mirror of
https://github.com/bitwarden/server.git
synced 2024-11-21 12:05:42 +01:00
Removed the need to verify requests as CloudOps added an ACL on the network (#3882)
This commit is contained in:
Conner Turnbull
GitHub
parent
ab3959fcfb
commit
5e4c5acc48
@ -1,6 +1,5 @@
|
||||
using System.Text;
|
||||
using Bit.Billing.Models;
|
||||
using Bit.Billing.Services;
|
||||
using Bit.Core.Entities;
|
||||
using Bit.Core.Enums;
|
||||
using Bit.Core.Repositories;
|
||||
@ -20,7 +19,6 @@ public class PayPalController : Controller
|
||||
private readonly IMailService _mailService;
|
||||
private readonly IOrganizationRepository _organizationRepository;
|
||||
private readonly IPaymentService _paymentService;
|
||||
private readonly IPayPalIPNClient _payPalIPNClient;
|
||||
private readonly ITransactionRepository _transactionRepository;
|
||||
private readonly IUserRepository _userRepository;
|
||||
|
||||
@ -30,7 +28,6 @@ public class PayPalController : Controller
|
||||
IMailService mailService,
|
||||
IOrganizationRepository organizationRepository,
|
||||
IPaymentService paymentService,
|
||||
IPayPalIPNClient payPalIPNClient,
|
||||
ITransactionRepository transactionRepository,
|
||||
IUserRepository userRepository)
|
||||
{
|
||||
@ -39,7 +36,6 @@ public class PayPalController : Controller
|
||||
_mailService = mailService;
|
||||
_organizationRepository = organizationRepository;
|
||||
_paymentService = paymentService;
|
||||
_payPalIPNClient = payPalIPNClient;
|
||||
_transactionRepository = transactionRepository;
|
||||
_userRepository = userRepository;
|
||||
}
|
||||
@ -91,14 +87,6 @@ public class PayPalController : Controller
|
||||
return BadRequest();
|
||||
}
|
||||
|
||||
var verified = await _payPalIPNClient.VerifyIPN(transactionModel.TransactionId, requestContent);
|
||||
|
||||
if (!verified)
|
||||
{
|
||||
_logger.LogError("PayPal IPN ({Id}): Verification failed", transactionModel.TransactionId);
|
||||
return BadRequest();
|
||||
}
|
||||
|
||||
if (transactionModel.TransactionType != "web_accept" &&
|
||||
transactionModel.TransactionType != "merch_pmt" &&
|
||||
transactionModel.PaymentStatus != "Refunded")
|
||||
|
||||
@ -1,6 +1,5 @@
|
||||
using System.Text;
|
||||
using Bit.Billing.Controllers;
|
||||
using Bit.Billing.Services;
|
||||
using Bit.Billing.Test.Utilities;
|
||||
using Bit.Core.AdminConsole.Entities;
|
||||
using Bit.Core.Entities;
|
||||
@ -31,7 +30,6 @@ public class PayPalControllerTests
|
||||
private readonly IMailService _mailService = Substitute.For<IMailService>();
|
||||
private readonly IOrganizationRepository _organizationRepository = Substitute.For<IOrganizationRepository>();
|
||||
private readonly IPaymentService _paymentService = Substitute.For<IPaymentService>();
|
||||
private readonly IPayPalIPNClient _payPalIPNClient = Substitute.For<IPayPalIPNClient>();
|
||||
private readonly ITransactionRepository _transactionRepository = Substitute.For<ITransactionRepository>();
|
||||
private readonly IUserRepository _userRepository = Substitute.For<IUserRepository>();
|
||||
|
||||
@ -115,31 +113,6 @@ public class PayPalControllerTests
|
||||
LoggedError(logger, "PayPal IPN (2PK15573S8089712Y): 'custom' did not contain a User ID or Organization ID");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task PostIpn_Unverified_BadRequest()
|
||||
{
|
||||
var logger = _testOutputHelper.BuildLoggerFor<PayPalController>();
|
||||
|
||||
_billingSettings.Value.Returns(new BillingSettings
|
||||
{
|
||||
PayPal = { WebhookKey = _defaultWebhookKey }
|
||||
});
|
||||
|
||||
var organizationId = new Guid("ca8c6f2b-2d7b-4639-809f-b0e5013a304e");
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.SuccessfulPayment);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(false);
|
||||
|
||||
var controller = ConfigureControllerContextWith(logger, _defaultWebhookKey, ipnBody);
|
||||
|
||||
var result = await controller.PostIpn();
|
||||
|
||||
