From d11bb52038d236438db75a4fd21803c922145c91 Mon Sep 17 00:00:00 2001 From: IceToast <> Date: Sat, 21 Jan 2023 01:04:23 +0100 Subject: [PATCH] =?UTF-8?q?feat:=20=E2=9C=A8=20Support=20csrf=20ignoring?= =?UTF-8?q?=20routes=20for=20extensions=20&=20moved=20extension=20config?= =?UTF-8?q?=20to=20own=20file?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../PaymentGateways/PayPal/config.php | 12 ++++++ .../PaymentGateways/PayPal/index.php | 38 ------------------- .../PaymentGateways/Stripe/config.php | 14 +++++++ .../PaymentGateways/Stripe/index.php | 37 ------------------ app/Http/Middleware/VerifyCsrfToken.php | 14 +++++-- 5 files changed, 37 insertions(+), 78 deletions(-) create mode 100644 app/Extensions/PaymentGateways/PayPal/config.php create mode 100644 app/Extensions/PaymentGateways/Stripe/config.php diff --git a/app/Extensions/PaymentGateways/PayPal/config.php b/app/Extensions/PaymentGateways/PayPal/config.php new file mode 100644 index 00000000..a8b6779d --- /dev/null +++ b/app/Extensions/PaymentGateways/PayPal/config.php @@ -0,0 +1,12 @@ + "PayPal", + "description" => "PayPal payment gateway", + "RoutesIgnoreCsrf" => [], + ]; +} diff --git a/app/Extensions/PaymentGateways/PayPal/index.php b/app/Extensions/PaymentGateways/PayPal/index.php index ed8d8fd8..88abc809 100644 --- a/app/Extensions/PaymentGateways/PayPal/index.php +++ b/app/Extensions/PaymentGateways/PayPal/index.php @@ -174,41 +174,3 @@ function getPaypalClientSecret() { return env('APP_ENV') == 'local' ? config("SETTINGS::PAYMENTS:PAYPAL:SANDBOX_SECRET") : config("SETTINGS::PAYMENTS:PAYPAL:SECRET"); } -function getPayPalConfig() -{ - return [ - "name" => "PayPal", - "description" => "PayPal payment gateway", - "settings" => [ - "mode" => [ - "type" => "select", - "label" => "Mode", - "value" => config("APP_ENV") == 'local' ? "sandbox" : "live", - "options" => [ - "sandbox" => "Sandbox", - "live" => "Live", - ], - ], - "CLIENT_ID" => [ - "type" => "text", - "label" => "PayPal Client ID", - "value" => config("SETTINGS::PAYMENTS:PAYPAL:CLIENT_ID"), - ], - "SECRET" => [ - "type" => "text", - "label" => "PayPal Secret", - "value" => config("SETTINGS::PAYMENTS:PAYPAL:SECRET"), - ], - "SANDBOX_CLIENT_ID" => [ - "type" => "text", - "label" => "PayPal Sandbox Client ID", - "value" => config("SETTINGS::PAYMENTS:PAYPAL:SANDBOX_CLIENT_ID"), - ], - "SANDBOX_SECRET" => [ - "type" => "text", - "label" => "PayPal Sandbox Secret", - "value" => config("SETTINGS::PAYMENTS:PAYPAL:SANDBOX_SECRET"), - ], - ], - ]; -} diff --git a/app/Extensions/PaymentGateways/Stripe/config.php b/app/Extensions/PaymentGateways/Stripe/config.php new file mode 100644 index 00000000..f4843a3e --- /dev/null +++ b/app/Extensions/PaymentGateways/Stripe/config.php @@ -0,0 +1,14 @@ + "Stripe", + "description" => "Stripe payment gateway", + "RoutesIgnoreCsrf" => [ + "payment/StripeWebhooks", + ], + ]; +} diff --git a/app/Extensions/PaymentGateways/Stripe/index.php b/app/Extensions/PaymentGateways/Stripe/index.php index c9a969ff..56e898c2 100644 --- a/app/Extensions/PaymentGateways/Stripe/index.php +++ b/app/Extensions/PaymentGateways/Stripe/index.php @@ -371,40 +371,3 @@ function checkPriceAmount($amount, $currencyCode, $payment_method) ]; return $amount >= $minimums[$currencyCode][$payment_method]; } - -function getStripeConfig() -{ - return [ - "name" => "Stripe", - "description" => "Stripe payment gateway", - "mode" => [ - "type" => "select", - "label" => "Mode", - "value" => config("APP_ENV") == 'local' ? "sandbox" : "live", - "options" => [ - "sandbox" => "Sandbox", - "live" => "Live", - ], - ], - "TEST_SECRET" => [ - "type" => "text", - "label" => "Test Secret Key", - "value" => config("SETTINGS::PAYMENTS:STRIPE:TEST_SECRET"), - ], - "SECRET" => [ - "type" => "text", - "label" => "Live Secret Key", - "value" => config("SETTINGS::PAYMENTS:STRIPE:SECRET"), - ], - "ENDPOINT_TEST_SECRET" => [ - "type" => "text", - "label" => "Test Endpoint Secret", - "value" => config("SETTINGS::PAYMENTS:STRIPE:ENDPOINT_TEST_SECRET"), - ], - "ENDPOINT_SECRET" => [ - "type" => "text", - "label" => "Live Endpoint Secret", - "value" => config("SETTINGS::PAYMENTS:STRIPE:ENDPOINT_SECRET"), - ], - ]; -} diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php index 45698844..5fbf7e81 100644 --- a/app/Http/Middleware/VerifyCsrfToken.php +++ b/app/Http/Middleware/VerifyCsrfToken.php @@ -2,7 +2,10 @@ namespace App\Http\Middleware; +use App\Helpers\ExtensionHelper; use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware; +use Illuminate\Contracts\Encryption\Encrypter; +use Illuminate\Contracts\Foundation\Application; class VerifyCsrfToken extends Middleware { @@ -11,7 +14,12 @@ class VerifyCsrfToken extends Middleware * * @var array */ - protected $except = [ - 'payment/StripeWebhooks', - ]; + protected $except = []; + + public function __construct(Application $app, Encrypter $encrypter) + { + $this->app = $app; + $this->encrypter = $encrypter; + $this->except = ExtensionHelper::getAllCsrfIgnoredRoutes(); + } }