From f356ea7ef4e11fdc73da9001e239fdd3bda974e8 Mon Sep 17 00:00:00 2001 From: Carine Bonnafous Date: Wed, 31 Jul 2024 14:54:56 +0200 Subject: [PATCH 1/7] chore: fix & enable coverage in Taskfile for all versions --- .github/workflows/ci.yml | 6 +++++- .gitignore | 3 ++- Dockerfile | 6 ++++++ Dockerfile.legacy | 4 ++++ Taskfile.php.yml | 12 ++++++------ Taskfile.yml | 3 +++ compose.yml | 2 ++ phpunit.ci.8.xml | 32 ++++++++++++++++++++++++++++++++ phpunit.dist.8.xml | 40 ++++++++++++++++++++++++++++++++++++++++ phpunit.dist.xml | 12 +++++++++++- tests/legacy_tests.sh | 2 +- 11 files changed, 112 insertions(+), 10 deletions(-) create mode 100644 phpunit.ci.8.xml create mode 100644 phpunit.dist.8.xml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ea652382..ae228866 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -60,7 +60,11 @@ jobs: grep -r -l "$string" tests/ | xargs sed -i "s/$string//g" - name: PHPUnit - run: composer exec phpunit -- --configuration phpunit.ci.xml --coverage-xml ./.coverage + run: | + case ${{ matrix.php }} in + 8.1|8.2|8.3 ) composer exec phpunit -- --configuration phpunit.ci.8.xml --coverage-xml ./.coverage;; + *) composer exec phpunit -- --configuration phpunit.ci.xml --coverage-xml ./.coverage;; + esac env: XDEBUG_MODE: coverage diff --git a/.gitignore b/.gitignore index dd74e98b..ee982aca 100644 --- a/.gitignore +++ b/.gitignore @@ -9,4 +9,5 @@ phpunit.xml .phpunit.cache/ composer.lock .DS_Store -.env \ No newline at end of file +.env +.coverage/ \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 12545aa0..8796849a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,6 +3,7 @@ ARG COMPOSER_VERSION FROM composer:${COMPOSER_VERSION} as composer FROM php:${PHP_VERSION}-fpm +ARG PHP_VERSION ENV DEBIAN_FRONTEND noninteractive @@ -16,6 +17,11 @@ RUN apt update && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* +RUN case ${PHP_VERSION} in \ + 8.0|8.1|8.2|8.3 ) pecl install xdebug-3.3.2 && docker-php-ext-enable xdebug;; \ + *) pecl install xdebug-2.9.8 && docker-php-ext-enable xdebug;; \ + esac + RUN usermod -u 1000 www-data RUN groupmod -g 1000 www-data diff --git a/Dockerfile.legacy b/Dockerfile.legacy index 4223fa91..1692a16f 100644 --- a/Dockerfile.legacy +++ b/Dockerfile.legacy @@ -20,6 +20,10 @@ RUN apt update && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* +# Install xdebug for code coverage +RUN pecl install xdebug-2.5.5 \ +&& docker-php-ext-enable xdebug + RUN usermod -u 1000 www-data RUN groupmod -g 1000 www-data diff --git a/Taskfile.php.yml b/Taskfile.php.yml index 9c03f34f..65fc9160 100644 --- a/Taskfile.php.yml +++ b/Taskfile.php.yml @@ -27,9 +27,9 @@ tasks: cmds: - >- {{ if eq .PHP_VERSION "5.6" "7.0" }} - docker compose run {{ .COMPOSE_SERVICE }} ./tests/legacy_tests.sh + docker compose run --rm {{ .COMPOSE_SERVICE }} ./tests/legacy_tests.sh {{ else }} - docker compose run {{ .COMPOSE_SERVICE }} composer exec phpunit --verbose -- --configuration phpunit.dist.xml --testsuite "Alma PHP Client Unit Test Suite" + docker compose run --rm {{ .COMPOSE_SERVICE }} composer exec phpunit --verbose -- --configuration {{ .PHPUNIT_FILE }} --testsuite "Alma PHP Client Unit Test Suite" --coverage-xml ./.coverage {{ end }} tests:integration: @@ -39,9 +39,9 @@ tasks: cmds: - >- {{ if eq .PHP_VERSION "5.6" "7.0" }} - docker compose run {{ .COMPOSE_SERVICE }} ./tests/legacy_integration_tests.sh + docker compose run --rm {{ .COMPOSE_SERVICE }} ./tests/legacy_integration_tests.sh {{ else }} - docker compose run {{ .COMPOSE_SERVICE }} composer exec phpunit --verbose -- --configuration phpunit.dist.xml --testsuite "Alma PHP Client Integration Test