authorizenet 2.0.0 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/lib/app/helpers/authorize_net_helper.rb +23 -23
- data/lib/authorize_net.rb +62 -62
- data/lib/authorize_net/api/LogHelper.rb +97 -97
- data/lib/authorize_net/api/SensitiveDataFilter.rb +92 -92
- data/lib/authorize_net/api/api_transaction.rb +129 -129
- data/lib/authorize_net/api/constants.yml +1 -1
- data/lib/authorize_net/api/schema.rb +5480 -5421
- data/lib/authorize_net/api/transaction.rb +265 -265
- data/lib/authorize_net/authorize_net.rb +154 -154
- data/lib/authorize_net/response.rb +23 -23
- data/lib/authorize_net/transaction.rb +64 -64
- data/lib/authorize_net/xml_response.rb +154 -154
- data/lib/authorize_net/xml_transaction.rb +279 -279
- data/lib/authorizenet.rb +4 -4
- metadata +26 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 97d213dfc079edcb493e06b538e45ea48b7109dcc8a9ee0048c19a37f810b677
|
4
|
+
data.tar.gz: 384c4b78ca409bd61f0b19dd7aa0291ec26a47e5687fc68a6e5938e620cc8b4d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e08e6c0a987090ffd06ba7abfa855bee01fb1d6dedbef668a78c106a0bac0a4fdf6da2ec733f2882d8fd276caac87aaf2fcbad0a414c238e72fff6e3aa49b1b3
|
7
|
+
data.tar.gz: 6f774b50617975905fda052796d92f0c00c576d48e4b446183c3c5f4ed99433bbd8b2eab8082ee13988aee9d598901b8f12dec5f05269c3d02d7a88cf8011129
|
@@ -1,23 +1,23 @@
|
|
1
|
-
# The Authorize.Net Rails Helper module. Provides methods to assist with integrating the various APIs.
|
2
|
-
|
3
|
-
module AuthorizeNetHelper
|
4
|
-
# Generates a collection of hidden form fields (as a raw HTML string) for a AuthorizeNet::SIM::Transaction
|
5
|
-
# (sim_transaction). You can specify any html_options that hidden_field_tag accepts, and the
|
6
|
-
# hidden fields will be built with those options.
|
7
|
-
def sim_fields(sim_transaction, html_options = {})
|
8
|
-
fields = sim_transaction.form_fields.collect do |k, v|
|
9
|
-
if v.is_a? Array
|
10
|
-
v.collect { |val| hidden_field_tag(k, val, html_options) }
|
11
|
-
else
|
12
|
-
hidden_field_tag(k, v, html_options)
|
13
|
-
end
|
14
|
-
end
|
15
|
-
fields.flatten!
|
16
|
-
field_str = fields.join("\n")
|
17
|
-
if field_str.respond_to?(:html_safe)
|
18
|
-
return field_str.html_safe
|
19
|
-
else
|
20
|
-
return field_str
|
21
|
-
end
|
22
|
-
end
|
23
|
-
end
|
1
|
+
# The Authorize.Net Rails Helper module. Provides methods to assist with integrating the various APIs.
|
2
|
+
|
3
|
+
module AuthorizeNetHelper
|
4
|
+
# Generates a collection of hidden form fields (as a raw HTML string) for a AuthorizeNet::SIM::Transaction
|
5
|
+
# (sim_transaction). You can specify any html_options that hidden_field_tag accepts, and the
|
6
|
+
# hidden fields will be built with those options.
|
7
|
+
def sim_fields(sim_transaction, html_options = {})
|
8
|
+
fields = sim_transaction.form_fields.collect do |k, v|
|
9
|
+
if v.is_a? Array
|
10
|
+
v.collect { |val| hidden_field_tag(k, val, html_options) }
|
11
|
+
else
|
12
|
+
hidden_field_tag(k, v, html_options)
|
13
|
+
end
|
14
|
+
end
|
15
|
+
fields.flatten!
