PISHPS-328: added ApplePayDirectDomainAllowList

src/Components/ApplePayDirect/ApplePayDirect.php

@@ -2,10 +2,14 @@
 
 namespace Kiener\MolliePayments\Components\ApplePayDirect;
 
+use Kiener\MolliePayments\Components\ApplePayDirect\Exceptions\ApplePayValidationUrlAllowListCanNotBeEmptyException;
+use Kiener\MolliePayments\Components\ApplePayDirect\Exceptions\ApplePayValidationUrlNotInAllowListException;
+use Kiener\MolliePayments\Components\ApplePayDirect\Gateways\ApplePayValidationUrlAllowListGateway;
 use Kiener\MolliePayments\Components\ApplePayDirect\Models\ApplePayCart;
 use Kiener\MolliePayments\Components\ApplePayDirect\Services\ApplePayDomainVerificationService;
 use Kiener\MolliePayments\Components\ApplePayDirect\Services\ApplePayFormatter;
 use Kiener\MolliePayments\Components\ApplePayDirect\Services\ApplePayShippingBuilder;
+use Kiener\MolliePayments\Components\ApplePayDirect\Services\ApplePayValidationUrlSanitizer;
 use Kiener\MolliePayments\Facade\MolliePaymentDoPay;
 use Kiener\MolliePayments\Factory\MollieApiFactory;
 use Kiener\MolliePayments\Handler\Method\ApplePayPayment;
@@ -105,6 +109,16 @@ class ApplePayDirect
      */
     private $repoOrderAdresses;
 
+    /**
+     * @var ApplePayValidationUrlAllowListGateway
+     */
+    private $validationUrlAllowListGateway;
+
+    /**
+     * @var ApplePayValidationUrlSanitizer
+     */
+    private $validationUrlSanitizer;
+
 
     /**
      * @param ApplePayDomainVerificationService $domainFileDownloader
@@ -121,8 +135,10 @@ class ApplePayDirect
      * @param ShopService $shopService
      * @param OrderService $orderService
      * @param OrderAddressRepositoryInterface $repoOrderAdresses
+     * @param ApplePayValidationUrlAllowListGateway $validationUrlAllowListGateway
+     * @param ApplePayValidationUrlSanitizer $validationUrlSanitizer
      */
-    public function __construct(ApplePayDomainVerificationService $domainFileDownloader, ApplePayPayment $paymentHandler, MolliePaymentDoPay $molliePayments, CartServiceInterface $cartService, ApplePayFormatter $formatter, ApplePayShippingBuilder $shippingBuilder, SettingsService $pluginSettings, CustomerService $customerService, PaymentMethodRepository $repoPaymentMethods, CartBackupService $cartBackupService, MollieApiFactory $mollieApiFactory, ShopService $shopService, OrderService $orderService, OrderAddressRepositoryInterface $repoOrderAdresses)
+    public function __construct(ApplePayDomainVerificationService $domainFileDownloader, ApplePayPayment $paymentHandler, MolliePaymentDoPay $molliePayments, CartServiceInterface $cartService, ApplePayFormatter $formatter, ApplePayShippingBuilder $shippingBuilder, SettingsService $pluginSettings, CustomerService $customerService, PaymentMethodRepository $repoPaymentMethods, CartBackupService $cartBackupService, MollieApiFactory $mollieApiFactory, ShopService $shopService, OrderService $orderService, OrderAddressRepositoryInterface $repoOrderAdresses, ApplePayValidationUrlAllowListGateway $validationUrlAllowListGateway, ApplePayValidationUrlSanitizer $validationUrlSanitizer)
     {
         $this->domainFileDownloader = $domainFileDownloader;
         $this->paymentHandler = $paymentHandler;
@@ -138,6 +154,8 @@ public function __construct(ApplePayDomainVerificationService $domainFileDownloa
         $this->shopService = $shopService;
         $this->orderService = $orderService;
         $this->repoOrderAdresses = $repoOrderAdresses;
+        $this->validationUrlAllowListGateway = $validationUrlAllowListGateway;
+        $this->validationUrlSanitizer = $validationUrlSanitizer;
     }
 