HasStatusCode(result, 400);
|
||||
|
||||
LoggedError(logger, "PayPal IPN (2PK15573S8089712Y): Verification failed");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task PostIpn_OtherTransactionType_Unprocessed_Ok()
|
||||
{
|
||||
@ -154,8 +127,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.UnsupportedTransactionType);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
var controller = ConfigureControllerContextWith(logger, _defaultWebhookKey, ipnBody);
|
||||
|
||||
var result = await controller.PostIpn();
|
||||
@ -183,8 +154,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.SuccessfulPayment);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
var controller = ConfigureControllerContextWith(logger, _defaultWebhookKey, ipnBody);
|
||||
|
||||
var result = await controller.PostIpn();
|
||||
@ -212,8 +181,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.RefundMissingParentTransaction);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
var controller = ConfigureControllerContextWith(logger, _defaultWebhookKey, ipnBody);
|
||||
|
||||
var result = await controller.PostIpn();
|
||||
@ -241,8 +208,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.ECheckPayment);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
var controller = ConfigureControllerContextWith(logger, _defaultWebhookKey, ipnBody);
|
||||
|
||||
var result = await controller.PostIpn();
|
||||
@ -270,8 +235,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.NonUSDPayment);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
var controller = ConfigureControllerContextWith(logger, _defaultWebhookKey, ipnBody);
|
||||
|
||||
var result = await controller.PostIpn();
|
||||
@ -299,8 +262,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.SuccessfulPayment);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
_transactionRepository.GetByGatewayIdAsync(
|
||||
GatewayType.PayPal,
|
||||
"2PK15573S8089712Y").Returns(new Transaction());
|
||||
@ -332,8 +293,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.SuccessfulPayment);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
_transactionRepository.GetByGatewayIdAsync(
|
||||
GatewayType.PayPal,
|
||||
"2PK15573S8089712Y").ReturnsNull();
|
||||
@ -367,8 +326,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.SuccessfulPaymentForOrganizationCredit);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
_transactionRepository.GetByGatewayIdAsync(
|
||||
GatewayType.PayPal,
|
||||
"2PK15573S8089712Y").ReturnsNull();
|
||||
@ -417,8 +374,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.SuccessfulPaymentForUserCredit);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
_transactionRepository.GetByGatewayIdAsync(
|
||||
GatewayType.PayPal,
|
||||
"2PK15573S8089712Y").ReturnsNull();
|
||||
@ -467,8 +422,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.SuccessfulRefund);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
_transactionRepository.GetByGatewayIdAsync(
|
||||
GatewayType.PayPal,
|
||||
"2PK15573S8089712Y").Returns(new Transaction());
|
||||
@ -504,8 +457,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.SuccessfulRefund);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
_transactionRepository.GetByGatewayIdAsync(
|
||||
GatewayType.PayPal,
|
||||
"2PK15573S8089712Y").ReturnsNull();
|
||||
@ -545,8 +496,6 @@ public class PayPalControllerTests
|
||||
|
||||
var ipnBody = await PayPalTestIPN.GetAsync(IPNBody.SuccessfulRefund);
|
||||
|
||||
_payPalIPNClient.VerifyIPN(Arg.Any<string>(), ipnBody).Returns(true);
|
||||
|
||||
_transactionRepository.GetByGatewayIdAsync(
|
||||
GatewayType.PayPal,
|
||||
"2PK15573S8089712Y").ReturnsNull();
|
||||
@ -592,7 +541,6 @@ public class PayPalControllerTests
|
||||
_mailService,
|
||||
_organizationRepository,
|
||||
_paymentService,
|
||||
_payPalIPNClient,
|
||||
_transactionRepository,
|
||||
_userRepository);
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user