solidus_signifyd 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/spree/api/spree_signifyd/orders_controller.rb +7 -2
- data/lib/spree_signifyd.rb +1 -1
- data/lib/spree_signifyd/request_verifier.rb +0 -4
- data/solidus_signifyd.gemspec +2 -2
- data/spec/lib/spree_signifyd/request_verifier_spec.rb +0 -14
- data/spec/lib/spree_signifyd_spec.rb +8 -0
- metadata +8 -28
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d4a72f66712b1ec31d58c43b6376ec26d73fa0b3
|
|
4
|
+
data.tar.gz: 82f7c527003108aa93f77df909191963ab0643b8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f4ac359792627cf09505a0b68aa7ec26c7b627ef4d3de66c2d009882aac691e99a3aed2703d2828c23d8e35f436c2118997b211d615dfacf6f72d6e60c7f8b15
|
|
7
|
+
data.tar.gz: 6c96d211b2d6f697cbdd100d635eaa8b98845c5dd8116f71e43eb0125a2089dd0d3c57583be3237e7a247187ba2d4feb30dc8f419ecce50792b963a2640417f4
|
|
@@ -22,9 +22,14 @@ module Spree::Api::SpreeSignifyd
|
|
|
22
22
|
|
|
23
23
|
def authorize
|
|
24
24
|
request_sha = request.headers['HTTP_HTTP_X_SIGNIFYD_HMAC_SHA256']
|
|
25
|
-
computed_sha = build_sha(SpreeSignifyd::Config[:api_key],
|
|
25
|
+
computed_sha = build_sha(SpreeSignifyd::Config[:api_key], request.raw_post)
|
|
26
26
|
|
|
27
|
-
|
|
27
|
+
if !Devise.secure_compare(request_sha, computed_sha)
|
|
28
|
+
logger.error("computed digest does not match provided digest. computed=#{computed_sha.inspect} provided=#{request_sha.inspect}")
|
|
29
|
+
logger.info("content-type header: #{request.headers["Content-Type"].inspect}")
|
|
30
|
+
logger.info("raw_post bytes: #{request.raw_post.bytes}")
|
|
31
|
+
head 401
|
|
32
|
+
end
|
|
28
33
|
end
|
|
29
34
|
|
|
30
35
|
def load_order
|
data/lib/spree_signifyd.rb
CHANGED
|
@@ -20,7 +20,7 @@ module SpreeSignifyd
|
|
|
20
20
|
|
|
21
21
|
def approve(order:)
|
|
22
22
|
order.contents.approve(name: self.name)
|
|
23
|
-
order.shipments.each { |shipment| shipment.ready!
|
|
23
|
+
order.shipments.each { |shipment| shipment.ready! if shipment.pending? }
|
|
24
24
|
order.updater.update_shipment_state
|
|
25
25
|
order.save!
|
|
26
26
|
end
|
|
@@ -1,10 +1,6 @@
|
|
|
1
1
|
module SpreeSignifyd
|
|
2
2
|
module RequestVerifier
|
|
3
3
|
|
|
4
|
-
def encode_request(request_body)
|
|
5
|
-
request_body.force_encoding('ISO-8859-1').encode('UTF-8')
|
|
6
|
-
end
|
|
7
|
-
|
|
8
4
|
def build_sha(key, message)
|
|
9
5
|
sha256 = OpenSSL::Digest::SHA256.new
|
|
10
6
|
digest = OpenSSL::HMAC.digest(sha256, key, message)
|
data/solidus_signifyd.gemspec
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.platform = Gem::Platform::RUBY
|
|
5
5
|
s.name = "solidus_signifyd"
|
|
6
|
-
s.version = "1.0.
|
|
6
|
+
s.version = "1.0.1"
|
|
7
7
|
s.summary = "Solidus extension for communicating with Signifyd to check orders for fraud."