|
16
|
+
field_str = fields.join("\n")
|
17
|
+
if field_str.respond_to?(:html_safe)
|
18
|
+
return field_str.html_safe
|
19
|
+
else
|
20
|
+
return field_str
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
data/lib/authorize_net.rb
CHANGED
@@ -1,62 +1,62 @@
|
|
1
|
-
# The SDK initialization enters here. Loads all needed libraries and files. Inspects
|
2
|
-
# the current runtime to see if Rails is present. If it is, we inject our helper into
|
3
|
-
# ActiveSupport.
|
4
|
-
|
5
|
-
# coverall
|
6
|
-
# require 'coveralls'
|
7
|
-
# Coveralls.wear!
|
8
|
-
|
9
|
-
require "cgi"
|
10
|
-
require "net/https"
|
11
|
-
require "uri"
|
12
|
-
require "openssl"
|
13
|
-
require 'bigdecimal'
|
14
|
-
require 'nokogiri'
|
15
|
-
require 'date'
|
16
|
-
|
17
|
-
# TODO: Add local data validation where possible
|
18
|
-
|
19
|
-
$LOAD_PATH.unshift File.dirname(__FILE__)
|
20
|
-
|
21
|
-
require "authorize_net/authorize_net"
|
22
|
-
# require "authorize_net/customer"
|
23
|
-
# require "authorize_net/email_receipt"
|
24
|
-
# require "authorize_net/order"
|
25
|
-
# require "authorize_net/line_item"
|
26
|
-
require "authorize_net/response"
|
27
|
-
# require "authorize_net/key_value_response"
|
28
|
-
require "authorize_net/xml_response"
|
29
|
-
require "authorize_net/transaction"
|
30
|
-
# require "authorize_net/key_value_transaction"
|
31
|
-
require "authorize_net/xml_transaction"
|
32
|
-
|
33
|
-
# API
|
34
|
-
require "authorize_net/api/schema"
|
35
|
-
require "authorize_net/api/api_transaction"
|
36
|
-
require "authorize_net/api/transaction"
|
37
|
-
|
38
|
-
# Load our Rails plugin
|
39
|
-
|
40
|
-
if defined?(Rails)
|
41
|
-
if defined?(Rails::Railtie)
|
42
|
-
module AuthorizeNet
|
43
|
-
class Railtie < Rails::Railtie
|
44
|
-
initializer "authorize_net.load_path_initialize" do |_app|
|
45
|
-
%w[models controllers helpers].each do |dir|
|
46
|
-
path = File.join(File.dirname(__FILE__), 'app', dir)
|
47
|
-
$LOAD_PATH << path
|
48
|
-
ActiveSupport::Dependencies.autoload_paths << path
|
49
|
-
ActiveSupport::Dependencies.autoload_once_paths.delete(path)
|
50
|
-
end
|
51
|
-
end
|
52
|
-
end
|
53
|
-
end
|
54
|
-
else
|
55
|
-
%w[models controllers helpers].each do |dir|
|
56
|
-
path = File.join(File.dirname(__FILE__), 'app', dir)
|
57
|
-
$LOAD_PATH << path
|
58
|
-
ActiveSupport::Dependencies.load_paths << path
|
59
|
-
ActiveSupport::Dependencies.load_once_paths.delete(path)
