public canonicalRequestResponse pay(canonicalRequestResponse req) { Contract.Assert(req.gross == GlobalState.tstore.orders[req.orderID].gross); canonicalRequestResponse res = new canonicalRequestResponse(); res.gross = req.gross; res.orderID = req.orderID; res.status = CaasReturnStatus.Sucess; // if the request is signed then the previous res.payee will be assigned to this req.payee in Main() // this line of code simply propagates the payee info to the response res.payee = req.signer; //not sure whether this field is important res.MerchantReturnURL = req.MerchantReturnURL; //shuo:begin SQLStub_insertPayment(res.gross, res.orderID, res.status, res.payee); //shuo:end return(res); }
static void Main() { FacebookClient1 oauth_client = new FacebookClient1(); FacebookServer oauth_server = new FacebookServer(); canonicalRequestResponse req1 = oauth_client.GetServiceLoginUrl_entry(); //I'm not entirely sure if this is correct, but I think we don't have to havoc the firest req? canonicalRequestResponse res1 = oauth_server.oauth_code_req(req1); //we are havocing the response because it is not encrypted res1 = p.NondetRequestResponse(); canonicalRequestResponse req2 = oauth_client.QueryAccessToken_entry(res1); //we are not havocing the second request because it's not a redirection canonicalRequestResponse res2 = oauth_server.oauth_token_req(req2); //oauth_client.GetUserData_entry(res2); //proto agnostic check Contract.Assert(OPAssertion.isSuccess); Contract.Assert(OPAssertion.rpid == RPStates.rpid); Contract.Assert(OPAssertion.return_url == RPStates.domain); Contract.Assert(OPAssertion.uid == RPStates.uid); }
public void GetUserData_entry(canonicalRequestResponse req) { if (req.status == HTTPStatus.Failure) { Contract.Assume(false); } RPStates.uid = req.token; }
//entry point for the first request public canonicalRequestResponse GetServiceLoginUrl_entry() { //we are redefining the Uri objectin stub.cs Uri url = new Uri(RPGlobalState.return_uri); canonicalRequestResponse res = GetServiceLoginUrl(url); return(res); }
static void assumeOrderProperties(canonicalRequestResponse res) { int orderID = res.orderID; GlobalState.tstore.orders[orderID] = p.NondetorderRecord(); Contract.Assume(GlobalState.tstore.orders[orderID].id == orderID); Contract.Assume(GlobalState.tstore.orders[orderID].gross == res.gross); Contract.Assume(GlobalState.tstore.orders[orderID].status == Global.OrderStatusEnum.Pending); }
static void Main() { SimplePayPaymentProcessor1 merchant_sender = new SimplePayPaymentProcessor1(); CaaS amazon = new CaaS(); AmazonSimplePayReturn1 merchant_receiver = new AmazonSimplePayReturn1(); Order init_order = p.NondetOrder(); GlobalState.order = new orderRecord(); canonicalRequestResponse res_placeorder = p.NodetReqres(); canonicalRequestResponse req_pay = p.NodetReqres(); canonicalRequestResponse res_pay = p.NodetReqres(); canonicalRequestResponse req_finish = p.NodetReqres(); // Computation on merchant - place order res_placeorder = merchant_sender.PostProcessPayment(init_order); assumeOrderProperties(res_placeorder); // Message: merchant -> client -> CaaS // is the msg encrypted? if so, then: req_pay = res_placeorder; GlobalState.MerchantPaymentEmail = req_pay.payee; GlobalState.order.gross = req_pay.gross; GlobalState.order.id = req_pay.orderID; // Computation on Amazon - pay res_pay = amazon.pay(req_pay); // Message: CaaS -> client -> merchant // is the msg encrypted? if so, then: req_finish = res_pay; merchant_receiver.Request = req_finish; Contract.Assume(res_pay.orderID == req_finish.orderID); GlobalState.CaaS_email_proxy = res_pay.payee; GlobalState.CaaS_gross_proxy = res_pay.gross; //we need this since boogie can't handle string concat // Computation on merchant - finish order merchant_receiver.Page_Load(null, null); res_pay.witness = GlobalState.witness; Contract.Assert(amazon.caas.payments[res_pay.witness].orderID == req_finish.orderID && amazon.caas.payments[res_pay.witness].gross == GlobalState.tstore.orders[req_finish.orderID].gross && amazon.caas.payments[res_pay.witness].payee == GlobalState.tstore.myDomain && amazon.caas.payments[res_pay.witness].status == CaasReturnStatus.Sucess); Contract.Assert(0 <= res_pay.witness && res_pay.witness < amazon.caas.payments.Length); Contract.Assert(Contract.Exists(0, amazon.caas.payments.Length, i => amazon.caas.payments[i].orderID == req_finish.orderID && amazon.caas.payments[i].gross == GlobalState.tstore.orders[req_finish.orderID].gross && amazon.caas.payments[i].payee == GlobalState.tstore.myDomain && amazon.caas.payments[i].status == CaasReturnStatus.Sucess )); }
public bool getPDTDetails(int tx, out orderRecord values) { canonicalRequestResponse res = new canonicalRequestResponse(); if (payment47 != null && payment47.id == tx) { values = payment47; return(true); } else { values = null; return(false); } }
static void Main() { int y; foo(out y); Contract.Assert(y != 10); int witness; CaaS paypal = GlobalState.paypal; PayPalStandardPaymentProcessor1 merchant_sender = new PayPalStandardPaymentProcessor1(); PayPalStandardReturn1 merchant_receiver = new PayPalStandardReturn1(); Order init_order = p.NondetOrder(); canonicalRequestResponse res_placeorder = p.NodetReqres(); canonicalRequestResponse req_pay = p.NodetReqres(); canonicalRequestResponse res_pay = p.NodetReqres(); canonicalRequestResponse req_finish = p.NodetReqres(); // Computation on merchant - place order res_placeorder = merchant_sender.PostProcessPayment(init_order); // Message: merchant -> client -> CaaS // is the msg encrypted? if so, then: req_pay = res_placeorder; GlobalState.MerchantPaymentEmail = req_pay.payee; GlobalState.order.gross = req_pay.gross; GlobalState.order.id = req_pay.orderID; GlobalState.paypal.pay(req_pay); //Rui: there is no return for this call, because anything returned through the client should be havoced req_finish.orderID = p.NondetInt(); witness = merchant_receiver.Page_Load(null, null, req_finish.orderID); Contract.Assert(GlobalState.paypal.caas.payments[witness].orderID == req_finish.orderID); Contract.Assert( paypal.caas.payments[witness].orderID == req_finish.orderID && paypal.caas.payments[witness].gross == GlobalState.tstore.orders[req_finish.orderID].gross && paypal.caas.payments[witness].payee == GlobalState.tstore.myAccount && paypal.caas.payments[witness].status == CaasReturnStatus.Sucess ); Contract.Assert(0 <= witness && witness < paypal.caas.payments.Length); Contract.Assert(Contract.Exists(0, paypal.caas.payments.Length, i => paypal.caas.payments[i].orderID == req_finish.orderID && paypal.caas.payments[i].payee == GlobalState.tstore.myAccount && paypal.caas.payments[i].status == CaasReturnStatus.Sucess && paypal.caas.payments[i].gross == GlobalState.tstore.orders[req_finish.orderID].gross )); }
public canonicalRequestResponse pay(canonicalRequestResponse req) { canonicalRequestResponse res = new canonicalRequestResponse(); res.gross = req.gross; res.orderID = req.orderID; res.status = CaasReturnStatus.Sucess; // if the request is signed then the previous res.payee will be assigned to this req.payee in Main() // this line of code simply propagates the payee info to the response res.payee = req.payee; //not sure whether this field is important res.MerchantReturnURL = req.MerchantReturnURL; return(res); }