|
|
8
8
|
s.description = s.summary
|
|
9
9
|
|
|
@@ -22,7 +22,7 @@ Gem::Specification.new do |s|
|
|
|
22
22
|
s.add_dependency "active_model_serializers", "0.9.3"
|
|
23
23
|
s.add_dependency "resque", "~> 1.25.1"
|
|
24
24
|
s.add_dependency "signifyd", "~> 0.1.5"
|
|
25
|
-
s.add_dependency "solidus",
|
|
25
|
+
s.add_dependency "solidus", "~> 1.0"
|
|
26
26
|
s.add_dependency "devise"
|
|
27
27
|
|
|
28
28
|
s.add_development_dependency "rspec-rails", "~> 2.13"
|
|
@@ -4,20 +4,6 @@ module SpreeSignifyd
|
|
|
4
4
|
describe RequestVerifier do
|
|
5
5
|
include RequestVerifier
|
|
6
6
|
|
|
7
|
-
describe "#encode_request" do
|
|
8
|
-
context "request has special characters" do
|
|
9
|
-
it "returns an unescaped UTF-8 string" do
|
|
10
|
-
expect(encode_request("R\xE9n\xE9 Pe\xF1a")).to eq "Réné Peña"
|
|
11
|
-
end
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
context "request doesn't contain special characters" do
|
|
15
|
-
it "returns the original string" do
|
|
16
|
-
expect(encode_request("John Doe")).to eq "John Doe"
|
|
17
|
-
end
|
|
18
|
-
end
|
|
19
|
-
end
|
|
20
|
-
|
|
21
7
|
describe "#build_sha" do
|
|
22
8
|
it "returns an HMAC SHA256 encoded message" do
|
|
23
9
|
expect(build_sha('ABCDE', 'test')).to eq "K0y2rIeTA77lBEHP8cRPk64fVRbhMrZqEk7la39EjEM="
|
|
@@ -53,6 +53,14 @@ module SpreeSignifyd
|
|
|
53
53
|
order.shipments.each { |shipment| shipment.should_receive(:ready!) }
|
|
54
54
|
approve
|
|
55
55
|
end
|
|
56
|
+
|
|
57
|
+
describe "when order has shipments that are not pending" do
|
|
58
|
+
it "progresses the pending one(s) and ignores the rest" do
|
|
59
|
+
shipped_shipment = order.shipments.create(state: :shipped)
|
|
60
|
+
expect(shipped_shipment).to receive(:ready).never
|
|
61
|
+
expect { approve }.to change { order.approved_at }
|
|
62
|
+
end
|
|
63
|
+
end
|
|
56
64
|
end
|
|
57
65
|
|
|
58
66
|
describe ".create_case" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: solidus_signifyd
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Bonobos
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2016-01-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: active_model_serializers
|
|
@@ -56,22 +56,16 @@ dependencies:
|
|
|
56
56
|
name: solidus
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
|
-
- - "
|
|
60
|
-
- !ruby/object:Gem::Version
|
|
61
|
-
version: 1.0.0
|
|
62
|
-
- - "<"
|
|
59
|
+
- - "~>"
|
|
63
60
|
- !ruby/object:Gem::Version
|
|
64
|
-
version: 1.
|
|
61
|
+
version: '1.0'
|
|
65
62
|
type: :runtime
|
|
66
63
|
prerelease: false
|
|
67
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
68
65
|
requirements:
|
|
69
|
-
- - "
|
|
70
|
-
- !ruby/object:Gem::Version
|
|
71
|
-
version: 1.0.0
|
|
72
|
-
- - "<"
|
|
66
|
+
- - "~>"
|
|
73
67
|
- !ruby/object:Gem::Version
|
|
74
|
-
version: 1.
|
|
68
|
+
version: '1.0'
|
|
75
69
|
- !ruby/object:Gem::Dependency
|
|
76
70
|
name: devise
|
|
77
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -278,22 +272,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
278
272
|
requirements:
|
|
279
273
|
- none
|
|
280
274
|
rubyforge_project:
|
|
281
|
-
rubygems_version: 2.
|
|
275
|
+
rubygems_version: 2.5.1
|
|
282
276
|
signing_key:
|
|
283
277
|
specification_version: 4
|
|
284
278
|
summary: Solidus extension for communicating with Signifyd to check orders for fraud.
|
|
285
|
-
test_files:
|
|
286
|
-
- spec/controllers/spree/api/spree_signifyd/orders_controller_spec.rb
|
|
287
|
-
- spec/lib/spree_signifyd/create_signifyd_case_spec.rb
|
|
288
|
-
- spec/lib/spree_signifyd/request_verifier_spec.rb
|
|
289
|
-
- spec/lib/spree_signifyd_spec.rb
|
|
290
|
-
- spec/models/spree/order_spec.rb
|
|
291
|
-
- spec/models/spree/shipment_spec.rb
|
|
292
|
-
- spec/serializers/spree_signifyd/address_serializer_spec.rb
|
|
293
|
-
- spec/serializers/spree_signifyd/billing_address_serializer.rb
|
|
294
|
-
- spec/serializers/spree_signifyd/credit_card_serializer_spec.rb
|
|
295
|
-
- spec/serializers/spree_signifyd/delivery_address_serializer_spec.rb
|
|
296
|
-
- spec/serializers/spree_signifyd/line_item_serializer_spec.rb
|
|
297
|
-
- spec/serializers/spree_signifyd/order_serializer_spec.rb
|
|
298
|
-
- spec/serializers/spree_signifyd/user_serializer_spec.rb
|
|
299
|
-
- spec/spec_helper.rb
|
|
279
|
+
test_files: []
|