diff --git a/README.md b/README.md index d387730..10ebc0c 100644 --- a/README.md +++ b/README.md @@ -1,40 +1,82 @@ -## Flex Token API +# CyberSource Flex Samples (Java) -### Introduction +This repository provides simple examples demonstrating usage of the CyberSource Flex SDK using either a headless JavaScript call (jsp-flexjs) or a fully customizable hosted field/microform which is incorporated into your checkout page. For more details on Secure Acceptance Flex visit our Developer Guide at https://developer.cybersource.com/api/developer-guides/dita-flex/SAFlexibleToken.html -Storing your customer’s card data can dramatically increase your repeat-custom conversion rate, but can also add additional risk and [PCI DSS](https://www.pcisecuritystandards.org/pci_security/) overhead. You can mitigate these costs by tokenizing card data. CyberSource will store your customer’s card data within secure Visa data centers, replacing it with a token that only you can use. +## Usage -Secure Acceptance Flexible Token is a secure method for Tokenizing card data, that leaves you in total control of the customer experience. Your customer’s card number is encrypted on their own device, for example inside a browser or native app, and sent directly to CyberSource. This means card data bypasses your systems altogether. This can help you qualify for [SAQ A](https://www.pcisecuritystandards.org/documents/Understanding_SAQs_PCI_DSS_v3.pdf) based PCI DSS assessments for web based integrations, and [SAQ A-EP](https://www.pcisecuritystandards.org/documents/Understanding_SAQs_PCI_DSS_v3.pdf) for native app integrations. +1. Clone or download this repository. +2. Update webapp/WEB-INF/credentials.properties with your [CyberSource sandbox credentials](https://ebc2test.cybersource.com). +3. Run ```mvn package``` in the sample you want to try (jsp-microform or jsp-flexjs). +4. Copy the output WAR file to your web server directory. -You are in total control of the look and feel, with the ability to seamlessly blend the solution in to your existing checkout flow, on web or in-app. +## Requirements +* Java 1.8 or later +* Tomcat web server -On-device encryption helps to protect your customers from attacks on network middleware such as app accelerators, DLPs, CDNs, and malicious hotspots. +**_NOTE: We also have samples for Flex available in .NET, PHP & Node.js _** + + +## Run with Docker +1. Clone or download this repository. +2. Update src/main/webapp/WEB-INF/credentials.properties with your [CyberSource sandbox credentials](https://ebc2test.cybersource.com). +3. Run ```docker-compose run jsp-microform-build``` and/or ```docker-compose run jsp-flexjs-build``` +4. Run ```docker-compose up web``` and access http://localhost:8080/flexjs and/or http://localhost:8080/microform -The token can be used in lieu of actual card data in server-side requests for other CyberSource services, such as [Payer Authentication](http://apps.cybersource.com/library/documentation/dev_guides/Payer_Authentication_SO_API/Payer_Authentication_SO_API.pdf), [Decision Manager](https://www.cybersource.com/products/fraud_management/), [Tax Services](http://apps.cybersource.com/library/documentation/dev_guides/Tax_SO_API/Tax_SO_API.pdf), and [Card Payments](http://apps.cybersource.com/library/documentation/dev_guides/CC_Svcs_SO_API/Credit_Cards_SO_API.pdf). +## API Reference +While these examples use the JavaScript libraries which we recommend as the most convenient option, you can try out the APIs behind the JavaScript SDKs by visiting our API Reference at https://developer.cybersource.com/api/reference/api-reference.html -Secure Acceptance Flexible Token is a JSON based RESTful service, consisting of two resources: **keys** and **tokens**. +## Background on PCI-DSS -#### Keys +Storing your customer’s card data can dramatically increase your repeat-customer conversion rate, but can also add additional risk and [PCI DSS](https://www.pcisecuritystandards.org/pci_security/) overhead. You can mitigate these costs by tokenizing card data. CyberSource will store your customer’s card data within secure Visa data centers, replacing it with a token that only you can use. -Create a transaction specific public key to encrypt the card data on your customer's device (a browser or a native app). This is an authenticated request from your server to CyberSource, when rendering your payment form or control. +Secure Acceptance Flexible Token is a secure method for Tokenizing card data, that leaves you in total control of the customer experience. Your customer’s card number is encrypted on their own device - for example inside a browser or native app - and sent directly to CyberSource. This means card data bypasses your systems altogether. This can help you qualify for [SAQ A](https://www.pcisecuritystandards.org/documents/Understanding_SAQs_PCI_DSS_v3.pdf) based PCI DSS assessments for web-based integrations, and [SAQ A-EP](https://www.pcisecuritystandards.org/documents/Understanding_SAQs_PCI_DSS_v3.pdf) for native app integrations. + +You are in total control of the look and feel, with the ability to seamlessly blend the solution in to your existing checkout flow, on web or in-app. + +On-device encryption helps to protect your customers from attacks on network middleware such as app accelerators, DLPs, CDNs, and malicious hotspots. -We provide a [Java SDK](https://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22com.cybersource%22%20AND%20a%3A%22flex-server-sdk%22) to simplify this, or you [call the Flexible Token API directly](http://apps.cybersource.com/library/documentation/dev_guides/hosted_flex/0_2_0/html/custom-server-integration/). SDKs for other languages will be available in future. +The token can be used in lieu of actual card data in server-side requests for other CyberSource services, for example to make a payment, using our REST APIs: https://developer.cybersource.com/api/reference/api-reference.html +## Samples -#### Tokens +### JavaScript (Flex API) Sample -Create a token using the encrypted card data. +This sample demonstrates how your checkout form can remain exactly as it is today, with the only addition of a JavaScript call to tokenize the customer's