entrouvert
/
eopayment
17
0
Fork 0
Code Issues Pull Requests Releases Activity
eopayment/eopayment/spplus.py

241 lines
8.8 KiB
Python
Raw Permalink Normal View History

add response code translation table to the spplus backend
2012-02-17 18:14:07 +01:00
# -*- coding: utf-8 -*-
First commit
2011-04-22 17:21:16 +02:00
from decimal import Decimal
import binascii
standardise normal_return_url and automatic_return_url options (#9998)
2016-02-16 10:51:41 +01:00
from gettext import gettext as _
First commit
2011-04-22 17:21:16 +02:00
import hmac
import hashlib
python3: use six to get urlparse/urllib modules
2018-03-26 09:35:45 +02:00
from six.moves.urllib import parse as urlparse
from six.moves.urllib import parse as urllib
First commit
2011-04-22 17:21:16 +02:00
import string
import datetime as dt
import logging
Add a self description attribute to payment backend Add first example to spplus backend.
2011-04-30 19:04:50 +02:00
import re
standardise normal_return_url and automatic_return_url options (#9998)
2016-02-16 10:51:41 +01:00
import warnings
First commit
2011-04-22 17:21:16 +02:00
import Crypto.Cipher.DES
python3: use relative import
2018-03-26 09:30:17 +02:00
from .common import (PaymentCommon, URL, PaymentResponse, RECEIVED, ACCEPTED,
spplus: adapt for python3
2018-03-26 20:28:14 +02:00
PAID, ERROR, ResponseError, force_byte)
First commit
2011-04-22 17:21:16 +02:00
lost part of b69cefbfa86a6c9f51e199217d141d8593b051d5 (#9998)
2016-02-16 19:11:47 +01:00
def N_(message): return message
Ensure transaction id unicity, add logging to spplus
2011-04-26 12:41:19 +02:00
__all__ = ['Payment']
spplus: adapt for python3
2018-03-26 20:28:14 +02:00
KEY_DES_KEY = b'\x45\x1f\xba\x4f\x4c\x3f\xd4\x97'
IV = b'\x30\x78\x30\x62\x2c\x30\x78\x30'
First commit
2011-04-22 17:21:16 +02:00
REFERENCE = 'reference'
ETAT = 'etat'
SPCHECKOK = 'spcheckok'
Ensure transaction id unicity, add logging to spplus
2011-04-26 12:41:19 +02:00
LOGGER = logging.getLogger(__name__)
copy the bank authorisation number into a common variable name Each API has a way of transmitting the authorisation number, we copy to a common name when handling response messages.
2012-01-30 17:47:47 +01:00
REFSFP = 'refsfp'
First commit
2011-04-22 17:21:16 +02:00
better return transaction state
2012-02-20 19:07:55 +01:00
# Pour un paiement comptant la chaine des états est: 1 -> 4 -> 10, seul l'état
# 10 garanti le paiement
add response code translation table to the spplus backend
2012-02-17 18:14:07 +01:00
SPPLUS_RESPONSE_CODES = {
'1': 'Autorisation de paiement acceptée',
'2': 'Autorisation de paiement refusée',
'4': 'Echéance du paiement acceptée et en attente de remise',
'5': 'Echéance du paiement refusée',
'6': 'Paiement par chèque accepté',
'8': 'Chèque encaissé',
'10': 'Paiement terminé',
'11': 'Echéance du paiement annulée par le commerçant',
'12': 'Abandon de l\internaute',
'15': 'Remboursement enregistré',
'16': 'Remboursement annulé',
'17': 'Remboursement accepté',
'20': 'Echéance du paiement avec un impayé',
'21': 'Echéance du paiement avec un impayé et en attente de validation des services SP PLUS',
'30': 'Echéance du paiement remisée',
'99': 'Paiement de test en production',
}
better return transaction state
2012-02-20 19:07:55 +01:00
VALID_STATE = ('1', '4', '10')
ACCEPTED_STATE = ('1', '4')
PAID_STATE = ('10',)
add response.test flag on tipi, spplus and systempayv2 only.