|
60
|
-
end
|
61
|
-
end
|
62
|
-
end
|
1
|
+
# The SDK initialization enters here. Loads all needed libraries and files. Inspects
|
2
|
+
# the current runtime to see if Rails is present. If it is, we inject our helper into
|
3
|
+
# ActiveSupport.
|
4
|
+
|
5
|
+
# coverall
|
6
|
+
# require 'coveralls'
|
7
|
+
# Coveralls.wear!
|
8
|
+
|
9
|
+
require "cgi"
|
10
|
+
require "net/https"
|
11
|
+
require "uri"
|
12
|
+
require "openssl"
|
13
|
+
require 'bigdecimal'
|
14
|
+
require 'nokogiri'
|
15
|
+
require 'date'
|
16
|
+
|
17
|
+
# TODO: Add local data validation where possible
|
18
|
+
|
19
|
+
$LOAD_PATH.unshift File.dirname(__FILE__)
|
20
|
+
|
21
|
+
require "authorize_net/authorize_net"
|
22
|
+
# require "authorize_net/customer"
|
23
|
+
# require "authorize_net/email_receipt"
|
24
|
+
# require "authorize_net/order"
|
25
|
+
# require "authorize_net/line_item"
|
26
|
+
require "authorize_net/response"
|
27
|
+
# require "authorize_net/key_value_response"
|
28
|
+
require "authorize_net/xml_response"
|
29
|
+
require "authorize_net/transaction"
|
30
|
+
# require "authorize_net/key_value_transaction"
|
31
|
+
require "authorize_net/xml_transaction"
|
32
|
+
|
33
|
+
# API
|
34
|
+
require "authorize_net/api/schema"
|
35
|
+
require "authorize_net/api/api_transaction"
|
36
|
+
require "authorize_net/api/transaction"
|
37
|
+
|
38
|
+
# Load our Rails plugin
|
39
|
+
|
40
|
+
if defined?(Rails)
|
41
|
+
if defined?(Rails::Railtie)
|
42
|
+
module AuthorizeNet
|
43
|
+
class Railtie < Rails::Railtie
|
44
|
+
initializer "authorize_net.load_path_initialize" do |_app|
|
45
|
+
%w[models controllers helpers].each do |dir|
|
46
|
+
path = File.join(File.dirname(__FILE__), 'app', dir)
|
47
|
+
$LOAD_PATH << path
|
48
|
+
ActiveSupport::Dependencies.autoload_paths << path
|
49
|
+
ActiveSupport::Dependencies.autoload_once_paths.delete(path)
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
else
|
55
|
+
%w[models controllers helpers].each do |dir|
|
56
|
+
path = File.join(File.dirname(__FILE__), 'app', dir)
|
57
|
+
$LOAD_PATH << path
|
58
|
+
ActiveSupport::Dependencies.load_paths << path
|
59
|
+
ActiveSupport::Dependencies.load_once_paths.delete(path)
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
@@ -1,97 +1,97 @@
|
|
1
|
-
require 'logger'
|
2
|
-
require 'yaml'
|
3
|
-
require File.join File.dirname(__FILE__), 'SensitiveDataFilter'
|
4
|
-
|
5
|
-
module AuthorizeNet::API
|
6
|
-
class Log
|
7
|
-
@@shouldLog = false
|
8
|
-
@@loglevels = ['debug','info','warn','error']
|
9
|
-
def initialize()
|
10
|
-
begin
|
11
|
-
filepath = './LogConfig.yml'
|
12
|
-
if(File.file?(filepath))
|
13
|
-
cnf = YAML::load(File.open(filepath))
|
14
|
-
if(@@loglevels.include? cnf['loglevel'].downcase)
|
15
|
-
@@shouldLog = true
|
16
|
-
@logger = Logger.new(cnf['filepath'])
|
17
|
-
@logger.level = LogLevelMapper(cnf['loglevel'].downcase)
|
18
|
-
if(cnf['maskSensitiveData'])
|
19
|
-
@logger.formatter = SensitiveDataFilter.new
|
20
|
-
else
|
21
|
-
constants = YAML.load_file(File.dirname(__FILE__) + "/constants.yml")
|
22
|
-
@logger.formatter = proc do |severity, datetime, progname, msg|
|
23
|
-
progname = constants['clientId']
|
24
|
-
date_format = datetime.strftime("%Y-%m-%d %H:%M:%S")