 
@@ -473,6 +491,29 @@ public function createPayment(OrderEntity $order, string $shopwareReturnUrl, str
         return $paymentData->getMollieID();
     }
 
+    /**
+     * @param string $validationUrl
+     * @throws ApplePayValidationUrlAllowListCanNotBeEmptyException
+     * @throws ApplePayValidationUrlNotInAllowListException
+     * @return string
+     */
+    public function validateValidationUrl(string $validationUrl): string
+    {
+        $allowList = $this->validationUrlAllowListGateway->getAllowList();
+
+        if ($allowList->isEmpty()) {
+            throw new ApplePayValidationUrlAllowListCanNotBeEmptyException();
+        }
+
+        $validationUrl = $this->validationUrlSanitizer->sanitizeValidationUrl($validationUrl);
+
+        if ($allowList->contains($validationUrl) === false) {
+            throw new ApplePayValidationUrlNotInAllowListException($validationUrl);
+        }
+
+        return $validationUrl;
+    }
+
     /**
      * @param Cart $cart
      * @return ApplePayCart

src/Components/ApplePayDirect/Exceptions/ApplePayValidationUrlAllowListCanNotBeEmptyException.php

@@ -0,0 +1,12 @@
+<?php
+declare(strict_types=1);
+
+namespace Kiener\MolliePayments\Components\ApplePayDirect\Exceptions;
+
+class ApplePayValidationUrlAllowListCanNotBeEmptyException extends \Exception
+{
+    public function __construct()
+    {
+        parent::__construct('The Apple Pay validation URL allow list can not be empty. Please check the configuration.');
+    }
+}

src/Components/ApplePayDirect/Exceptions/ApplePayValidationUrlNotInAllowListException.php

@@ -0,0 +1,12 @@
+<?php
+declare(strict_types=1);
+
+namespace Kiener\MolliePayments\Components\ApplePayDirect\Exceptions;
+
+class ApplePayValidationUrlNotInAllowListException extends \Exception
+{
+    public function __construct(string $url)
+    {
+        parent::__construct(sprintf('The given URL %s is not in the Apple Pay validation URL allow list.', $url));
+    }
+}

src/Components/ApplePayDirect/Gateways/ApplePayValidationUrlAllowListGateway.php

@@ -0,0 +1,47 @@
+<?php
+declare(strict_types=1);
+
+namespace Kiener\MolliePayments\Components\ApplePayDirect\Gateways;
+
+use Kiener\MolliePayments\Components\ApplePayDirect\Models\ApplePayValidationUrlAllowListItem;
+use Kiener\MolliePayments\Components\ApplePayDirect\Models\Collections\ApplePayValidationUrlAllowList;
+use Shopware\Core\System\SystemConfig\SystemConfigService;
+
+class ApplePayValidationUrlAllowListGateway
+{
+    /**
+     * @var SystemConfigService
+     */
+    private $systemConfigService;
+
+    /**
+     * ApplePayValidationUrlAllowListItem constructor.
+     *
+     * @param SystemConfigService $systemConfigService
+     */
+    public function __construct(SystemConfigService $systemConfigService)
+    {
+        $this->systemConfigService = $systemConfigService;
+    }
+
+    /**
+     * Get the ApplePayValidationUrlAllowList
+     *
+     * @return ApplePayValidationUrlAllowList
+     */
+    public function getAllowList(): ApplePayValidationUrlAllowList
+    {
+        $allowList = $this->systemConfigService->get('MolliePayments.config.ApplePayValidationAllowList');
+
+        if (is_string($allowList) === false || empty($allowList)) {
+            return ApplePayValidationUrlAllowList::create();
+        }
+
+        $allowList = trim($allowList);
+
+        $items = explode(',', $allowList);
+        $items = array_map([ApplePayValidationUrlAllowListItem::class, 'create'], $items);
+
+        return ApplePayValidationUrlAllowList::create(...$items);
+    }
+}