2014-03-30 19:27:48 +02:00
TEST_STATE = ('99',)
better return transaction state
2012-02-20 19:07:55 +01:00
First commit
2011-04-22 17:21:16 +02:00
def decrypt_ntkey(ntkey):
spplus: adapt for python3
2018-03-26 20:28:14 +02:00
key = binascii.unhexlify(ntkey.replace(b' ', b''))
First commit
2011-04-22 17:21:16 +02:00
return decrypt_key(key)
def decrypt_key(key):
CIPHER = Crypto.Cipher.DES.new(KEY_DES_KEY, Crypto.Cipher.DES.MODE_CBC, IV)
return CIPHER.decrypt(key)
[spplus] fix signature checking for callback requests
2012-02-20 21:01:44 +01:00
def extract_values(query_string):
kvs = query_string.split('&')
result = []
for kv in kvs:
k, v = kv.split('=', 1)
if k != 'hmac':
result.append(v)
spplus: adapt for python3
2018-03-26 20:28:14 +02:00
return force_byte(''.join(result))
[spplus] fix signature checking for callback requests
2012-02-20 21:01:44 +01:00
First commit
2011-04-22 17:21:16 +02:00
def sign_ntkey_query(ntkey, query):
key = decrypt_ntkey(ntkey)
[spplus] fix signature checking for callback requests
2012-02-20 21:01:44 +01:00
data_to_sign = extract_values(query)
[spplus] the digest must use uppercases hexadecimal digits
2011-12-12 17:24:12 +01:00
return hmac.new(key[:20], data_to_sign, hashlib.sha1).hexdigest().upper()
First commit
2011-04-22 17:21:16 +02:00
PAIEMENT_FIELDS = [ 'siret', REFERENCE, 'langue', 'devise', 'montant',
'taxe', 'validite' ]
def sign_url_paiement(ntkey, query):
if '?' in query:
query = query[query.index('?')+1:]
key = decrypt_ntkey(ntkey)
data = urlparse.parse_qs(query, True)
fields = [data.get(field,[''])[0] for field in PAIEMENT_FIELDS]
data_to_sign = ''.join(fields)
[spplus] the digest must use uppercases hexadecimal digits
2011-12-12 17:24:12 +01:00
return hmac.new(key[:20], data_to_sign, hashlib.sha1).hexdigest().upper()
First commit
2011-04-22 17:21:16 +02:00
python3: use string.ascii_letters
2018-03-26 09:48:09 +02:00
ALPHANUM = string.ascii_letters + string.digits
First commit
2011-04-22 17:21:16 +02:00
SERVICE_URL = "https://www.spplus.net/paiement/init.do"
class Payment(PaymentCommon):
Add a self description attribute to payment backend Add first example to spplus backend.
2011-04-30 19:04:50 +02:00
description = {
'caption': "SPPlus payment service of French bank Caisse d'epargne",
change format of description records
2012-05-25 15:40:41 +02:00
'parameters': [
standardise normal_return_url and automatic_return_url options (#9998)
2016-02-16 10:51:41 +01:00
{
'name': 'normal_return_url',
lost part of b69cefbfa86a6c9f51e199217d141d8593b051d5 (#9998)
2016-02-16 19:11:47 +01:00
'caption': N_('Normal return URL'),
standardise normal_return_url and automatic_return_url options (#9998)
2016-02-16 10:51:41 +01:00
'default': '',
'required': True,
},
{
'name': 'automatic_return_url',
lost part of b69cefbfa86a6c9f51e199217d141d8593b051d5 (#9998)
2016-02-16 19:11:47 +01:00
'caption': N_('Automatic return URL'),
standardise normal_return_url and automatic_return_url options (#9998)
2016-02-16 10:51:41 +01:00
'required': False,
},
change format of description records
2012-05-25 15:40:41 +02:00
{ 'name': 'cle',
Add a self description attribute to payment backend Add first example to spplus backend.
2011-04-30 19:04:50 +02:00
'caption': 'Secret key, a 40 digits hexadecimal number',
'regexp': re.compile('^ *((?:[a-fA-F0-9] *){40}) *$')
},
change format of description records
2012-05-25 15:40:41 +02:00
{ 'name': 'siret',
Add a self description attribute to payment backend Add first example to spplus backend.
2011-04-30 19:04:50 +02:00
'caption': 'Siret of the entreprise augmented with the '
'site number, example: 00000000000001-01',
'regexp': re.compile('^ *(\d{14}-\d{2}) *$')
Add default parameter to descriptions The __init__ method for spplus and dummy backends were moved to PaymentCommon. The same thing will happen to systempayv2 and sips backends.
2011-05-27 15:55:26 +02:00
},
change format of description records
2012-05-25 15:40:41 +02:00
{ 'name': 'langue',
Add default parameter to descriptions The __init__ method for spplus and dummy backends were moved to PaymentCommon. The same thing will happen to systempayv2 and sips backends.
2011-05-27 15:55:26 +02:00
'caption': 'Language of the customers',
'default': 'FR',
},
change format of description records
2012-05-25 15:40:41 +02:00
{ 'name': 'taxe',
Add default parameter to descriptions The __init__ method for spplus and dummy backends were moved to PaymentCommon. The same thing will happen to systempayv2 and sips backends.