|
25
|
-
if severity == "INFO" or severity == "WARN"
|
26
|
-
"[#{date_format}] #{severity} (#{progname}): #{msg}\n"
|
27
|
-
else
|
28
|
-
"[#{date_format}] #{severity} (#{progname}): #{msg}\n"
|
29
|
-
end
|
30
|
-
end
|
31
|
-
end
|
32
|
-
else
|
33
|
-
raise "Invalid log levels"
|
34
|
-
end
|
35
|
-
else
|
36
|
-
@@shouldLog = false
|
37
|
-
end
|
38
|
-
rescue
|
39
|
-
@@shouldLog = false
|
40
|
-
end
|
41
|
-
end
|
42
|
-
def debug(message)
|
43
|
-
if(@@shouldLog)
|
44
|
-
begin
|
45
|
-
@logger.debug message
|
46
|
-
rescue Exception => ex
|
47
|
-
ex
|
48
|
-
end
|
49
|
-
end
|
50
|
-
end
|
51
|
-
def info(message)
|
52
|
-
if(@@shouldLog)
|
53
|
-
begin
|
54
|
-
@logger.info message
|
55
|
-
rescue Exception => ex
|
56
|
-
ex
|
57
|
-
end
|
58
|
-
end
|
59
|
-
end
|
60
|
-
def warn(message)
|
61
|
-
if(@@shouldLog)
|
62
|
-
begin
|
63
|
-
@logger.warn message
|
64
|
-
rescue Exception => ex
|
65
|
-
ex
|
66
|
-
end
|
67
|
-
end
|
68
|
-
end
|
69
|
-
def error(message)
|
70
|
-
if(@@shouldLog)
|
71
|
-
begin
|
72
|
-
@logger.error message
|
73
|
-
rescue Exception => ex
|
74
|
-
ex
|
75
|
-
end
|
76
|
-
end
|
77
|
-
end
|
78
|
-
def LogLevelMapper(loglevel)
|
79
|
-
case loglevel
|
80
|
-
when 'debug'
|
81
|
-
Logger::DEBUG
|
82
|
-
when 'info'
|
83
|
-
Logger::INFO
|
84
|
-
when 'warn'
|
85
|
-
Logger::WARN
|
86
|
-
when 'error'
|
87
|
-
Logger::ERROR
|
88
|
-
end
|
89
|
-
end
|
90
|
-
end
|
91
|
-
|
92
|
-
class LogHelper
|
93
|
-
def self.log
|
94
|
-
Log.new
|
95
|
-
end
|
96
|
-
end
|
97
|
-
end
|
1
|
+
require 'logger'
|
2
|
+
require 'yaml'
|
3
|
+
require File.join File.dirname(__FILE__), 'SensitiveDataFilter'
|
4
|
+
|
5
|
+
module AuthorizeNet::API
|
6
|
+
class Log
|
7
|
+
@@shouldLog = false
|
8
|
+
@@loglevels = ['debug','info','warn','error']
|
9
|
+
def initialize()
|
10
|
+
begin
|
11
|
+
filepath = './LogConfig.yml'
|
12
|
+
if(File.file?(filepath))
|
13
|
+
cnf = YAML::load(File.open(filepath))
|
14
|
+
if(@@loglevels.include? cnf['loglevel'].downcase)
|
15
|
+
@@shouldLog = true
|
16
|
+
@logger = Logger.new(cnf['filepath'])
|
17
|
+
@logger.level = LogLevelMapper(cnf['loglevel'].downcase)
|
18
|
+
if(cnf['maskSensitiveData'])
|
19
|
+
@logger.formatter = SensitiveDataFilter.new
|
20
|
+
else
|
21
|
+
constants = YAML.load_file(File.dirname(__FILE__) + "/constants.yml")
|
22
|
+
@logger.formatter = proc do |severity, datetime, progname, msg|
|
23
|
+
progname = constants['clientId']
|
24
|
+
date_format = datetime.strftime("%Y-%m-%d %H:%M:%S")
|
25
|
+
if severity == "INFO" or severity == "WARN"
|
26
|
+
"[#{date_format}] #{severity} (#{progname}): #{msg}\n"
|
27
|
+
else
|
28
|
+
"[#{date_format}] #{severity} (#{progname}): #{msg}\n"
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
else
|
33
|
+
raise "Invalid log levels"
|
34
|
+
end
|
35
|
+
else
|
36
|
+
@@shouldLog = false
|
37
|
+
end
|
38
|
+
rescue
|
39
|
+
@@shouldLog = false
|
40
|
+
end
|
41
|
+
end
|
42
|
+
def debug(message)
|
43
|
+
if(@@shouldLog)
|
44
|
+
begin
|
45
|
+
@logger.debug message
|
46
|
+
rescue Exception => ex
|
47
|
+
ex
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
def info(message)
|
52
|
+
if(@@shouldLog)
|
53
|
+
begin
|
54
|
+
@logger.info message
|
55