src/Components/ApplePayDirect/Models/ApplePayValidationUrlAllowListItem.php

@@ -0,0 +1,50 @@
+<?php
+declare(strict_types=1);
+
+namespace Kiener\MolliePayments\Components\ApplePayDirect\Models;
+
+class ApplePayValidationUrlAllowListItem
+{
+    /**
+     * @var string
+     */
+    private $value;
+
+    /**
+     * ApplePayValidationUrlAllowListItem constructor.
+     *
+     * @param string $value
+     */
+    private function __construct(string $value)
+    {
+        $this->value = $value;
+    }
+
+    public static function create(string $value): self
+    {
+        if (empty($value)) {
+            throw new \InvalidArgumentException(sprintf('The value of %s must not be empty', self::class));
+        }
+
+        if (strpos($value, 'http') !== 0) {
+            $value = 'https://' . $value;
+        }
+
+        if (substr($value, -1) !== '/') {
+            $value .= '/';
+        }
+
+        return new self($value);
+    }
+
+    /**
+     * Compare the value with the given value
+     *
+     * @param string $value value that will be compared
+     * @return bool
+     */
+    public function equals(string $value): bool
+    {
+        return $this->value === $value;
+    }
+}

src/Components/ApplePayDirect/Models/Collections/ApplePayValidationUrlAllowList.php

@@ -0,0 +1,69 @@
+<?php
+declare(strict_types=1);
+
+namespace Kiener\MolliePayments\Components\ApplePayDirect\Models\Collections;
+
+use Countable;
+use Kiener\MolliePayments\Components\ApplePayDirect\Models\ApplePayValidationUrlAllowListItem;
+
+class ApplePayValidationUrlAllowList implements Countable
+{
+    /**
+     * @var ApplePayValidationUrlAllowListItem[]
+     */
+    private $allowList;
+
+    /**
+     * ApplePayValidationUrlAllowList constructor.
+     *
+     * @param ApplePayValidationUrlAllowListItem[] $allowList
+     */
+    private function __construct(array $allowList = [])
+    {
+        $this->allowList = $allowList;
+    }
+
+    /**
+     * Create a new ApplePayAllowList
+     *
+     * @param ApplePayValidationUrlAllowListItem ...$items
+     * @return ApplePayValidationUrlAllowList
+     */
+    public static function create(ApplePayValidationUrlAllowListItem ...$items): self
+    {
+        return new self($items);
+    }
+
+    /**
+     * Check if the given value is in the allow list
+     *
+     * @param string $value
+     * @return bool
+     */
+    public function contains(string $value): bool
+    {
+        foreach ($this->allowList as $item) {
+            if ($item->equals($value)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * @return bool
+     */
+    public function isEmpty(): bool
+    {
+        return count($this) === 0;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function count(): int
+    {
+        return count($this->allowList);
+    }
+}

src/Components/ApplePayDirect/Services/ApplePayValidationUrlSanitizer.php

@@ -0,0 +1,29 @@
+<?php
+declare(strict_types=1);
+
+namespace Kiener\MolliePayments\Components\ApplePayDirect\Services;
+
+/**
+ * Responsible for sanitizing the validation URL for Apple Pay
+ */
+class ApplePayValidationUrlSanitizer
+{
+    /**
+     * Sanitize the given validation URL
+     *
+     * @param string $url
+     * @return string
+     */
+    public function sanitizeValidationUrl(string $url): string
+    {
+        if (strpos($url, 'http') !== 0) {
+            $url = 'https://' . $url;
+        }
+
+        if (substr($url, -1) !== '/') {
+            $url .= '/';
+        }
+
+        return $url;
+    }
+}