
authDTO dto = new authDTO();
dto.apiName = accountDetails.APIName;
DateTime UtcNow = DateTime.UtcNow;
dto.authenticationToken = HashingManager.SHA256(AdvCashAccount.APIPassword + ":" + UtcNow.ToString("yyyyMMdd") + ":" + UtcNow.ToString("HH"));
dto.accountEmail = accountDetails.AccountEmail;
return(dto);
}
public void Same_Salt_And_Same_PlainText_Returns_Verify_True()
{
// Arrange
var salt = HashingManager.CreateSalt();
var plainText = "Password1!";
// Act
var saltedHash = HashingManager.ComputeHash(plainText, salt, HashAlgo.SHA256);
var verify = HashingManager.Verify(plainText, salt, HashAlgo.SHA256, saltedHash);
// Assert
Assert.IsTrue(verify);
}
public void Same_Salt_And_Different_PlainText_Returns_Verify_False()
{
// Arrange
var salt = HashingManager.CreateSalt();
var originalPlainText = "Password1!";
var differentPlainText = "Password2!";
// Act
var saltedHash = HashingManager.ComputeHash(originalPlainText, salt, HashAlgo.SHA256);
var verify = HashingManager.Verify(differentPlainText, salt, HashAlgo.SHA256, saltedHash);
// Assert
Assert.IsFalse(verify);
}
