tandem
/
camper
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
camper/pkg/redsys/client.go

175 lines
4.8 KiB
Go
Raw Normal View History

Add the first draft of the booking and payment forms The form is based on the one in the current website, but in a single page instead of split into many pages; possibly each <fieldset> should be in a separate page/view. The idea is for Oriol to check the design and decide how it would be presented to the user, so i needed something to show him first. I hardcoded the **test** data for the customer’s Redsys account. Is this bad? I hope not, but i am not really, really sure. The data sent to Redsys is just a placeholder because there are booking details that i do not know, like what i have to do with the “teenagers” field or the area preferences, thus i can not yet have a booking relation. Nevertheless, had to generate a random order number up to 12-chars in length or Redsys would refuse the payment, claiming that the order is duplicated. The Redsys package is based on the PHP code provided by Redsys themselves, plus some hints at the implementations from various Go packages that did not know why they were so complicated. Had to grant select on table country to guest in order to show the select with the country options. I have changed the “Postal code” input in taxDetails for “Postcode” because this is the spell that it is used in the current web, i did not see a reason to change it—it is an accepted form—, and i did not want to have inconsistencies between forms.
2023-10-19 19:37:34 +00:00
/*
* SPDX-FileCopyrightText: 2023 jordi fita mas <jfita@peritasoft.com>
* SPDX-License-Identifier: AGPL-3.0-only
*/
package redsys
import (
"bytes"
"crypto/cipher"
"crypto/des"
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"encoding/json"
"fmt"
"strings"
)
type Language int
const (
LanguageDefault Language = 0
LanguageSpanish Language = 1
LanguageEnglish Language = 2
LanguageCatalan Language = 3
LanguageFrench Language = 4
)
type TransactionType int
const (
TransactionTypeCharge TransactionType = 0
TransactionTypeRefund TransactionType = 3
TransactionTypePreauth TransactionType = 1
TransactionTypePreauthConfirm TransactionType = 2
TransactionTypePreauthVoid TransactionType = 9
TransactionTypeSplitAuth TransactionType = 7
TransactionTypeSplitConfirm TransactionType = 8
)
type Currency int
// Source: https://sis-d.redsys.es/pagosonline/codigos-autorizacion.html#monedas
// The codes seem to be the same as ISO 4217 https://en.wikipedia.org/wiki/ISO_4217
const (
CurrencyEUR Currency = 978
)
type Request struct {
TransactionType TransactionType
Amount int64
Currency Currency
Order string
Product string
CardHolder string
SuccessURL string
FailureURL string
ConsumerLanguage Language
}
type merchantParameters struct {
MerchantCode string `json:"Ds_Merchant_MerchantCode"`
Terminal string `json:"Ds_Merchant_Terminal"`
TransactionType TransactionType `json:"Ds_Merchant_TransactionType,string"`
Amount int64 `json:"Ds_Merchant_Amount,string"`
Currency Currency `json:"Ds_Merchant_Currency,string"`
Order string `json:"Ds_Merchant_Order"`
MerchantURL string `json:"Ds_Merchant_MerchantURL,omitempty"`
Product string `json:"Ds_Merchant_ProductDescription,omitempty"`
CardHolder string `json:"Ds_Merchant_Titular,omitempty"`
SuccessURL string `json:"Ds_Merchant_UrlOK,omitempty"`
FailureURL string `json:"Ds_Merchant_UrlKO,omitempty"`
MerchantName string `json:"Ds_Merchant_MerchantName,omitempty"`
ConsumerLanguage Language `json:"Ds_Merchant_ConsumerLanguage,string,omitempty"`
}
type Client struct {
merchantCode string
terminalCode string
crypto cipher.Block
}
func New(merchantCode string, terminalCode string, key string) (*Client, error) {
b, err := base64.StdEncoding.DecodeString(key)
if err != nil {
return nil, fmt.Errorf("key is invalid base64: %v", err)
}
crypto, err := des.NewTripleDESCipher(b)
if err != nil {
return nil, err
}
return &Client{
merchantCode: merchantCode,
terminalCode: terminalCode,
crypto: crypto,
}, nil
}
func (p *Client) SignRequest(req *Request) (*SignedRequest, error) {
signed := &SignedRequest{
SignatureVersion: "HMAC_SHA256_V1",
}
params := &merchantParameters{
MerchantCode: p.merchantCode,
Terminal: p.terminalCode,
TransactionType: req.TransactionType,
Amount: req.Amount,
Currency: req.Currency,
Order: req.Order,
MerchantURL: "http://localhost/ca/",
Product: req.Product,
CardHolder: req.CardHolder,
SuccessURL: req.SuccessURL,
FailureURL: req.FailureURL,
MerchantName: "Merchant Here",
ConsumerLanguage: req.ConsumerLanguage,
}
var err error
signed.MerchantParameters, err = encodeMerchantParameters(params)
if err != nil {
return nil, err
}
signed.Signature = p.sign(params.Order, signed.MerchantParameters)
return signed, nil
}
func encodeMerchantParameters(params *merchantParameters) (string, error) {
marshalled, err := json.Marshal(params)
if err != nil {
return "", err
}
return base64.URLEncoding.EncodeToString(marshalled), err
}
func (p *Client) sign(id string, data string) string {
key := encrypt3DES(id, p.crypto)
return mac256(data, key)
}
var iv = []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
func encrypt3DES(str string, crypto cipher.Block) string {
cbc := cipher.NewCBCEncrypter(crypto, iv)
decrypted := []byte(str)
decryptedPadded, _ := zeroPad(decrypted, crypto.BlockSize())
cbc.CryptBlocks(decryptedPadded, decryptedPadded)
return base64.StdEncoding.EncodeToString(decryptedPadded)
}
func zeroPad(data []byte, blockLen int) ([]byte, error) {
padLen := (blockLen - (len(data) % blockLen)) % blockLen
pad := bytes.Repeat([]byte{0x00}, padLen)
return append(data, pad...), nil
}
func mac256(data string, key string) string {
decodedKey, _ := base64.StdEncoding.DecodeString(key)
res := hmac.New(sha256.New, decodedKey)
res.Write([]byte(strings.TrimSpace(data)))
result := res.Sum(nil)
return base64.StdEncoding.EncodeToString(result)
}
type SignedRequest struct {
MerchantParameters string
Signature string
SignatureVersion string
}