summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBenjamin Dauvergne <bdauvergne@entrouvert.com>2020-10-10 10:36:57 (GMT)
committerBenjamin Dauvergne <bdauvergne@entrouvert.com>2020-10-15 19:04:51 (GMT)
commitb1ebd698b3f206d4d389c5a979ebd88fe38e0419 (patch)
treea0c605ca30c53e5123720530fa41f58e048168b2
parentb0ca39636ae145a640081c97eb2aa499a801d854 (diff)
downloadeopayment-b1ebd698b3f206d4d389c5a979ebd88fe38e0419.zip
eopayment-b1ebd698b3f206d4d389c5a979ebd88fe38e0419.tar.gz
eopayment-b1ebd698b3f206d4d389c5a979ebd88fe38e0419.tar.bz2
systempayv2: do not use filesystem for unique vads_trans_id (#47534)
vads_trans_id character space is larger than what we use, using 6 alphanumeric characters probability of collision on a day is small, 1 on 2*10^9. https://paiement.systempay.fr/doc/fr-FR/form-payment/reference/vads-trans-id.html
-rw-r--r--eopayment/systempayv2.py27
1 files changed, 23 insertions, 4 deletions
diff --git a/eopayment/systempayv2.py b/eopayment/systempayv2.py
index 04cb222..5c6582a 100644
--- a/eopayment/systempayv2.py
+++ b/eopayment/systempayv2.py
@@ -20,7 +20,10 @@ import pytz
import datetime as dt
import hashlib
import hmac
+import random
+import re
import string
+import six
from six.moves.urllib import parse as urlparse
import warnings
from gettext import gettext as _
@@ -315,6 +318,21 @@ class Payment(PaymentCommon):
options = add_vads(options)
self.options = options
+ def make_vads_trans_id(self):
+ # vads_trans_id must be 6 alphanumeric characters,
+ # trans_id starting with 9 are reserved for the systempay backoffice
+ # https://paiement.systempay.fr/doc/fr-FR/form-payment/reference/vads-trans-id.html
+ gen = random.SystemRandom()
+ if six.PY3:
+ alphabet = string.ascii_letters + string.digits
+ else:
+ alphabet = string.letters + string.digits
+ first_letter_alphabet = alphabet.replace('9', '')
+ vads_trans_id = (
+ gen.choice(first_letter_alphabet)
+ + ''.join(gen.choice(alphabet) for i in range(5))
+ )
+ return vads_trans_id
def request(self, amount, name=None, first_name=None, last_name=None,
address=None, email=None, phone=None, orderid=None, info1=None,
@@ -369,9 +387,10 @@ class Payment(PaymentCommon):
'%s value %s is not of the type %s' % (name, orderid, ptype))
kwargs[name] = orderid
- transaction_id = self.transaction_id(6, string.digits, 'systempay',
- self.options[VADS_SITE_ID])
- kwargs[VADS_TRANS_ID] = force_text(transaction_id)
+ vads_trans_id = self.make_vads_trans_id()
+ assert re.match(r'^[0-9a-zA-Z]{6}$', vads_trans_id)
+
+ kwargs[VADS_TRANS_ID] = vads_trans_id
fields = kwargs
for parameter in PARAMETERS:
name = parameter.name
@@ -393,7 +412,7 @@ class Payment(PaymentCommon):
check_vads(fields)
fields[SIGNATURE] = force_text(self.signature(fields))
self.logger.debug('%s request contains fields: %s', __name__, fields)
- transaction_id = '%s_%s' % (fields[VADS_TRANS_DATE], transaction_id)
+ transaction_id = '%s_%s' % (fields[VADS_TRANS_DATE], vads_trans_id)
self.logger.debug('%s transaction id: %s', __name__, transaction_id)
form = Form(
url=self.service_url,