Esempio n. 1
0
        public HostedAdminResponse(string webserviceResponseXml, string originalSecretWord, string expectedMerchantId)
        {
            WebserviceResponseXml = webserviceResponseXml;
            var responseDocument = new XmlDocument();

            responseDocument.LoadXml(webserviceResponseXml);
            MessageBase64Encoded = responseDocument.SelectSingleNode("//message").InnerText;
            Mac        = responseDocument.SelectSingleNode("//mac").InnerText;
            MerchantId = responseDocument.SelectSingleNode("//merchantid").InnerText;

            var expectedMac = HashUtil.CreateHash(MessageBase64Encoded + originalSecretWord);

            if (MerchantId != expectedMerchantId)
            {
                throw new System.Exception(
                          string.Format(
                              "The merchantId in the response from the server is not the expected. This could mean that someone has tamepered with the message. Expected:{0} Actual:{1}",
                              expectedMerchantId, MerchantId));
            }

            if (Mac != expectedMac)
            {
                throw new System.Exception(
                          string.Format(
                              "SEVERE: The mac from the server does not match the expected mac. The message might have been tampered with, or the secret word used is not correct. Merchant:{0} Message:\n{1}",
                              expectedMerchantId, MessageBase64Encoded));
            }

            Message = Base64Util.DecodeBase64String(MessageBase64Encoded);

            MessageXmlDocument = new XmlDocument();
            MessageXmlDocument.LoadXml(Message);
        }
Esempio n. 2
0
        public PaymentForm SetHtmlFields()
        {
            _macSha512 = HashUtil.CreateHash(_xmlMessageBase64 + _secretWord);

            var formFields = new Dictionary <string, string>
            {
                {
                    "form_start_tag",
                    "<form name=\"paymentForm\" id=\"paymentForm\" method=\"post\" action=\"" + _url + "\">"
                },
                { "input_merchantId", "<input type=\"hidden\" name=\"merchantid\" value=\"" + _merchantid + "\" />" },
                { "input_message", "<input type=\"hidden\" name=\"message\" value=\"" + _xmlMessageBase64 + "\" />" },
                { "input_mac", "<input type=\"hidden\" name=\"mac\" value=\"" + _macSha512 + "\" />" },
                { "noscript_p_tag", "<noscript><p>" + _noScriptMessage + "</p></noscript>" },
                { "input_submit", "<input type=\"submit\" name=\"submit\" value=\"" + _submitText + "\" />" },
                { "form_end_tag", "</form>" }
            };

            foreach (var formField in formFields)
            {
                if (_formHtmlFields.ContainsKey(formField.Key))
                {
                    _formHtmlFields[formField.Key] = formField.Value;
                }
                else
                {
                    _formHtmlFields.Add(formField.Key, formField.Value);
                }
            }

            return(this);
        }
        public void TestCreateHash()
        {
            const string hash =
                "fe54c6e8727e9f8bf5f4f8e47a05567d694f68049cd1f116c19d9a6fbd066a742305d23da164291bca8869c34e7b8ff3bee15ab2da011d4ddc57adc736bc12ba";

            Assert.That(HashUtil.CreateHash("Hsjhasj djahs djahs d"), Is.EqualTo(hash));
        }
        public HostedAdminRequest(string message, string secretWord, string merchantId, string endPointBase)
        {
            EndPointBase = endPointBase;
            Message      = message;
            SecretWord   = secretWord;
            MerchantId   = merchantId;

            MessageBase64Encoded = Base64Util.EncodeBase64String(Message);
            Mac = HashUtil.CreateHash(MessageBase64Encoded + secretWord);

            MessageXmlDocument = new XmlDocument();
            MessageXmlDocument.LoadXml(message);
        }
Esempio n. 5
0
        public PaymentForm SetForm()
        {
            _macSha512 = HashUtil.CreateHash(_xmlMessageBase64 + _secretWord);

            _completeHtmlFormWithSubmitButton = "<form name=\"paymentForm\" id=\"paymentForm\" method=\"post\" action=\""
                                                + _url
                                                + "\">"
                                                + "<input type=\"hidden\" name=\"merchantid\" value=\"" + _merchantid +
                                                "\" />"
                                                + "<input type=\"hidden\" name=\"message\" value=\"" + _xmlMessageBase64 +
                                                "\" />"
                                                + "<input type=\"hidden\" name=\"mac\" value=\"" + _macSha512 + "\" />"
                                                + "<noscript><p>" + _noScriptMessage + "</p></noscript>"
                                                + "<input type=\"submit\" name=\"submit\" value=\"" + _submitText +
                                                "\" />"
                                                + "</form>";

            return(this);
        }
        public void TestSetHtmlFields()
        {
            string base64Payment = Base64Util.EncodeBase64String("0");
            string mac           = HashUtil.CreateHash(base64Payment + SecretWord);

            PaymentForm form = WebpayConnection.CreateOrder(SveaConfig.GetDefaultConfig())
                               .SetCountryCode(TestingTool.DefaultTestCountryCode)
                               .SetClientOrderNumber(TestingTool.DefaultTestClientOrderNumber)
                               .SetCurrency(TestingTool.DefaultTestCurrency)
                               .AddOrderRow(TestingTool.CreateMiniOrderRow())
                               .AddCustomerDetails(TestingTool.CreateCompanyCustomer())
                               .UsePayPageDirectBankOnly()
                               .SetReturnUrl("http://myurl.se")
                               .GetPaymentForm();

            form.SetMessageBase64(base64Payment)
            .SetMerchantId(MerchantId)
            .SetSecretWord(SecretWord)
            .SetHtmlFields();

            var    formHtmlFields = form.GetFormHtmlFields();
            string url            = form.GetPayPageUrl();


