ogone: check signature using both iso-8859-1 and utf-8 encodings (#51304)
This commit is contained in:
parent
1f3c6826ee
commit
2acbdd4095
|
@ -485,7 +485,7 @@ class Payment(PaymentCommon):
|
|||
]
|
||||
}
|
||||
|
||||
def sha_sign(self, algo, key, params, keep):
|
||||
def sha_sign(self, algo, key, params, keep, encoding='iso-8859-1'):
|
||||
'''Ogone signature algorithm of query string'''
|
||||
values = params.items()
|
||||
values = [(a.upper(), b) for a, b in values]
|
||||
|
@ -493,15 +493,15 @@ class Payment(PaymentCommon):
|
|||
values = [u'%s=%s' % (a, b) for a, b in values if a in keep and b]
|
||||
tosign = key.join(values)
|
||||
tosign += key
|
||||
tosign = force_byte(tosign, encoding='iso-8859-1')
|
||||
tosign = force_byte(tosign, encoding=encoding)
|
||||
hashing = getattr(hashlib, algo)
|
||||
return hashing(tosign).hexdigest().upper()
|
||||
|
||||
def sha_sign_in(self, params):
|
||||
return self.sha_sign(self.hash_algorithm, self.sha_in, params, SHA_IN_PARAMS)
|
||||
def sha_sign_in(self, params, encoding='iso-8859-1'):
|
||||
return self.sha_sign(self.hash_algorithm, self.sha_in, params, SHA_IN_PARAMS, encoding=encoding)
|
||||
|
||||
def sha_sign_out(self, params):
|
||||
return self.sha_sign(self.hash_algorithm, self.sha_out, params, SHA_OUT_PARAMS)
|
||||
def sha_sign_out(self, params, encoding='iso-8859-1'):
|
||||
return self.sha_sign(self.hash_algorithm, self.sha_out, params, SHA_OUT_PARAMS, encoding=encoding)
|
||||
|
||||
def get_request_url(self):
|
||||
if self.environment == ENVIRONMENT_TEST:
|
||||
|
@ -582,8 +582,12 @@ class Payment(PaymentCommon):
|
|||
signed = False
|
||||
if self.sha_in:
|
||||
signature = params.get('SHASIGN')
|
||||
expected_signature = self.sha_sign_out(params)
|
||||
signed = signature == expected_signature
|
||||
# check signature against both encoding
|
||||
for encoding in ('iso-8859-1', 'utf-8'):
|
||||
expected_signature = self.sha_sign_out(params, encoding=encoding)
|
||||
signed = signature == expected_signature
|
||||
if signed:
|
||||
break
|
||||
if status == '1':
|
||||
result = CANCELLED
|
||||
elif status == '2':
|
||||
|
|
|
@ -129,3 +129,14 @@ class OgoneTests(TestCase):
|
|||
response = ogone_backend.response(urllib.urlencode(data))
|
||||
assert response.signed
|
||||
assert response.result == eopayment.WAITING
|
||||
|
||||
# check utf-8 based signature is also ok
|
||||
data['shasign'] = b'0E35F687ACBEAA6CA769E0ADDBD0863EB6C1678A'
|
||||
response = ogone_backend.response(urllib.urlencode(data))
|
||||
assert response.signed
|
||||
assert response.result == eopayment.WAITING
|
||||
|
||||
# check invalid signature is not marked ok
|
||||
data['shasign'] = b'0000000000000000000000000000000000000000'
|
||||
response = ogone_backend.response(urllib.urlencode(data))
|
||||
assert not response.signed
|
||||
|
|
Loading…
Reference in New Issue