ipizza 0.4.0

data/lib/ipizza/provider/nordea/authentication_request.rb

@@ -0,0 +1,29 @@
+require 'digest/md5'
+
+module Ipizza::Provider
+  class Nordea::AuthenticationRequest < Ipizza::AuthenticationRequest
+    
+    attr_accessor :params
+    attr_accessor :service_url
+
+    def sign(key_path)
+      key = File.read(key_path).strip
+      params['A01Y_MAC'] = Digest::MD5.hexdigest(mac_data_string(key)).upcase
+    end
+    
+    def request_params
+      params.inject(Hash.new) { |h, v| h["A01Y_#{v.first}"] = v.last; h }
+    end
+    
+    private
+    
+    def mac_data_string(key)
+      order = ['ACTION_ID', 'VERS', 'RCVID', 'LANGCODE', 'STAMP', 'IDTYPE', 'RETLINK', 'CANLINK', 'REJLINK', 'KEYVERS', 'ALG']
+      
+      datastr = order.inject('') do |memo, param|
+        memo << params[param].to_s << '&'
+      end
+      datastr << key << '&'
+    end
+  end
+end

data/lib/ipizza/provider/nordea/authentication_response.rb

@@ -0,0 +1,38 @@
+require 'digest/md5'
+
+module Ipizza::Provider
+  class Nordea::AuthenticationResponse < Ipizza::AuthenticationResponse
+    
+    def initialize(params)
+      @params = params
+    end
+
+    def verify(key_path)
+      key = File.read(key_path).strip
+      @valid = @params['B02K_MAC'] == Digest::MD5.hexdigest(mac_data_string(key)).upcase
+    end
+    
+    def success?
+      @valid && @params['B02K_CUSTID'].present?
+    end
+    
+    def valid?
+      @valid
+    end
+    
+    def user_info
+      valid? ? {'name' => @params['B02K_CUSTNAME'], 'custid' => @params['B02K_CUSTID']} : {}
+    end
+    
+    private
+    
+    def mac_data_string(key)
+      order = ['VERS', 'TIMESTMP', 'IDNBR', 'STAMP', 'CUSTNAME', 'KEYVERS', 'ALG', 'CUSTID', 'CUSTTYPE']
+      
+      datastr = order.inject('') do |memo, param|
+        memo << @params["B02K_#{param}"].to_s << '&'
+      end
+      datastr << key << '&'
+    end
+  end
+end

data/lib/ipizza/provider/nordea/payment_request.rb

@@ -0,0 +1,33 @@
+require 'digest/md5'
+
+module Ipizza::Provider
+  class Nordea::PaymentRequest < Ipizza::PaymentRequest
+    
+    attr_accessor :params
+    attr_accessor :service_url
+    
+    def sign(key_path)
+      key = File.read(key_path).strip
+      self.params['MAC'] = Digest::MD5.hexdigest(mac_data_string(key)).upcase
+    end
+    
+    def request_params
+      params
+    end
+    
+    private
+    
+    def mac_data_string(key)
+      order = ['VERSION', 'STAMP', 'RCV_ID', 'AMOUNT', 'REF', 'DATE', 'CUR']
+      
+      datastr = order.inject('') do |memo, param|
+        memo << params[param].to_s
+        memo << '&'
+        memo
+      end
+      datastr << key
+      datastr << '&'
+      datastr
+    end
+  end
+end

data/lib/ipizza/provider/nordea/payment_response.rb

@@ -0,0 +1,43 @@
+require 'digest/md5'
+
+module Ipizza::Provider
+  class Nordea::PaymentResponse < Ipizza::PaymentResponse
+    
+    def initialize(params)
+      @params = params
+    end
+    
+    def verify(key_path)
+      key = File.read(key_path)
+      @valid = @params['RETURN_MAC'] == Digest::MD5.hexdigest(mac_data_string(key)).upcase
+    end
+    
+    def success?
+      if @valid && !@params['RETURN_PAID'].blank? then true else false end
+    end
+    
+    def valid?
+      @valid
+    end
+    
+    def payment_info
+      @payment_info ||= Ipizza::Payment.new(:stamp => @params['RETURN_STAMP'], :refnum => @params['RETURN_REF'])
+    end
+    
+    private
+    
+    def mac_data_string(key)
+      order = ['RETURN_VERSION', 'RETURN_STAMP', 'RETURN_REF', 'RETURN_PAID']
+      
+      datastr = order.inject('') do |memo, param|
+        memo << @params[param].to_s
+        memo << '&'
+        memo
+      end
+      datastr << key
+      datastr << '&'
+      
+      datastr
+    end
+  end
+end