2011-05-27 15:55:26 +02:00
'caption': 'Taxes',
'default': '0.00'
},
change format of description records
2012-05-25 15:40:41 +02:00
{ 'name': 'modalite',
[spplus] add two more parameters: modalite and moyen
2011-12-12 17:51:09 +01:00
'caption': '1x, 2x, 3x, xx, nx (if multiple separated by "/")',
'default': '1x',
},
change format of description records
2012-05-25 15:40:41 +02:00
{ 'name': 'moyen',
[spplus] add two more parameters: modalite and moyen
2011-12-12 17:51:09 +01:00
'caption': 'AUR, AMX, CBS, CGA, '
'CHK, DIN, PRE (if multiple separate by "/")',
'default': 'CBS',
},
change format of description records
2012-05-25 15:40:41 +02:00
]
Add a self description attribute to payment backend Add first example to spplus backend.
2011-04-30 19:04:50 +02:00
}
Add default parameter to descriptions The __init__ method for spplus and dummy backends were moved to PaymentCommon. The same thing will happen to systempayv2 and sips backends.
2011-05-27 15:55:26 +02:00
devise = '978'
First commit
2011-04-22 17:21:16 +02:00
pass order id to all backends (#9941)
2016-02-08 18:40:45 +01:00
def request(self, amount, name=None, address=None, email=None, phone=None,
orderid=None, info1=None, info2=None, info3=None, next_url=None,
logger=LOGGER, **kwargs):
standardise normal_return_url and automatic_return_url options (#9998)
2016-02-16 10:51:41 +01:00
logger.debug('requesting spplus payment with montant %s email=%s' % (amount, email))
First commit
2011-04-22 17:21:16 +02:00
reference = self.transaction_id(20, ALPHANUM, 'spplus', self.siret)
validite = dt.date.today()+dt.timedelta(days=1)
validite = validite.strftime('%d/%m/%Y')
fields = { 'siret': self.siret,
'devise': self.devise,
'langue': self.langue,
'taxe': self.taxe,
Fix SPPlus request method
2015-03-04 14:49:26 +01:00
'montant': str(Decimal(amount)),
pass order id to all backends (#9941)
2016-02-08 18:40:45 +01:00
REFERENCE: orderid or reference,
First commit
2011-04-22 17:21:16 +02:00
'validite': validite,
[spplus] add two more parameters: modalite and moyen
2011-12-12 17:51:09 +01:00
'version': '1',
'modalite': self.modalite,
'moyen': self.moyen }
First commit
2011-04-22 17:21:16 +02:00
if email:
fields['email'] = email
standardise normal_return_url and automatic_return_url options (#9998)
2016-02-16 10:51:41 +01:00
normal_return_url = self.normal_return_url
if next_url and not normal_return_url:
warnings.warn("passing next_url to request() is deprecated, "
"set normal_return_url in options", DeprecationWarning)
normal_return_url = next_url
if normal_return_url:
if (not normal_return_url.startswith('http://') \
and not normal_return_url.startswith('https://')) \
or '?' in normal_return_url:
raise ValueError('normal_return_url must be an absolute URL without parameters')
fields['urlretour'] = normal_return_url
allow to specify the logger to user
2012-02-20 17:14:30 +01:00
logger.debug('sending fields %s' % fields)
First commit
2011-04-22 17:21:16 +02:00
query = urllib.urlencode(fields)
[spplus] use the hmac computation method which always works
2011-12-12 17:18:52 +01:00
url = '%s?%s&hmac=%s' % (SERVICE_URL, query, sign_url_paiement(self.cle,
Ensure transaction id unicity, add logging to spplus
2011-04-26 12:41:19 +02:00
query))
allow to specify the logger to user
2012-02-20 17:14:30 +01:00
logger.debug('full url %s' % url)
Ensure transaction id unicity, add logging to spplus
2011-04-26 12:41:19 +02:00
return reference, URL, url
First commit
2011-04-22 17:21:16 +02:00
eopayment: make all response() methods accept **kwargs (#7496)
2015-07-16 14:12:15 +02:00
def response(self, query_string, logger=LOGGER, **kwargs):
First commit
2011-04-22 17:21:16 +02:00
form = urlparse.parse_qs(query_string)
general: check responses for required attributes as 1st processing step (#9729)
2016-03-09 22:31:40 +01:00
if not set(form) >= set([REFERENCE, ETAT, REFSFP]):
raise ResponseError()
python3: use items instead of iteritems
2018-03-26 09:50:12 +02:00
for key, value in form.items():
in spplus, flatten parsed response query string before using it
2012-02-20 16:48:44 +01:00
form[key] = value[0]
allow to specify the logger to user
2012-02-20 17:14:30 +01:00
logger.debug('received query_string %s' % query_string)
logger.debug('parsed as %s' % form)
