Projet

Général

Profil

0002-systempayv2-do-not-use-filesystem-for-unique-vads_tr.patch

Benjamin Dauvergne, 13 octobre 2020 00:31

Télécharger (3,05 ko)

Voir les différences: 

Subject: [PATCH 2/2] systempayv2: do not use filesystem for unique
 vads_trans_id (#47534)

vads_trans_id character space is larger than what we use, using 6
alphanumeric characters probability of collision on a day is small, 1 on
2*10^9.

https://paiement.systempay.fr/doc/fr-FR/form-payment/reference/vads-trans-id.html

 eopayment/systempayv2.py | 27 +++++++++++++++++++++++----
 1 file changed, 23 insertions(+), 4 deletions(-)
eopayment/systempayv2.py
20 20 
import datetime as dt
21 21 
import hashlib
22 22 
import hmac
23 
import random
24 
import re
23 25 
import string
26 
import six
24 27 
from six.moves.urllib import parse as urlparse
25 28 
import warnings
26 29 
from gettext import gettext as _
......
315 318 
        options = add_vads(options)
316 319 
        self.options = options
317 320 

  		




  
  321
  
    
    def make_vads_trans_id(self):

  		




  
  322
  
    
        # vads_trans_id must be 6 alphanumeric characters,

  		




  
  323
  
    
        # trans_id starting with 9 are reserved for the systempay backoffice

  		




  
  324
  
    
        # https://paiement.systempay.fr/doc/fr-FR/form-payment/reference/vads-trans-id.html

  		




  
  325
  
    
        gen = random.SystemRandom()

  		




  
  326
  
    
        if six.PY3:

  		




  
  327
  
    
            alphabet = string.ascii_letters + string.digits

  		




  
  328
  
    
        else:

  		




  
  329
  
    
            alphabet = string.letters + string.digits

  		




  
  330
  
    
        first_letter_alphabet = alphabet.replace('9', '')

  		




  
  331
  
    
        vads_trans_id = (

  		




  
  332
  
    
            gen.choice(first_letter_alphabet)

  		




  
  333
  
    
            + ''.join(gen.choice(alphabet) for i in range(5))

  		




  
  334
  
    
        )

  		




  
  335
  
    
        return vads_trans_id

  		




  318
  336
  
    

  		




  319
  337
  
    
    def request(self, amount, name=None, first_name=None, last_name=None,

  		




  320
  338
  
    
                address=None, email=None, phone=None, orderid=None, info1=None,

  		




  ......




  369
  387
  
    
                    '%s value %s is not of the type %s' % (name, orderid, ptype))

  		




  370
  388
  
    
            kwargs[name] = orderid

  		




  371
  389
  
    

  		




  372
  
  
    
        transaction_id = self.transaction_id(6, string.digits, 'systempay',

  		




  373
  
  
    
                                             self.options[VADS_SITE_ID])

  		




  374
  
  
    
        kwargs[VADS_TRANS_ID] = force_text(transaction_id)

  		




  
  390
  
    
        vads_trans_id = self.make_vads_trans_id()

  		




  
  391
  
    
        assert re.match(r'^[0-9a-zA-Z]{6}$', vads_trans_id)

  		




  
  392
  
    

  		




  
  393
  
    
        kwargs[VADS_TRANS_ID] = vads_trans_id

  		




  375
  394
  
    
        fields = kwargs

  		




  376
  395
  
    
        for parameter in PARAMETERS:

  		




  377
  396
  
    
            name = parameter.name

  		




  ......




  393
  412
  
    
        check_vads(fields)

  		




  394
  413
  
    
        fields[SIGNATURE] = force_text(self.signature(fields))

  		




  395
  414
  
    
        self.logger.debug('%s request contains fields: %s', __name__, fields)

  		




  396
  
  
    
        transaction_id = '%s_%s' % (fields[VADS_TRANS_DATE], transaction_id)

  		




  
  415
  
    
        transaction_id = '%s_%s' % (fields[VADS_TRANS_DATE], vads_trans_id)

  		




  397
  416
  
    
        self.logger.debug('%s transaction id: %s', __name__, transaction_id)

  		




  398
  417
  
    
        form = Form(

  		




  399
  418
  
    
            url=self.service_url,

  		




  400
  
  
    
-