data/lib/ipizza/provider/sampo.rb

@@ -0,0 +1,49 @@
+module Ipizza::Provider
+  class Sampo
+    
+    class << self
+      attr_accessor :service_url, :return_url, :file_key, :key_secret, :file_cert, :snd_id, :lang, :rec_acc, :rec_name
+    end
+    
+    def payment_request(payment, service = 1002)
+      req = Ipizza::PaymentRequest.new
+      req.service_url = self.service_url
+      req.sign_params = {
+        'VK_SERVICE' => service.to_s,
+        'VK_VERSION' => '008',
+        'VK_SND_ID' => self.snd_id,
+        'VK_STAMP' => payment.stamp,
+        'VK_AMOUNT' => sprintf('%.2f', payment.amount),
+        'VK_CURR' => payment.currency,
+        'VK_REF' => Ipizza::Util.sign_731(payment.refnum),
+        'VK_MSG' => payment.message
+      }
+      
+      if service == 1001
+        req.sign_params['VK_ACC'] = self.rec_acc
+        req.sign_params['VK_NAME'] = self.rec_name
+      end
+      
+      req.extra_params = {
+        'VK_RETURN' => self.return_url,
+        'VK_LANG' => self.lang
+      }
+      
+      if service == 1001
+        param_order = ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_STAMP', 'VK_AMOUNT', 'VK_CURR', 'VK_ACC', 'VK_NAME', 'VK_REF', 'VK_MSG']
+      else
+        param_order = ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_STAMP', 'VK_AMOUNT', 'VK_CURR', 'VK_REF', 'VK_MSG']
+      end
+      
+      req.sign(self.key, self.key_secret, param_order)
+      req
+    end
+    
+    def payment_response(params)
+      response = Ipizza::PaymentResponse.new(params, Ipizza::Util::SAMPO)
+      response.verify(cert)
+      
+      return response
+    end
+  end
+end

data/lib/ipizza/provider/seb.rb

@@ -0,0 +1,81 @@
+module Ipizza::Provider
+  class Seb
+    
+    class << self
+      attr_accessor :service_url, :return_url, :cancel_url, :file_key, :key_secret, :file_cert, :snd_id, :encoding, :rec_acc, :rec_name
+    end
+    
+    def payment_request(payment, service = 1002)
+      req = Ipizza::PaymentRequest.new
+      req.service_url = self.class.service_url
+      req.sign_params = {
+        'VK_SERVICE' => service.to_s,
+        'VK_VERSION' => '008',
+        'VK_SND_ID' => self.class.snd_id,
+        'VK_STAMP' => payment.stamp,
+        'VK_AMOUNT' => sprintf('%.2f', payment.amount),
+        'VK_CURR' => payment.currency,
+        'VK_REF' => Ipizza::Util.sign_731(payment.refnum),
+        'VK_MSG' => payment.message
+      }
+
+      # TODO: add 1001 support
+      # if service == 1001
+      #   req.sign_params['VK_ACC'] = self.rec_acc
+      #   req.sign_params['VK_NAME'] = self.rec_name
+      # end
+      
+      req.extra_params = {
+        'VK_CHARSET' => self.class.encoding,
+        'VK_RETURN' => self.class.return_url,
+        'VK_CANCEL' => self.class.cancel_url
+      }
+      
+      if service == 1001
+        param_order = ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_STAMP', 'VK_AMOUNT', 'VK_CURR', 'VK_ACC', 'VK_NAME', 'VK_REF', 'VK_MSG']
+      else
+        param_order = ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_STAMP', 'VK_AMOUNT', 'VK_CURR', 'VK_REF', 'VK_MSG']
+      end
+
+      req.sign(self.class.file_key, self.class.key_secret, param_order)
+      req
+    end
+    
+    def payment_response(params)
+      response = Ipizza::PaymentResponse.new(params, Ipizza::Util::SEB)
+      response.verify(cert)
+      
+      return response
+    end
+
+    def authentication_request(service_no = 4001)
+      req = Ipizza::AuthenticationRequest.new
+      req.service_url = self.class.service_url
+      req.sign_params = {
+        'VK_SERVICE' => service_no,
+        'VK_VERSION' => '008',
+        'VK_SND_ID' => self.class.snd_id,
+        'VK_REPLY' => '3002',
+        'VK_RETURN' => self.class.return_url,
+        'VK_DATE' => Date.today.strftime('%d.%m.%Y'),
+        'VK_TIME' => Time.now.strftime('%H:%M:%S')
+      }
+    
+      req.extra_params = {
+        'VK_CHARSET' => self.class.encoding
+      }
+    
+      param_order = ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_REPLY', 'VK_RETURN', 'VK_DATE', 'VK_TIME']
+    
+      req.sign(self.class.file_key, self.class.key_secret, param_order)
+      req
+    end
+    
+    def authentication_response(params)
+      response = Ipizza::AuthenticationResponse.new(params)
+      response.verify(self.class.file_cert, self.class.encoding)
+      return response
+    end
+
+  end
+end

