Skip to content

Commit

Permalink
Merge branch '2.3-develop' of github.com:magento/magento2 into 2.3-de…
Browse files Browse the repository at this point in the history
…velop
  • Loading branch information
david-fuehr committed Mar 19, 2019
2 parents 1106542 + 2e863d6 commit eb989e2
Show file tree
Hide file tree
Showing 167 changed files with 3,872 additions and 410 deletions.
1 change: 0 additions & 1 deletion .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@ cache:
- $HOME/node_modules
- $HOME/yarn.lock
before_install:
- curl -O https://download.elastic.co/elasticsearch/release/org/elasticsearch/distribution/deb/elasticsearch/2.3.0/elasticsearch-2.3.0.deb && sudo dpkg -i --force-confnew elasticsearch-2.3.0.deb && sudo service elasticsearch restart
- ./dev/travis/before_install.sh
install: composer install --no-interaction
before_script: ./dev/travis/before_script.sh
Expand Down
2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -626,7 +626,7 @@ Tests:
* Fixed an issue where filters were not shown on product reviews report grid
* Fixed an issue where second customer address was not deleted from customer account
* Fixed an issue where custom options pop-up was still displayed after submit
* Fixed an issue where Second Product was not added to Shopping Cart from Wishlist at first atempt
* Fixed an issue where Second Product was not added to Shopping Cart from Wishlist at first attempt
* Fixed an issue where customer invalid email message was not displayed
* Fixed an issue where All Access Tokens for Customer without Tokens could not be revoked
* Fixed an issue where it was impossible to add Product to Shopping Cart from shared Wishlist
Expand Down
12 changes: 6 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@
<h2>Welcome</h2>
Welcome to Magento 2 installation! We're glad you chose to install Magento 2, a cutting-edge, feature-rich eCommerce solution that gets results.

## Magento system requirements
[Magento system requirements](https://devdocs.magento.com/guides/v2.3/install-gde/system-requirements2.html).
## Magento System Requirements
[Magento System Requirements](https://devdocs.magento.com/guides/v2.3/install-gde/system-requirements2.html).

## Install Magento

* [Installation guide](https://devdocs.magento.com/guides/v2.3/install-gde/bk-install-guide.html).
* [Installation Guide](https://devdocs.magento.com/guides/v2.3/install-gde/bk-install-guide.html).

<h2>Contributing to the Magento 2 code base</h2>
<h2>Contributing to the Magento 2 Code Base</h2>
Contributions can take the form of new components or features, changes to existing features, tests, documentation (such as developer guides, user guides, examples, or specifications), bug fixes, optimizations, or just good suggestions.

To learn about how to make a contribution, click [here][1].
Expand All @@ -39,11 +39,11 @@ Magento is thankful for any contribution that can improve our code base, documen
<img src="https://raw.githubusercontent.com/wiki/magento/magento2/images/contributors.png"/>
</a>

### Labels applied by the Magento team
### Labels Applied by the Magento Team
We apply labels to public Pull Requests and Issues to help other participants retrieve additional information about current progress, component assignments, Magento release lines, and much more.
Please review the [Code Contributions guide](https://devdocs.magento.com/guides/v2.3/contributor-guide/contributing.html#labels) for detailed information on labels used in Magento 2 repositories.

## Reporting security issues
## Reporting Security Issues

To report security vulnerabilities in Magento software or web sites, please create a Bugcrowd researcher account [there](https://bugcrowd.com/magento) to submit and follow-up your issue. Learn more about reporting security issues [here](https://magento.com/security/reporting-magento-security-issue).

