RedsysPOS.java

Go to the documentation of this file.

/*
 * Turró i Cutiller Foundation. License notice.
 * Copyright (C) 2016 Lluis Turró Cutiller <http://www.turro.org/>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
package org.turro.financials.cart;
 
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.turro.string.Strings;
import org.turro.elephant.context.ElephantContext;
import org.turro.elephant.context.IConstructor;
import org.turro.elephant.util.DecimalFormats;
import org.turro.marker.ElephantMarker;
import sis.redsys.api.ApiMacSha256;
 
public class RedsysPOS {
  
  private final HashMap<String, String> properties = new HashMap<>();
  
  public void addParameters(ElephantMarker marker, double amount, String order) {
    ApiMacSha256 apiMacSha256 = new ApiMacSha256();
 
    apiMacSha256.setParameter("DS_MERCHANT_TITULAR", Strings.truncateAndWarn(ElephantContext.getSiteName(), 60));
    apiMacSha256.setParameter("DS_MERCHANT_AMOUNT", DecimalFormats.format(amount * 100, "0"));
    apiMacSha256.setParameter("DS_MERCHANT_ORDER", order);
    apiMacSha256.setParameter("DS_MERCHANT_MERCHANTNAME", ElephantContext.getSiteName());
    apiMacSha256.setParameter("DS_MERCHANT_MERCHANTCODE", ShopContext.getInstance().getMerchantCode());
    apiMacSha256.setParameter("DS_MERCHANT_CURRENCY", ShopContext.getInstance().getMerchantCurrency());
    apiMacSha256.setParameter("DS_MERCHANT_TRANSACTIONTYPE", "0");
    apiMacSha256.setParameter("DS_MERCHANT_TERMINAL", ShopContext.getInstance().getMerchantTerminal());
    apiMacSha256.setParameter("DS_MERCHANT_MERCHANTURL", ElephantContext.getServerUrl("http") + ShopContext.getInstance().getNotificationPath());
    apiMacSha256.setParameter("DS_MERCHANT_URLOK", ElephantContext.getServerUrl("http") + ShopContext.getInstance().getOKPath());
    apiMacSha256.setParameter("DS_MERCHANT_URLKO", ElephantContext.getServerUrl("http") + ShopContext.getInstance().getKOPath());
    //apiMacSha256.setParameter("DS_MERCHANT_MERCHANTDATA", request.getParameter("data"));
    apiMacSha256.setParameter("DS_MERCHANT_CONSUMERLANGUAGE", ShopContext.getInstance().getMerchantLanguage());
 
    try {
      if(ShopContext.getInstance().isMerchantTestScope()) {
        marker.put("pos_url", "https://sis-t.redsys.es:25443/sis/realizarPago");
      } else {
        marker.put("pos_url", "https://sis.redsys.es/sis/realizarPago");
      }
      marker.put("pos_version", ShopContext.getInstance().getMerchantKeyType());
      marker.put("pos_params", apiMacSha256.createMerchantParameters());
      marker.put("pos_signature", apiMacSha256.createMerchantSignature(ShopContext.getInstance().getMerchantKey()));
    } catch (UnsupportedEncodingException | InvalidKeyException | NoSuchAlgorithmException | IllegalStateException | 
            NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException ex) {
      Logger.getLogger(RedsysPOS.class.getName()).log(Level.SEVERE, ElephantContext.logMsg(null), ex);
    }
 