            Assert.That(formHtmlFields["form_start_tag"],
                        Is.EqualTo("<form name=\"paymentForm\" id=\"paymentForm\" method=\"post\" action=\"" + url + "\">"));

            Assert.That(formHtmlFields["input_merchantId"],
                        Is.EqualTo("<input type=\"hidden\" name=\"merchantid\" value=\"" + MerchantId + "\" />"));

            Assert.That(formHtmlFields["input_message"],
                        Is.EqualTo("<input type=\"hidden\" name=\"message\" value=\"" + base64Payment + "\" />"));

            Assert.That(formHtmlFields["input_mac"], Is.EqualTo("<input type=\"hidden\" name=\"mac\" value=\"" + mac + "\" />"));

            Assert.That(formHtmlFields["noscript_p_tag"],
                        Is.EqualTo("<noscript><p>Javascript är inaktiverat i er webbläsare, ni får dirigera om till paypage manuellt</p></noscript>"));

            Assert.That(formHtmlFields["input_submit"], Is.EqualTo("<input type=\"submit\" name=\"submit\" value=\"Betala\" />"));

            Assert.That(formHtmlFields["form_end_tag"], Is.EqualTo("</form>"));
        }
Esempio n. 7
0
        /*
         * <currency>SEK</currency><amount>500</amount><vat>100</vat><customerrefno>test_1429280602870</customerrefno><returnurl>https://dev.sveaekonomi.se/webpay-admin/admin/merchantresponsetest.xhtml</returnurl><paymentmethod>DBNORDEASE</paymentmethod><simulatorcode>0</simulatorcode>
         */
        private static Tuple <string, string> PostRequest(PaymentForm form)
        {
            CreateOrderBuilder order = WebpayConnection.CreateOrder(SveaConfig.GetDefaultConfig());

            form.SetMacSha512(
                HashUtil.CreateHash(form.GetXmlMessageBase64() +
                                    order.GetConfig().GetSecretWord(PaymentType.HOSTED, order.GetCountryCode())));

            string data = "mac=" + HttpUtility.UrlEncode(form.GetMacSha512()) +
                          "&message=" + HttpUtility.UrlEncode(form.GetXmlMessageBase64()) +
                          "&merchantid=" + HttpUtility.UrlEncode(form.GetMerchantId());

            byte[] formData = Encoding.UTF8.GetBytes(data);

            var request = WebRequest.Create(order.GetConfig().GetEndPoint(PaymentType.HOSTED)) as HttpWebRequest;

            request.Method        = "POST";
            request.ContentType   = "application/x-www-form-urlencoded";
            request.ContentLength = formData.Length;

            using (Stream post = request.GetRequestStream())
            {
                post.Write(formData, 0, formData.Length);
            }

            string result;
            string statusCode;

            using (var response = request.GetResponse() as HttpWebResponse)
            {
                using (var reader = new StreamReader(response.GetResponseStream()))
                {
                    result = reader.ReadToEnd();
                }

                statusCode = response.StatusCode.ToString();
            }

            return(new Tuple <string, string>(statusCode, result));
        }
        public void TestSetFormCardNoCustomerDetails()
        {
            string      base64Payment = Base64Util.EncodeBase64String("0");
            string      mac           = HashUtil.CreateHash(base64Payment + SecretWord);
            PaymentForm form          = WebpayConnection.CreateOrder(SveaConfig.GetDefaultConfig())
                                        .SetCountryCode(TestingTool.DefaultTestCountryCode)
                                        .SetCurrency(TestingTool.DefaultTestCurrency)
                                        .SetClientOrderNumber(TestingTool.DefaultTestClientOrderNumber)
                                        .AddOrderRow(TestingTool.CreateMiniOrderRow())
                                        .UsePayPageCardOnly()
                                        .SetReturnUrl("http://myurl.se")
                                        .GetPaymentForm();

            form.SetMessageBase64(base64Payment)
            .SetMerchantId(MerchantId)
            .SetSecretWord(SecretWord)
            .SetForm();

            string expected = "<form name=\"paymentForm\" id=\"paymentForm\" method=\"post\" action=\""
                              + form.GetPayPageUrl()
                              + "\">"
                              + "<input type=\"hidden\" name=\"merchantid\" value=\""
                              + MerchantId
                              + "\" />"
                              + "<input type=\"hidden\" name=\"message\" value=\""
                              + base64Payment
                              + "\" />"
                              + "<input type=\"hidden\" name=\"mac\" value=\""
                              + mac
                              + "\" />"
                              +
                              "<noscript><p>Javascript är inaktiverat i er webbläsare, ni får dirigera om till paypage manuellt</p></noscript>"
                              + "<input type=\"submit\" name=\"submit\" value=\"Betala\" />"
                              + "</form>";

            Assert.That(form.GetCompleteForm(), Is.EqualTo(expected));
        }