Skip to content

yotta / pictogram

Go to a project
Commit 114d280f by Arturo Montejo Ráez
Options

Encriptación y firmado de datos para conexión con RedSys listos

parent 2e789223
Inline Side-by-side
Showing with 54 additions and 30 deletions
sails/src/api/controllers/TPVController.js
...@@ -5,9 +5,8 @@ ...@@ -5,9 +5,8 @@
* @help :: See http://links.sailsjs.org/docs/controllers * @help :: See http://links.sailsjs.org/docs/controllers
*/ */
//const nacl_util = require('tweetnacl'); const moment = require('moment');
const nacl_util = require('tweetnacl-util'); const cryptojs = require("crypto-js");
const sha256 = require("fast-sha256");
module.exports = { module.exports = {
...@@ -21,36 +20,60 @@ module.exports = { ...@@ -21,36 +20,60 @@ module.exports = {
if (!params.id_stu || !params.id_sup || !params.type) if (!params.id_stu || !params.id_sup || !params.type)
return res.badRequest(); return res.badRequest();
//
// Submit data
//
var amount = sails.config.pictogram.tpv.prices.oneYearEuro; var amount = sails.config.pictogram.tpv.prices.oneYearEuro;
if (params.type == 'forever') if (params.type == 'forever')
amount = sails.config.pictogram.tpv.prices.foreverEuro; amount = sails.config.pictogram.tpv.prices.foreverEuro;
var tpvdata = var tpvdata =
{ {
Ds_Merchant_PayMethods: 'O', // Payment managed by RedSys DS_MERCHANT_PAYMETHODS: 'C', // Payment managed by RedSys
Ds_Merchant_MerchantCode: sails.config.pictogram.tpv.merchantCode, // Number of commerce (Yotta) DS_MERCHANT_MERCHANTCODE: sails.config.pictogram.tpv.merchantCode, // Number of commerce (Yotta)
Ds_Merchant_Terminal: '001', // Terminal number DS_MERCHANT_TERMINAL: '001', // Terminal number
Ds_Merchant_Currency: '000 ("978")', // Terminal currency DS_MERCHANT_CURRENCY: '978', // Terminal currency
Ds_Merchant_TransactionType: , // Type of the transaction DS_MERCHANT_TRANSACTIONTYPE: "0", // Type of the transaction (0: authorized)
Ds_Merchant_Amount: amount, // Amount DS_MERCHANT_AMOUNT: amount + "00", // Amount
Ds_Merchant_MerchantUrl: sails.getBaseUrl() + "/tpv/notify", DS_MERCHANT_ORDER: moment().format('YYMMDD') + params.id_stu,
Ds_Merchant_UrlOk: sails.getBaseUrl() + '/app/#/student/' + params.id_stu + "/setup/renewed/1" // Returning URL (success) DS_MERCHANT_MERCHANTURL: sails.getBaseUrl() + "/tpv/notify",
Ds_Merchant_UrlKo: sails.getBaseUrl() + '/app/#/student/' + params.id_stu + "/setup/renewed/0" // Returning URL (error) DS_MERCHANT_URLOK: sails.getBaseUrl() + '/app/#/student/' + params.id_stu + "/setup/renewed/1", // Returning URL (success)
DS_MERCHANT_URLKO: sails.getBaseUrl() + '/app/#/student/' + params.id_stu + "/setup/renewed/0" // Returning URL (error)
}; };
console.log(JSON.stringify(tpvdata)); //
// Sign data
//
// Parameters in Base64 // Base64 encoding of parameters
var merchantParameters = nacl_util.encodeBase64(JSON.stringify(tpvdata)); var merchantWordArray = cryptojs.enc.Utf8.parse(JSON.stringify(tpvdata));
var merchantBase64 = merchantWordArray.toString(cryptojs.enc.Base64);
// HMAC 256 signature // Decode key
var signature = nacl_util.encodeBase64(sha256.hmac(sails.config.pictogram.tpv.key, merchantParameters)); var keyWordArray = cryptojs.enc.Base64.parse(sails.config.pictogram.tpv.key);
res.ok({ // Generate transction key
merchantParameters: merchantParameters, var iv = cryptojs.enc.Hex.parse("00000000");
signatureVersion: "HMAC_SHA256_V1", var cipher = cryptojs.TripleDES.encrypt(tpvdata.DS_MERCHANT_ORDER, keyWordArray, {
signature: signature iv:iv,
mode: cryptojs.mode.CBC,
padding: cryptojs.pad.NoPadding
}); });
// Sign
var signature = cryptojs.HmacSHA256(merchantBase64, cipher.ciphertext);
var signatureBase64 = signature.toString(cryptojs.enc.Base64);
// Done, we can return response
var response = {
signatureVersion: "HMAC_SHA256_V1",
merchantParameters: merchantBase64,
signature: signatureBase64
};
sails.log.debug(JSON.stringify(response));
res.ok(response);
}, },
......
sails/src/api/models/Student.js
