commit 47bceb7b3a0ed1c8d7180726d1a1e21553224bc9
parent 80ef59928c071fd2bf0d8d32519c94f3f7b9c9a8
Author: NicholasFarrow <nicholas.w.farrow@gmail.com>
Date: Fri, 22 Jan 2021 22:29:17 +1100
add debugging free mode, and fix typerror
Diffstat:
3 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/gateways/woo_btcpyment.php b/gateways/woo_btcpyment.php
@@ -228,6 +228,8 @@ function btcpyment_init_gateway_class() {
// Calculate expected signature
$valid_signature = hash_hmac('sha256', $_GET['time'] .'.'.$json, $key);
+ write_log($this->secret);
+ write_log(hex2bin($headers['X-Secret']));
// Order secret must match to ensure inital payment url
// had not been tampered when leaving the gateway
diff --git a/gateways/woo_webhook.py b/gateways/woo_webhook.py
@@ -8,7 +8,7 @@ import requests
def hook(btcpyment_secret, payload, payment):
# Calculate a secret that is required to send back to the
# woocommerce gateway, proving we did not modify id nor amount.
- secret_seed = payload['amount'] * payload['id']
+ secret_seed = payload['amount'] * int(payload['id'])
secret = hmac.new(btcpyment_secret, secret_seed, hashlib.sha256).hexdigest()
# The main signature which proves we have paid, and very recently!
@@ -24,9 +24,3 @@ def hook(btcpyment_secret, payload, payment):
payload['w_url'], params=params, headers=headers)
return response
-
-
-
-def calc_order_secret(btcpyment_secret, payload, payment):
- secret_seed = bytes([payload['amount'] * payload['id']])
- secret = hmac.new(btcpyment_secret, secret_seed, hashlib.sha256).hexdigest()
diff --git a/server.py b/server.py
@@ -154,7 +154,7 @@ def process_payment(payment):
print()
print(payment.__dict__)
- if True: #payment.confirmed_paid > payment.value:
+ if (payment.confirmed_paid > payment.value) or config.free_mode:
payment.paid = True
payment.time_left = 0
payment.status = "Payment successful! {} BTC".format(payment.confirmed_paid)
