public async Task <string> GenerateSignature(EtnPayload payload)
{
if (string.IsNullOrEmpty(ApiSecret))
{
throw new VendorException("No vendor API secret set");
}
var json = JsonConvert.SerializeObject(payload);
var sig = HashHmac(json, ApiSecret);
return(await Task.FromResult(sig));
}
/// <summary>
/// Generate signature to validate with verify signature
/// This is not used for payment, better for testing purposes
/// </summary>
/// <param name="customer"></param>
/// <param name="amount"></param>
/// <param name="currency"></param>
/// <param name="reference"></param>
/// <param name="paymentId"></param>
/// <returns></returns>
public async Task <string> GenerateSignature(string customer, decimal amount, string currency, string reference, string paymentId = null)
{
if (string.IsNullOrEmpty(ApiSecret))
{
throw new VendorException("No vendor API secret set");
}
var payload = new EtnPayload()
{
PaymentId = paymentId ?? GeneratePaymentId(),
Customer = customer,
Amount = await CurrencyToEtnAsync(amount, currency),
Key = ApiKey,
Ref = reference,
TimeStamp = DateTime.Now
};
return(await GenerateSignature(payload));
}
public bool VerifySignature(EtnPayload payload, string signature)
{
return(VerifySignature(JsonConvert.SerializeObject(payload), signature));
}
public async Task <EtnPayload> ValidateEtnWebHookPayloadAsync(string userAgent, EtnPayload payload, string signature)
{
if (!userAgent.StartsWith("Electroneum"))
{
throw new VendorException("invalid useragent on webhook");
}
var isValid = _vendor.VerifySignature(payload, signature);
if (!isValid)
{
throw new VendorException("invalid signature");
}
return(await Task.FromResult(payload));
}
