From e98b30ea368bd239d3af9af2d3095896779bdb89 Mon Sep 17 00:00:00 2001
From: Shivam Mishra <scm.mymail@gmail.com>
Date: Fri, 22 May 2020 13:31:49 +0530
Subject: [PATCH 1/4] feat: added webhook hmac verification

---
 .../razorpay_settings/razorpay_settings.py    | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
index 5e464d4..98ac022 100644
--- a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
+++ b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
@@ -64,6 +64,9 @@ from __future__ import unicode_literals
 import frappe
 from frappe import _
 import json
+import hmac
+import sys
+import hashlib
 from six.moves.urllib.parse import urlencode
 from frappe.model.document import Document
 from frappe.utils import get_url, call_hook_method, cint, get_timestamp
@@ -317,6 +320,27 @@ class RazorpaySettings(Document):
 		except Exception:
 			frappe.log_error(frappe.get_traceback())
 
+	def verify_signature(self, body, signature, key):
+		if sys.version_info[0] == 3:
+			key = bytes(key, 'utf-8')
+			body = bytes(body, 'utf-8')
+
+		dig = hmac.new(key=key,
+					   msg=body,
+					   digestmod=hashlib.sha256)
+
+		generated_signature = dig.hexdigest()
+
+		if sys.version_info[0:3] < (2, 7, 7):
+			result = self.compare_string(generated_signature, signature)
+		else:
+			result = hmac.compare_digest(generated_signature, signature)
+
+		if not result:
+			frappe.throw(_('Razorpay Signature Verification Failed'), exc=frappe.PermissionError)
+
+		return result
+
 def capture_payment(is_sandbox=False, sanbox_response=None):
 	"""
 		Verifies the purchase as complete by the merchant.

From 4bc6899fa07015841640c7b8ec49f29b91b6e82a Mon Sep 17 00:00:00 2001
From: Shivam Mishra <scm.mymail@gmail.com>
Date: Fri, 29 May 2020 13:22:52 +0530
Subject: [PATCH 2/4] refactor: use six instead of sys.version_info

---
 .../doctype/razorpay_settings/razorpay_settings.py          | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
index 98ac022..680225d 100644
--- a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
+++ b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
@@ -65,8 +65,8 @@ import frappe
 from frappe import _
 import json
 import hmac
-import sys
 import hashlib
+import six
 from six.moves.urllib.parse import urlencode
 from frappe.model.document import Document
 from frappe.utils import get_url, call_hook_method, cint, get_timestamp
@@ -321,7 +321,7 @@ class RazorpaySettings(Document):
 			frappe.log_error(frappe.get_traceback())
 
 	def verify_signature(self, body, signature, key):
-		if sys.version_info[0] == 3:
+		if six.PY3:
 			key = bytes(key, 'utf-8')
 			body = bytes(body, 'utf-8')
 
@@ -331,7 +331,7 @@ class RazorpaySettings(Document):
 
 		generated_signature = dig.hexdigest()
 
-		if sys.version_info[0:3] < (2, 7, 7):
+		if six.PY2:
 			result = self.compare_string(generated_signature, signature)
 		else:
 			result = hmac.compare_digest(generated_signature, signature)

From e00a7284a5310351906c811af254ad8fe3ab86b8 Mon Sep 17 00:00:00 2001
From: Shivam Mishra <scm.mymail@gmail.com>
Date: Fri, 29 May 2020 13:24:04 +0530
Subject: [PATCH 3/4] style: linting fixes

---
 .../doctype/razorpay_settings/razorpay_settings.py            | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
index 680225d..b4f4f9d 100644
--- a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
+++ b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
@@ -325,9 +325,7 @@ class RazorpaySettings(Document):
 			key = bytes(key, 'utf-8')
 			body = bytes(body, 'utf-8')
 
-		dig = hmac.new(key=key,
-					   msg=body,
-					   digestmod=hashlib.sha256)
+		dig = hmac.new(key=key, msg=body, digestmod=hashlib.sha256)
 
 		generated_signature = dig.hexdigest()
 

From 7e70ad4cc475dd06156295cd128ab42f7c7c48f7 Mon Sep 17 00:00:00 2001
From: Shivam Mishra <scm.mymail@gmail.com>
Date: Fri, 29 May 2020 14:09:05 +0530
Subject: [PATCH 4/4] feat: make verification function python 3 only

---
 .../doctype/razorpay_settings/razorpay_settings.py   | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
index b4f4f9d..1d2f7f9 100644
--- a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
+++ b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py
@@ -66,7 +66,6 @@ from frappe import _
 import json
 import hmac
 import hashlib
-import six
 from six.moves.urllib.parse import urlencode
 from frappe.model.document import Document
 from frappe.utils import get_url, call_hook_method, cint, get_timestamp
@@ -321,18 +320,13 @@ class RazorpaySettings(Document):
 			frappe.log_error(frappe.get_traceback())
 
 	def verify_signature(self, body, signature, key):
-		if six.PY3:
-			key = bytes(key, 'utf-8')
-			body = bytes(body, 'utf-8')
+		key = bytes(key, 'utf-8')
+		body = bytes(body, 'utf-8')
 
 		dig = hmac.new(key=key, msg=body, digestmod=hashlib.sha256)
 
 		generated_signature = dig.hexdigest()
-
-		if six.PY2:
-			result = self.compare_string(generated_signature, signature)
-		else:
-			result = hmac.compare_digest(generated_signature, signature)
+		result = hmac.compare_digest(generated_signature, signature)
 
 		if not result:
 			frappe.throw(_('Razorpay Signature Verification Failed'), exc=frappe.PermissionError)