Merge pull request #37 from ostdotcom/parameter_escape_fix

Fix for escaping spacial character from parameters and added test case for signature matching.

CHANGELOG.md

@@ -1,3 +1,8 @@
+[OST KYC JAVA SDK v2.0.4](https://github.com/ostdotcom/ost-kyc-sdk-java/tree/v2.0.4) March 04 2019
+---
+
+* Fix for escaping special character from parameters and added test case for signature matching.
+
 [OST KYC JAVA SDK v2.0.3](https://github.com/ostdotcom/ost-kyc-sdk-java/tree/v2.0.3) February 28 2019
 ---
 

README.md

@@ -22,7 +22,7 @@ To use this node module, developers will need to:
 <dependency>
 <groupId>com.ost</groupId>
 <artifactId>ost-kyc-sdk-java</artifactId>
-<version>2.0.3</version>
+<version>2.0.4</version>
 </dependency>
 ```
 

VERSION

@@ -1 +1 @@
-2.0.3
+2.0.4

pom.xml

@@ -3,7 +3,7 @@
  <modelVersion>4.0.0</modelVersion>
  <groupId>com.ost</groupId>
  <artifactId>ost-kyc-sdk-java</artifactId>
- <version>2.0.3</version>
+ <version>2.0.4</version>
  <name>OST KYC SDK for Java</name>
  <description>The official OST KYC SDK for Java(https://dev.ost.com/docs/kyc/index.html).</description>
  <packaging>jar</packaging>

src/main/java/com/ost/kyc/lib/OSTKYCRequestClient.java

@@ -32,7 +32,7 @@ public class OSTKYCRequestClient {
  private static Boolean DEBUG = ("true").equalsIgnoreCase( System.getenv("OST_KYC_SDK_DEBUG") );
  private static Boolean VERBOSE = false;
 
- static class HttpParam {
+ public static class HttpParam {
  private String paramName;
  private String paramValue;
 
@@ -141,71 +141,42 @@ private JsonObject send(String requestType, String resource, Map<String, Object>
 
  FormBody.Builder formBodyBuilder = new FormBody.Builder();
  if (null == urlBuilder) {
- throw new IOException("Failed to instanciate HttpUrl.Builder. resource or Api Endpoint is incorrect.");
+ throw new IOException("Failed to instantiate HttpUrl.Builder. resource or Api Endpoint is incorrect.");
  }
 
  // Evaluate the url generated so far.
  HttpUrl url = urlBuilder.build();
 
- // Start Building HMAC Input Buffer by parsing the url.
- Buffer hmacInputBuffer = new Buffer();
-// for (String path : url.pathSegments()) {
-// if (DEBUG && VERBOSE) System.out.println("path:" + path);
-// hmacInputBuffer.writeByte('/').writeUtf8(PathSegmentEscaper.escape(path));
-// }
-
- hmacInputBuffer.writeUtf8(resource);
- hmacInputBuffer.writeByte('?');
-
  //Reset urlBuilder.
  urlBuilder = baseUrl.newBuilder();
 
+
+ ArrayList<HttpParam> params = new ArrayList<HttpParam>();
+
  mapParams.put("api_key", apiKey);
  mapParams.put("request_timestamp", String.valueOf(System.currentTimeMillis() / 1000));
- ArrayList<HttpParam> params = new ArrayList<HttpParam>();
+
+ params = getRequestParam(resource, mapParams);
+
  String paramKey;
  String paramVal;
 
- params = buildNestedQuery(params, "", mapParams);
-
  // Add params to url/form-body & hmacInputBuffer.
  Iterator it = params.iterator();
- boolean firstParam = true;
+
  while (it.hasNext()) {
  HttpParam pair = (HttpParam) it.next();
 
  paramKey = pair.getParamName();
  paramVal = pair.getParamValue();
 
- paramKey = specialCharacterEscape(paramKey);
- paramVal = specialCharacterEscape(paramVal);