Suite" + docker compose run --rm {{ .COMPOSE_SERVICE }} composer exec phpunit --verbose -- --configuration {{ .PHPUNIT_FILE }} --testsuite "Alma PHP Client Integration Test Suite" {{ end }} shell: @@ -49,5 +49,5 @@ tasks: deps: - docker:build cmds: - - sed 's/{MYVERSION}/{{ .PHPUNIT_VERSION }}/g' phpunit.dist.xml > phpunit.xml - - docker compose run {{ .COMPOSE_SERVICE }} bash + - sed 's/{MYVERSION}/{{ .PHPUNIT_VERSION }}/g' {{ .PHPUNIT_FILE }} > phpunit.xml + - docker compose run --rm {{ .COMPOSE_SERVICE }} bash diff --git a/Taskfile.yml b/Taskfile.yml index 74ede9f8..2e09d806 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -44,14 +44,17 @@ includes: taskfile: Taskfile.php.yml vars: PHP_VERSION: "8.1" + PHPUNIT_FILE: phpunit.dist.8.xml "8.2": taskfile: Taskfile.php.yml vars: PHP_VERSION: "8.2" + PHPUNIT_FILE: phpunit.dist.8.xml "8.3": taskfile: Taskfile.php.yml vars: PHP_VERSION: "8.3" + PHPUNIT_FILE: phpunit.dist.8.xml tasks: default: diff --git a/compose.yml b/compose.yml index b73909d7..7c3bd0c7 100644 --- a/compose.yml +++ b/compose.yml @@ -12,6 +12,8 @@ services: volumes: - ./:/app - /app/vendor + environment: + XDEBUG_MODE: coverage php-legacy: user: ${UID:-1000}:${GID:-1000} diff --git a/phpunit.ci.8.xml b/phpunit.ci.8.xml new file mode 100644 index 00000000..851e6fb7 --- /dev/null +++ b/phpunit.ci.8.xml @@ -0,0 +1,32 @@ + + + + + + + tests/Unit + + + + + + + + + ./src/* + + + + diff --git a/phpunit.dist.8.xml b/phpunit.dist.8.xml new file mode 100644 index 00000000..550e8793 --- /dev/null +++ b/phpunit.dist.8.xml @@ -0,0 +1,40 @@ + + + + + + tests/Unit + + + tests/Integration + + + + + + + + + ./src/* + + + + + + + + diff --git a/phpunit.dist.xml b/phpunit.dist.xml index 72837d2a..e3ff90a3 100644 --- a/phpunit.dist.xml +++ b/phpunit.dist.xml @@ -1,5 +1,10 @@ - + tests/Unit @@ -8,6 +13,11 @@ tests/Integration + + + ./src/* + + diff --git a/tests/legacy_tests.sh b/tests/legacy_tests.sh index b21daaf9..a3eca141 100755 --- a/tests/legacy_tests.sh +++ b/tests/legacy_tests.sh @@ -11,4 +11,4 @@ string=': void' grep -r -l "$string" tests/ | xargs sed -i "s/$string//g" # Run tests -composer exec phpunit --verbose -- --configuration phpunit.dist.xml --testsuite "Alma PHP Client Unit Test Suite" +composer exec phpunit --verbose -- --configuration phpunit.dist.xml --testsuite "Alma PHP Client Unit Test Suite" --coverage-xml ./.coverage From d9f62990d05c3dc1d6f6e3904c3134d0b71d65cd Mon Sep 17 00:00:00 2001 From: Benjamin Freoua Date: Fri, 9 Aug 2024 12:26:47 +0200 Subject: [PATCH 2/7] feat: add function hmac verification signature for payment --- src/Lib/PaymentValidator.php | 17 +++- tests/Unit/Lib/PaymentValidatorTest.php | 128 ++++++++++++++++++++++++ 2 files changed, 144 insertions(+), 1 deletion(-) create mode 100644 tests/Unit/Lib/PaymentValidatorTest.php diff --git a/src/Lib/PaymentValidator.php b/src/Lib/PaymentValidator.php index 8bdda9e5..538e980c 100644 --- a/src/Lib/PaymentValidator.php +++ b/src/Lib/PaymentValidator.php @@ -53,4 +53,19 @@ public static function checkPurchaseAmount($data) )); } } -} \ No newline at end of file + + /** + * @param string $data + * @param string $apiKey + * @param string $signature + * @return bool + */ + public function isHmacValidated($data, $apiKey, $signature) + { + if (is_string($data) && is_string($apiKey) && is_string($signature) && hash_hmac('sha256', $data, $apiKey) == $signature) { + return true; + } + + return false; + } +} diff --git a/tests/Unit/Lib/PaymentValidatorTest.php b/tests/Unit/Lib/PaymentValidatorTest.php new file mode 100644 index 00000000..284288f4 --- /dev/null +++ b/tests/Unit/Lib/PaymentValidatorTest.php @@ -0,0 +1,128 @@ +paymentValidator = new PaymentValidator(); + } + + /** + * @dataProvider checkHmacInvalidDataProvider + * @param $data + * @param $apiKey + * @param $signature + * @return void + */ + public function testHmacDataDifferentFromSignature($data, $apiKey, $signature) + { + $this->assertFalse($this->paymentValidator->isHmacValidated($data, $apiKey, $signature)); + } + + public function testHmacDataEqualsSignature() + { + $data = 'payment_id_test'; + $apiKey = 'api_key_test'; + $signature = '4545854d3b8704d4b21cf88bc8b5da5680c46b2ab9d45c8cffe6278d8a8b1860'; + + $this->assertTrue($this->paymentValidator->isHmacValidated($data, $apiKey, $signature)); + } + + public static function checkHmacInvalidDataProvider() + { + return [ + 'String data' => [ + 'data' => 'payment_id_test', + 'apiKey' => 'api_key_test', + 'signature' => 'wrong_signature' + ], + 'Empty array data' => [ + 'data' => [], + 'apiKey' => 'api_key_test', + 'signature' => 'wrong_signature' + ], + 'Empty array apiKey' => [ + 'data' => 'payment_id_test', + 'apiKey' => [], + 'signature' => 'wrong_signature' + ], + 'Empty array signature' => [ + 'data' => 'payment_id_test', + 'apiKey' => 'api_key_test', + 'signature' => [] + ], + 'Empty string data' => [ + 'data' => '', + 'apiKey' => 'api_key_test', + 'signature' => 'wrong_signature' + ], + 'Empty string apiKey' => [ + 'data' => 'payment_id_test', + 'apiKey' => '', + 'signature' => 'wrong_signature' + ], + 'Empty string signature' => [ + 'data' => 'payment_id_test', + 'apiKey' => 'api_key_test', + 'signature' => '' + ], + 'Object data' => [ + 'data' => new stdClass(), + 'apiKey' => 'api_key_test', + 'signature' => 'wrong_signature' + ], + 'Object apiKey' => [ + 'data' => 'payment_id_test', + 'apiKey' => new stdClass(), + 'signature' => 'wrong_signature' + ], + 'Object signature' => [ + 'data' => 'payment_id_test', + 'apiKey' => 'api_key_test', + 'signature' => new stdClass() + ], + 'Boolean data' => [ + 'data' => false, + 'apiKey' => 'api_key_test', + 'signature' => 'wrong_signature' + ], + 'Boolean apiKey' => [ + 'data' => 'payment_id_test', + 'apiKey' => true, + 'signature' => 'wrong_signature' + ], + 'Boolean signature' => [ + 'data' => 'payment_id_test', + 'apiKey' => 'api_key_test', + 'signature' => true + ], + 'Int data' => [ + 'data' => 1, + 'apiKey' => 'api_key_test', + 'signature' => 'wrong_signature' + ], + 'Int apiKey' => [ + 'data' => 'payment_id_test', + 'apiKey' => 2, + 'signature' => 'wrong_signature' + ], + 'Int signature' => [ + 'data' => 'payment_id_test', + 'apiKey' => 'api_key_test', + 'signature' => 3 + ] + + ]; + } +} From 7244c9bd53aa782de893a1b8651573e296fa0699 Mon Sep 17 00:00:00 2001 From: CamilleFljt Date: Fri, 9 Aug 2024 16:15:57 +0200 Subject: [PATCH 3/7] clean the retun in the isHmacValidate function --- src/Lib/PaymentValidator.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/Lib/PaymentValidator.php b/src/Lib/PaymentValidator.php index 538e980c..ab15d923 100644 --- a/src/Lib/PaymentValidator.php +++ b/src/Lib/PaymentValidator.php @@ -62,10 +62,10 @@ public static function checkPurchaseAmount($data) */ public function isHmacValidated($data, $apiKey, $signature) { - if (is_string($data) && is_string($apiKey) && is_string($signature) && hash_hmac('sha256', $data, $apiKey) == $signature) { - return true; - } - - return false; + return ( + is_string($data) && + is_string($apiKey) && + hash_hmac('sha256', $data, $apiKey) === $signature + ); } } From a930e22f51742156b24e9e537748aa50aec1e20a Mon Sep 17 00:00:00 2001 From: CamilleFljt Date: Fri, 9 Aug 2024 16:21:10 +0200 Subject: [PATCH 4/7] refactor: remove parenthesis from return --- src/Lib/PaymentValidator.