aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2026-01-02 21:54:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Be sure to match transaction gateway in Shopify registration

Browse Source
This commit is contained in:
Kukks
2020-09-28 10:39:00 +02:00
committed by rockstardev
parent 0a726d598c
commit 6da6723c72
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
BTCPayServer/Services/Shopify/OrderTransactionRegisterLogic.cs
View File

@@ -1,9 +1,9 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using BTCPayServer.Services.Shopify.ApiModels;
using Microsoft.EntityFrameworkCore.Internal;
using Newtonsoft.Json.Linq;
using BTCPayServer.Services.Shopify.ApiModels.DataHolders;
namespace BTCPayServer.Services.Shopify
{
@@ -16,17 +16,21 @@ namespace BTCPayServer.Services.Shopify
_client = client;
}
private static TransactionDataHolder GetParentTransaction(List<TransactionDataHolder> txs)
{
var keywords = new[] {"bitcoin", "btc"};
return txs.FirstOrDefault(holder =>keywords .Any(s => holder.gateway.Contains(s, StringComparison.InvariantCultureIgnoreCase)));
}
public async Task<TransactionsCreateResp> Process(string orderId, string invoiceId, string currency, string amountCaptured, bool success)
{
currency = currency.ToUpperInvariant().Trim();
var existingShopifyOrderTransactions = (await _client.TransactionsList(orderId)).transactions;
if (existingShopifyOrderTransactions?.Count < 1)
var baseParentTransaction = GetParentTransaction(existingShopifyOrderTransactions);
if (baseParentTransaction is null)
{
return null;
}
//TODO: verify if we should be doing this or filtering out the parent transaction by the gateway (the one that shows in the checkout UI, aka the manual payment method created by the merchant)
var baseParentTransaction = existingShopifyOrderTransactions[0];
//technically, this exploit should not be possible as we use internal invoice tags to verify that the invoice was created by our controlled, dedicated endpoint.
if (currency.ToUpperInvariant().Trim() != baseParentTransaction.currency.ToUpperInvariant().Trim())