-
- if (!firstParam) {
- hmacInputBuffer.writeByte('&');
- }
- firstParam = false;
-
- hmacInputBuffer.writeUtf8(paramKey);
- hmacInputBuffer.writeByte('=');
- hmacInputBuffer.writeUtf8(paramVal);
- if (DEBUG) System.out.println("paramKey " + paramKey + " paramVal " + paramVal);
-
  if (GET_REQUEST.equalsIgnoreCase(requestType)) {
  urlBuilder.addEncodedQueryParameter(paramKey, paramVal);
  } else {
  formBodyBuilder.addEncoded(paramKey, paramVal);
  }
  }
 
- // Add signature to Params.
- paramKey = "signature";
- paramVal = signQueryParams(hmacInputBuffer);
- if (GET_REQUEST.equalsIgnoreCase(requestType)) {
- urlBuilder.addEncodedQueryParameter(paramKey, paramVal);
- } else {
- formBodyBuilder.addEncoded(paramKey, paramVal);
- }
-
  // Build the url.
  url = urlBuilder.build();
  if (DEBUG) System.out.println("url = " + url.toString());
@@ -237,12 +208,57 @@ private JsonObject send(String requestType, String resource, Map<String, Object>
  responseBody = getResponseBodyAsString(response);
  }catch (SocketTimeoutException e)
  {
- System.out.println("SocketTimeoutException occured");
  responseBody = SocketTimeoutExceptionString;
  }
  return buildApiResponse(responseBody);
  }
 
+ public ArrayList<HttpParam> getRequestParam(String resource, Map<String, Object> paramValObj) {
+
+ // Start Building HMAC Input Buffer by parsing the url.
+ Buffer hmacInputBuffer = new Buffer();
+
+ hmacInputBuffer.writeUtf8(resource);
+ hmacInputBuffer.writeByte('?');
+
+
+ ArrayList<HttpParam> params = new ArrayList<HttpParam>();
+ ArrayList<HttpParam> escapedParams = new ArrayList<HttpParam>();
+ String paramKey;
+ String paramVal;
+
+ params = buildNestedQuery(params, "", paramValObj);
+
+ // Add params to url/form-body & hmacInputBuffer.
+ Iterator it = params.iterator();
+ boolean firstParam = true;
+
+ while (it.hasNext()) {
+ HttpParam pair = (HttpParam) it.next();
+
+ paramKey = pair.getParamName();
+ paramVal = pair.getParamValue();
+
+ paramKey = specialCharacterEscape(paramKey);
+ paramVal = specialCharacterEscape(paramVal);
+
+ if (!firstParam) {
+ hmacInputBuffer.writeByte('&');
+ }
+ firstParam = false;
+
+ hmacInputBuffer.writeUtf8(paramKey);
+ hmacInputBuffer.writeByte('=');
+ hmacInputBuffer.writeUtf8(paramVal);
+
+ escapedParams.add(new HttpParam(paramKey, paramVal));
+ if (DEBUG) System.out.println("paramKey " + paramKey + " paramVal " + paramVal);
+ }
+
+ paramVal = signQueryParams(hmacInputBuffer);
+ escapedParams.add(new HttpParam("signature", paramVal));
+ return escapedParams;
+ }
 
  private String signQueryParams(Buffer hmacInputBuffer) {
  // Generate Signature for Params.
@@ -356,7 +372,7 @@ private static ArrayList<HttpParam> buildNestedQuery(ArrayList<HttpParam> params
 
  private static String specialCharacterEscape(String stringToEscape){
  stringToEscape = FormParameterEscaper.escape(stringToEscape);
- stringToEscape = stringToEscape.replace("*", "%26");
+ stringToEscape = stringToEscape.replace("*", "%2A");
  return stringToEscape;
  }
 }

src/test/java/com/ost/kyc/services/v2/SignatureTest.java

@@ -0,0 +1,110 @@
+package com.ost.kyc.services.v2;
+
