Skip to content

Commit

Permalink
Extended Tpay server checking
Browse files Browse the repository at this point in the history 
Added option to check IP forwarded by proxy
Added option to enable/disable IP checking
  • Loading branch information
@piotrjozwiak
piotrjozwiak committed Feb 21, 2018
1 parent 8c390f9 commit 761ac2c
Show file tree
Hide file tree
Showing 9 changed files with 114 additions and 19 deletions.
15 changes: 15 additions & 0 deletions Api/TpayInterface.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,4 +115,19 @@ public function getTermsURL();
* @return string
*/
public function getInvoiceSendMail();

/**
* Check if Tpay notification server IP is forwarded by proxy
*
* @return bool
*/
public function getCheckProxy();

/**
* Check Tpay notification server IP
*
* @return bool
*/
public function getCheckTpayIP();

}
12 changes: 11 additions & 1 deletion Controller/tpay/Notification.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,9 +81,19 @@ public function execute()
try {
$id = $this->tpay->getMerchantId();
$code = $this->tpay->getSecurityCode();
$checkServer = $this->tpay->getCheckTpayIP();
$checkProxy = $this->tpay->getCheckProxy();
$forwardedIP = null;
$paymentBasic = $this->paymentBasicFactory->create(['merchantId' => $id, 'merchantSecret' => $code]);
$params = $this->getRequest()->getParams();
$validParams = $paymentBasic->checkPayment($this->remoteAddress->getRemoteAddress(), $params);
if ($checkServer === false) {
$paymentBasic->disableServerValidation();
}
if ($checkProxy === true) {
$paymentBasic->enableProxyValidation();
$forwardedIP = $this->getRequest()->getServer('HTTP_X_FORWARDED_FOR');
}
$validParams = $paymentBasic->checkPayment($this->remoteAddress->getRemoteAddress(), $forwardedIP, $params);
$orderId = base64_decode($validParams[ResponseFields::TR_CRC]);
$this->tpayService->SetOrderStatus($orderId, $validParams, $this->tpay);

Expand Down
16 changes: 14 additions & 2 deletions Model/Tpay.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@
use Magento\Payment\Helper\Data;
use Magento\Payment\Model\InfoInterface;
use Magento\Payment\Model\Method\AbstractMethod;
use Magento\Payment\Model\Method\Adapter;
use Magento\Payment\Model\Method\Logger;
use Magento\Quote\Api\Data\CartInterface;
use tpaycom\magento2basic\Api\Sales\OrderRepositoryInterface;
Expand Down Expand Up @@ -303,7 +302,20 @@ public function redirectToChannel()
{
return (bool)$this->getConfigData('redirect_directly_to_channel');
}

