From 985692ad25ac4535e751ca5f41ca052b1844b3ab Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Sun, 11 Oct 2020 09:58:26 +0200 Subject: [PATCH] paybox: use uuid4() to generate transaction id (#9946) --- eopayment/paybox.py | 30 +++++++++++++++++------------- tests/test_paybox.py | 17 ++++++++--------- 2 files changed, 25 insertions(+), 22 deletions(-) diff --git a/eopayment/paybox.py b/eopayment/paybox.py index 0962f23..08d506b 100644 --- a/eopayment/paybox.py +++ b/eopayment/paybox.py @@ -22,6 +22,7 @@ import logging import hashlib import hmac import requests +import uuid import pytz @@ -284,6 +285,15 @@ class Payment(PaymentCommon): ] } + def make_pbx_cmd(self, guid, orderid=None, transaction_id=None): + if not transaction_id: + date = datetime.datetime.now(pytz.timezone(self.timezone)).strftime('%Y-%m-%dT%H%M%S') + transaction_id = '%s_%s' % (date, guid) + pbx_cmd = transaction_id + if orderid: + pbx_cmd += '!' + orderid + return pbx_cmd + def request(self, amount, email, name=None, orderid=None, manual_validation=None, **kwargs): d = OrderedDict() d['PBX_SITE'] = force_text(self.site) @@ -291,13 +301,10 @@ class Payment(PaymentCommon): d['PBX_IDENTIFIANT'] = force_text(self.identifiant) d['PBX_TOTAL'] = self.clean_amount(amount) d['PBX_DEVISE'] = force_text(self.devise) - transaction_id = kwargs.get('transaction_id') or \ - self.transaction_id(12, string.digits, 'paybox', self.site, - self.rang, self.identifiant) - d['PBX_CMD'] = force_text(transaction_id) - # prepend order id command reference - if orderid: - d['PBX_CMD'] = orderid + ORDERID_TRANSACTION_SEPARATOR + d['PBX_CMD'] + guid = str(uuid.uuid4().hex) + transaction_id = d['PBX_CMD'] = self.make_pbx_cmd(guid=guid, + transaction_id=kwargs.get('transaction_id'), + orderid=orderid) d['PBX_PORTEUR'] = force_text(email) d['PBX_RETOUR'] = ( 'montant:M;reference:R;code_autorisation:A;erreur:E;numero_appel:T;' @@ -309,7 +316,7 @@ class Payment(PaymentCommon): d['PBX_TIME'] = kwargs.get('time') or ( force_text(datetime.datetime.utcnow().isoformat('T')).split('.')[0] + '+00:00') - d['PBX_ARCHIVAGE'] = transaction_id + d['PBX_ARCHIVAGE'] = orderid or guid if self.normal_return_url: d['PBX_EFFECTUE'] = self.normal_return_url d['PBX_REFUSE'] = self.normal_return_url @@ -378,10 +385,7 @@ class Payment(PaymentCommon): bank_status = PAYBOX_ERROR_CODES.get(prefix + suffix) if bank_status is not None: break - orderid = d['reference'][0] - # decode order id from returned reference - if ORDERID_TRANSACTION_SEPARATOR in orderid: - orderid, transaction_id = orderid.split(ORDERID_TRANSACTION_SEPARATOR, 1) + pbx_cmd = d['reference'][0] transaction_date = None if 'date_transaction' in d and 'heure_transaction' in d: try: @@ -395,7 +399,7 @@ class Payment(PaymentCommon): paris_tz = pytz.timezone(self.timezone) transaction_date = paris_tz.localize(transaction_date) return PaymentResponse( - order_id=orderid, + order_id=pbx_cmd, signed=signed, bank_data=d, result=result, diff --git a/tests/test_paybox.py b/tests/test_paybox.py index 04dff51..e56d7db 100644 --- a/tests/test_paybox.py +++ b/tests/test_paybox.py @@ -87,7 +87,7 @@ class PayboxTests(TestCase): Decimal(amount), email=email, orderid=order_id, transaction_id=transaction, time=time, manual_validation=False) self.assertEqual(kind, eopayment.FORM) - self.assertEqual(transaction_id, '1234') + self.assertEqual(transaction_id, '%s!%s' % (transaction, order_id)) root = ET.fromstring(str(what)) self.assertEqual(root.tag, 'form') self.assertEqual(root.attrib['method'], 'POST') @@ -103,17 +103,16 @@ class PayboxTests(TestCase): ), 'PBX_TIME': time, 'PBX_PORTEUR': email, - 'PBX_CMD': order_id + eopayment.common.ORDERID_TRANSACTION_SEPARATOR + transaction, + 'PBX_CMD': '%s!%s' % (transaction, order_id), 'PBX_TOTAL': amount.replace('.', ''), 'PBX_DEVISE': '978', 'PBX_HASH': 'SHA512', 'PBX_HMAC': ( - 'CE29AB421D9FF5E22B52A0F0D31BB881E6D' - '3040B7A0B390AC3F335292A75D2389253A3' - 'ED6B3E430A90D30088F6AC29F792B484A2E' - 'CFC36A1B73771796A5FD15C' + '300CFBDFF0454403BE7FEA11B9714C6B134294313E' + '7A052580F517BFCB117FB6A175C2E0DC81F6137D95' + '8FCA3CC4F8F1883A479C474C3A7B871CCA2DB8D033D9' ), - 'PBX_ARCHIVAGE': '1234', + 'PBX_ARCHIVAGE': '20160216', 'PBX_REPONDRE_A': 'http://example.com/callback', 'PBX_AUTOSEULE': 'N' } @@ -203,7 +202,7 @@ class PayboxTests(TestCase): backend = eopayment.Payment('paybox', BACKEND_PARAMS) order_id = '20160216' transaction = '1234' - reference = order_id + eopayment.common.ORDERID_TRANSACTION_SEPARATOR + transaction + reference = transaction + eopayment.common.ORDERID_TRANSACTION_SEPARATOR + order_id data = { 'montant': '4242', 'reference': reference, @@ -212,7 +211,7 @@ class PayboxTests(TestCase): 'date_transaction': '20200101', 'heure_transaction': '01:01:01'} response = backend.response(urllib.urlencode(data)) - self.assertEqual(response.order_id, order_id) + self.assertEqual(response.order_id, reference) assert not response.signed assert response.transaction_date.isoformat() == '2020-01-01T01:01:01+01:00' -- 2.28.0