Hash Transition (#131)

* All services switched to Authorization V2 * Signature verification function implemented * typo fix * Included missing tests & signature verification samples * project dependencies updated * request replaced with postman-request * Update IyzipayResource.js Signed-off-by: Bünyamin Yaşar <[email protected]> --------- Signed-off-by: Bünyamin Yaşar <[email protected]> Co-authored-by: Osman Keser <[email protected]>
iyzico · Nov 4, 2024 · 5e915c8 · 5e915c8
1 parent a324a43
commit 5e915c8
Show file tree

Hide file tree

Showing 7 changed files with 3,710 additions and 42 deletions.
diff --git a/.gitignore b/.gitignore
@@ -80,5 +80,5 @@ com_crashlytics_export_strings.xml
 crashlytics.properties
 crashlytics-build.properties
 
-
-
+# Nyc
+.nyc_output
diff --git a/lib/IyzipayResource.js b/lib/IyzipayResource.js
@@ -1,8 +1,7 @@
 'use strict';
 
-var request = require('request'),
-    crypto = require('crypto'),
-    utils = require('./utils');
+const request = require('postman-request');
+const utils = require('./utils');
 
 function IyzipayResource() {
 }
@@ -11,36 +10,42 @@ IyzipayResource.RANDOM_STRING_SIZE = 8;
 IyzipayResource.RANDOM_HEADER_NAME = 'x-iyzi-rnd';
 IyzipayResource.CLIENT_VERSION = 'x-iyzi-client-version';
 IyzipayResource.AUTHORIZATION = 'Authorization';
+IyzipayResource.AUTHORIZATION_FALLBACK_HEADER = 'Authorization_Fallback';
 IyzipayResource.IYZI_WS_HEADER_NAME = 'IYZWS';
 IyzipayResource.IYZI_WS_HEADER_NAME_V2 = 'IYZWSv2';
 IyzipayResource.SEPARATOR = ':';
 
 IyzipayResource.prototype._getHttpHeaders = function (method) {
-    var headers = {};
-    var randomString = utils.generateRandomString(IyzipayResource.RANDOM_STRING_SIZE);
-    var v2AuthUrlRegex = RegExp(/\/v2\//);
+    const headers = {};
+    const randomString = utils.generateRandomString(IyzipayResource.RANDOM_STRING_SIZE);
     headers[IyzipayResource.RANDOM_HEADER_NAME] = randomString;
     headers[IyzipayResource.CLIENT_VERSION] = "iyzipay-node-2.0.61";
-    if (v2AuthUrlRegex.test(this._api[method].path)) {
-        headers[IyzipayResource.AUTHORIZATION] = utils.generateAuthorizationHeaderV2(
-            IyzipayResource.IYZI_WS_HEADER_NAME_V2,
+
+    const generateHttpHeadersV1 = () => {
+        return utils.generateAuthorizationHeader(
+            IyzipayResource.IYZI_WS_HEADER_NAME,
             this._config.apiKey,
             IyzipayResource.SEPARATOR,
             this._config.secretKey,
-            this._api[method].generatedPath,
-            this._getBody(method),
+            this._getPkiString(method),
             randomString
         );
-    } else {
-        headers[IyzipayResource.AUTHORIZATION] = utils.generateAuthorizationHeader(
-            IyzipayResource.IYZI_WS_HEADER_NAME,
+    };
+
+    const generateHttpHeadersV2 = () => {
+        return utils.generateAuthorizationHeaderV2(
+            IyzipayResource.IYZI_WS_HEADER_NAME_V2,
             this._config.apiKey,
             IyzipayResource.SEPARATOR,
             this._config.secretKey,
-            this._getPkiString(method),
+            this._api[method].generatedPath,
+            this._getBody(method),
             randomString
         );
-    }
+    };
+
+    headers[IyzipayResource.AUTHORIZATION] = generateHttpHeadersV2();
+    headers[IyzipayResource.AUTHORIZATION_FALLBACK_HEADER] = generateHttpHeadersV1();
     return headers;
 };
 

diff --git a/lib/resources/ThreedsInitialize.js b/lib/resources/ThreedsInitialize.js
@@ -2,7 +2,7 @@
 
 var IyzipayResource = require('../IyzipayResource');
 
-function ThreedsInitializ() {
+function ThreedsInitialize() {
     this._config = arguments[0];
     this._api = {
         create: {
@@ -13,6 +13,6 @@ function ThreedsInitializ() {
     };
 }
 
-ThreedsInitializ.prototype = new IyzipayResource();
+ThreedsInitialize.prototype = new IyzipayResource();
 
-module.exports = ThreedsInitializ;
+module.exports = ThreedsInitialize;
diff --git a/lib/utils.js b/lib/utils.js
@@ -32,7 +32,7 @@ var utils = module.exports = {
             'randomKey' + separator + randomString,
             'signature' + separator + signature
         ];
-        return new Buffer(authorizationParams.join('&')).toString('base64');
+        return new Buffer.from(authorizationParams.join('&')).toString('base64');
     },
     generateRandomString: function (size) {
         return process.hrtime()[0] + Math.random().toString(size).slice(2);
@@ -60,5 +60,13 @@ var utils = module.exports = {
             }
         }
         return mergedObject;
+    },
+    calculateHmacSHA256Signature: (params, secretKey) => {
+        const dataToCheck = params.join(':');
+
+        return crypto
+            .createHmac('sha256', secretKey)
+            .update(dataToCheck)
+            .digest('hex');
     }
 };