data/lib/ipizza/provider/swedbank.rb

@@ -0,0 +1,69 @@
+module Ipizza::Provider
+  class Swedbank
+
+    class << self
+      attr_accessor :service_url, :return_url, :cancel_url, :file_key, :key_secret, :file_cert, :snd_id, :encoding
+    end
+
+    def payment_request(payment, service = 1002)
+      req = Ipizza::PaymentRequest.new
+      req.service_url = self.class.service_url
+      req.sign_params = {
+        'VK_SERVICE' => '1002',
+        'VK_VERSION' => '008',
+        'VK_SND_ID' => self.class.snd_id,
+        'VK_STAMP' => payment.stamp,
+        'VK_AMOUNT' => sprintf('%.2f', payment.amount),
+        'VK_CURR' => payment.currency,
+        'VK_REF' => Ipizza::Util.sign_731(payment.refnum),
+        'VK_MSG' => payment.message
+      }
+
+      req.extra_params = {
+        'VK_CHARSET' => self.class.encoding,
+        'VK_RETURN' => self.class.return_url,
+        'VK_CANCEL' => self.class.cancel_url
+      }
+
+      param_order = ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_STAMP', 'VK_AMOUNT', 'VK_CURR', 'VK_REF', 'VK_MSG']
+
+      req.sign(self.class.file_key, self.class.key_secret, param_order)
+      req
+    end
+
+    def payment_response(params)
+      response = Ipizza::PaymentResponse.new(params)
+      response.verify(self.class.file_cert, self.class.encoding)
+      return response
+    end
+
+    def authentication_request(service_no = 4001)
+      req = Ipizza::AuthenticationRequest.new
+      req.service_url = self.class.service_url
+      req.sign_params = {
+        'VK_SERVICE' => service_no,
+        'VK_VERSION' => '008',
+        'VK_SND_ID' => self.class.snd_id,
+        'VK_REPLY' => '3002',
+        'VK_RETURN' => self.class.return_url,
+        'VK_DATE' => Date.today.strftime('%d.%m.%Y'),
+        'VK_TIME' => Time.now.strftime('%H:%M:%S')
+      }
+
+      req.extra_params = {
+        'VK_ENCODING' => self.class.encoding
+      }
+
+      param_order = ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_REPLY', 'VK_RETURN', 'VK_DATE', 'VK_TIME']
+
+      req.sign(self.class.file_key, self.class.key_secret, param_order)
+      req
+    end
+
+    def authentication_response(params)
+      response = Ipizza::AuthenticationResponse.new(params)
+      response.verify(self.class.file_cert, self.class.encoding)
+      return response
+    end
+  end
+end

data/lib/ipizza/request.rb

@@ -0,0 +1,17 @@
+module Ipizza
+  class Request
+    
+    attr_accessor :extra_params
+    attr_accessor :sign_params
+    attr_accessor :service_url
+    
+    def sign(privkey_path, privkey_secret, order, mac_param = 'VK_MAC')
+      signature = Ipizza::Util.sign(privkey_path, privkey_secret, Ipizza::Util.mac_data_string(sign_params, order))
+      self.sign_params[mac_param] = signature
+    end
+    
+    def request_params
+      sign_params.merge(extra_params)
+    end
+  end
+end

