From e98b30ea368bd239d3af9af2d3095896779bdb89 Mon Sep 17 00:00:00 2001 From: Shivam Mishra Date: Fri, 22 May 2020 13:31:49 +0530 Subject: [PATCH] feat: added webhook hmac verification --- .../razorpay_settings/razorpay_settings.py | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py index 5e464d4..98ac022 100644 --- a/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py +++ b/payments/payment_gateways/doctype/razorpay_settings/razorpay_settings.py @@ -64,6 +64,9 @@ from __future__ import unicode_literals import frappe from frappe import _ import json +import hmac +import sys +import hashlib from six.moves.urllib.parse import urlencode from frappe.model.document import Document from frappe.utils import get_url, call_hook_method, cint, get_timestamp @@ -317,6 +320,27 @@ class RazorpaySettings(Document): except Exception: frappe.log_error(frappe.get_traceback()) + def verify_signature(self, body, signature, key): + if sys.version_info[0] == 3: + key = bytes(key, 'utf-8') + body = bytes(body, 'utf-8') + + dig = hmac.new(key=key, + msg=body, + digestmod=hashlib.sha256) + + generated_signature = dig.hexdigest() + + if sys.version_info[0:3] < (2, 7, 7): + result = self.compare_string(generated_signature, signature) + else: + result = hmac.compare_digest(generated_signature, signature) + + if not result: + frappe.throw(_('Razorpay Signature Verification Failed'), exc=frappe.PermissionError) + + return result + def capture_payment(is_sandbox=False, sanbox_response=None): """ Verifies the purchase as complete by the merchant.