exact4r 1.1 → 1.2
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG +3 -0
- data/VERSION +1 -1
- data/certs/e-xact.com.crt +31 -0
- data/certs/valicert_class2_root.crt +18 -0
- data/lib/ews/transaction/validator.rb +3 -3
- data/lib/ews/transporter.rb +42 -8
- data/lib/exact4r.rb +1 -1
- data/test/general/request_test.rb +11 -0
- metadata +4 -3
- data/after.log +0 -4
data/CHANGELOG
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.2
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIFVTCCBD2gAwIBAgIHBITApWVLMTANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
|
|
3
|
+
BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
|
|
4
|
+
BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
|
|
5
|
+
aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
|
|
6
|
+
IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
|
|
7
|
+
ODcwHhcNMTAwMjE2MjMzNTQzWhcNMTUwMjE2MjMzNTQzWjBRMRUwEwYDVQQKDAwq
|
|
8
|
+
LmUteGFjdC5jb20xITAfBgNVBAsMGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEV
|
|
9
|
+
MBMGA1UEAwwMKi5lLXhhY3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
|
10
|
+
CgKCAQEApvqzJMP4vtbvyXwepZhj8uaKXONIo4H8aN51FOL1PDdGEfWktlWw38Xj
|
|
11
|
+
dU0KJrGeTcBgsfg8NehFwasilW6IbojhMmnvWyYaTzklEjMDmgda3hGRJRqbg/dW
|
|
12
|
+
v0nZRMO7Xy0NNMGHeN9Sxs8977LRV5Y1VjK1M3WhilP3oxe49Ov1K4FEZrxT0fbn
|
|
13
|
+
sqClwAm059XM+qWkUY5tBs6KSZQf1/+Xlx5txB/IqDWLrN5oRuCa+mBi5mIFE7nA
|
|
14
|
+
suFtI/26szCYVuK6r8spbsYeo13c/qTv4yaZbLW3uXgbgTuI4FAtOR9NpUYvLQHR
|
|
15
|
+
9kYYPeusqj0DnLD6ELMXkujHW0V6MQIDAQABo4IBtjCCAbIwDwYDVR0TAQH/BAUw
|
|
16
|
+
AwEBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQD
|
|
17
|
+
AgWgMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2Rz
|
|
18
|
+
MS0xNC5jcmwwUwYDVR0gBEwwSjBIBgtghkgBhv1tAQcXATA5MDcGCCsGAQUFBwIB
|
|
19
|
+
FitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMIGA
|
|
20
|
+
BggrBgEFBQcBAQR0MHIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHku
|
|
21
|
+
Y29tLzBKBggrBgEFBQcwAoY+aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNv
|
|
22
|
+
bS9yZXBvc2l0b3J5L2dkX2ludGVybWVkaWF0ZS5jcnQwHwYDVR0jBBgwFoAU/axh
|
|
23
|
+
MpNsRdbi7oVfmrrndplozOcwIwYDVR0RBBwwGoIMKi5lLXhhY3QuY29tggplLXhh
|
|
24
|
+
Y3QuY29tMB0GA1UdDgQWBBRmlEOazZNz8dfnnl7UimMDqciOOzANBgkqhkiG9w0B
|
|
25
|
+
AQUFAAOCAQEArQNhlZ3ij3Yz1U2GHiNY4fpYtNCAhzlrnNZUHaDlhiWEvOcXSB4j
|
|
26
|
+
ER77sgaHmZOm8PW0mXg3eK0+Km5ANWbNbPLe0yPpKRa1GbmgxQx/P4MWMiM+872l
|
|
27
|
+
QmpZlgLw2cGvivALAt7S74QTiqjYX10nNyHlpnlvB9Am2WgzQHQDzyKuKGglFjlw
|
|
28
|
+
ItZpTFFkSGEWK99cxE69GMwtZCsr4b+RB80sDA+ckd45GISg808GkWHfqJVa64k8
|
|
29
|
+
dlXVgRNQwLfrWN+BQeUsfsKu5jiNI7H2a8zrRt4mCa9urh15O+d4pDhXhrYSkQpI
|
|
30
|
+
ezmbzKzCEd1mpiT+sjCzByN3uX6n7eF/Eg==
|
|
31
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
|
|
3
|
+
IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
|
|
4
|
+
BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
|
|
5
|
+
aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
|
|
6
|
+
9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMTk1NFoXDTE5MDYy
|
|
7
|
+
NjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
|
|
8
|
+
azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
|
|
9
|
+
YXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
|
|
10
|
+
Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
|
|
11
|
+
cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOOnHK5avIWZJV16vY
|
|
12
|
+
dA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zfN1SLUzm1NZ9
|
|
13
|
+
WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7RfZHM047QS
|
|
14
|
+
v4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9v
|
|
15
|
+
UJSZSWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTu
|
|
16
|
+
IYEZoDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwC
|
|
17
|
+
W/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd
|
|
18
|
+
-----END CERTIFICATE-----
|
|
@@ -64,9 +64,9 @@ module EWS # :nodoc:
|
|
|
64
64
|
|
|
65
65
|
# ensure our amounts are within range
|
|
66
66
|
append_error(:amount, "amount must be between 0.00 and 99999.99") unless amount_in_range?(self.amount)
|
|
67
|
-
append_error(:surcharge_amount, "
|
|
68
|
-
append_error(:tax1_amount, "
|
|
69
|
-
append_error(:tax2_amount, "
|
|
67
|
+
append_error(:surcharge_amount, "surcharge_amount must be between 0.00 and 99999.99") unless amount_in_range?(self.surcharge_amount)
|
|
68
|
+
append_error(:tax1_amount, "tax1_amount must be between 0.00 and 99999.99") unless amount_in_range?(self.tax1_amount)
|
|
69
|
+
append_error(:tax2_amount, "tax2_amount must be between 0.00 and 99999.99") unless amount_in_range?(self.tax2_amount)
|
|
70
70
|
|
|
71
71
|
# ensure our credit card information is valid
|
|
72
72
|
append_error(:cc_number, "invalid cc_number supplied") unless valid_card_number?
|
data/lib/ews/transporter.rb
CHANGED
|
@@ -31,8 +31,8 @@ module EWS # :nodoc:
|
|
|
31
31
|
@url = URI.parse(url.gsub(/\/$/,''))
|
|
32
32
|
@transport_type = options[:transport_type] || :rest
|
|
33
33
|
|
|
34
|
-
@@issuer_cert ||= File.dirname(__FILE__)+"/../../certs/
|
|
35
|
-
@@server_cert ||= File.new(File.dirname(__FILE__)+"/../../certs/
|
|
34
|
+
@@issuer_cert ||= File.dirname(__FILE__)+"/../../certs/valicert_class2_root.crt"
|
|
35
|
+
@@server_cert ||= File.new(File.dirname(__FILE__)+"/../../certs/e-xact.com.crt").read
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
# Submit a transaction request to the server
|
|
@@ -52,7 +52,7 @@ module EWS # :nodoc:
|
|
|
52
52
|
request = build_http_request(transaction, transport_type, transport_details[:suffix])
|
|
53
53
|
request.basic_auth(transaction.gateway_id, transaction.password)
|
|
54
54
|
request.add_field "Accept", transport_details[:content_type]
|
|
55
|
-
request.add_field "User-Agent", "exact4r v1.
|
|
55
|
+
request.add_field "User-Agent", "exact4r v1.2"
|
|
56
56
|
request.add_field "Content-type", "#{transport_details[:content_type]}; charset=UTF-8"
|
|
57
57
|
|
|
58
58
|
response = get_connection.request(request)
|
|
@@ -113,13 +113,47 @@ private
|
|
|
113
113
|
|
|
114
114
|
def validate_certificate(is_ok, ctx)
|
|
115
115
|
cert = ctx.current_cert
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
116
|
+
return false if cert.nil?
