Package com.broadleafcommerce.payment.service.signature

Class DefaultAPSSignatureService

java.lang.Object
com.broadleafcommerce.payment.service.signature.DefaultAPSSignatureService
All Implemented Interfaces:
APSSignatureService
public class DefaultAPSSignatureService extends Object implements APSSignatureService
Service used to create and validate APS Request/Response signatures. Note: It's VERY important that this class does not log sensitive data or return sensitive data in exception payloads
Author:
Muhammad Salman Farooq

  • Constructor Details

  • Method Details

    • createAPSRequestSignature

      public String createAPSRequestSignature(Map<String,Object> signatureParams, @Nullable String applicationId, @Nullable String tenantId) throws SignatureCreationException
      Description copied from interface: APSSignatureService
      Returns a request signature based on Request SHA String configured with key broadleaf.amazonpaymentservices.signature.request-sha-phrase and Algorithm configured with key broadleaf.amazonpaymentservices.signature.algorithm
      Supported algorithms for key broadleaf.amazonpaymentservices.signature.algorithm are:
      • HmacSHA256
      • HmacSHA512
      • SHA-256
      • SHA-512
      Specified by:
      createAPSRequestSignature in interface APSSignatureService
      Parameters:
      signatureParams - parameters you want to create signature of.
      signatureParams expected values are:
      • signatureParams.put(MessageConstants.APS_LANGUAGE, language)
      • signatureParams.put(MessageConstants.APS_ACCESS_CODE, accessCode)
      • signatureParams.put(MessageConstants.APS_MERCHANT_IDENTIFIER, merchantIdentifier)
      • signatureParams.put(MessageConstants.APS_MERCHANT_REFERENCE, merchantReference)
      • signatureParams.put(MessageConstants.APS_AMOUNT, amount)
        Note: Required in Authorization, Capture, Purchase & Refund transactions
      • signatureParams.put(MessageConstants.APS_CURRENCY, amount)
        Note: Required in Authorization, Capture, Purchase & Refund transactions
      applicationId - the application id
      tenantId - the tenant id
      Returns:
      generated signature
      Throws:
      SignatureCreationException

    • createAPSResponseSignature

      public String createAPSResponseSignature(Map<String,Object> signatureParams, @Nullable String applicationId, @Nullable String tenantId) throws SignatureCreationException
      Description copied from interface: APSSignatureService
      Returns a Response signature based on Response SHA String configured with key broadleaf.amazonpaymentservices.signature.response-sha-phrase and Algorithm configured with key broadleaf.amazonpaymentservices.signature.algorithm
      Supported algorithms for key broadleaf.amazonpaymentservices.signature.algorithm are:
      • HmacSHA256
      • HmacSHA512
      • SHA-256
      • SHA-512
      Specified by:
      createAPSResponseSignature in interface APSSignatureService
      Parameters:
      signatureParams - Request/Response parameters you want to validate signature of
      All the parameters returned by APS service should be part of signatureParams except:
      • signatureParams.put(MessageConstants.APS_SIGNATURE, signature)
      applicationId - the application id
      tenantId - the tenant id
      Returns:
      generated signature
      All the parameters returned by APS service should be part of signatureParams except:
      • signatureParams.put(MessageConstants.APS_SIGNATURE, signature)
      Throws:
      SignatureCreationException

    • validateResponseSignature

      public void validateResponseSignature(Map<String,Object> signatureParams, @Nullable String applicationId, @Nullable String tenantId) throws SignatureCreationException, APSResponseSignatureMismatchException
      Description copied from interface: APSSignatureService
      Validates Response Signature based on the value provided with key signature in responseParams map.
      Specified by:
      validateResponseSignature in interface APSSignatureService
      Parameters:
      signatureParams - Request/Response parameters you want to validate signature of
      All the parameters returned by APS service should be part of signatureParams except:
      • signatureParams.put(MessageConstants.APS_SIGNATURE, signature)
      applicationId - the application id
      tenantId - the tenant id
      Throws:
      SignatureCreationException
      APSResponseSignatureMismatchException

    • generateSignature

      protected String generateSignature(Map<String,Object> signatureParams, String shaPhrase, String algorithm) throws SignatureCreationException
      Creates a signature based on the provided signatureParams and shaPhrase.
      Parameters:
      signatureParams - Parameters that make up most of the signature's content
      shaPhrase - A secret phrase used to secure the signature
      Returns:
      The created signature
      Throws:
      SignatureCreationException - if an error is encountered while creating a signature

    • generateHash

      protected String generateHash(String algorithm, String stringToHash, String shaPhrase) throws SignatureCreationException
      This method generates HASH provided based on the algorithm configured with key broadleaf.amazonpaymentservices.signature.algorithm
      Supported algorithms for key broadleaf.amazonpaymentservices.signature.algorithm are:
      • HmacSHA256
      • HmacSHA512
      • SHA-256
      • SHA-512
      Parameters:
      algorithm -
      stringToHash -
      shaPhrase -
      Returns:
      Resultant Hash
      Throws:
      SignatureCreationException

    • getProperties

      protected APSSignatureConfigurationProperties getProperties()