soroushdes/flatrender
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ec51e87d2dd9d4ec2589c1393fe7cad75724218b
flatrender/services/payment/internal/signing/signing.go
T
soroush.asadi ec51e87d2d feat(payment): standalone ZarinPal broker on pay.flatrender.ir 
A generic multi-client payment gateway so FlatRender, meezi.ir and
bargevasat.ir can all pay through ZarinPal's single verified callback
domain (pay.flatrender.ir).

New Go service services/payment (clones the notification skeleton +
vendored deps):
- migration 31_payment_broker.sql — `payment` schema: client_apps,
  transactions, webhook_deliveries.
- ZarinPal v4 client ported from the proven identity PaymentService
  (request.json -> StartPay -> verify.json; codes 100/101).
- client API: POST /v1/pay/request + /v1/pay/inquiry, authed by
  X-Api-Key + HMAC body signature; GET /callback/zarinpal (the single
  verified endpoint) verifies, then 302s the user back to the site's
  return_url (signed) and fires a signed, retried webhook.
- per-client ZarinPal merchant override (default = shared merchant);
  amount stored canonically in Rial, unit to ZarinPal env-configurable.
- admin API /v1/admin/* (FlatRender admin JWT): client-app CRUD +
  key issue/rotate + transactions list.

Deploy wiring: payment-svc in docker-compose.v2.yml (host port 1607),
pay.flatrender.ir server block in mirror-nginx conf, ENV_FILE +
README updates (cert SAN + manual migration note).

Admin UI: src/components/admin/PaymentsAdmin.tsx (client apps with
one-time key reveal + rotate, transactions table) + /admin/payments
page + nav link + fa/en strings; pay-admin proxy route to payment-svc.

Docs/SDK: deploy/PAYMENTS.md (integration contract) + deploy/sdk/flatpay.js
(zero-dep Node client + webhook verifier) for meezi/any site.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-15 23:59:54 +03:30

30 lines
942 B
Go
Raw Blame History

// Package signing provides the HMAC-SHA256 helpers the broker uses to (a) verify
// inbound client requests and (b) sign outbound webhooks + return redirects so a
// client site can trust a result came from the broker untampered.
package signing
import (
"crypto/hmac"
"crypto/sha256"
"encoding/hex"
)
// Sign returns the lowercase hex HMAC-SHA256 of message keyed by secret.
func Sign(secret string, message []byte) string {
mac := hmac.New(sha256.New, []byte(secret))
mac.Write(message)
return hex.EncodeToString(mac.Sum(nil))
}
// Verify compares an expected hex signature against the computed one in constant time.
func Verify(secret string, message []byte, provided string) bool {
expected := Sign(secret, message)
// hmac.Equal is constant-time; compare the raw bytes after decoding.
pb, err := hex.DecodeString(provided)
if err != nil {
return false
}
eb, _ := hex.DecodeString(expected)
return hmac.Equal(eb, pb)
}
Reference in New Issue View Git Blame Copy Permalink