static void Main() { SimplePayPaymentProcessor1 merchant_sender = new SimplePayPaymentProcessor1(); CaaS amazon = new CaaS(); AmazonSimplePayReturn1 merchant_receiver = new AmazonSimplePayReturn1(); Order init_order = p.NondetOrder(); GlobalState.order = new orderRecord(); canonicalRequestResponse res_placeorder = p.NodetReqres(); canonicalRequestResponse req_pay = p.NodetReqres(); canonicalRequestResponse res_pay = p.NodetReqres(); canonicalRequestResponse req_finish = p.NodetReqres(); // Computation on merchant - place order res_placeorder = merchant_sender.PostProcessPayment(init_order); // Message: merchant -> client -> CaaS // is the msg encrypted? if so, then: req_pay = res_placeorder; GlobalState.MerchantPaymentEmail = req_pay.payee; GlobalState.order.gross = req_pay.gross; GlobalState.order.id = req_pay.orderID; // Computation on Amazon - pay res_pay = amazon.pay(req_pay); // Message: CaaS -> client -> merchant // is the msg encrypted? if so, then: req_finish = res_pay; merchant_receiver.Request = req_finish; Contract.Assume(res_pay.orderID == req_finish.orderID); GlobalState.CaaS_email_proxy = res_pay.payee; GlobalState.CaaS_gross_proxy = res_pay.gross; //we need this since boogie can't handle string concat // Computation on merchant - finish order merchant_receiver.Page_Load(null, null); Contract.Assert(GlobalState.order.id == req_finish.orderID); Contract.Assert(GlobalState.MerchantPaymentEmail == req_finish.payee); Contract.Assert(GlobalState.order.gross == req_finish.gross); Contract.Assert(GlobalState.order.status == Global.OrderStatusEnum.Paid); }
public canonicalRequestResponse oauth_token_req(canonicalRequestResponse req) { canonicalRequestResponse res = new canonicalRequestResponse(); //ideally we should leave them uninitialized but it doesnt work for boogie check FBGlobalState.code = p.NondetString(); FBGlobalState.access_token = p.NondetString(); FBGlobalState.user_id = p.NondetInt(); FBGlobalState.return_url = p.NondetString(); FBGlobalState.client_id = p.NondetString(); //conversion to proto-agnostic data structures OPAssertion.uid = FBGlobalState.access_token; OPAssertion.rpid = FBGlobalState.client_id; OPAssertion.return_url = FBGlobalState.return_url; OPAssertion.isSuccess = p.NondetBool(); if (req.code != FBGlobalState.code) { res.status = HTTPStatus.Failure; } else if (req.redirect_url != FBGlobalState.return_url) { res.status = HTTPStatus.Failure; } else if (req.client_id != FBGlobalState.client_id) { res.status = HTTPStatus.Failure; } else if (!OPAssertion.isSuccess) { res.status = HTTPStatus.Failure; } else { res.status = HTTPStatus.Success; res.token = FBGlobalState.access_token; } return(res); }
// entry point for the second request public canonicalRequestResponse QueryAccessToken_entry(canonicalRequestResponse req) { //boogie hack -- uninitializes our vars this.appId = p.NondetString(); this.appSecret = p.NondetString(); RPGlobalState.appId = this.appId; RPGlobalState.appSecret = this.appSecret; RPGlobalState.return_uri = p.NondetString(); //conversion to proto-agnostic data structures RPStates.domain = RPGlobalState.return_uri; RPStates.rpid = RPGlobalState.appId; // end of boogie hack //we are redefining the Uri objectin stub.cs Uri url = new Uri(RPGlobalState.return_uri); canonicalRequestResponse res = QueryAccessToken(url, req.code); return(res); }
public canonicalRequestResponse QueryAccessToken(Uri returnUrl, string authorizationCode) { var builder = new UriBuilder(TokenEndpoint); builder.AppendQueryArgs( new Dictionary <string, string> { { "client_id", this.appId }, { "redirect_uri", returnUrl.AbsoluteUri }, { "client_secret", this.appSecret }, { "code", authorizationCode } }); //[NON rp related code] canonicalRequestResponse res = new canonicalRequestResponse(); res.client_id = this.appId; res.redirect_url = returnUrl.AbsoluteUri; res.code = authorizationCode; return(res); }
static void Main() { FacebookClient1 oauth_client = new FacebookClient1(); FacebookServer oauth_server = new FacebookServer(); canonicalRequestResponse req1 = p.NondetRequestResponse(); canonicalRequestResponse res1 = p.NondetRequestResponse(); canonicalRequestResponse req2 = p.NondetRequestResponse(); canonicalRequestResponse res2 = p.NondetRequestResponse(); req2 = oauth_client.QueryAccessToken_entry(res1); //we are not havocing the second request because it's not a redirection res2 = oauth_server.oauth_token_req(req2); oauth_client.GetUserData_entry(res2); //proto agnostic check Contract.Assert(OPAssertion.isSuccess); Contract.Assert(OPAssertion.rpid == RPStates.rpid); Contract.Assert(OPAssertion.return_url == RPStates.domain); Contract.Assert(OPAssertion.uid == RPStates.uid); }
public canonicalRequestResponse oauth_code_req(canonicalRequestResponse req) { FBGlobalState.code = p.NondetString(); FBGlobalState.access_token = p.NondetString(); FBGlobalState.user_id = p.NondetInt(); FBGlobalState.return_url = req.redirect_url; FBGlobalState.client_id = req.client_id; //conversion to proto-agnostic data structures OPAssertion.uid = FBGlobalState.access_token; OPAssertion.rpid = req.client_id; OPAssertion.return_url = req.redirect_url; OPAssertion.isSuccess = true; Contract.Assert(OPAssertion.rpid == RPStates.rpid); Contract.Assert(OPAssertion.return_url == RPStates.domain); canonicalRequestResponse res = new canonicalRequestResponse(); res.code = FBGlobalState.code; return(res); }
static void Main() { PayPalStandardPaymentProcessor1 merchant_sender = new PayPalStandardPaymentProcessor1(); PayPalStandardReturn1 merchant_receiver = new PayPalStandardReturn1(); Order init_order = p.NondetOrder(); GlobalState.order = new orderRecord(); GlobalState.payment = new orderRecord(); canonicalRequestResponse res_placeorder = p.NodetReqres(); canonicalRequestResponse req_pay = p.NodetReqres(); canonicalRequestResponse res_pay = p.NodetReqres(); canonicalRequestResponse req_finish = p.NodetReqres(); // Message: CaaS -> client -> merchant // Computation on merchant - finish order merchant_receiver.Page_Load(null, null); Contract.Assert(GlobalState.order.id == GlobalState.payment.id); Contract.Assert(GlobalState.MerchantPaymentEmail == GlobalState.payment.payee); Contract.Assert(GlobalState.order.gross == GlobalState.payment.gross); Contract.Assert(GlobalState.order.status == Global.OrderStatusEnum.Paid); }
public canonicalRequestResponse GetServiceLoginUrl(Uri returnUrl) { // Note: Facebook doesn't like us to url-encode the redirect_uri value var builder = new UriBuilder(AuthorizationEndpoint); builder.AppendQueryArgs( new Dictionary <string, string> { { "client_id", this.appId }, { "redirect_uri", returnUrl.AbsoluteUri }, { "path_digest", "RP[HASH()]" } }); //[NON rp related code] canonicalRequestResponse res = new canonicalRequestResponse(); res.client_id = this.appId; res.redirect_url = returnUrl.AbsoluteUri; //Contract.Assert(res.redirect_url == retu return(res); }
public AmazonSimplePayReturn1() { Request = new canonicalRequestResponse(); Response = new canonicalRequestResponse(); Page = new Page(); }
public PayPalStandardReturn1() { Request = new canonicalRequestResponse(); Response = new canonicalRequestResponse(); Page = new Page(); }