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,7 @@ class AdvancedPricing extends \Magento\ImportExport\Model\Import\Entity\Abstract
* @param AdvancedPricing\Validator\Website $websiteValidator
* @param AdvancedPricing\Validator\TierPrice $tierPriceValidator
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
* @throws \Exception
*/
public function __construct(
\Magento\Framework\Json\Helper\Data $jsonHelper,
Expand Down Expand Up @@ -255,6 +256,7 @@ public function getEntityTypeCode()
* @param array $rowData
* @param int $rowNum
* @return bool
* @throws \Zend_Validate_Exception
*/
public function validateRow(array $rowData, $rowNum)
{
Expand Down Expand Up @@ -308,6 +310,7 @@ protected function _importData()
* Save advanced pricing
*
* @return $this
* @throws \Exception
*/
public function saveAdvancedPricing()
{
Expand All @@ -319,6 +322,7 @@ public function saveAdvancedPricing()
* Deletes Advanced price data from raw data.
*
* @return $this
* @throws \Exception
*/
public function deleteAdvancedPricing()
{
Expand Down Expand Up @@ -347,6 +351,7 @@ public function deleteAdvancedPricing()
* Replace advanced pricing
*
* @return $this
* @throws \Exception
*/
public function replaceAdvancedPricing()
{
Expand All @@ -360,6 +365,7 @@ public function replaceAdvancedPricing()
* @return $this
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.NPathComplexity)
* @throws \Exception
*/
protected function saveAndReplaceAdvancedPrices()
{
Expand All @@ -368,8 +374,8 @@ protected function saveAndReplaceAdvancedPrices()
$this->_cachedSkuToDelete = null;
}
$listSku = [];
$tierPrices = [];
while ($bunch = $this->_dataSourceModel->getNextBunch()) {
$tierPrices = [];
foreach ($bunch as $rowNum => $rowData) {
if (!$this->validateRow($rowData, $rowNum)) {
$this->addRowError(ValidatorInterface::ERROR_SKU_IS_EMPTY, $rowNum);
Expand Down Expand Up @@ -397,15 +403,8 @@ protected function saveAndReplaceAdvancedPrices()
];
}
}
if (\Magento\ImportExport\Model\Import::BEHAVIOR_REPLACE == $behavior) {
if ($listSku) {
$this->processCountNewPrices($tierPrices);
if ($this->deleteProductTierPrices(array_unique($listSku), self::TABLE_TIER_PRICE)) {
$this->saveProductPrices($tierPrices, self::TABLE_TIER_PRICE);
$this->setUpdatedAt($listSku);
}
}
} elseif (\Magento\ImportExport\Model\Import::BEHAVIOR_APPEND == $behavior) {

if (\Magento\ImportExport\Model\Import::BEHAVIOR_APPEND == $behavior) {
$this->processCountExistingPrices($tierPrices, self::TABLE_TIER_PRICE)
->processCountNewPrices($tierPrices);

Expand All @@ -415,6 +414,17 @@ protected function saveAndReplaceAdvancedPrices()
}
}
}

if (\Magento\ImportExport\Model\Import::BEHAVIOR_REPLACE == $behavior) {
if ($listSku) {
$this->processCountNewPrices($tierPrices);
if ($this->deleteProductTierPrices(array_unique($listSku), self::TABLE_TIER_PRICE)) {
$this->saveProductPrices($tierPrices, self::TABLE_TIER_PRICE);
$this->setUpdatedAt($listSku);
}
}
}

return $this;
}

Expand All @@ -424,6 +434,7 @@ protected function saveAndReplaceAdvancedPrices()
* @param array $priceData
* @param string $table
* @return $this
* @throws \Exception
*/
protected function saveProductPrices(array $priceData, $table)
{
Expand Down Expand Up @@ -455,6 +466,7 @@ protected function saveProductPrices(array $priceData, $table)
* @param array $listSku
* @param string $table
* @return boolean
* @throws \Exception
*/
protected function deleteProductTierPrices(array $listSku, $table)
{
Expand Down Expand Up @@ -532,6 +544,7 @@ protected function getCustomerGroupId($customerGroup)
* Retrieve product skus
*
* @return array
* @throws \Exception
*/
protected function retrieveOldSkus()
{
Expand All @@ -552,6 +565,7 @@ protected function retrieveOldSkus()
* @param array $prices
* @param string $table
* @return $this
* @throws \Exception
*/
protected function processCountExistingPrices($prices, $table)
{
Expand Down
9 changes: 5 additions & 4 deletions app/code/Magento/Authorizenet/Model/Directpost.php
Original file line number Diff line number Diff line change
Expand Up @@ -546,15 +546,16 @@ public function setResponseData(array $postData)
public function validateResponse()
{
$response = $this->getResponse();
//md5 check
if (!$this->getConfigData('trans_md5')
|| !$this->getConfigData('login')
|| !$response->isValidHash($this->getConfigData('trans_md5'), $this->getConfigData('login'))
$hashConfigKey = !empty($response->getData('x_SHA2_Hash')) ? 'signature_key' : 'trans_md5';

//hash check
if (!$response->isValidHash($this->getConfigData($hashConfigKey), $this->getConfigData('login'))
) {
throw new \Magento\Framework\Exception\LocalizedException(
__('The transaction was declined because the response hash validation failed.')
);
}

return true;
}

Expand Down
119 changes: 105 additions & 14 deletions app/code/Magento/Authorizenet/Model/Directpost/Request.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@
namespace Magento\Authorizenet\Model\Directpost;

use Magento\Authorizenet\Model\Request as AuthorizenetRequest;
use Magento\Framework\App\ObjectManager;
use Magento\Framework\Intl\DateTimeFactory;

/**
* Authorize.net request model for DirectPost model
Expand All @@ -20,10 +22,35 @@ class Request extends AuthorizenetRequest
*/
protected $_transKey = null;

