/**
* Validate signature using Hosted Page configuration
*
* @param signature - signature need to validate
* @param expiredAfter - expired time in millisecond after the signature is created
* @throws Exception
*/
public static void validBasicSignature(String signature, long expiredAfter) throws Exception {
// Need to get value from configration page and value from request to construct the
// encryptedString.
// SignatureDecrypter.verifyAdvancedSignature(signature, encryptedString, publicKeyString);
String decryptedSignature = SignatureDecrypter.decryptAsString(signature, publicKeyString);
// Validate signature.
if (StringUtils.isBlank(decryptedSignature)) {
throw new Exception("Signature is empty.");
}
StringTokenizer st = new StringTokenizer(decryptedSignature, "#");
String url_signature = st.nextToken();
String tenanId_signature = st.nextToken();
String token_signature = st.nextToken();
String timestamp_signature = st.nextToken();
String pageId_signature = st.nextToken();
if (StringUtils.isBlank(url_signature)
|| StringUtils.isBlank(tenanId_signature)
|| StringUtils.isBlank(token_signature)
|| StringUtils.isBlank(timestamp_signature)
|| StringUtils.isBlank(pageId_signature)) {
throw new Exception("Signature is not complete.");
}
boolean isPageIdValid = false;
for (HPMPage page : pages.values()) {
if (page.getPageId().equals(pageId_signature)) {
isPageIdValid = true;
break;
}
}
if (!isPageIdValid) {
throw new Exception("Page Id in signature is invalid.");
}
if ((new Date()).getTime() > (Long.parseLong(timestamp_signature) + expiredAfter)) {
throw new Exception("Signature is expired.");
}
}
/**
* Throw exception when the signature is invalid.
*
* @param request
* @param expiredAfter
* @throws Exception
*/
public static void validateAdvancedSignature(HttpServletRequest request, long expiredAfter)
throws Exception {
// We can leverage FieldDecrypter to decrypt paygeId and refId.
String pageId = FieldDecrypter.decrypt(request.getParameter("pageId"), publicKeyString);
String paymentMethodId = FieldDecrypter.decrypt(request.getParameter("refId"), publicKeyString);
System.out.println("Charset:" + request.getCharacterEncoding());
System.out.println("QueryString:" + request.getQueryString());
boolean isSignatureValid =
SignatureDecrypter.verifyAdvancedSignature(request, callbackURL, publicKeyString);
// Following comment out codes is for reference to how to construct the encrypted
// string.
// StringBuilder encryptedString = new StringBuilder();
// encryptedString.append( "/hpm2samplecodejsp/callback.jsp");
// encryptedString.append( DELIM + request.getParameter("tenantId") );
// encryptedString.append( DELIM + request.getParameter("token"));
// encryptedString.append( DELIM + request.getParameter("timestamp"));
// encryptedString.append( DELIM + FieldDecrypter.decrypt(request.getParameter("pageId"),
// publicKeyString ));
//
// encryptedString.append( DELIM + (request.getParameter("errorCode") ==
// null?"":request.getParameter("errorCode") ));
//
// encryptedString.append( DELIM + (request.getParameter("field_passthrough1") == null?
// "":request.getParameter("field_passthrough1")));
// encryptedString.append( DELIM + (request.getParameter("field_passthrough2") == null?
// "":request.getParameter("field_passthrough2")));
// encryptedString.append( DELIM + (request.getParameter("field_passthrough3") == null?
// "":request.getParameter("field_passthrough3")));
// encryptedString.append( DELIM + (request.getParameter("field_passthrough4") == null?
// "":request.getParameter("field_passthrough4")));
// encryptedString.append( DELIM + (request.getParameter("field_passthrough5") == null?
// "":request.getParameter("field_passthrough5")));
//
// encryptedString.append( DELIM + FieldDecrypter.decrypt(request.getParameter("refId"),
// publicKeyString) );
//
// boolean isSignatureValid = false;
//
// String signature = null;
// System.out.println("Charset:" + request.getCharacterEncoding() );
// String[] parameters = request.getQueryString().split("&");
// for(String parameter: parameters){
// String[] keyValue = parameter.split("=");
// if( keyValue.length>1 && "signature".equals(keyValue[0]) ){
// signature = keyValue[1];
// break;
// }
// }
// isSignatureValid = SignatureDecrypter.verifyAdvancedSignature(URLDecoder.decode( signature,
// "UTF-8"), encryptedString.toString(), publicKeyString);
if (!isSignatureValid) {
throw new Exception("Signature is invalid.");
}
if ((new Date()).getTime()
> (Long.parseLong(request.getParameter("timestamp"))) + expiredAfter) {
throw new Exception("Signature is expired.");
}
}