|
|
117
|
+
|
|
118
|
+
# preverify failed?
|
|
119
|
+
return false unless is_ok
|
|
120
|
+
|
|
121
|
+
self_signed = false
|
|
122
|
+
ca = false
|
|
123
|
+
pathlen = nil
|
|
124
|
+
server_auth = true
|
|
125
|
+
self_signed = (cert.subject.cmp(cert.issuer) == 0)
|
|
126
|
+
|
|
127
|
+
# Check extensions for the certificate purpose according to http://www.openssl.org/docs/apps/x509.html (Certificate Extensions) and
|
|
128
|
+
# http://www.ietf.org/rfc/rfc3280.txt.
|
|
129
|
+
cert.extensions.each do |ex|
|
|
130
|
+
case ex.oid
|
|
131
|
+
when 'basicConstraints'
|
|
132
|
+
/CA:(TRUE|FALSE)(?:, pathlen:)*(\d*)/ =~ ex.value
|
|
133
|
+
ca ||= ($1 == 'TRUE')
|
|
134
|
+
pathlen = $2.to_i
|
|
135
|
+
when 'keyUsage'
|
|
136
|
+
usage = ex.value.split(/\s*,\s*/)
|
|
137
|
+
# a CA must have
|
|
138
|
+
ca &&= !usage.grep(/Certificate Sign/i).empty?
|
|
139
|
+
# Server Cert Must have
|
|
140
|
+
server_auth &&= !usage.grep(/Key Encipherment/i).empty?
|
|
141
|
+
when 'extendedKeyUsage'
|
|
142
|
+
usage = ex.value.split(/\s*,\s*/)
|
|
143
|
+
# Server Cert Must have
|
|
144
|
+
server_auth &&= !usage.grep(/TLS Web Server Authentication/i).empty?
|
|
145
|
+
when 'nsCertType'
|
|
146
|
+
usage = ex.value.split(/\s*,\s*/)
|
|
147
|
+
ca ||= !usage.grep(/SSL CA/i).empty?
|
|
148
|
+
server_auth ||= !usage.grep(/SSL Server/i).empty?
|
|
149
|
+
end
|
|
120
150
|
end
|
|
121
151
|
|
|
122
|
-
|
|
152
|
+
# We're looking for the server cert, so accept all CAs (which have already passed pre-verification)
|
|
153
|
+
return true if self_signed || ca
|
|
154
|
+
|
|
155
|
+
# ensure the server cert is the one we're expecting
|
|
156
|
+
return server_auth && @@server_cert == cert.to_pem
|
|
123
157
|
end
|
|
124
158
|
|
|
125
159
|
# what transport types we support, and their corresponding suffixes
|
data/lib/exact4r.rb
CHANGED
|
@@ -142,6 +142,17 @@ class RequestTest < Test::Unit::TestCase
|
|
|
142
142
|
assert response.approved?
|
|
143
143
|
assert_equal "Transaction Normal", response.exact_message
|
|
144
144
|
end
|
|
145
|
+
|
|
146
|
+
def test_wont_send_invalid_amounts
|
|
147
|
+
[-0.01, "-0.01", 100000, "100000"].each do |amt|
|
|
148
|
+
transporter = EWS::Transporter.new(@@credentials.config['location'])
|
|
149
|
+
|
|
150
|
+
transporter.expects(:build_http_request).never
|
|
151
|
+
|
|
152
|
+
original_resp = transporter.submit(basic_new_transaction(:amount => amt), :json)
|
|
153
|
+
assert !original_resp
|
|
154
|
+
end
|
|
155
|
+
end
|
|
145
156
|
|
|
146
157
|
private
|
|
147
158
|
def basic_find_transaction(options = {})
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: exact4r
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: "1.
|
|
4
|
+
version: "1.2"
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- E-xact Transactions Ltd.
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2010-
|
|
12
|
+
date: 2010-03-11 00:00:00 +11:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
@@ -44,9 +44,10 @@ extra_rdoc_files:
|
|
|
44
44
|
- README
|
|
45
45
|
- VERSION
|
|
46
46
|
files:
|
|
47
|
-
- ./
|
|
47
|
+
- ./certs/e-xact.com.crt
|
|
48
48
|
- ./certs/equifax_ca.cer
|
|
49
49
|
- ./certs/exact.cer
|
|
50
|
+
- ./certs/valicert_class2_root.crt
|
|
50
51
|
- ./CHANGELOG
|
|
51
52
|
- ./lib/ews/transaction/fake_response.rb
|
|
52
53
|
- ./lib/ews/transaction/mapping.rb
|
data/after.log
DELETED