First commit
2011-04-22 17:21:16 +02:00
reference = form.get(REFERENCE)
in the spplus backend, create the response's bank_status using the response code translation table recently added
2012-02-17 18:17:56 +01:00
bank_status = []
better return transaction state
2012-02-20 19:07:55 +01:00
signed = False
Add a new PaymentResponse to abstract the return value of the response method
2012-02-17 17:49:51 +01:00
form[self.BANK_ID] = form.get(REFSFP)
in the spplus backend, create the response's bank_status using the response code translation table recently added
2012-02-17 18:17:56 +01:00
etat = form.get('etat')
status = '%s: %s' % (etat, SPPLUS_RESPONSE_CODES.get(etat, 'Unknown code'))
better return transaction state
2012-02-20 19:07:55 +01:00
logger.debug('status is %s', status)
in the spplus backend, create the response's bank_status using the response code translation table recently added
2012-02-17 18:17:56 +01:00
bank_status.append(status)
Add a new PaymentResponse to abstract the return value of the response method
2012-02-17 17:49:51 +01:00
if 'hmac' in form:
First commit
2011-04-22 17:21:16 +02:00
try:
signed_data, signature = query_string.rsplit('&', 1)
_, hmac = signature.split('=', 1)
allow to specify the logger to user
2012-02-20 17:14:30 +01:00
logger.debug('got signature %s' % hmac)
Add a self description attribute to payment backend Add first example to spplus backend.
2011-04-30 19:04:50 +02:00
computed_hmac = sign_ntkey_query(self.cle, signed_data)
[spplus] fix logging statement
2012-02-20 21:02:49 +01:00
logger.debug('computed signature %s' % computed_hmac)
better return transaction state
2012-02-20 19:07:55 +01:00
signed = hmac == computed_hmac
if not signed:
in the spplus backend, create the response's bank_status using the response code translation table recently added
2012-02-17 18:17:56 +01:00
bank_status.append('invalid signature')
First commit
2011-04-22 17:21:16 +02:00
except ValueError:
in the spplus backend, create the response's bank_status using the response code translation table recently added
2012-02-17 18:17:56 +01:00
bank_status.append('invalid signature')
add response.test flag on tipi, spplus and systempayv2 only.
2014-03-30 19:27:48 +02:00
test = False
better return transaction state
2012-02-20 19:07:55 +01:00
if etat in PAID_STATE:
result = PAID
fix typo in spplus
2012-02-20 19:44:30 +01:00
elif etat in ACCEPTED_STATE:
better return transaction state
2012-02-20 19:07:55 +01:00
result = ACCEPTED
elif etat in VALID_STATE:
result = RECEIVED
add response.test flag on tipi, spplus and systempayv2 only.
2014-03-30 19:27:48 +02:00
elif etat in TEST_STATE:
result = RECEIVED # what else ?
test = True
better return transaction state
2012-02-20 19:07:55 +01:00
else:
result = ERROR
Add a new PaymentResponse to abstract the return value of the response method
2012-02-17 17:49:51 +01:00
response = PaymentResponse(
result=result,
better return transaction state
2012-02-20 19:07:55 +01:00
signed=signed,
Add a new PaymentResponse to abstract the return value of the response method
2012-02-17 17:49:51 +01:00
bank_data=form,
order_id=reference,
transaction_id=form[self.BANK_ID],
in the spplus backend, create the response's bank_status using the response code translation table recently added
2012-02-17 18:17:56 +01:00
bank_status=' - '.join(bank_status),
add response.test flag on tipi, spplus and systempayv2 only.
2014-03-30 19:27:48 +02:00
return_content=SPCHECKOK,
test=test)
Add a new PaymentResponse to abstract the return value of the response method
2012-02-17 17:49:51 +01:00
return response
First commit
2011-04-22 17:21:16 +02:00
if __name__ == '__main__':
import sys
ntkey = '58 6d fc 9c 34 91 9b 86 3f fd 64 63 c9 13 4a 26 ba 29 74 1e c7 e9 80 79'
[spplus] add way to test from command line
2011-12-12 17:05:02 +01:00
if len(sys.argv) == 2:
python3: use print() for compatibility
2018-03-26 09:38:02 +02:00
print(sign_url_paiement(ntkey, sys.argv[1]))
print(sign_ntkey_query(ntkey, sys.argv[1]))
[spplus] add way to test from command line
2011-12-12 17:05:02 +01:00
elif len(sys.argv) > 2:
python3: use print() for compatibility
2018-03-26 09:38:02 +02:00
print(sign_url_paiement(sys.argv[1], sys.argv[2]))
print(sign_ntkey_query(sys.argv[1], sys.argv[2]))