|
+
rescue Exception => ex
|
56
|
+
ex
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
def warn(message)
|
61
|
+
if(@@shouldLog)
|
62
|
+
begin
|
63
|
+
@logger.warn message
|
64
|
+
rescue Exception => ex
|
65
|
+
ex
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
def error(message)
|
70
|
+
if(@@shouldLog)
|
71
|
+
begin
|
72
|
+
@logger.error message
|
73
|
+
rescue Exception => ex
|
74
|
+
ex
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
78
|
+
def LogLevelMapper(loglevel)
|
79
|
+
case loglevel
|
80
|
+
when 'debug'
|
81
|
+
Logger::DEBUG
|
82
|
+
when 'info'
|
83
|
+
Logger::INFO
|
84
|
+
when 'warn'
|
85
|
+
Logger::WARN
|
86
|
+
when 'error'
|
87
|
+
Logger::ERROR
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
class LogHelper
|
93
|
+
def self.log
|
94
|
+
Log.new
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
@@ -1,92 +1,92 @@
|
|
1
|
-
require 'logger'
|
2
|
-
|
3
|
-
module AuthorizeNet::API
|
4
|
-
class SensitiveTag
|
5
|
-
attr_accessor :tagName, :pattern, :replacement, :disableMask
|
6
|
-
def initialize(tagName, pattern, replacement, disableMask)
|
7
|
-
@tagName = tagName
|
8
|
-
@pattern = pattern
|
9
|
-
@replacement = replacement
|
10
|
-
@disableMask = disableMask
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
|
-
class SensitiveDataConfigType
|
15
|
-
attr_accessor :sensitiveTags, :sensitiveStringRegexes
|
16
|
-
def initialize
|
17
|
-
@sensitiveTags = Array.new([SensitiveTag.new("cardCode", "", "XXX", false),
|
18
|
-
SensitiveTag.new("cardNumber", "(\\p{N}+)(\\p{N}{4})", "XXXX-\\2", false),
|
19
|
-
SensitiveTag.new("expirationDate", "", "XXX", false),
|
20
|
-
SensitiveTag.new("accountNumber", "(\\p{N}+)(\\p{N}{4})", "XXXX-\\2", false),
|
21
|
-
SensitiveTag.new("nameOnAccount", "", "XXX", false),
|
22
|
-
SensitiveTag.new("transactionKey", "", "XXX", false)]).freeze
|
23
|
-
@sensitiveStringRegexes = ["4\\p{N}{3}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
24
|
-
"4\\p{N}{3}([\\ \\-]?)(?:\\p{N}{4}\\1){2}\\p{N}(?:\\p{N}{3})?",
|
25
|
-
"5[1-5]\\p{N}{2}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
26
|
-
"6(?:011|22(?:1(?=[\\ \\-]?(?:2[6-9]|[3-9]))|[2-8]|9(?=[\\ \\-]?(?:[01]|2[0-5])))|4[4-9]\\p{N}|5\\p{N}\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
27
|
-
"35(?:2[89]|[3-8]\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
28
|
-
"3[47]\\p{N}\\p{N}([\\ \\-]?)\\p{N}{6}\\1\\p{N}{5}"].freeze
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
class SensitiveDataFilter < Logger::Formatter
|
33
|
-
@@sensitiveTagConfig = nil
|
34
|
-
@@tagPatterns = nil
|
35
|
-
@@tagReplacements = nil
|
36
|
-
@@cardPatterns = nil
|
37
|
-
|
38
|
-
def initialize
|
39
|
-
@@sensitiveTagConfig = SensitiveDataConfigType.new
|
40
|
-
@@cardPatterns = @@sensitiveTagConfig.sensitiveStringRegexes
|
41
|
-
@@tagPatterns = Array.new(@@sensitiveTagConfig.sensitiveStringRegexes.length)
|
42
|
-
@@tagReplacements = Array.new(@@sensitiveTagConfig.sensitiveTags.length)
|
43
|
-
|
44
|
-
@@sensitiveTagConfig.sensitiveTags.each_with_index do |sensitiveTag, index|
|
45
|
-
tagName = sensitiveTag.tagName
|
46
|
-
replacement = sensitiveTag.replacement
|
47
|
-
|
48
|
-
if sensitiveTag.pattern.nil? || sensitiveTag.pattern.empty?
