mirror of
https://github.com/juspay/hyperswitch.git
synced 2025-10-31 10:06:32 +08:00
feat: add a wrapper for encryption and decryption (#5502)
This commit is contained in:
Kartikeya Hegde
@ -4,10 +4,12 @@ use api_models::{
|
||||
webhook_events::{OutgoingWebhookRequestContent, OutgoingWebhookResponseContent},
|
||||
webhooks,
|
||||
};
|
||||
use common_utils::{ext_traits::Encode, request::RequestContent, types::keymanager::Identifier};
|
||||
use common_utils::{
|
||||
ext_traits::Encode, request::RequestContent, type_name, types::keymanager::Identifier,
|
||||
};
|
||||
use diesel_models::process_tracker::business_status;
|
||||
use error_stack::{report, ResultExt};
|
||||
use hyperswitch_domain_models::type_encryption::decrypt_optional;
|
||||
use hyperswitch_domain_models::type_encryption::{crypto_operation, CryptoOperation};
|
||||
use masking::{ExposeInterface, Mask, PeekInterface, Secret};
|
||||
use router_env::{
|
||||
instrument,
|
||||
@ -31,8 +33,7 @@ use crate::{
|
||||
routes::{app::SessionStateInfo, SessionState},
|
||||
services,
|
||||
types::{
|
||||
api,
|
||||
domain::{self, types as domain_types},
|
||||
api, domain,
|
||||
storage::{self, enums},
|
||||
transformers::ForeignFrom,
|
||||
},
|
||||
@ -113,17 +114,21 @@ pub(crate) async fn create_event_and_trigger_outgoing_webhook(
|
||||
idempotent_event_id: Some(idempotent_event_id.clone()),
|
||||
initial_attempt_id: Some(event_id.clone()),
|
||||
request: Some(
|
||||
domain_types::encrypt(
|
||||
crypto_operation(
|
||||
key_manager_state,
|
||||
request_content
|
||||
.encode_to_string_of_json()
|
||||
.change_context(errors::ApiErrorResponse::WebhookProcessingFailure)
|
||||
.attach_printable("Failed to encode outgoing webhook request content")
|
||||
.map(Secret::new)?,
|
||||
type_name!(domain::Event),
|
||||
CryptoOperation::Encrypt(
|
||||
request_content
|
||||
.encode_to_string_of_json()
|
||||
.change_context(errors::ApiErrorResponse::WebhookProcessingFailure)
|
||||
.attach_printable("Failed to encode outgoing webhook request content")
|
||||
.map(Secret::new)?,
|
||||
),
|
||||
Identifier::Merchant(merchant_key_store.merchant_id.clone()),
|
||||
merchant_key_store.key.get_inner().peek(),
|
||||
)
|
||||
.await
|
||||
.and_then(|val| val.try_into_operation())
|
||||
.change_context(errors::ApiErrorResponse::WebhookProcessingFailure)
|
||||
.attach_printable("Failed to encrypt outgoing webhook request content")?,
|
||||
),
|
||||
@ -570,15 +575,19 @@ pub(crate) async fn get_outgoing_webhook_request(
|
||||
|
||||
let transformed_outgoing_webhook = WebhookType::from(outgoing_webhook);
|
||||
let payment_response_hash_key = business_profile.payment_response_hash_key.clone();
|
||||
let custom_headers = decrypt_optional::<serde_json::Value, masking::WithType>(
|
||||
let custom_headers = crypto_operation::<serde_json::Value, masking::WithType>(
|
||||
&state.into(),
|
||||
business_profile
|
||||
.outgoing_webhook_custom_http_headers
|
||||
.clone(),
|
||||
type_name!(domain::Event),
|
||||
CryptoOperation::DecryptOptional(
|
||||
business_profile
|
||||
.outgoing_webhook_custom_http_headers
|
||||
.clone(),
|
||||
),
|
||||
Identifier::Merchant(key_store.merchant_id.clone()),
|
||||
key_store.key.get_inner().peek(),
|
||||
)
|
||||
.await
|
||||
.and_then(|val| val.try_into_optionaloperation())
|
||||
.change_context(errors::WebhooksFlowError::OutgoingWebhookEncodingFailed)
|
||||
.attach_printable("Failed to decrypt outgoing webhook custom HTTP headers")?
|
||||
.map(|decrypted_value| {
|
||||
@ -660,18 +669,22 @@ async fn update_event_if_client_error(
|
||||
let event_update = domain::EventUpdate::UpdateResponse {
|
||||
is_webhook_notified,
|
||||
response: Some(
|
||||
domain_types::encrypt(
|
||||
crypto_operation(
|
||||
key_manager_state,
|
||||
response_to_store
|
||||
.encode_to_string_of_json()
|
||||
.change_context(
|
||||
errors::WebhooksFlowError::OutgoingWebhookResponseEncodingFailed,
|
||||
)
|
||||
.map(Secret::new)?,
|
||||
type_name!(domain::Event),
|
||||
CryptoOperation::Encrypt(
|
||||
response_to_store
|
||||
.encode_to_string_of_json()
|
||||
.change_context(
|
||||
errors::WebhooksFlowError::OutgoingWebhookResponseEncodingFailed,
|
||||
)
|
||||
.map(Secret::new)?,
|
||||
),
|
||||
Identifier::Merchant(merchant_key_store.merchant_id.clone()),
|
||||
merchant_key_store.key.get_inner().peek(),
|
||||
)
|
||||
.await
|
||||
.and_then(|val| val.try_into_operation())
|
||||
.change_context(errors::WebhooksFlowError::WebhookEventUpdationFailed)
|
||||
.attach_printable("Failed to encrypt outgoing webhook response content")?,
|
||||
),
|
||||
@ -778,18 +791,22 @@ async fn update_event_in_storage(
|
||||
let event_update = domain::EventUpdate::UpdateResponse {
|
||||
is_webhook_notified,
|
||||
response: Some(
|
||||
domain_types::encrypt(
|
||||
crypto_operation(
|
||||
key_manager_state,
|
||||
response_to_store
|
||||
.encode_to_string_of_json()
|
||||
.change_context(
|
||||
errors::WebhooksFlowError::OutgoingWebhookResponseEncodingFailed,
|
||||
)
|
||||
.map(Secret::new)?,
|
||||
type_name!(domain::Event),
|
||||
CryptoOperation::Encrypt(
|
||||
response_to_store
|
||||
.encode_to_string_of_json()
|
||||
.change_context(
|
||||
errors::WebhooksFlowError::OutgoingWebhookResponseEncodingFailed,
|
||||
)
|
||||
.map(Secret::new)?,
|
||||
),
|
||||
Identifier::Merchant(merchant_key_store.merchant_id.clone()),
|
||||
merchant_key_store.key.get_inner().peek(),
|
||||
)
|
||||
.await
|
||||
.and_then(|val| val.try_into_operation())
|
||||
.change_context(errors::WebhooksFlowError::WebhookEventUpdationFailed)
|
||||
.attach_printable("Failed to encrypt outgoing webhook response content")?,
|
||||
),
|
||||
|
||||
Reference in New Issue
Block a user