data/lib/ipizza/response.rb

@@ -0,0 +1,24 @@
+class Ipizza::Response
+
+  attr_accessor :verify_params
+  attr_accessor :verify_params_order
+  
+  @@response_param_order = {
+    '1101' => ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_REC_ID', 'VK_STAMP', 'VK_T_NO', 'VK_AMOUNT', 'VK_CURR', 'VK_REC_ACC', 'VK_REC_NAME', 'VK_SND_ACC', 'VK_SND_NAME', 'VK_REF', 'VK_MSG', 'VK_T_DATE'],
+    '3002' => ['VK_SERVICE', 'VK_VERSION', 'VK_USER', 'VK_DATE', 'VK_TIME', 'VK_SND_ID', 'VK_INFO'],
+    '1901' => ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_REC_ID', 'VK_STAMP', 'VK_REF', 'VK_MSG'],
+    '1902' => ['VK_SERVICE', 'VK_VERSION', 'VK_SND_ID', 'VK_REC_ID', 'VK_STAMP', 'VK_REF', 'VK_MSG', 'VK_ERROR_CODE']
+  }  
+  
+  def initialize(params)
+    @params = params
+  end
+
+  def verify(certificate_path, charset = 'UTF-8')
+    param_order = @@response_param_order[@params['VK_SERVICE']]
+    verify_params = param_order.inject(Hash.new) { |h, p| h[p] = @params[p]; h }
+    mac_string = Ipizza::Util.mac_data_string(verify_params, param_order, 'UTF-8', charset)
+
+    @valid = Ipizza::Util.verify_signature(certificate_path, @params['VK_MAC'], mac_string)
+  end
+end

data/lib/ipizza/util.rb

@@ -0,0 +1,74 @@
+require 'base64'
+require 'iconv'
+require 'openssl'
+
+module Ipizza
+  class Util
+    
+    SWEDBANK = 'swedbank'
+    SEB = 'seb'
+    SAMPO = 'sampo'
+    NORDEA = 'nordea'
+    
+    class << self
+      
+      def verify_signature(certificate_path, signature, data)
+        certificate = OpenSSL::X509::Certificate.new(File.read(certificate_path).gsub(/  /, '')).public_key
+        @valid = certificate.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), data)
+      end
+      
+      def sign(privkey_path, privkey_secret, data)
+        privkey = File.open(privkey_path, 'r') { |f| f.read }
+        privkey = OpenSSL::PKey::RSA.new(privkey.gsub(/  /, ''), privkey_secret)
+
+        signature = privkey.sign(OpenSSL::Digest::SHA1.new, data)
+        signature = Base64.encode64(signature).gsub(/\n/, '')
+      end
+
+      # Calculates and adds control number using 7-3-1 algoritm for Estonian banking account and reference numbers.
+      def sign_731(ref_num)
+        arr = ref_num.to_s.reverse!.split('')
+        m = 0
+        r = 0
+
+        arr.each do |e|
+          m = case m
+          when 7:
+            3
+          when 3:
+            1
+          else
+            7
+          end
+          r = r + (e.to_i * m)
+        end
+        c = ((r + 9) / 10).to_f.truncate * 10 - r
+        arr.reverse! << c
+        arr.join
+      end
+
+      # Produces string to be signed out of service message parameters.
+      #
+      #   p(x1)||x1||p(x2)||x2||...||p(xn)||xn
+      #
+      # Where || is string concatenation, p(x) is length of the field x represented by three digits.
+      #
+      # Parameters val1, val2, value3 would be turned into "003val1003val2006value3".
+      def mac_data_string(params, sign_param_order, to_charset = 'UTF-8', from_charset = 'UTF-8')
+        sign_param_order.inject('') do |memo, param|
+          val = params[param].to_s
+          val = Iconv.conv(to_charset, from_charset, val)
+          memo << func_p(val) << val
+          memo
+        end
+      end
+
+      private
+
+      # p(x) is length of the field x represented by three digits
+      def func_p(val)
+        sprintf("%03i", val.size)
+      end
+    end
+  end
+end