msb_52843
/
dalong_mall
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

upgrade app api

Browse Source
master
ycfxx 3 years ago
parent 297ea65d7d
commit 4aabbc7f5b
2 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File

6
src/main/java/au/com/royalpay/payment/manage/shopify/auth/domain/service/ShopifyRequestValidator.java
Unescape View File

@ -21,9 +21,11 @@ public class ShopifyRequestValidator {
return HmacVerificationUtil.hmacSHA256(message.toString(),clientSecret,parameter.getHmac()); return HmacVerificationUtil.hmacSHA256(message.toString(),clientSecret,parameter.getHmac());
} }
public boolean verifyPermission(String shopifyStoreHost, String hmac, String timestamp) { public boolean verifyPermission(String shop, String hmac, String timestamp, String host) {
StringBuilder message =new StringBuilder(); StringBuilder message =new StringBuilder();
message.append("shop=").append(shopifyStoreHost) message
.append("host=").append(host)
.append("&shop=").append(shop)
.append("&timestamp=").append(timestamp); .append("&timestamp=").append(timestamp);
return HmacVerificationUtil.hmacSHA256(message.toString(),clientSecret,hmac); return HmacVerificationUtil.hmacSHA256(message.toString(),clientSecret,hmac);
} }

7
src/main/java/au/com/royalpay/payment/manage/shopify/auth/web/ShopifyAuthTemplateController.java
Unescape View File

@ -38,13 +38,14 @@ public class ShopifyAuthTemplateController {
*/ */
@GetMapping("/auth") @GetMapping("/auth")
@ShopifyEndpoint @ShopifyEndpoint
public String shopifyStorePermission(@RequestParam("shop") String shop, public String shopifyStorePermission(@RequestParam("hmac") String hmac,
@RequestParam("hmac") String hmac, @RequestParam("host") String host,
@RequestParam("shop") String shop,
@RequestParam("timestamp") String timestamp) { @RequestParam("timestamp") String timestamp) {
if (!Pattern.matches("^[a-zA-Z0-9][a-zA-Z0-9\\-]*\\.myshopify\\.com", shop)) { if (!Pattern.matches("^[a-zA-Z0-9][a-zA-Z0-9\\-]*\\.myshopify\\.com", shop)) {
throw new BadRequestException("Parameter shop is invalid."); throw new BadRequestException("Parameter shop is invalid.");
} }
if (!shopifyRequestValidator.verifyPermission(shop, hmac, timestamp)) { if (!shopifyRequestValidator.verifyPermission(shop, hmac, timestamp,host)) {
throw new ShopifyRequestVerifyException("This request parameters is invalid"); throw new ShopifyRequestVerifyException("This request parameters is invalid");
} }
ShopifyPermissionURL shopifyPermissionURL = shopifyMerchantAuthApplication.getShopifyPermissionUrl(shop); ShopifyPermissionURL shopifyPermissionURL = shopifyMerchantAuthApplication.getShopifyPermissionUrl(shop);

Write Preview
Loading…
Cancel
Save