/**
* {@inheritdoc}
*/
public function getCheckProxy()
{
return (bool)$this->getConfigData('check_proxy');
}
/**
* {@inheritdoc}
*/
public function getCheckTpayIP()
{
return (bool)$this->getConfigData('check_server');
}
/**
* {@inheritdoc}
*/
Expand Down
2 changes: 1 addition & 1 deletion composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "tpaycom/magento2basic",
"description": "tpay.com payments module",
"type": "magento2-module",
"version": "1.3.6",
"version": "1.3.7",
"license": [
"OSL-3.0"
],
Expand Down
20 changes: 14 additions & 6 deletions etc/adminhtml/system.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,25 +53,33 @@
<label>BLIK level zero</label>
<source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
</field>
<field id="send_invoice_email" translate="label" type="select" sortOrder="10" showInDefault="1" showInWebsite="1" showInStore="1">
<field id="send_invoice_email" translate="label" type="select" sortOrder="11" showInDefault="1" showInWebsite="1" showInStore="1">
<label>Send new invoice email to customer</label>
<source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
</field>
<field id="sort_order" translate="label" type="text" sortOrder="11" showInDefault="1" showInWebsite="1" showInStore="1">
<field id="check_proxy" translate="label" type="select" sortOrder="12" showInDefault="1" showInWebsite="1" showInStore="1">
<label>My server use proxy</label>
<source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
</field>
<field id="check_server" translate="label" type="select" sortOrder="13" showInDefault="1" showInWebsite="1" showInStore="1">
<label>Validate Tpay notifications server IP (recommended)</label>
<source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
</field>
<field id="sort_order" translate="label" type="text" sortOrder="14" showInDefault="1" showInWebsite="1" showInStore="1">
<label>Sort order</label>
</field>
<field id="allowspecific" translate="label" type="allowspecific" sortOrder="12" showInDefault="1" showInWebsite="1" showInStore="1">
<field id="allowspecific" translate="label" type="allowspecific" sortOrder="15" showInDefault="1" showInWebsite="1" showInStore="1">
<label>All or allowed countries</label>
<source_model>Magento\Payment\Model\Config\Source\Allspecificcountries</source_model>
</field>
<field id="specificcountry" translate="label" type="multiselect" sortOrder="13" showInDefault="1" showInWebsite="1" showInStore="1">
<field id="specificcountry" translate="label" type="multiselect" sortOrder="16" showInDefault="1" showInWebsite="1" showInStore="1">
<label>Allowed countries</label>
<source_model>Magento\Directory\Model\Config\Source\Country</source_model>
</field>
<field id="min_order_total" translate="label" type="text" sortOrder="14" showInDefault="1" showInWebsite="1" showInStore="1">
<field id="min_order_total" translate="label" type="text" sortOrder="17" showInDefault="1" showInWebsite="1" showInStore="1">
<label>Minimal amount for method</label>
</field>
<field id="max_order_total" translate="label" type="text" sortOrder="15" showInDefault="1" showInWebsite="1" showInStore="1">
<field id="max_order_total" translate="label" type="text" sortOrder="18" showInDefault="1" showInWebsite="1" showInStore="1">
<label>Maximal amount for method</label>
<comment>Leave empty for no limit</comment>
</field>
Expand Down
2 changes: 2 additions & 0 deletions etc/config.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,8 @@
<can_void>0</can_void>
<can_cancel>1</can_cancel>
<currency>PLN</currency>
<check_server>1</check_server>
<check_proxy>0</check_proxy>
</tpaycom_magento2basic>
</payment>
</default>
Expand Down
2 changes: 1 addition & 1 deletion etc/module.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
*/
-->
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Module/etc/module.xsd">
<module name="tpaycom_magento2basic" setup_version="1.3.5">
<module name="tpaycom_magento2basic" setup_version="1.3.7">
<sequence>
<module name="Magento_Sales" />
<module name="Magento_Payment" />
Expand Down
2 changes: 2 additions & 0 deletions i18n/pl_PL.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,5 @@
"There was an error during your payment.","Wystąpił błąd podczas Twojej płatności."
"Thank you for your payment!","Dziękujemy za dokonanie płatności!"
"I do accept tpay.com service regulations","Akceptuję regulamin tpay.com"
"My server use proxy","Mój serwer korzysta z proxy"
"Validate Tpay notifications server IP (recommended)","Sprawdzaj adres IP serwera powiadomień (zalecane)"
62 changes: 54 additions & 8 deletions lib/PaymentBasic.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,23 @@ class PaymentBasic
'178.32.201.77',
'46.248.167.59',
'46.29.19.106',
'176.119.38.175',
];

/**
* Check Tpay server IP
*
* @var bool
*/
private $validateServerIP = true;

/**
* Check Tpay server IP from proxy
*
* @var bool
*/
private $validateForwardedIP = false;

/**
* PaymentBasic class constructor for payment:
* - basic from tpay.com panel
Expand Down Expand Up @@ -74,14 +89,14 @@ public function __construct($merchantId = false, $merchantSecret = false)
* Display information to prevent sending repeated notifications.
*
* @param string $remoteAddress remote address
* @param string $forwardedAddress
* @param null|array $params
* @return array
* @throws \Exception
*/

public function checkPayment($remoteAddress, $params = null)
public function checkPayment($remoteAddress, $forwardedAddress, $params = null)
{

$res = Validate::getResponse($params);
$checkMD5 = $this->checkMD5(
$res['md5sum'],
Expand All @@ -90,7 +105,7 @@ public function checkPayment($remoteAddress, $params = null)
$res['tr_crc']
);

if ($this->checkServer($remoteAddress) === false) {
if ($this->checkServer($remoteAddress, $forwardedAddress) === false) {
throw new \Exception('Request is not from secure server');
}

Expand Down Expand Up @@ -119,20 +134,51 @@ public function validateSign($md5sum, $transactionId, $transactionAmount, $crc)
}
}

public function disableServerValidation()
{
$this->validateServerIP = false;
return $this;
}

public function enableProxyValidation()
{
$this->validateForwardedIP = true;
return $this;
}

/**
* Check if request is called from secure tpay.com server
*
* @param $remoteAddress
*
* @param $remoteIP
* @param $forwarderIP
* @return bool
*/
private function checkServer($remoteAddress)
private function checkServer($remoteIP, $forwarderIP)
{
if (!isset($remoteAddress) || !in_array($remoteAddress, $this->secureIP)) {
if (!$this->validateServerIP) {
return true;
}
if (is_null($remoteIP) && is_null($forwarderIP)) {
return false;
}
if ($this->checkIP($remoteIP)) {
return true;
}
if ($this->validateForwardedIP && $this->checkIP($forwarderIP)) {
return true;
}
return false;
}

return true;
/**
* Validate if $ip is secure
*
* @param $ip
* @return bool
*/
private function checkIP($ip)
{
return in_array($ip, $this->secureIP, true);
}

/**
Expand Down

0 comments on commit 761ac2c

Please sign in to comment.