|
49
|
-
pattern = "(.*)"
|
50
|
-
else
|
51
|
-
pattern = sensitiveTag.pattern
|
52
|
-
end
|
53
|
-
|
54
|
-
@@tagPatterns[index] = "<"+tagName+">"+pattern+"</"+tagName+">"
|
55
|
-
@@tagReplacements[index] = "<"+tagName+">"+replacement+"</"+tagName+">"
|
56
|
-
end
|
57
|
-
end
|
58
|
-
|
59
|
-
def call(severity, time, progname, msg)
|
60
|
-
xmlMaskedLog = maskSensitiveXmlString(msg)
|
61
|
-
ccMasked = maskCreditCards(xmlMaskedLog)
|
62
|
-
return formatLogEntry(severity, time, progname, ccMasked)
|
63
|
-
end
|
64
|
-
|
65
|
-
def maskCreditCards(input)
|
66
|
-
input = input.force_encoding("UTF-8")
|
67
|
-
@@cardPatterns.each {|cardNumberRegex|
|
68
|
-
input = input.gsub(/#{cardNumberRegex}/, "XXX")
|
69
|
-
}
|
70
|
-
return input
|
71
|
-
end
|
72
|
-
|
73
|
-
def maskSensitiveXmlString(input)
|
74
|
-
input = input.force_encoding("UTF-8")
|
75
|
-
@@tagPatterns.each_with_index do |item, index|
|
76
|
-
input = input.gsub(/#{item}/,@@tagReplacements[index])
|
77
|
-
end
|
78
|
-
return input
|
79
|
-
end
|
80
|
-
|
81
|
-
def formatLogEntry(severity, time, progname, msg)
|
82
|
-
constants = YAML.load_file(File.dirname(__FILE__) + "/constants.yml")
|
83
|
-
progname = constants['clientId']
|
84
|
-
date_format = time.strftime("%Y-%m-%d %H:%M:%S")
|
85
|
-
if severity == "INFO" or severity == "WARN"
|
86
|
-
"[#{date_format}] #{severity} (#{progname}): #{msg}\n"
|
87
|
-
else
|
88
|
-
"[#{date_format}] #{severity} (#{progname}): #{msg}\n"
|
89
|
-
end
|
90
|
-
end
|
91
|
-
end
|
92
|
-
end
|
1
|
+
require 'logger'
|
2
|
+
|
3
|
+
module AuthorizeNet::API
|
4
|
+
class SensitiveTag
|
5
|
+
attr_accessor :tagName, :pattern, :replacement, :disableMask
|
6
|
+
def initialize(tagName, pattern, replacement, disableMask)
|
7
|
+
@tagName = tagName
|
8
|
+
@pattern = pattern
|
9
|
+
@replacement = replacement
|
10
|
+
@disableMask = disableMask
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
class SensitiveDataConfigType
|
15
|
+
attr_accessor :sensitiveTags, :sensitiveStringRegexes
|
16
|
+
def initialize
|
17
|
+
@sensitiveTags = Array.new([SensitiveTag.new("cardCode", "", "XXX", false),
|
18
|
+
SensitiveTag.new("cardNumber", "(\\p{N}+)(\\p{N}{4})", "XXXX-\\2", false),
|
19
|
+
SensitiveTag.new("expirationDate", "", "XXX", false),
|
20
|
+
SensitiveTag.new("accountNumber", "(\\p{N}+)(\\p{N}{4})", "XXXX-\\2", false),
|
21
|
+
SensitiveTag.new("nameOnAccount", "", "XXX", false),
|
22
|
+
SensitiveTag.new("transactionKey", "", "XXX", false)]).freeze
|
23
|
+
@sensitiveStringRegexes = ["4\\p{N}{3}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
24
|
+
"4\\p{N}{3}([\\ \\-]?)(?:\\p{N}{4}\\1){2}\\p{N}(?:\\p{N}{3})?",
|
25
|
+
