From 1bcda4c76fda3e467a98a37cc027965489186913 Mon Sep 17 00:00:00 2001 From: Mateus Picoloto Date: Tue, 23 Apr 2024 09:22:47 -0300 Subject: [PATCH 1/4] feat: added recipient webhook validation --- Model/WebhookManagement.php | 31 +++++++++++++++++++++---------- 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/Model/WebhookManagement.php b/Model/WebhookManagement.php index a1edf9cb..c59b5230 100644 --- a/Model/WebhookManagement.php +++ b/Model/WebhookManagement.php @@ -52,7 +52,10 @@ public function save($id, $type, $data, $account) $postData->type = $type; $postData->data = $data; - if($this->hasMagentoOrder($data) === false) { + if ( + $this->hasMagentoOrder($data) === false + && $this->isNotRecipientWebhook($type) + ) { $this->logWebhookIdCaseExistsMetadata($data, $id); return [ "message" => "Webhook Received", @@ -71,7 +74,7 @@ public function save($id, $type, $data, $account) "message" => $e->getMessage(), "code" => 200 ]; - } catch(AbstractPagarmeCoreException $e) { + } catch (AbstractPagarmeCoreException $e) { throw new M2WebApiException( new Phrase($e->getMessage()), 0, @@ -82,41 +85,49 @@ public function save($id, $type, $data, $account) private function logWebhookIdCaseExistsMetadata($webhookData, $webhookId) { $metadata = $this->getMetadata($webhookData); - if($metadata === false || !array_key_exists('platformVersion', $metadata)) { + if ($metadata === false || !array_key_exists('platformVersion', $metadata)) { return; } - if(strpos($metadata['platformVersion'], "Magento") !== false) { + if (strpos($metadata['platformVersion'], "Magento") !== false) { $logService = new LogService( 'Webhook', true ); $logService->info( "Webhook Received but not proccessed", - (object)['webhookId' => $webhookId - ]); + (object)[ + 'webhookId' => $webhookId + ] + ); } } private function getMetadata($data) { $metadata = false; - if(!array_key_exists('order', $data) && !array_key_exists('subscription', $data)) { + if (!array_key_exists('order', $data) && !array_key_exists('subscription', $data)) { return false; } - if(array_key_exists('metadata', $data)) { + if (array_key_exists('metadata', $data)) { $metadata = $data['metadata']; } return $metadata; } + private function hasMagentoOrder($data) { $code = 0; - if(array_key_exists('subscription', $data)) { + if (array_key_exists('subscription', $data)) { $code = $data['subscription']['code']; } - if(array_key_exists('order', $data)) { + if (array_key_exists('order', $data)) { $code = $data['order']['code']; } $order = $this->orderFactory->create()->loadByIncrementId($code); return $order->getId() ?? false; } + + private function isNotRecipientWebhook($type) + { + return strpos($type, 'recipient') === false; + } } From 70d3573570c02430b418faa383a367792676f052 Mon Sep 17 00:00:00 2001 From: Mateus Picoloto Date: Tue, 23 Apr 2024 13:59:49 -0300 Subject: [PATCH 2/4] test: added WebhookManagement recipient unit test --- Model/WebhookManagement.php | 15 +++-- Test/Unit/Model/WebhookManagementTest.php | 69 +++++++++++++++++++++++ 2 files changed, 80 insertions(+), 4 deletions(-) create mode 100644 Test/Unit/Model/WebhookManagementTest.php diff --git a/Model/WebhookManagement.php b/Model/WebhookManagement.php index c59b5230..04da88c5 100644 --- a/Model/WebhookManagement.php +++ b/Model/WebhookManagement.php @@ -27,13 +27,21 @@ class WebhookManagement implements WebhookManagementInterface */ protected $account; + /** + * @var WebhookReceiverService + */ + protected $webhookReceiverService; + public function __construct( OrderFactory $orderFactory, - Account $account + Account $account, + WebhookReceiverService $webhookReceiverService ) { $this->orderFactory = $orderFactory; $this->account = $account; + $this->webhookReceiverService = $webhookReceiverService; } + /** * @api * @param mixed $id @@ -67,8 +75,7 @@ public function save($id, $type, $data, $account) $this->account->saveAccountIdFromWebhook($account); } - $webhookReceiverService = new WebhookReceiverService(); - return $webhookReceiverService->handle($postData); + return $this->webhookReceiverService->handle($postData); } catch (WebhookHandlerNotFoundException | WebhookAlreadyHandledException $e) { return [ "message" => $e->getMessage(), @@ -112,7 +119,7 @@ private function getMetadata($data) } return $metadata; } - + private function hasMagentoOrder($data) { $code = 0; diff --git a/Test/Unit/Model/WebhookManagementTest.php b/Test/Unit/Model/WebhookManagementTest.php new file mode 100644 index 00000000..73023f73 --- /dev/null +++ b/Test/Unit/Model/WebhookManagementTest.php @@ -0,0 +1,69 @@ +shouldReceive('bootstrap') + ->andReturnSelf(); + + + $orderMock = Mockery::mock(Order::class); + $orderMock->shouldReceive('loadByIncrementId') + ->andReturnSelf(); + $orderMock->shouldReceive('getId') + ->andReturnFalse(); + + $orderFactoryMock = Mockery::mock(OrderFactory::class); + $orderFactoryMock->shouldReceive('create') + ->andReturn($orderMock); + $accountMock = Mockery::mock(Account::class); + + $webhookReceiverServiceMock = Mockery::mock(WebhookReceiverService::class); + $webhookRecipientResponse = [ + 'message' => 'Recipient updated', + 'code' => 200 + ]; + $webhookReceiverServiceMock->shouldReceive('handle') + ->once() + ->andReturn($webhookRecipientResponse); + + $webhookManagement = new WebhookManagement($orderFactoryMock, $accountMock, $webhookReceiverServiceMock); + + $id = "hook_aaaaaaaaaaaaaaaa"; + $type = "recipient.updated"; + $data = [ + "id" => 'rp_xxxxxxxxxxxxxxxx', + "name" => "Test recipient", + "email" => "test@recipient.test", + "document" => "11111111111", + "description" => "Test description", + "type" => "individual", + "payment_mode" => "bank_transfer", + "status" => "active", + "kyc_details" => + [ + "status" => "approved" + ], + ]; + + $account = [ + "id" => "acc_pBLvRR1HAAhXvD34", + "name" => "Account Test" + ]; + $result = $webhookManagement->save($id, $type, $data, $account); + + $this->assertSame($webhookRecipientResponse, $result); + } +} From e8621f95b7075d2b9e3f423ead65ae4c11595f66 Mon Sep 17 00:00:00 2001 From: Mateus Picoloto Date: Tue, 23 Apr 2024 14:10:18 -0300 Subject: [PATCH 3/4] test: added more WebhookManagement unit test scenarios --- Test/Unit/Model/WebhookManagementTest.php | 43 ++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/Test/Unit/Model/WebhookManagementTest.php b/Test/Unit/Model/WebhookManagementTest.php index 73023f73..0d2721ce 100644 --- a/Test/Unit/Model/WebhookManagementTest.php +++ b/Test/Unit/Model/WebhookManagementTest.php @@ -59,11 +59,52 @@ public function testeSaveWithRecipientWebhook() ]; $account = [ - "id" => "acc_pBLvRR1HAAhXvD34", + "id" => "acc_xxxxxxxxxxxxxxxx", "name" => "Account Test" ]; $result = $webhookManagement->save($id, $type, $data, $account); $this->assertSame($webhookRecipientResponse, $result); } + + + public function testeSaveWithNonPlatformWebhook() + { + $moduleCoreSetupMock = Mockery::mock('alias:Pagarme\Core\Kernel\Abstractions\AbstractModuleCoreSetup'); + $moduleCoreSetupMock->shouldReceive('bootstrap') + ->andReturnSelf(); + + + $orderMock = Mockery::mock(Order::class); + $orderMock->shouldReceive('loadByIncrementId') + ->andReturnSelf(); + $orderMock->shouldReceive('getId') + ->andReturnFalse(); + + $orderFactoryMock = Mockery::mock(OrderFactory::class); + $orderFactoryMock->shouldReceive('create') + ->andReturn($orderMock); + + $accountMock = Mockery::mock(Account::class); + + $webhookReceiverServiceMock = Mockery::mock(WebhookReceiverService::class); + $expectedResponse = [ + 'message' => 'Webhook Received', + 'code' => 200 + ]; + + $webhookManagement = new WebhookManagement($orderFactoryMock, $accountMock, $webhookReceiverServiceMock); + + $id = "hook_aaaaaaaaaaaaaaaa"; + $type = "charge.paid"; + $data = []; + + $account = [ + "id" => "acc_xxxxxxxxxxxxxxxx", + "name" => "Account Test" + ]; + $result = $webhookManagement->save($id, $type, $data, $account); + + $this->assertSame($expectedResponse, $result); + } } From b25fd9d71b3d18e5c26ebefacc0adc630770dce8 Mon Sep 17 00:00:00 2001 From: Mateus Picoloto Date: Tue, 23 Apr 2024 17:42:24 -0300 Subject: [PATCH 4/4] fix: typo in tests name --- Test/Unit/Model/WebhookManagementTest.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Test/Unit/Model/WebhookManagementTest.php b/Test/Unit/Model/WebhookManagementTest.php index 0d2721ce..a467806a 100644 --- a/Test/Unit/Model/WebhookManagementTest.php +++ b/Test/Unit/Model/WebhookManagementTest.php @@ -12,7 +12,7 @@ class WebhookManagementTest extends BaseTest { - public function testeSaveWithRecipientWebhook() + public function testSaveWithRecipientWebhook() { $moduleCoreSetupMock = Mockery::mock('alias:Pagarme\Core\Kernel\Abstractions\AbstractModuleCoreSetup'); $moduleCoreSetupMock->shouldReceive('bootstrap') @@ -68,7 +68,7 @@ public function testeSaveWithRecipientWebhook() } - public function testeSaveWithNonPlatformWebhook() + public function testSaveWithNonPlatformWebhook() { $moduleCoreSetupMock = Mockery::mock('alias:Pagarme\Core\Kernel\Abstractions\AbstractModuleCoreSetup'); $moduleCoreSetupMock->shouldReceive('bootstrap')