hps / heartland-java Goto Github PK
View Code? Open in Web Editor NEWHeartland Payment Systems Java SDK
heartland-java's People
Stargazers
Watchers
heartland-java's Issues
Update HpsTokenService to support SSL pinning
Hello,
Please, update HpsTokenService to support SSL pinning. Updated implementation is provided below.
Thanks!
public class HpsTokenService {
private String mPublicKey;
private String mCertificateBase64EncodedPublicKey;
private String mUrl;
public HpsTokenService(String publicKey, String certificateBase64EncodedPublicKey) {
mPublicKey = publicKey;
mCertificateBase64EncodedPublicKey = certificateBase64EncodedPublicKey;
if (publicKey == null) {
throw new IllegalArgumentException("publicKey can not be null");
}
String[] components = mPublicKey.split("_");
if (components.length < 3) {
throw new IllegalArgumentException("publicKey format invalid");
}
String env = components[1].toLowerCase();
if (env.equals("prod")) {
mUrl = "https://api2.heartlandportico.com/SecureSubmit.v1/api/token";
} else {
mUrl = "https://cert.api2.heartlandportico.com/Hps.Exchange.PosGateway.Hpf.v1/api/token";
}
}
public HpsToken getToken(HpsCreditCard card) throws IOException {
HttpsURLConnection conn = (HttpsURLConnection) new URL(mUrl).openConnection();
HpsToken result = null;
byte[] creds = String.format("%s:", mPublicKey).getBytes();
String auth = String.format("Basic %s", Base64.encodeBase64URLSafeString(creds));
Gson gson = new Gson();
String payload = gson.toJson(new HpsToken(card));
byte[] bytes = payload.getBytes();
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setRequestMethod("POST");
conn.addRequestProperty("Authorization", auth);
conn.addRequestProperty("Content-Type", "application/json");
conn.addRequestProperty("Content-Length", String.format("%s", bytes.length));
conn.connect();
if (isSslPinningSuccessful(conn)) {
DataOutputStream requestStream = new DataOutputStream(conn.getOutputStream());
requestStream.write(bytes);
requestStream.flush();
requestStream.close();
try {
InputStreamReader responseStream = new InputStreamReader(conn.getInputStream());
result = gson.fromJson(responseStream, HpsToken.class);
responseStream.close();
} catch (IOException e) {
if (conn.getResponseCode() == 400) {
InputStreamReader errorStream = new InputStreamReader(conn.getErrorStream());
result = gson.fromJson(errorStream, HpsToken.class);
errorStream.close();
} else {
throw new IOException(e);
}
}
}
return result;
}
private boolean isSslPinningSuccessful(HttpsURLConnection conn) {
try {
Certificate[] certs = conn.getServerCertificates();
MessageDigest md = MessageDigest.getInstance("SHA-256");
for (Certificate cert : certs) {
X509Certificate x509Certificate = (X509Certificate) cert;
byte[] encodedPublicKey = x509Certificate.getPublicKey().getEncoded();
byte[] encodedPublicKeySha256Bytes = md.digest(encodedPublicKey);
String encodedPublicKeyBase64String = Base64.encodeBase64URLSafeString(encodedPublicKeySha256Bytes);
if (mCertificateBase64EncodedPublicKey.equals(encodedPublicKeyBase64String)) {
return true;
}
}
} catch (Exception e) {
e.printStackTrace();
return false;
}
return false;
}
}Best regards,
Mikle Anokhin.
HeartLand Sdk for android
How to integrate heartland Sdk with android. When I have try to import source file or secure-submit-v2.0.5.jar file in to android throwing following exceptions.
"java.lang.NoSuchMethodError: org.apache.commons.codec.binary.Base64.encodeBase64URLSafeString"
Please check the attachments :
HpsException: mac check in GCM failed
I'm trying to decrypt the apple pay paymentToken. I'm doing as for the README.md:
PaymentToken token = new PaymentToken(new String(Files.readAllBytes(Paths.get("/pathToMyJson/file.json"))));
DecryptService service = new DecryptService("/PathToApplePayP12File/ApplePayCertKey.p12", "p12Password");
PaymentData paymentData = service.decrypt(token);
But I'm getting the following error:
com.hps.integrator.infrastructure.HpsException: mac check in GCM failed
at com.hps.integrator.applepay.ecv1.DecryptService.decrypt(DecryptService.java:142)
at com.hps.integrator.tests.DaniloTest.test(DaniloTest.java:25)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
at org.junit.runner.JUnitCore.run(JUnitCore.java:160)
at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:117)
at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:234)
at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:74)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:144)
Caused by: javax.crypto.AEADBadTagException: mac check in GCM failed
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher$AEADGenericBlockCipher.doFinal(Unknown Source)
at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineDoFinal(Unknown Source)
at javax.crypto.Cipher.doFinal(Cipher.java:2165)
at com.hps.integrator.applepay.ecv1.DecryptService.decrypt(DecryptService.java:132)
... 27 more
Any help
No pom.xml or license
It looks like the pom.xml and license files were removed at some point during the last few commits/releases.
Any chance these could be added back? The pom.xml file specifically is an impediment to getting started since it contains the dependencies needed to compile/run the SDK. The project readme even mentions Maven, so it is confusing for the project to not have a pom.
As a temporary workaround, I plan on checking out the pom.xml for the most-recent commit that included it in the project.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.