"5[1-5]\\p{N}{2}([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
26
|
+
"6(?:011|22(?:1(?=[\\ \\-]?(?:2[6-9]|[3-9]))|[2-8]|9(?=[\\ \\-]?(?:[01]|2[0-5])))|4[4-9]\\p{N}|5\\p{N}\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
27
|
+
"35(?:2[89]|[3-8]\\p{N})([\\ \\-]?)\\p{N}{4}\\1\\p{N}{4}\\1\\p{N}{4}",
|
28
|
+
"3[47]\\p{N}\\p{N}([\\ \\-]?)\\p{N}{6}\\1\\p{N}{5}"].freeze
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
class SensitiveDataFilter < Logger::Formatter
|
33
|
+
@@sensitiveTagConfig = nil
|
34
|
+
@@tagPatterns = nil
|
35
|
+
@@tagReplacements = nil
|
36
|
+
@@cardPatterns = nil
|
37
|
+
|
38
|
+
def initialize
|
39
|
+
@@sensitiveTagConfig = SensitiveDataConfigType.new
|
40
|
+
@@cardPatterns = @@sensitiveTagConfig.sensitiveStringRegexes
|
41
|
+
@@tagPatterns = Array.new(@@sensitiveTagConfig.sensitiveStringRegexes.length)
|
42
|
+
@@tagReplacements = Array.new(@@sensitiveTagConfig.sensitiveTags.length)
|
43
|
+
|
44
|
+
@@sensitiveTagConfig.sensitiveTags.each_with_index do |sensitiveTag, index|
|
45
|
+
tagName = sensitiveTag.tagName
|
46
|
+
replacement = sensitiveTag.replacement
|
47
|
+
|
48
|
+
if sensitiveTag.pattern.nil? || sensitiveTag.pattern.empty?
|
49
|
+
pattern = "(.*)"
|
50
|
+
else
|
51
|
+
pattern = sensitiveTag.pattern
|
52
|
+
end
|
53
|
+
|
54
|
+
@@tagPatterns[index] = "<"+tagName+">"+pattern+"</"+tagName+">"
|
55
|
+
@@tagReplacements[index] = "<"+tagName+">"+replacement+"</"+tagName+">"
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
def call(severity, time, progname, msg)
|
60
|
+
xmlMaskedLog = maskSensitiveXmlString(msg)
|
61
|
+
ccMasked = maskCreditCards(xmlMaskedLog)
|
62
|
+
return formatLogEntry(severity, time, progname, ccMasked)
|
63
|
+
end
|
64
|
+
|
65
|
+
def maskCreditCards(input)
|
66
|
+
input = input.force_encoding("UTF-8")
|
67
|
+
@@cardPatterns.each {|cardNumberRegex|
|
68
|
+
input = input.gsub(/#{cardNumberRegex}/, "XXX")
|
69
|
+
}
|
70
|
+
return input
|
71
|
+
end
|
72
|
+
|
73
|
+
def maskSensitiveXmlString(input)
|
74
|
+
input = input.force_encoding("UTF-8")
|
75
|
+
@@tagPatterns.each_with_index do |item, index|
|
76
|
+
input = input.gsub(/#{item}/,@@tagReplacements[index])
|
77
|
+
end
|
78
|
+
return input
|
79
|
+
end
|
80
|
+
|
81
|
+
def formatLogEntry(severity, time, progname, msg)
|
82
|
+
constants = YAML.load_file(File.dirname(__FILE__) + "/constants.yml")
|
83
|
+
progname = constants['clientId']
|
84
|
+
date_format = time.strftime("%Y-%m-%d %H:%M:%S")
|
85
|
+
if severity == "INFO" or severity == "WARN"
|
86
|
+
"[#{date_format}] #{severity} (#{progname}): #{msg}\n"
|
87
|
+
else
|
88
|
+
"[#{date_format}] #{severity} (#{progname}): #{msg}\n"
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|