...@@ -640,10 +640,14 @@ module.exports = { ...@@ -640,10 +640,14 @@ module.exports = {
var prefix = (name + ' ' + surname).split(/\s+/).map(x => {return x.toLowerCase()[0]}).join(''); var prefix = (name + ' ' + surname).split(/\s+/).map(x => {return x.toLowerCase()[0]}).join('');
var counter = 0; var counter = 0;
var found = true; var found = true;
var postfix;
var username;
async.doWhilst( async.doWhilst(
function (cb) { function (cb) {
counter = counter + 1; counter = counter + 1;
Student.findOne({username: prefix + counter}) postfix = ("0000" + counter).slice(-4);
username = prefix + postfix;
Student.findOne({username: username})
.then((l) => { .then((l) => {
if (!l) if (!l)
found = false; found = false;
...@@ -658,7 +662,7 @@ module.exports = { ...@@ -658,7 +662,7 @@ module.exports = {
return found; return found;
}, },
function () { function () {
callback(prefix + counter); callback(username);
} }
); );
} }
......
sails/src/assets/scripts/modules/student/controllers/tpvmodal.js
...@@ -27,9 +27,9 @@ dashboardControllers.controller('TPVModalCtrl', function ( ...@@ -27,9 +27,9 @@ dashboardControllers.controller('TPVModalCtrl', function (
.success(function(data, status, headers, config) { .success(function(data, status, headers, config) {
// Non-AJAX post to RedSys // Non-AJAX post to RedSys
var form = $('<form id="redsysform" action="https://sis-t.redsys.es:25443/sis/realizarPago" method="POST">' + var form = $('<form id="redsysform" action="https://sis-t.redsys.es:25443/sis/realizarPago" method="POST">' +
'<input type="hidden" name="Ds_SignatureVersion" value="' + data.signatureVersion + '">' + '<input type="hidden" name="DS_SIGNATUREVERSION" value="' + data.signatureVersion + '">' +
'<input type="hidden" name="Ds_MerchantParameters" value="' + data.merchantParameters + '">' + '<input type="hidden" name="DS_MERCHANTPARAMETERS" value="' + data.merchantParameters + '">' +
'<input type="hidden" name="Ds_Signature" value="' + data.signature + '">' + '<input type="hidden" name="DS_SIGNATURE" value="' + data.signature + '">' +
'</form>'); '</form>');
$(document.body).append(form); $(document.body).append(form);
$("#redsysform").submit(); $("#redsysform").submit();
......
sails/src/assets/scripts/modules/student/views/tpvmodal.html
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
<button type="button" class="close" ng-click="close()"> <button type="button" class="close" ng-click="close()">
<span aria-hidden="true">&times;</span><span class="sr-only" translate>close</span> <span aria-hidden="true">&times;</span><span class="sr-only" translate>close</span>
</button> </button>
<h4 class="modal-title" translate>tpv_title</h4> <h2 class="modal-title" translate>tpv_title</h2>
</div> </div>
<div class="modal-body"> <div class="modal-body">
......
sails/src/config/pictogram.js
...@@ -33,7 +33,6 @@ module.exports.pictogram = { ...@@ -33,7 +33,6 @@ module.exports.pictogram = {
oneYearEuro: 70, // one year license in euros oneYearEuro: 70, // one year license in euros
}, },
merchantCode: '152038485', // Code for Yotta merchantCode: '152038485', // Code for Yotta
merchantKey: 'qwertyasdf0123456789',
key: 'sq7HjrUOBfKmC576ILgskD5srU870gJ7' // key for signing key: 'sq7HjrUOBfKmC576ILgskD5srU870gJ7' // key for signing
}, },
......
sails/src/package.json
...@@ -11,7 +11,6 @@ ...@@ -11,7 +11,6 @@
"connect-redis": "3.0.2", "connect-redis": "3.0.2",
"connect-timeout": "^1.7.0", "connect-timeout": "^1.7.0",
"ejs": "^0.8.8", "ejs": "^0.8.8",
"fast-sha256": "^1.0.0",
"forever": "^0.14.1", "forever": "^0.14.1",
"grunt": "^1.0.1", "grunt": "^1.0.1",
"grunt-contrib-clean": "^1.0.0", "grunt-contrib-clean": "^1.0.0",
...@@ -34,7 +33,6 @@ ...@@ -34,7 +33,6 @@
"sails-test-helper": "^0.3.5", "sails-test-helper": "^0.3.5",
"socket.io": "~1.3.2", "socket.io": "~1.3.2",
"socket.io-redis": "^0.1.4", "socket.io-redis": "^0.1.4",
"tweetnacl-util": "^0.15.0",
"winston": "~1.0.0" "winston": "~1.0.0"
}, },
"scripts": { "scripts": {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment