Skip to content

Commit

Permalink
Merge pull request #244 from razorpay/registration_entity_n_utils_mock
Browse files Browse the repository at this point in the history
registration entity and utils mock
  • Loading branch information
ankitdas13 authored Aug 24, 2022
2 parents 57631fa + 5fb4684 commit 7c23fff
Show file tree
Hide file tree
Showing 4 changed files with 105 additions and 68 deletions.
10 changes: 10 additions & 0 deletions src/main/java/com/razorpay/SubscriptionRegistration.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
package com.razorpay;

import org.json.JSONObject;

public class SubscriptionRegistration extends Entity {

public SubscriptionRegistration(JSONObject jsonObject) {
super(jsonObject);
}
}
19 changes: 19 additions & 0 deletions src/main/java/com/razorpay/SubscriptionRegistrationClient.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package com.razorpay;

import java.io.IOException;
import java.net.URISyntaxException;
import java.util.List;

import org.json.JSONException;
import org.json.JSONObject;

public class SubscriptionRegistrationClient extends ApiClient {

SubscriptionRegistrationClient(String auth, ApiUtils apiUtils) {
super(auth,apiUtils);
}

public Invoice create(JSONObject request) throws RazorpayException, JSONException, IOException, URISyntaxException {
return post(Constants.SUBSCRIPTION_REGISTRATION_LINK, request);
}
}
137 changes: 72 additions & 65 deletions src/main/java/com/razorpay/Utils.java
Original file line number Diff line number Diff line change
Expand Up @@ -3,80 +3,87 @@
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Hex;
import org.json.JSONException;
import org.json.JSONObject;

public class Utils {

public static boolean verifyPaymentSignature(JSONObject attributes, String apiSecret)
throws RazorpayException {
String expectedSignature = attributes.getString("razorpay_signature");
String orderId = attributes.getString("razorpay_order_id");
String paymentId = attributes.getString("razorpay_payment_id");
String payload = orderId + '|' + paymentId;
return verifySignature(payload, expectedSignature, apiSecret);
}
public static boolean verifyPaymentSignature(JSONObject attributes, String apiSecret)
throws RazorpayException, JSONException {
String expectedSignature = attributes.getString("razorpay_signature");
String orderId = attributes.getString("razorpay_order_id");
String paymentId = attributes.getString("razorpay_payment_id");
String payload = orderId + '|' + paymentId;
return verifySignature(payload, expectedSignature, apiSecret);
}

public static boolean verifySubscription(JSONObject attributes, String apiSecret)
throws RazorpayException {
String expectedSignature = attributes.getString("razorpay_signature");
String subscriptionId = attributes.getString("razorpay_subscription_id");
String paymentId = attributes.getString("razorpay_payment_id");
String payload = paymentId + '|' + subscriptionId;
return verifySignature(payload, expectedSignature, apiSecret);
}

public static boolean verifyPaymentLink(JSONObject attributes, String apiSecret)
throws RazorpayException {
String expectedSignature = attributes.getString("razorpay_signature");
String paymentLinkStatus = attributes.getString("payment_link_status");
String paymentLinkId = attributes.getString("payment_link_id");
String paymentLinkRefId = attributes.getString("payment_link_reference_id");
String paymentId = attributes.getString("razorpay_payment_id");
String payload = paymentLinkId + '|' + paymentLinkRefId + '|' + paymentLinkStatus + '|' + paymentId;
return verifySignature(payload, expectedSignature, apiSecret);
}
public static boolean verifySubscription(JSONObject attributes, String apiSecret)
throws RazorpayException, JSONException {
String expectedSignature = attributes.getString("razorpay_signature");
String subscriptionId = attributes.getString("razorpay_subscription_id");
String paymentId = attributes.getString("razorpay_payment_id");
String payload = paymentId + '|' + subscriptionId;
return verifySignature(payload, expectedSignature, apiSecret);
}

public static boolean verifyWebhookSignature(String payload, String expectedSignature,
String webhookSecret) throws RazorpayException {
return verifySignature(payload, expectedSignature, webhookSecret);
}
public static boolean verifyPaymentLink(JSONObject attributes, String apiSecret)
throws RazorpayException, JSONException {
String expectedSignature = attributes.getString("razorpay_signature");
String paymentLinkStatus = attributes.getString("payment_link_status");
String paymentLinkId = attributes.getString("payment_link_id");
String paymentLinkRefId = attributes.getString("payment_link_reference_id");
String paymentId = attributes.getString("razorpay_payment_id");
String payload = paymentLinkId + '|' + paymentLinkRefId + '|' + paymentLinkStatus + '|' + paymentId;
return verifySignature(payload, expectedSignature, apiSecret);
}

public static boolean verifySignature(String payload, String expectedSignature, String secret)
throws RazorpayException {
String actualSignature = getHash(payload, secret);
return isEqual(actualSignature.getBytes(), expectedSignature.getBytes());
}
public static boolean verifyWebhookSignature(String payload, String expectedSignature,
String webhookSecret) throws RazorpayException {
return verifySignature(payload, expectedSignature, webhookSecret);
}

public static boolean verifySignature(String payload, String expectedSignature, String secret)
throws RazorpayException {
String actualSignature = getHash(payload, secret);
return isEqual(actualSignature.getBytes(), expectedSignature.getBytes());
}

public static String getHash(String payload, String secret) throws RazorpayException {
Mac sha256_HMAC;
try {
sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(secret.getBytes("UTF-8"), "HmacSHA256");
sha256_HMAC.init(secret_key);
byte[] hash = sha256_HMAC.doFinal(payload.getBytes());
return new String(Hex.encodeHex(hash));
} catch (Exception e) {
throw new RazorpayException(e.getMessage());
public static String getHash(String payload, String secret) throws RazorpayException {
Mac sha256_HMAC;
try {
sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(secret.getBytes("UTF-8"), "HmacSHA256");
sha256_HMAC.init(secret_key);
byte[] hash = sha256_HMAC.doFinal(payload.getBytes());
return getHexString(hash);
} catch (Exception e) {
throw new RazorpayException(e.getMessage());
}
}
}

/**
* We are not using String.equals() method because of security issue mentioned in
* <a href="http://security.stackexchange.com/a/83670">StackOverflow</a>
*
* @param a
* @param b
* @return boolean
*/
private static boolean isEqual(byte[] a, byte[] b) {
if (a.length != b.length) {
return false;
/**
* We are not using String.equals() method because of security issue mentioned in
* <a href="http://security.stackexchange.com/a/83670">StackOverflow</a>
*
* @param a
* @param b
* @return boolean
*/
private static boolean isEqual(byte[] a, byte[] b) {
if (a.length != b.length) {
return false;
}
int result = 0;
for (int i = 0; i < a.length; i++) {
result |= a[i] ^ b[i];
}
return result == 0;
}
int result = 0;
for (int i = 0; i < a.length; i++) {
result |= a[i] ^ b[i];
private static String getHexString(byte[] b) {
String result = "";
for (int i=0; i < b.length; i++) {
result +=
Integer.toString( ( b[i] & 0xff ) + 0x100, 16).substring( 1 );
}
return result;
}
return result == 0;
}
}
7 changes: 4 additions & 3 deletions src/test/java/com/razorpay/UtilsTest.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package com.razorpay;

import org.json.JSONException;
import org.json.JSONObject;
import org.junit.Test;

Expand All @@ -13,7 +14,7 @@ public class UtilsTest {
* @throws RazorpayException
*/
@Test
public void verifyPaymentSignature() throws RazorpayException{
public void verifyPaymentSignature() throws RazorpayException, JSONException {
JSONObject options = new JSONObject();
options.put("razorpay_order_id", "order_IEIaMR65cu6nz3");
options.put("razorpay_payment_id", "pay_IH4NVgf4Dreq1l");
Expand All @@ -27,7 +28,7 @@ public void verifyPaymentSignature() throws RazorpayException{
* @throws RazorpayException
*/
@Test
public void verifySubscription() throws RazorpayException{
public void verifySubscription() throws RazorpayException, JSONException {
JSONObject options = new JSONObject();
options.put("razorpay_subscription_id", "sub_ID6MOhgkcoHj9I");
options.put("razorpay_payment_id", "pay_IDZNwZZFtnjyym");
Expand All @@ -41,7 +42,7 @@ public void verifySubscription() throws RazorpayException{
* @throws RazorpayException
*/
@Test
public void verifyPaymentLink() throws RazorpayException{
public void verifyPaymentLink() throws RazorpayException, JSONException {
JSONObject options = new JSONObject();
options.put("payment_link_reference_id", "TSsd1989");
options.put("razorpay_payment_id", "pay_IH3d0ara9bSsjQ");
Expand Down

0 comments on commit 7c23fff

Please sign in to comment.