credit card information. This happens directly between their browser and CyberSource, replacing the provided data with a secure PCI-compliant token. This can then be sent to your server along with the other non-PCI order data. This can help achieve PCI-DSS SAQ A-EP level compliance for your application. -For web based solutions use our Hosted JS library to replace the card number input field with a CyberSource ‘microform’ iframe. This microform can be styled to look and behave like a regular input field on your site, using CSS and event listeners. +### Microform Sample -For native application or IoT integrations, use the API integration. Encrypt the card number using the public key, and send as an unauthenticated request from your customer's device directly to CyberSource. +This sample demonstrates how you can replace the sensitive data fields (credit card number) on your checkout form with a field (Flex Microform) hosted entirely on CyberSource servers. This field will accept and tokenize the customer's credit card information directly from their browser on a resource hosted by CyberSource, replacing that data with a secure PCI-compliant token. This can then be sent to your server along with the other non-PCI order data. This can help achieve PCI-DSS SAQ A level compliance for your application as even your client-side code does not contain a mechanism to handle the credit card information. -The resulting token can be verified server side using the public key. Our [Java SDK](https://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22com.cybersource%22%20AND%20a%3A%22flex-server-sdk%22) can be used to perform this function. +## Using the Flex Payment Token +You can use the token generated to make a payment with the CyberSource REST API (https://developer.cybersource.com/api/reference/api-reference.html). -### Examples +Place the token in the CustomerId field: -These repositories consist of sample web implementations in [Java](https://github.com/CyberSource/cybersource-flex-samples/blob/master/java), using [Spring Boot](https://github.com/CyberSource/cybersource-flex-samples/tree/master/java8/flex-sdk-spring-boot) (Flex API) and [JSP](https://github.com/CyberSource/cybersource-flex-samples/tree/master/java8/jsp-microform) (Hosted). The SDK supports Java 7 and 8, for earlier versions see the "nosdk" examples. Further examples in other languages will be added in future. +```json +{ + "clientReferenceInformation": { + "code": "TC50171_3" + }, + "processingInformation": { + "commerceIndicator": "internet" + }, + "paymentInformation": { + "customer": { + "customerId": "7500BB199B4270EFE05340588D0AFCAD" + } + }, + "orderInformation": { + "amountDetails": { + "totalAmount": "22", + "currency": "USD" + }, + "billTo": { + "firstName": "John", + "lastName": "Doe" + } + } +} -The examples consist of a basic server that requests the keys and serves a front end that collects, encrypts and transmits the card data directly to CyberSource. Please ensure you read [our license](https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md) prior to making use of the provided code. +``` diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..3c44434 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,32 @@ +version: '2' +services: + web: + image: tomcat + ports: + - "8080:8080" + volumes: + - ./jsp-microform/target/jsp-microform-1.0.war:/usr/local/tomcat/webapps/microform.war + - ./jsp-microform/target/jsp-microform-1.0:/usr/local/tomcat/webapps/microform + - ./jsp-flexjs/target/jsp-flexjs-1.0.war:/usr/local/tomcat/webapps/flexjs.war + - ./jsp-flexjs/target/jsp-flexjs-1.0:/usr/local/tomcat/webapps/flexjs + + jsp-flexjs-build: + image: maven + volumes: + - ./jsp-flexjs/:/project + - m2repo:/root/.m2 + working_dir: /project + entrypoint: mvn + command: clean package + + jsp-microform-build: + image: maven + volumes: + - ./jsp-microform/:/project + - m2repo:/root/.m2 + working_dir: /project + entrypoint: mvn + command: clean package + +volumes: + m2repo: diff --git a/java8/README.md b/java8/README.md deleted file mode 100644 index 8cae02a..0000000 --- a/java8/README.md +++ /dev/null @@ -1,10 +0,0 @@ -# Java 8 - -## Contents - -| Folder | Description | -|------------------------|---------------------------------------------------| -| `flex-sdk-spring-boot` | Spring Boot example using CyberSource SDKs. | -| `jsp-microform` | JSP (Tomcat) example using hosted Flex microform. | -| `spring-boot` | Custom Spring Boot integration with Flex API. | - diff --git a/java8/flex-sdk-spring-boot/.gitignore b/java8/flex-sdk-spring-boot/.gitignore deleted file mode 100644 index ad08727..0000000 --- a/java8/flex-sdk-spring-boot/.gitignore +++ /dev/null @@ -1,42 +0,0 @@ -# Covers all spring-boot ignore files -# Reference: https://github.com/spring-projects/spring-boot/blob/master/.gitignore - -.gradle -*.sw? -.#* -*# -*~ -/build -/code -.classpath -.project -.settings -.metadata -.factorypath -.recommenders -bin -build -lib/ -target -.factorypath -.springBeans -interpolated*.xml -dependency-reduced-pom.xml -build.log -_site/ -.*.md.html -manifest.yml -MANIFEST.MF -settings.xml -activemq-data -overridedb.* -*.iml -*.ipr -*.iws -.idea -*.jar -.DS_Store -.factorypath -dump.rdb - -nbactions.xml diff --git a/java8/flex-sdk-spring-boot/README.md b/java8/flex-sdk-spring-boot/README.md deleted file mode 100644 index 6abc5cd..0000000 --- a/java8/flex-sdk-spring-boot/README.md +++ /dev/null @@ -1,45 +0,0 @@ -# Flex Java Example - -A minimalist java/spring-boot example integration using Flex-API tokenization. - -## Prerequisites - -- [Java 8](http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html) -- [JCE unlimited policy files](http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html) -- [Maven](https://maven.apache.org/install.html) - -## Setup Instructions - -1. Modify `./src/main/resources/application.properties` with the credentials created through [VISA Developer Portal](https://developer.visa.com/). - - ```properties - vdp.api-key=_YOUR_APPLICATION_SPECIFIC_API_KEY_ - vdp.shared-secret=_YOUR_APPLICATION_SPECIFIC_SHARED_SECRET_ - ``` - -2. Build and run the application using maven - ```bash - mvn clean spring-boot:run - ``` - This will serve the application from [https://localhost:8443](https://localhost:8443). - -## Tips - -- If you are having issues, checkout the full [FLEX documentation](https://developer.visa.com/products/cybersource/reference#cybersource__cybersource_flex_api). - -- To change the port the application is served on, update `server.port=8443` in `application.properties`, replacing `8443` with your desired port number. - -- If the application throws `java.security.InvalidKeyException: Illegal key size` you have probably not installed the [JCE unlimited policy files](http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html). - -## Browser Support - -- Chrome 37+ -- Firefox 34+ -- Edge 12+ -- Opera 24+ - -*NB: IE11 and Safari support could be achieved through the use of polyfills for promises and Web Crypto API such as [webcrypto-shim](https://github.com/vibornoff/webcrypto-shim) and [promiz](https://github.com/Zolmeister/promiz). However, these are not included in the examples.* - -## Disclaimer - -This respository is provided as a learning aid for merchants wishing to integrate with the Flex API. The code samples are not production ready and are intended for illustrative purposes only. As such, any use of these code samples in a production setting is strongly discouraged. Any usage of these code samples must comply with the license agreement as defined in `LICENSE.md` at the root level of this repository. \ No newline at end of file diff --git a/java8/flex-sdk-spring-boot/pom.xml b/java8/flex-sdk-spring-boot/pom.xml deleted file mode 100644 index 92d1cc6..0000000 --- a/java8/flex-sdk-spring-boot/pom.xml +++ /dev/null @@ -1,66 +0,0 @@ - - - - 4.0.0 - - com.cybersource.flex.application - spring-boot - 1.0-BETA - jar - - Flex-API Spring-Boot Demo - A mocked merchant checkout and payment pages using Flex-API tokenization - https://github.com/CyberSource/cybersource-flex-samples/spring-boot - - - org.springframework.boot - spring-boot-starter-parent - 1.2.5.RELEASE - - - - - UTF-8 - 1.8 - - - - - - org.springframework.boot - spring-boot-maven-plugin - - - - - - - - org.springframework.boot - spring-boot-starter - - - org.springframework.boot - spring-boot-starter-thymeleaf - - - org.springframework.boot - spring-boot-starter-web - - - - - com.cybersource - flex-server-sdk - 0.1.1 - - - - - org.webjars.npm - cybersource__flex-sdk-web - 0.1.2 - - - diff --git a/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/CheckoutController.java b/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/CheckoutController.java deleted file mode 100644 index e18d6e0..0000000 --- a/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/CheckoutController.java +++ /dev/null @@ -1,83 +0,0 @@ -/** - * Copyright (c) 2017 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.application; - -import com.cybersource.flex.sdk.FlexService; -import com.cybersource.flex.sdk.exception.FlexException; -import com.cybersource.flex.sdk.model.FlexPublicKey; -import java.util.HashMap; -import java.util.Map; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RequestParam; - -@Controller -public class CheckoutController { - - @Autowired - private FlexService flexService; - - @ModelAttribute - public void setFramingResponseHeader(HttpServletResponse response) { - response.setHeader("X-Frame-Options", "DENY"); - } - - @RequestMapping("/") - String redirect(final HttpSession session) { - session.invalidate(); - return "redirect:checkout"; - } - - @RequestMapping("/checkout") - String checkout(final HttpSession session, final Model model) throws FlexException { - // retrieve one time use public RSA key from Flex to facilitate PAN encryption - final FlexPublicKey key = flexService.createKey(); - session.setAttribute("flexPublicKey", key); - - // Add JSON Web Keystore to the view model and return rendered "checkout" page - model.addAttribute("jwk", key.getJwk()); - return "checkout"; - } - - @RequestMapping(value = "/receipt", method = RequestMethod.POST) - String receipt(@RequestParam Map postParams, final HttpSession session, final Model model) throws FlexException { - postParams = validateUntrustedParameters(postParams); - - // Read in the public key to be used and remove it from the session - final FlexPublicKey key = (FlexPublicKey) session.getAttribute("flexPublicKey"); - session.removeAttribute("flexPublicKey"); // no longer needed - - // verify the token signiture using SDK - postParams.put("verifyResult", flexService.verify(key, postParams)); - - /** - * - * The payment may now be completed using the received & validated - * token. - * - * For demonstration purposes, all post parameters are added to the view - * model to display data received from cardholder's browser. - */ - model.addAttribute("postParams", postParams); - return "receipt"; - } - - private Map validateUntrustedParameters(Map parameters) { - Map retVal = new HashMap<>(); - // Each parameter must undergo proper validation / sanitization. - // The type of validation to be implemented will vary between individual - // Flex API integrations. It is merchant's responsibility to implement adequate - // parameter validation for production deployments. - parameters.forEach((k, v) -> retVal.put(k, v)); - return retVal; - } - -} diff --git a/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/EntryPoint.java b/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/EntryPoint.java deleted file mode 100644 index 6d89c23..0000000 --- a/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/EntryPoint.java +++ /dev/null @@ -1,17 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.application; - -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.SpringBootApplication; - -@SpringBootApplication -public class EntryPoint { - - public static void main(String... args) throws Exception { - SpringApplication.run(EntryPoint.class, args); - } - -} diff --git a/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/FlexConfigurationCGK.java b/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/FlexConfigurationCGK.java deleted file mode 100644 index 5038159..0000000 --- a/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/FlexConfigurationCGK.java +++ /dev/null @@ -1,35 +0,0 @@ -/** - * Copyright (c) 2017 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.application; - -import com.cybersource.flex.sdk.FlexService; -import com.cybersource.flex.sdk.FlexServiceFactory; -import com.cybersource.flex.sdk.authentication.CGKCredentials; -import com.cybersource.flex.sdk.exception.FlexException; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -@Configuration -public class FlexConfigurationCGK { - - @Value("${cgk.mid}") - private String mid; - @Value("${cgk.keyId}") - private String keyId; - @Value("${cgk.shared-secret}") - private char[] sharedSecret; - - @Bean - public FlexService flexService() { - try { - CGKCredentials cgkCredentials = new CGKCredentials(CGKCredentials.Environment.CAS, mid, keyId, sharedSecret); - return FlexServiceFactory.createInstance(cgkCredentials); - } catch (FlexException flexException) { - throw new RuntimeException("Error when configuring Flex Server SDK", flexException); - } - } - -} diff --git a/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/FlexConfigurationVDP.java b/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/FlexConfigurationVDP.java deleted file mode 100644 index ffaf8a5..0000000 --- a/java8/flex-sdk-spring-boot/src/main/java/com/cybersource/flex/application/FlexConfigurationVDP.java +++ /dev/null @@ -1,33 +0,0 @@ -/** - * Copyright (c) 2017 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.application; - -import com.cybersource.flex.sdk.FlexService; -import com.cybersource.flex.sdk.FlexServiceFactory; -import com.cybersource.flex.sdk.authentication.VDPCredentials; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -/** - * Please uncomment Configuration annotation below to enable Visa Developer - * Platform. You must also comment out Configuration annotation in corresponding - * FlexConfigurationVDP.java to disable CGK. - */ -//@Configuration -public class FlexConfigurationVDP { - - @Value("${vdp.api-key}") - private String apiKey; - @Value("${vdp.shared-secret}") - private char[] sharedSecret; - - @Bean - public FlexService flexService() { - VDPCredentials vdpCredentials = new VDPCredentials(VDPCredentials.Environment.SANDBOX, apiKey, sharedSecret); - return FlexServiceFactory.createInstance(vdpCredentials); - } - -} diff --git a/java8/flex-sdk-spring-boot/src/main/resources/.gitignore b/java8/flex-sdk-spring-boot/src/main/resources/.gitignore deleted file mode 100644 index edd25bc..0000000 --- a/java8/flex-sdk-spring-boot/src/main/resources/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.p12 diff --git a/java8/flex-sdk-spring-boot/src/main/resources/README.md b/java8/flex-sdk-spring-boot/src/main/resources/README.md deleted file mode 100644 index a814e01..0000000 --- a/java8/flex-sdk-spring-boot/src/main/resources/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# Folder contents - -| Folder / Filename | Purpose | -|------------------------|----------------| -| /public | Assets placed here are served publicly from the root of the webserver. In our example this contains all the scripts and css used. | -| /templates | All [Thymeleaf templates](http://www.thymeleaf.org/) used by the application in rendering html pages. | -| application.properties | The Spring-Boot application configuration. In our example this is used to enable HTTPS via embedded Tomcat as the WebCryptoAPI requires pages to be served via secure protocol only. Additionally, this is where all merchant credentials and configuration is stored (as per setup instructions step 1). | -| embedded-tomcat.jks | Self signed X.509 certificate keystore generated with keytool command. This certificate is used to mock “merchant site” being served over HTTPS. In a real production environment the SSL certificate should not be part of source code and would typically be provisioned directly to production servers. | -| .gitignore | Prevents any accidental commit of p12 keystore to the git repository. | \ No newline at end of file diff --git a/java8/flex-sdk-spring-boot/src/main/resources/application.properties b/java8/flex-sdk-spring-boot/src/main/resources/application.properties deleted file mode 100644 index 200bee7..0000000 --- a/java8/flex-sdk-spring-boot/src/main/resources/application.properties +++ /dev/null @@ -1,26 +0,0 @@ -# Cybersource GateKeeper credentials - https://developer.cybersource.com/ -# -# This property file is for demonstartion purposes only. -# You MUST take proper precautions to protect your credentials, such as -# NEVER storing your credentials unencrypted with application code. -# -cgk.mid=_YOUR_MID_ -cgk.keyId=_YOUR_HMAC_KEY_ID_ -cgk.shared-secret=_YOUR_SHARED_SECRET_ - -# VISA Developer Platform credentials - https://developer.visa.com/ -# To use the VDP you need to disable CGK properties above and edit FlexConfigurationVDP.java -#vdp.api-key=_YOUR_APPLICATION_SPECIFIC_API_KEY_ -#vdp.shared-secret=_YOUR_APPLICATION_SPECIFIC_SHARED_SECRET_ - -# Embedded Tomcat configuration properties -# -# The properties below enable HTTPS on TCP port 8443. -server.port=8443 -# Please note that this example uses self-signed X.509 certificate with CN=localhost. -# Keystore and private key passwords provided below are not encrypted. -# While it is acceptable for demonstration and example purposes, -# it must not be treated as production grade configuration. -server.ssl.key-store=classpath:embedded-tomcat.jks -server.ssl.key-store-password=changeit -server.ssl.key-password=changeit \ No newline at end of file diff --git a/java8/flex-sdk-spring-boot/src/main/resources/embedded-tomcat.jks b/java8/flex-sdk-spring-boot/src/main/resources/embedded-tomcat.jks deleted file mode 100644 index 72b0a31..0000000 Binary files a/java8/flex-sdk-spring-boot/src/main/resources/embedded-tomcat.jks and /dev/null differ diff --git a/java8/flex-sdk-spring-boot/src/main/resources/templates/receipt.html b/java8/flex-sdk-spring-boot/src/main/resources/templates/receipt.html deleted file mode 100644 index 2a3a891..0000000 --- a/java8/flex-sdk-spring-boot/src/main/resources/templates/receipt.html +++ /dev/null @@ -1,46 +0,0 @@ - - - - - - - - Receipt - - - - - -
-
-
- Receipt - - Repeat checkout process - -
-
-
-

This is what was posted to the merchant servers.