+import com.ost.kyc.lib.OSTKYCRequestClient;
+import com.ost.kyc.services.ServiceTestBase;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+
+public class SignatureTest extends ServiceTestBase {
+
+ public SignatureTest() {
+ super();
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ super.setUp();
+ }
+
+ public HashMap<String, Object> getParams() {
+ HashMap<String, Object> params = new HashMap<String, Object>();
+ HashMap<String, Object> emptyHash = new HashMap<String, Object>();
+ ArrayList<String> emptyArray = new ArrayList<String>();
+ ArrayList<String> list = new ArrayList<String>();
+ list.add("");
+ list.add(null);
+ params.put("a", null);
+ params.put("b", emptyArray);
+ params.put("c", "");
+ params.put("d", list);
+ params.put("e", emptyHash);
+ ArrayList<String> array = new ArrayList<String>();
+ array.add("Hello");
+ array.add("There");
+ array.add("12345");
+ params.put("k1", 125.45);
+ params.put("k2", "Tejas");
+
+ HashMap<String, Object> hashWithKeyValue1 = new HashMap<String, Object>();
+ hashWithKeyValue1.put("a", "L21A");
+ hashWithKeyValue1.put("b", "L21B");
+ HashMap<String, Object> hashWithKeyValue2 = new HashMap<String, Object>();
+ hashWithKeyValue2.put("a", "L22A");
+ hashWithKeyValue2.put("b", "L22B");
+ HashMap<String, Object> hashWithKeyValue3 = new HashMap<String, Object>();
+ hashWithKeyValue3.put("a", "L23A");
+ hashWithKeyValue3.put("b", "L23B");
+
+ HashMap<String, Object> nestedparams = new HashMap<String, Object>();
+ nestedparams.put("a" , hashWithKeyValue1);
+ nestedparams.put("b" , hashWithKeyValue2);
+ nestedparams.put("c" , hashWithKeyValue3);
+
+ params.put("aaaaa", nestedparams);
+ params.put("arrayValues", array);
+ params.put("garbage_str", "~!@#$%^&*()_+-= {}[]:\";'?/<>,. this is garbage");
+
+
+ return params;
+ }
+
+ @Test
+ public void testSignature() throws Exception {
+
+ HashMap<String, Object> params = getParams();
+ String apiKey = "d437535591587e8df4dd30b771651ebb";
+ String apiSecret = "a0431203671f42c079b2154066fd04ba";
+ String apiEndpoint = "https://kyc.ost.com";
+
+ params.put("apiSecret",apiSecret);
+ params.put("apiKey",apiKey);
+ params.put("apiEndpoint",apiEndpoint);
+
+ // Test-Case: Test Signature.
+ String signature;
+ OSTKYCRequestClient obj = new OSTKYCRequestClient(params);
+ signature = getSignature("/api/v2/users", params, obj);
+ boolean success;
+ if (signature.equalsIgnoreCase("ca84293b5b901a8c9972b873a224ce05db28d36471bedf613ae451a5a80b8f99")) {
+ success = true;
+ } else {
+ success = false;
+ }
+ Assert.assertEquals( success, true);
+ }
+
+ public String getSignature(String resource, Map<String, Object> paramValObj, OSTKYCRequestClient obj) {
+ ArrayList<OSTKYCRequestClient.HttpParam> paramsArray = (ArrayList<OSTKYCRequestClient.HttpParam>) obj.getRequestParam(resource,paramValObj);
+ String paramKey;
+ String paramVal;
+ Iterator it = paramsArray.iterator();
+ while (it.hasNext()) {
+ OSTKYCRequestClient.HttpParam pair = (OSTKYCRequestClient.HttpParam) it.next();
+
+ paramKey = pair.getParamName();
+ paramVal = pair.getParamValue();
+
+ if(paramKey.equalsIgnoreCase("signature"))
+ {
+ return paramVal;
+ }
+ }
+ return "";
+ }
+}