  }
  
  /*
  Ds_SignatureVersion=HMAC_SHA256_V1&Ds_MerchantParameters=eyJEc19EYXRlIjoiMTFcLzA2XC8yMDE2IiwiRHNfSG91ciI6IjA5OjM3IiwiRHNfU2VjdXJlUGF5bWVudCI6IjEiLCJEc19DYXJkX0NvdW50cnkiOiI3MjQiLCJEc19BbW91bnQiOiIyMDAwMCIsIkRzX0N1cnJlbmN5IjoiOTc4IiwiRHNfT3JkZXIiOiIxNjE0MDI3ODMwMjYiLCJEc19NZXJjaGFudENvZGUiOiIzMzU1MDUxNDUiLCJEc19UZXJtaW5hbCI6IjAwMSIsIkRzX1Jlc3BvbnNlIjoiMDAwMCIsIkRzX01lcmNoYW50RGF0YSI6IiIsIkRzX1RyYW5zYWN0aW9uVHlwZSI6IjAiLCJEc19Db25zdW1lckxhbmd1YWdlIjoiMyIsIkRzX0F1dGhvcmlzYXRpb25Db2RlIjoiMzEyMDI5In0=&Ds_Signature=5spWgE9uK6LndK_7RbSeRDW-J91aFjpTJJJmipNEOT4=
  */
  public boolean isOnlineNotification(IConstructor constructor) {
    String version = constructor.getParameter("Ds_SignatureVersion", true),
           params = constructor.getParameter("Ds_MerchantParameters", true),
           signature = constructor.getParameter("Ds_Signature", true);
 
    if(Strings.isBlank(signature)) {
      return false;
    }
    
    properties.put("Ds_SignatureVersion", version);
    properties.put("Ds_MerchantParameters", params);
    properties.put("Ds_Signature", signature);
    
    ApiMacSha256 apiMacSha256 = new ApiMacSha256();
 
    try {
      
      apiMacSha256.decodeMerchantParameters(params);
      
      String calculated = apiMacSha256.createMerchantSignatureNotif(ShopContext.getInstance().getMerchantKey(), params);
      
      return calculated.equals(signature);
      
    } catch (UnsupportedEncodingException | InvalidKeyException | NoSuchAlgorithmException | IllegalStateException | 
            NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException ex) {
      Logger.getLogger(RedsysPOS.class.getName()).log(Level.SEVERE, ElephantContext.logMsg(null), ex);
    }
    
    return false;
  }
  
  public Cart isAccepted(IConstructor constructor) {
    ApiMacSha256 apiMacSha256 = new ApiMacSha256();
 
    String version = constructor.getParameter("Ds_SignatureVersion", true),
           params = constructor.getParameter("Ds_MerchantParameters", true),
           signature = constructor.getParameter("Ds_Signature", true);
    
    try {
      
      apiMacSha256.decodeMerchantParameters(params);
 
      String response = apiMacSha256.getParameter("Ds_Response"),
             order = apiMacSha256.getParameter("Ds_Order");
      
      properties.put("Ds_Order", order);
 
      if(!Strings.isBlank(response) && Long.valueOf(response) < 100) {
        return Cart.deserializeForOrder(order);
      } 
      
    } catch (UnsupportedEncodingException ex) {
      Logger.getLogger(RedsysPOS.class.getName()).log(Level.SEVERE, ElephantContext.logMsg(null), ex);
    }
    
    return null;
  }
  
  public void logProperties() {
    for(String k : properties.keySet()) {
      Logger.getLogger(RedsysPOS.class.getName()).log(Level.INFO, k + ":" + properties.get(k));
    }
  }
  
}
 
/*
<%@page import="java.security.*"%>
<%@page import="sis.redsys.api.ApiMacSha256"%>
 
<HTML>
<BODY BGCOLOR="WHITE">
<form name=compra action="https://sis.sermepa.es/sis/realizarPago" method="POST" style="margin-left:20px">
  <input type="text" name="Ds_SignatureVersion" value="HMAC_SHA256_V1"/>
  <input type="text" name="Ds_MerchantParameters" value="<%=params%>"/>
  <input type="text" name="Ds_Signature" value="<%=signature%>"/>
</form> 
</BODY>
 <SCRIPT LANGUAGE="JavaScript" >
    function calc() {
      document.compra.submit();
    }
    calc();
</SCRIPT>
</HTML>
*/