-

Note the masked PAN and payment token. These can be used to process a transaction with out directly handling the PAN data.

-
- - - - - - - - - - - - - - -
ParamValue
-
-
-
- - \ No newline at end of file diff --git a/java8/jsp-microform-nosdk/src/main/java/com/cybersource/example/FlexKeyProvider.java b/java8/jsp-microform-nosdk/src/main/java/com/cybersource/example/FlexKeyProvider.java deleted file mode 100644 index c6fca9e..0000000 --- a/java8/jsp-microform-nosdk/src/main/java/com/cybersource/example/FlexKeyProvider.java +++ /dev/null @@ -1,184 +0,0 @@ -/** - * Copyright (c) 2017 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.example; - -import java.io.BufferedReader; -import javax.servlet.http.HttpSession; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.OutputStreamWriter; -import java.net.HttpURLConnection; -import java.net.URL; -import java.nio.charset.StandardCharsets; -import java.security.KeyFactory; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.PublicKey; -import java.security.Signature; -import java.security.spec.X509EncodedKeySpec; -import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.LinkedHashMap; -import java.util.Locale; -import java.util.Map; -import java.util.TimeZone; -import javax.crypto.Mac; -import javax.crypto.spec.SecretKeySpec; -import org.apache.commons.codec.binary.Base64; -import org.json.JSONObject; - -public class FlexKeyProvider { - - private static final String HOST = "testflex.cybersource.com"; - private final MerchantCredentials merchantCredentials; - - FlexKeyProvider(InputStream resource) { - try { - merchantCredentials = new MerchantCredentials(resource); - } catch (IOException e) { - throw new RuntimeException(e); - } - } - - public String bindFlexKeyToSession(HttpSession session) { - try { - final JSONObject request = new JSONObject(); - request.put("encryptionType", "RsaOaep256"); - request.put("targetOrigin", "http://localhost:8080"); // the origin of web page that renders flex microform iframe. - final String body = request.toString(); - final String date = getServerTime(); - - final Map signedHeaders = new LinkedHashMap(); - signedHeaders.put("host", HOST); - signedHeaders.put("date", date); - signedHeaders.put("(request-target)", "post /flex/v1/keys"); - signedHeaders.put("digest", getDigest(body)); - signedHeaders.put("v-c-merchant-id", merchantCredentials.getMerchantId()); - - final String signature = generateSignature(signedHeaders, merchantCredentials.getKeyId(), merchantCredentials.getSharedSecret()); - signedHeaders.put("signature", signature); - signedHeaders.remove("(request-target)"); - - String response = post(signedHeaders, body); - JSONObject flexPublicKey = new JSONObject(response); - session.setAttribute("flexPublicKey", flexPublicKey); - - return flexPublicKey.getJSONObject("jwk").toString(); - } catch (IOException ioe) { - throw new RuntimeException("Error receiving Flex public key", ioe); - } - - } - - public boolean verifyTokenResponse(HttpSession session, String flexResponse) { - try { - JSONObject flexPublicKey = (JSONObject) session.getAttribute("flexPublicKey"); - byte[] keyBytes = Base64.decodeBase64(flexPublicKey.getJSONObject("der").getString("publicKey")); - PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(keyBytes)); - - JSONObject token = new JSONObject(flexResponse); - - String[] signedFieldKeys = token.getString("signedFields").split(","); - StringBuilder signedValues = new StringBuilder(); - for (String key : signedFieldKeys) { - signedValues.append(",").append(token.get(key).toString()); - } - signedValues.deleteCharAt(0); - - final Signature signInstance = Signature.getInstance("SHA512withRSA"); - signInstance.initVerify(publicKey); - signInstance.update(signedValues.toString().getBytes()); - return signInstance.verify(Base64.decodeBase64(token.getString("signature"))); - } catch (Exception e) { - return false; - } - } - - private static String getServerTime() { - Calendar calendar = Calendar.getInstance(); - SimpleDateFormat dateFormat = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss z", Locale.US); - dateFormat.setTimeZone(TimeZone.getTimeZone("GMT")); - return dateFormat.format(calendar.getTime()); - } - - private static String getDigest(String body) { - try { - final MessageDigest digester = MessageDigest.getInstance("SHA-256"); - final byte[] digest = digester.digest(body.getBytes(StandardCharsets.UTF_8)); - return String.format("SHA-256=%s", Base64.encodeBase64String(digest)); - } catch (NoSuchAlgorithmException nsae) { - throw new IllegalStateException(nsae); // never thrown unless SHA-256 is not provided. - } - } - - public static String generateSignature(Map headers, final String keyId, final byte[] sharedSecret) { - try { - final Mac sha256HMAC = Mac.getInstance("HmacSHA256"); - final SecretKeySpec secretKey = new SecretKeySpec(Base64.decodeBase64(sharedSecret), "HmacSHA256"); - sha256HMAC.init(secretKey); - - final StringBuilder signatureString = new StringBuilder(); - final StringBuilder headersString = new StringBuilder(); - - for (Map.Entry e : headers.entrySet()) { - signatureString.append('\n').append(e.getKey()).append(": ").append(e.getValue()); - headersString.append(' ').append(e.getKey()); - } - signatureString.delete(0, 