Package com.broadleafcommerce.payment.service.signature

Interface APSSignatureService

All Known Implementing Classes:
DefaultAPSSignatureService
public interface APSSignatureService
Service used to create and validate APS Request/Response signatures Note: It's VERY important that implementations of this interface do not log sensitive data or return sensitive data in exception payloads
Author:
Muhammad Salman Farooq

  • Method Summary

    Modifier and Type
    Method
    Description
    String
    createAPSRequestSignature(Map<String,Object> signatureParams, String applicationId, String tenantId)
    Returns a request signature based on Request SHA String configured with key broadleaf.amazonpaymentservices.signature.request-sha-phrase and Algorithm configured with key broadleaf.amazonpaymentservices.signature.algorithm
    Supported algorithms for key broadleaf.amazonpaymentservices.signature.algorithm are: HmacSHA256 HmacSHA512 SHA-256 SHA-512
    String
    createAPSResponseSignature(Map<String,Object> signatureParams, String applicationId, String tenantId)
    Returns a Response signature based on Response SHA String configured with key broadleaf.amazonpaymentservices.signature.response-sha-phrase and Algorithm configured with key broadleaf.amazonpaymentservices.signature.algorithm
    Supported algorithms for key broadleaf.amazonpaymentservices.signature.algorithm are: HmacSHA256 HmacSHA512 SHA-256 SHA-512
    void
    validateResponseSignature(Map<String,Object> signatureParams, String applicationId, String tenantId)
    Validates Response Signature based on the value provided with key signature in responseParams map.

  • Method Details

    • createAPSRequestSignature

      String createAPSRequestSignature(Map<String,Object> signatureParams, @Nullable String applicationId, @Nullable String tenantId) throws SignatureCreationException
      Returns a request signature based on Request SHA String configured with key broadleaf.amazonpaymentservices.signature.request-sha-phrase and Algorithm configured with key broadleaf.amazonpaymentservices.signature.algorithm
      Supported algorithms for key broadleaf.amazonpaymentservices.signature.algorithm are:
      • HmacSHA256
      • HmacSHA512
      • SHA-256
      • SHA-512
      Parameters:
      signatureParams - parameters you want to create signature of.
      signatureParams expected values are:
      • signatureParams.put(MessageConstants.APS_LANGUAGE, language)
      • signatureParams.put(MessageConstants.APS_ACCESS_CODE, accessCode)
      • signatureParams.put(MessageConstants.APS_MERCHANT_IDENTIFIER, merchantIdentifier)
      • signatureParams.put(MessageConstants.APS_MERCHANT_REFERENCE, merchantReference)
      • signatureParams.put(MessageConstants.APS_AMOUNT, amount)
        Note: Required in Authorization, Capture, Purchase & Refund transactions
      • signatureParams.put(MessageConstants.APS_CURRENCY, amount)
        Note: Required in Authorization, Capture, Purchase & Refund transactions
      applicationId - the application id
      tenantId - the tenant id
      Returns:
      generated signature
      Throws:
      SignatureCreationException

    • createAPSResponseSignature

      String createAPSResponseSignature(Map<String,Object> signatureParams, @Nullable String applicationId, @Nullable String tenantId) throws SignatureCreationException
      Returns a Response signature based on Response SHA String configured with key broadleaf.amazonpaymentservices.signature.response-sha-phrase and Algorithm configured with key broadleaf.amazonpaymentservices.signature.algorithm
      Supported algorithms for key broadleaf.amazonpaymentservices.signature.algorithm are:
      • HmacSHA256
      • HmacSHA512
      • SHA-256
      • SHA-512
      Parameters:
      signatureParams - Request/Response parameters you want to validate signature of
      All the parameters returned by APS service should be part of signatureParams except:
      • signatureParams.put(MessageConstants.APS_SIGNATURE, signature)
      applicationId - the application id
      tenantId - the tenant id
      Returns:
      generated signature
      All the parameters returned by APS service should be part of signatureParams except:
      • signatureParams.put(MessageConstants.APS_SIGNATURE, signature)
      Throws:
      SignatureCreationException

    • validateResponseSignature

      void validateResponseSignature(Map<String,Object> signatureParams, @Nullable String applicationId, @Nullable String tenantId) throws SignatureCreationException, APSResponseSignatureMismatchException
      Validates Response Signature based on the value provided with key signature in responseParams map.
      Parameters:
      signatureParams - Request/Response parameters you want to validate signature of
      All the parameters returned by APS service should be part of signatureParams except:
      • signatureParams.put(MessageConstants.APS_SIGNATURE, signature)
      applicationId - the application id
      tenantId - the tenant id
      Throws:
      SignatureCreationException
      APSResponseSignatureMismatchException