rust/hyperswitch
1
0
Fork 0
mirror of https://github.com/juspay/hyperswitch.git synced 2025-11-03 13:30:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: make client certificate and private key secret across codebase (#4490)

Browse Source
This commit is contained in:
Hrithikesh
2024-05-01 16:10:02 +05:30
committed by GitHub
parent 8f0d4d4191
commit dd7b10a8bd
7 changed files with 36 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
crates/router/src/connector/netcetera.rs
View File

@ -5,7 +5,6 @@ use std::fmt::Debug;
use common_utils::{ext_traits::ByteSliceExt, request::RequestContent};
use error_stack::ResultExt;
use masking::ExposeInterface;
use transformers as netcetera;
use crate::{
@ -297,8 +296,8 @@ impl
self, req, connectors,
)?,
)
.add_certificate(Some(netcetera_auth_type.certificate.expose()))
.add_certificate_key(Some(netcetera_auth_type.private_key.expose()))
.add_certificate(Some(netcetera_auth_type.certificate))
.add_certificate_key(Some(netcetera_auth_type.private_key))
.build(),
))
}
@ -407,8 +406,8 @@ impl
self, req, connectors,
)?,
)
.add_certificate(Some(netcetera_auth_type.certificate.expose()))
.add_certificate_key(Some(netcetera_auth_type.private_key.expose()))
.add_certificate(Some(netcetera_auth_type.certificate))
.add_certificate_key(Some(netcetera_auth_type.private_key))
.build(),
))
}

10
crates/router/src/core/payments/flows/session_flow.rs
View File

@ -111,8 +111,8 @@ fn get_applepay_metadata(
fn build_apple_pay_session_request(
state: &routes::AppState,
request: payment_types::ApplepaySessionRequest,
apple_pay_merchant_cert: String,
apple_pay_merchant_cert_key: String,
apple_pay_merchant_cert: masking::Secret<String>,
apple_pay_merchant_cert_key: masking::Secret<String>,
) -> RouterResult<services::Request> {
let mut url = state.conf.connectors.applepay.base_url.to_owned();
url.push_str("paymentservices/paymentSession");
@ -188,16 +188,14 @@ async fn create_applepay_session_token(
.applepay_decrypt_keys
.get_inner()
.apple_pay_merchant_cert
.clone()
.expose();
.clone();
let apple_pay_merchant_cert_key = state
.conf
.applepay_decrypt_keys
.get_inner()
.apple_pay_merchant_cert_key
.clone()
.expose();
.clone();
(
payment_request_data,

8
crates/router/src/core/payments/helpers.rs
View File

@ -66,15 +66,15 @@ use crate::{
};
pub fn create_identity_from_certificate_and_key(
encoded_certificate: String,
encoded_certificate_key: String,
encoded_certificate: masking::Secret<String>,
encoded_certificate_key: masking::Secret<String>,
) -> Result<reqwest::Identity, error_stack::Report<errors::ApiClientError>> {
let decoded_certificate = BASE64_ENGINE
.decode(encoded_certificate)
.decode(encoded_certificate.expose())
.change_context(errors::ApiClientError::CertificateDecodeFailed)?;
let decoded_certificate_key = BASE64_ENGINE
.decode(encoded_certificate_key)
.decode(encoded_certificate_key.expose())
.change_context(errors::ApiClientError::CertificateDecodeFailed)?;
let certificate = String::from_utf8(decoded_certificate)

4
crates/router/src/core/verification.rs
View File

@ -22,8 +22,8 @@ pub async fn verify_merchant_creds_for_applepay(
.common_merchant_identifier
.clone()
.expose();
let cert_data = applepay_merchant_configs.merchant_cert.clone().expose();
let key_data = applepay_merchant_configs.merchant_cert_key.clone().expose();
let cert_data = applepay_merchant_configs.merchant_cert.clone();
let key_data = applepay_merchant_configs.merchant_cert_key.clone();
let applepay_endpoint = &applepay_merchant_configs.applepay_endpoint;
let request_body = verifications::ApplepayMerchantVerificationConfigs {

20
crates/router/src/services/api/client.rs
View File

@ -83,8 +83,8 @@ fn get_base_client(
pub(super) fn create_client(
proxy_config: &Proxy,
should_bypass_proxy: bool,
client_certificate: Option<String>,
client_certificate_key: Option<String>,
client_certificate: Option<masking::Secret<String>>,
client_certificate_key: Option<masking::Secret<String>>,
) -> CustomResult<reqwest::Client, ApiClientError> {
match (client_certificate, client_certificate_key) {
(Some(encoded_certificate), Some(encoded_certificate_key)) => {
@ -154,8 +154,8 @@ where
&self,
method: Method,
url: String,
certificate: Option<String>,
certificate_key: Option<String>,
certificate: Option<masking::Secret<String>>,
certificate_key: Option<masking::Secret<String>>,
) -> CustomResult<Box<dyn RequestBuilder>, ApiClientError>;
async fn send_request(
@ -223,8 +223,8 @@ impl ProxyClient {
pub fn get_reqwest_client(
&self,
base_url: String,
client_certificate: Option<String>,
client_certificate_key: Option<String>,
client_certificate: Option<masking::Secret<String>>,
client_certificate_key: Option<masking::Secret<String>>,
) -> CustomResult<reqwest::Client, ApiClientError> {
match (client_certificate, client_certificate_key) {
(Some(certificate), Some(certificate_key)) => {
@ -323,8 +323,8 @@ impl ApiClient for ProxyClient {
&self,
method: Method,
url: String,
certificate: Option<String>,
certificate_key: Option<String>,
certificate: Option<masking::Secret<String>>,
certificate_key: Option<masking::Secret<String>>,
) -> CustomResult<Box<dyn RequestBuilder>, ApiClientError> {
let client_builder = self
.get_reqwest_client(url.clone(), certificate, certificate_key)
@ -378,8 +378,8 @@ impl ApiClient for MockApiClient {
&self,
_method: Method,
_url: String,
_certificate: Option<String>,
_certificate_key: Option<String>,
_certificate: Option<masking::Secret<String>>,
_certificate_key: Option<masking::Secret<String>>,
) -> CustomResult<Box<dyn RequestBuilder>, ApiClientError> {
// [#2066]: Add Mock implementation for ApiClient
Err(ApiClientError::UnexpectedState.into())