/**
* Hexadecimal signature key.
*
* @var string
*/
private $signatureKey = '';

/**
* @var DateTimeFactory
*/
private $dateTimeFactory;

/**
* @param array $data
* @param DateTimeFactory $dateTimeFactory
*/
public function __construct(
array $data = [],
DateTimeFactory $dateTimeFactory = null
) {
$this->dateTimeFactory = $dateTimeFactory ?? ObjectManager::getInstance()
->get(DateTimeFactory::class);
parent::__construct($data);
}

/**
* Return merchant transaction key.
*
* Needed to generate sign.
* Needed to generate MD5 sign.
*
* @return string
*/
Expand All @@ -35,7 +62,7 @@ protected function _getTransactionKey()
/**
* Set merchant transaction key.
*
* Needed to generate sign.
* Needed to generate MD5 sign.
*
* @param string $transKey
* @return $this
Expand All @@ -47,7 +74,7 @@ protected function _setTransactionKey($transKey)
}

/**
* Generates the fingerprint for request.
* Generates the MD5 fingerprint for request.
*
* @param string $merchantApiLoginId
* @param string $merchantTransactionKey
Expand All @@ -67,7 +94,7 @@ public function generateRequestSign(
) {
return hash_hmac(
"md5",
$merchantApiLoginId . "^" . $fpSequence . "^" . $fpTimestamp . "^" . $amount . "^" . $currencyCode,
$merchantApiLoginId . '^' . $fpSequence . '^' . $fpTimestamp . '^' . $amount . '^' . $currencyCode,
$merchantTransactionKey
);
}
Expand All @@ -82,7 +109,7 @@ public function setConstantData(\Magento\Authorizenet\Model\Directpost $paymentM
{
$this->setXVersion('3.1')->setXDelimData('FALSE')->setXRelayResponse('TRUE');

$this->setXTestRequest($paymentMethod->getConfigData('test') ? 'TRUE' : 'FALSE');
$this->setSignatureKey($paymentMethod->getConfigData('signature_key'));

$this->setXLogin($paymentMethod->getConfigData('login'))
->setXMethod(\Magento\Authorizenet\Model\Authorizenet::REQUEST_METHOD_CC)
Expand Down Expand Up @@ -173,17 +200,81 @@ public function setDataFromOrder(
*/
public function signRequestData()
{
$fpTimestamp = time();
$hash = $this->generateRequestSign(
$this->getXLogin(),
$this->_getTransactionKey(),
$this->getXAmount(),
$this->getXCurrencyCode(),
$this->getXFpSequence(),
$fpTimestamp
);
$fpDate = $this->dateTimeFactory->create('now', new \DateTimeZone('UTC'));
$fpTimestamp = $fpDate->getTimestamp();

if (!empty($this->getSignatureKey())) {
$hash = $this->generateSha2RequestSign(
(string)$this->getXLogin(),
(string)$this->getSignatureKey(),
(string)$this->getXAmount(),
(string)$this->getXCurrencyCode(),
(string)$this->getXFpSequence(),
$fpTimestamp
);
} else {
$hash = $this->generateRequestSign(
$this->getXLogin(),
$this->_getTransactionKey(),
$this->getXAmount(),
$this->getXCurrencyCode(),
$this->getXFpSequence(),
$fpTimestamp
);
}

$this->setXFpTimestamp($fpTimestamp);
$this->setXFpHash($hash);

return $this;
}

/**
* Generates the SHA2 fingerprint for request.
*
* @param string $merchantApiLoginId
* @param string $merchantSignatureKey
* @param string $amount
* @param string $currencyCode
* @param string $fpSequence An invoice number or random number.
* @param int $fpTimestamp
* @return string The fingerprint.
*/
private function generateSha2RequestSign(
string $merchantApiLoginId,
string $merchantSignatureKey,
string $amount,
string $currencyCode,
string $fpSequence,
int $fpTimestamp
): string {
$message = $merchantApiLoginId . '^' . $fpSequence . '^' . $fpTimestamp . '^' . $amount . '^' . $currencyCode;

return strtoupper(hash_hmac('sha512', $message, pack('H*', $merchantSignatureKey)));
}

/**
* Return merchant hexadecimal signature key.
*
* Needed to generate SHA2 sign.
*
* @return string
*/
private function getSignatureKey(): string
{
return $this->signatureKey;
}

/**
* Set merchant hexadecimal signature key.
*
* Needed to generate SHA2 sign.
*
* @param string $signatureKey
* @return void
*/
private function setSignatureKey(string $signatureKey)
{
$this->signatureKey = $signatureKey;
}
}
Loading

0 comments on commit eb989e2

Please sign in to comment.