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/Lib/PaymentValidator.php b/src/Lib/PaymentValidator.php index ab15d923..60dac178 100644 --- a/src/Lib/PaymentValidator.php +++ b/src/Lib/PaymentValidator.php @@ -62,10 +62,8 @@ public static function checkPurchaseAmount($data) */ public function isHmacValidated($data, $apiKey, $signature) { - return ( - is_string($data) && + return is_string($data) && is_string($apiKey) && - hash_hmac('sha256', $data, $apiKey) === $signature - ); + hash_hmac('sha256', $data, $apiKey) === $signature; } } From b3dfee7cacbfdc12f6499b0de1b3bb8e818cff42 Mon Sep 17 00:00:00 2001 From: Francois-Gomis Date: Wed, 14 Aug 2024 14:49:22 +0200 Subject: [PATCH 5/7] feature: Add const HEADER_SIGNATURE_KEY --- src/Lib/PaymentValidator.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/Lib/PaymentValidator.php b/src/Lib/PaymentValidator.php index 60dac178..cc4f0f0c 100644 --- a/src/Lib/PaymentValidator.php +++ b/src/Lib/PaymentValidator.php @@ -34,6 +34,9 @@ */ class PaymentValidator { + + const HEADER_SIGNATURE_KEY = 'X-Alma-Signature'; + /** * Ensure that the purchase amount is an integer * From 7929603e497110329123a67c4c4152e4d511eb4e Mon Sep 17 00:00:00 2001 From: Francois-Gomis <97046219+Francois-Gomis@users.noreply.github.com> Date: Thu, 5 Sep 2024 11:32:49 +0000 Subject: [PATCH 6/7] chore: update version --- CHANGELOG.md | 19 +++++++++++++++++++ composer.json | 2 +- src/Client.php | 2 +- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 75370ae0..b47d9576 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,18 @@ # CHANGELOG +## v2.2.0 - 2024-09-05 + +### Changes + +### 🚀 New Features + +- Add signature const (#133) +- feat: Add function for HMAC verification (#132) + +#### Contributors + +@Benjamin-Freoua-Alma, @CamilleFljt, @Francois-Gomis and @carine-bonnafous + ## v2.1.0 - 2024-07-29 ### Changes @@ -149,6 +162,7 @@ // Handle errors } + ``` * Add fields and docs to the Payment entity * Add a Refund entity and extract refunds data within the Payment entity constructor @@ -268,10 +282,15 @@ Getting more serious with a 1.0.0 release! 🎉 ## v0.0.1 * Initial "pre-release" of the API Client + * Includes two main endpoints: Payments and Merchants + * Provides what's necessary for a typical payment flow: + * `Payments.createPayment` and `Payments.eligibility` * `Merchants.me` * Base `Alma\API\Client` class can be configured with API key and live/test mode + * TLS is automatically forced to TLS 1.2 to meet Alma's security requirements, but configurable + diff --git a/composer.json b/composer.json index 6e02ebf4..f9c14f5e 100644 --- a/composer.json +++ b/composer.json @@ -1,7 +1,7 @@ { "name": "alma/alma-php-client", "description": "PHP API client for the Alma payments API", - "version": "2.1.0", + "version": "2.2.0", "type": "library", "require": { "php": "^5.6 || ~7.0 || ~7.1 || ~7.2 || ~7.3 || ~7.4 || ~8.0 || ~8.1 || ~8.2 || ~8.3", diff --git a/src/Client.php b/src/Client.php index ed371ea6..5176acb3 100644 --- a/src/Client.php +++ b/src/Client.php @@ -30,7 +30,7 @@ class Client { - const VERSION = '2.1.0'; + const VERSION = '2.2.0'; const LIVE_MODE = 'live'; const TEST_MODE = 'test'; From 5cbe7b36a9de56058d77fa977fa5cf80179ecd0c Mon Sep 17 00:00:00 2001 From: Francois-Gomis Date: Thu, 5 Sep 2024 13:41:07 +0200 Subject: [PATCH 7/7] doc: edit changelog --- CHANGELOG.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b47d9576..b75e4d03 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,8 +6,7 @@ ### 🚀 New Features -- Add signature const (#133) -- feat: Add function for HMAC verification (#132) +- Add function for HMAC verification (#132) #### Contributors