Updates to support FPS API changes.

jmoses · May 5, 2010 · 1d83915 · 1d83915
1 parent 5361e35
commit 1d83915
Show file tree

Hide file tree

Showing 5 changed files with 35 additions and 7 deletions.
diff --git a/lib/remit.rb b/lib/remit.rb
@@ -121,6 +121,7 @@ def query(request)
     end
     private :query
 
+    # signature version 2
     def sign(values)
       keys = values.keys.sort { |a, b| a.to_s.downcase <=> b.to_s.downcase }
 

diff --git a/lib/remit/common.rb b/lib/remit/common.rb
@@ -85,4 +85,25 @@ def parse(uri, secret_key, query_string)
       end
     end
   end
+
+  class VerifySignature
+    require 'open-uri'
+    require 'cgi'
+
+    attr_reader :valid
+
+    def initialize( api, uri )
+      begin
+        service_url = api.endpoint.to_s + "?Action=VerifySignature&" + "UrlEndPoint=" + CGI.escape(uri.split('?', 2)[0]) +
+          "&HttpParameters=" + CGI.escape(uri.split('?', 2)[1]) + "&Version=" + Remit::API::API_VERSION
+
+        STDOUT.puts( "Checking signature against: #{service_url}")
+
+        open( service_url ) {|f| @valid = ( f.read =~ %r{<VerificationStatus>Success</VerificationStatus>})}
+      rescue
+        STDERR.puts( $!.message )
+        STDERR.puts( $!.backtrace.join("\n") )
+      end
+    end
+  end
 end
diff --git a/lib/remit/operations/pay.rb b/lib/remit/operations/pay.rb
@@ -6,15 +6,15 @@ class Request < Remit::Request
       action :Pay
       parameter :caller_description
       parameter :caller_reference, :required => true
-      parameter :caller_token_id, :required => true
+      # parameter :caller_token_id, :required => true
       parameter :charge_fee_to, :required => true
       parameter :descriptor_policy, :type => Remit::RequestTypes::DescriptorPolicy
       parameter :marketplace_fixed_fee, :type => Remit::RequestTypes::Amount
       parameter :marketplace_variable_fee
       parameter :meta_data
       parameter :recipient_description
       parameter :recipient_reference
-      parameter :recipient_token_id, :required => true
+      # parameter :recipient_token_id, :true
       parameter :sender_description
       parameter :sender_reference
       parameter :sender_token_id, :required => true

diff --git a/lib/remit/pipeline_response.rb b/lib/remit/pipeline_response.rb
@@ -11,9 +11,9 @@ def initialize(uri, secret_key)
     # The unescape_value method is used here because the awsSignature value
     # pulled from the request is filtered through the same method.
     #++
-    def valid?
+    def valid?( api = nil)
       return false unless given_signature
-      Relax::Query.unescape_value(correct_signature) == given_signature
+      Relax::Query.unescape_value(correct_signature(api)) == given_signature
     end
 
     # Returns +true+ if the response returns a successful state.
@@ -40,12 +40,17 @@ def request_query(reload = false)
     private :request_query
 
     def given_signature
-      request_query[:awsSignature]
+      request_query[:signature]
     end
     private :given_signature
 
-    def correct_signature
-      Remit::SignedQuery.new(@uri.path, @secret_key, request_query).sign
+    def correct_signature( api = nil)
+      return nil unless api
+
+      Rails.logger.debug "FPS: Computed signature: " + Remit::SignedQuery.new(@uri.path, @secret_key, request_query).sign
+      Rails.logger.debug "FPS: Real signature: " + request_query[:signature]
+      # Verifign a responses signature against a webservice seems....silly?
+      Remit::VerifySignature.new(api, @uri.to_s).valid
     end
     private :correct_signature
   end

diff --git a/rails/init.rb b/rails/init.rb
@@ -0,0 +1 @@
+require File.join( File.dirname(__FILE__), '..', 'lib', 'remit.rb' )
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		require File.join( File.dirname(__FILE__), '..', 'lib', 'remit.rb' )