1); - headersString.delete(0, 1); - - final StringBuilder signature = new StringBuilder(); - sha256HMAC.update(signatureString.toString().getBytes(StandardCharsets.UTF_8)); - final byte[] hashBytes = sha256HMAC.doFinal(); - - signature.append("keyid=\"").append(keyId).append("\", ") - .append("algorithm=\"HmacSHA256\", ") - .append("headers=\"").append(headersString).append("\", ") - .append("signature=\"").append(Base64.encodeBase64String(hashBytes)).append('\"'); - - return signature.toString(); - } catch (Exception e) { - throw new RuntimeException(e); - } - } - - public static String post(Map headers, String payload) throws IOException { - HttpURLConnection connection = (HttpURLConnection) new URL("https://testflex.cybersource.com/flex/v1/keys").openConnection(); - connection.setRequestMethod("POST"); - connection.setDoOutput(true); - connection.setConnectTimeout(5000); - connection.setReadTimeout(5000); - - // HEADERS - connection.setRequestProperty("Accept", "application/json; charset=utf-8"); - connection.setRequestProperty("Content-Type", "application/json; charset=utf-8"); - connection.setRequestProperty("User-Agent", "URLConnection Java JSP GitHub Example"); - for (Map.Entry header : headers.entrySet()) { - connection.setRequestProperty(header.getKey(), header.getValue()); - } - - OutputStreamWriter out = new OutputStreamWriter(connection.getOutputStream(), StandardCharsets.UTF_8); - try { - out.write(payload); - } finally { - out.close(); - } - - StringBuilder result = new StringBuilder(); - BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream(), StandardCharsets.UTF_8)); - try { - final char[] buffer = new char[4096]; - int bytesRead; - - while ((bytesRead = reader.read(buffer)) != -1) { - result.append(buffer, 0, bytesRead); - } - } finally { - reader.close(); - } - return result.toString(); - } -} diff --git a/java8/jsp-microform-nosdk/src/main/java/com/cybersource/example/FlexServletContextListener.java b/java8/jsp-microform-nosdk/src/main/java/com/cybersource/example/FlexServletContextListener.java deleted file mode 100644 index b93f10d..0000000 --- a/java8/jsp-microform-nosdk/src/main/java/com/cybersource/example/FlexServletContextListener.java +++ /dev/null @@ -1,24 +0,0 @@ -/** - * Copyright (c) 2017 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.example; - -import java.io.InputStream; -import javax.servlet.ServletContextEvent; -import javax.servlet.ServletContextListener; -import javax.servlet.annotation.WebListener; - -@WebListener -public class FlexServletContextListener implements ServletContextListener { - - public void contextInitialized(ServletContextEvent sce) { - InputStream merchantConf = sce.getServletContext().getResourceAsStream("/WEB-INF/credentials.properties"); - FlexKeyProvider fkp = new FlexKeyProvider(merchantConf); - sce.getServletContext().setAttribute(FlexKeyProvider.class.getName(), fkp); - } - - public void contextDestroyed(ServletContextEvent sce) { - } - -} diff --git a/java8/jsp-microform-nosdk/src/main/webapp/WEB-INF/credentials.properties b/java8/jsp-microform-nosdk/src/main/webapp/WEB-INF/credentials.properties deleted file mode 100644 index 1f3ca39..0000000 --- a/java8/jsp-microform-nosdk/src/main/webapp/WEB-INF/credentials.properties +++ /dev/null @@ -1,4 +0,0 @@ -merchantId=YOUR MERCHANT ID -keyId=YOUR KEY ID -sharedSecret=YOUR SHARED SECRET - diff --git a/java8/jsp-microform/src/main/webapp/WEB-INF/credentials.properties b/java8/jsp-microform/src/main/webapp/WEB-INF/credentials.properties deleted file mode 100644 index d59c0a0..0000000 --- a/java8/jsp-microform/src/main/webapp/WEB-INF/credentials.properties +++ /dev/null @@ -1,3 +0,0 @@ -merchantId=YOUR MERCHANT ID -keyId=YOUR KEY ID -sharedSecret=YOUR SHARED SECRET \ No newline at end of file diff --git a/java8/spring-boot/.gitignore b/java8/spring-boot/.gitignore deleted file mode 100644 index ad08727..0000000 --- a/java8/spring-boot/.gitignore +++ /dev/null @@ -1,42 +0,0 @@ -# Covers all spring-boot ignore files -# Reference: https://github.com/spring-projects/spring-boot/blob/master/.gitignore - -.gradle -*.sw? -.#* -*# -*~ -/build -/code -.classpath -.project -.settings -.metadata -.factorypath -.recommenders -bin -build -lib/ -target -.factorypath -.springBeans -interpolated*.xml -dependency-reduced-pom.xml -build.log -_site/ -.*.md.html -manifest.yml -MANIFEST.MF -settings.xml -activemq-data -overridedb.* -*.iml -*.ipr -*.iws -.idea -*.jar -.DS_Store -.factorypath -dump.rdb - -nbactions.xml diff --git a/java8/spring-boot/README.md b/java8/spring-boot/README.md deleted file mode 100644 index 6abc5cd..0000000 --- a/java8/spring-boot/README.md +++ /dev/null @@ -1,45 +0,0 @@ -# Flex Java Example - -A minimalist java/spring-boot example integration using Flex-API tokenization. - -## Prerequisites - -- [Java 8](http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html) -- [JCE unlimited policy files](http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html) -- [Maven](https://maven.apache.org/install.html) - -## Setup Instructions - -1. Modify `./src/main/resources/application.properties` with the credentials created through [VISA Developer Portal](https://developer.visa.com/). - - ```properties - vdp.api-key=_YOUR_APPLICATION_SPECIFIC_API_KEY_ - vdp.shared-secret=_YOUR_APPLICATION_SPECIFIC_SHARED_SECRET_ - ``` - -2. Build and run the application using maven - ```bash - mvn clean spring-boot:run - ``` - This will serve the application from [https://localhost:8443](https://localhost:8443). - -## Tips - -- If you are having issues, checkout the full [FLEX documentation](https://developer.visa.com/products/cybersource/reference#cybersource__cybersource_flex_api). - -- To change the port the application is served on, update `server.port=8443` in `application.properties`, replacing `8443` with your desired port number. - -- If the application throws `java.security.InvalidKeyException: Illegal key size` you have probably not installed the [JCE unlimited policy files](http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html). - -## Browser Support - -- Chrome 37+ -- Firefox 34+ -- Edge 12+ -- Opera 24+ - -*NB: IE11 and Safari support could be achieved through the use of polyfills for promises and Web Crypto API such as [webcrypto-shim](https://github.com/vibornoff/webcrypto-shim) and [promiz](https://github.com/Zolmeister/promiz). However, these are not included in the examples.* - -## Disclaimer - -This respository is provided as a learning aid for merchants wishing to integrate with the Flex API. The code samples are not production ready and are intended for illustrative purposes only. As such, any use of these code samples in a production setting is strongly discouraged. Any usage of these code samples must comply with the license agreement as defined in `LICENSE.md` at the root level of this repository. \ No newline at end of file diff --git a/java8/spring-boot/pom.xml b/java8/spring-boot/pom.xml deleted file mode 100644 index a82187e..0000000 --- a/java8/spring-boot/pom.xml +++ /dev/null @@ -1,52 +0,0 @@ - - - - 4.0.0 - - com.cybersource.flex.application - spring-boot - 1.0-BETA - jar - - Flex-API Spring-Boot Demo - A mocked merchant checkout and payment pages using Flex-API tokenization - https://github.com/CyberSource/cybersource-flex-samples/spring-boot - - - org.springframework.boot - spring-boot-starter-parent - 1.2.5.RELEASE - - - - - UTF-8 - 1.8 - - - - - - org.springframework.boot - spring-boot-maven-plugin - - - - - - - - org.springframework.boot - spring-boot-starter - - - org.springframework.boot - spring-boot-starter-thymeleaf - - - org.springframework.boot - spring-boot-starter-web - - - \ No newline at end of file diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/application/CheckoutController.java b/java8/spring-boot/src/main/java/com/cybersource/flex/application/CheckoutController.java deleted file mode 100644 index 6b91b92..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/application/CheckoutController.java +++ /dev/null @@ -1,117 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.application; - -import com.cybersource.flex.models.KeyParameters; -import com.cybersource.flex.models.KeyParametersMessageConverter; -import com.cybersource.flex.models.KeyResult; -import com.cybersource.flex.vdp.VDPEnpoints; -import java.security.PublicKey; -import java.util.HashMap; -import java.util.Map; -import javax.annotation.PostConstruct; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.client.RestTemplate; - -@Controller -public class CheckoutController { - - @Value("${vdp.api-key}") - private String apiKey; - @Value("${vdp.shared-secret}") - private String sharedSecret; - - private final FlexSecurityService flexSecurityService; - private final RestTemplate restTemplate = new RestTemplate(); - - @Autowired - public CheckoutController(final FlexSecurityService flexSecurityService) { - this.flexSecurityService = flexSecurityService; - } - - @PostConstruct - private void postConstruct() { - restTemplate.getMessageConverters().add(0, new KeyParametersMessageConverter(apiKey, sharedSecret)); - } - - @ModelAttribute - public void setFramingResponseHeader(HttpServletResponse response) { - response.setHeader("X-Frame-Options", "DENY"); - } - - @RequestMapping("/") - String redirect(final HttpSession session) { - session.invalidate(); - return "redirect:checkout"; - } - - @RequestMapping("/checkout") - String checkout(final HttpSession session, final Model model) { - // retrieve one time use public RSA key from Flex to facilitate PAN encryption - final KeyParameters keyParameters = new KeyParameters(); - KeyResult key = restTemplate.postForObject(VDPEnpoints.Sandbox.keysUrl(apiKey), keyParameters, KeyResult.class); - - // parse Flex public key in DER format and store it in session for future use (i.e. to verify token signature) - PublicKey flexPublicKey = flexSecurityService.decodePublicKey(key.getDer().getPublicKey()); - session.setAttribute("flexPublicKey", flexPublicKey); - - // Add JSON Web Keystore to the view model and return rendered "checkout" page - model.addAttribute("jwk", key.getJwk()); - return "checkout"; - } - - @RequestMapping(value = "/receipt", method = RequestMethod.POST) - String receipt(@RequestParam Map postParams, final HttpSession session, final Model model) { - postParams = validateUntrustedParameters(postParams); - - // Read in the public key to use and remove it from the session - PublicKey flexPublicKey = (PublicKey) session.getAttribute("flexPublicKey"); - session.removeAttribute("flexPublicKey"); // no longer needed - - // verify Flex signature passed as POST parameter - String signedFields = (String) postParams.get("flex_signedFields"); - StringBuilder sb = new StringBuilder(); - for (String k : signedFields.split(",")) { - sb.append(','); - sb.append(postParams.get("flex_" + k)); - } - final String signedValues = sb.substring(1); - final String signature = (String) postParams.get("flex_signature"); - if (!flexSecurityService.verify(flexPublicKey, signedValues, signature)) { - throw new RuntimeException("The signature is not valid"); - } - - /** - * - * The payment may now be completed using the received & validated - * token. - * - * For demonstration purposes, all post parameters are added to the view - * model to display data received from cardholder's browser. - */ - model.addAttribute("postParams", postParams); - return "receipt"; - } - - private Map validateUntrustedParameters(Map parameters) { - Map retVal = new HashMap<>(); - // Each parameter must undergo proper validation / sanitization. - // The type of validation to be implemented will vary between individual - // Flex API integrations. It is merchant's responsibility to implement adequate - // parameter validation for production deployments. - parameters.forEach((k, v) -> retVal.put(k, v)); - return retVal; - } - -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/application/EntryPoint.java b/java8/spring-boot/src/main/java/com/cybersource/flex/application/EntryPoint.java deleted file mode 100644 index 6d89c23..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/application/EntryPoint.java +++ /dev/null @@ -1,17 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.application; - -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.SpringBootApplication; - -@SpringBootApplication -public class EntryPoint { - - public static void main(String... args) throws Exception { - SpringApplication.run(EntryPoint.class, args); - } - -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/application/FlexSecurityService.java b/java8/spring-boot/src/main/java/com/cybersource/flex/application/FlexSecurityService.java deleted file mode 100644 index 266c5ac..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/application/FlexSecurityService.java +++ /dev/null @@ -1,45 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.application; - -import java.security.InvalidKeyException; -import java.security.KeyFactory; -import java.security.NoSuchAlgorithmException; -import java.security.PublicKey; -import java.security.Signature; -import java.security.SignatureException; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.X509EncodedKeySpec; -import java.util.Base64; -import org.springframework.stereotype.Service; - -@Service -public class FlexSecurityService { - - private static final Base64.Decoder DECODER = Base64.getDecoder(); - - public PublicKey decodePublicKey(String derEncodedKey) { - try { - byte[] keyBytes = DECODER.decode(derEncodedKey); - PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(keyBytes)); - return publicKey; - } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { - throw new RuntimeException(e); - } - } - - public boolean verify(final PublicKey publicKey, final String dataToVerify, final String base64Signature) { - try { - final Signature signInstance = Signature.getInstance("SHA512withRSA"); - signInstance.initVerify(publicKey); - signInstance.update(dataToVerify.getBytes()); - byte[] signature = DECODER.decode(base64Signature); - return signInstance.verify(signature); - } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException ex) { - throw new RuntimeException(ex); - } - } - -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/models/DerPublicKey.java b/java8/spring-boot/src/main/java/com/cybersource/flex/models/DerPublicKey.java deleted file mode 100644 index ad79780..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/models/DerPublicKey.java +++ /dev/null @@ -1,37 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.models; - -public class DerPublicKey { - - private String format; - private String algorithm; - private String publicKey; - - public String getFormat() { - return format; - } - - public void setFormat(String format) { - this.format = format; - } - - public String getAlgorithm() { - return algorithm; - } - - public void setAlgorithm(String algorithm) { - this.algorithm = algorithm; - } - - public String getPublicKey() { - return publicKey; - } - - public void setPublicKey(String publicKey) { - this.publicKey = publicKey; - } - -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/models/JsonWebKey.java b/java8/spring-boot/src/main/java/com/cybersource/flex/models/JsonWebKey.java deleted file mode 100644 index ab87b2d..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/models/JsonWebKey.java +++ /dev/null @@ -1,74 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.models; - -/** - * This class conforms to the JSON Web Key (JWK) format as defined here: - * https://tools.ietf.org/html/rfc7517#section-4 It's purpose is to allow us to - * easily serialize out a JWK for client-side use by the WebCryptoApi. - */ -public class JsonWebKey { - - /** - * Key Type - */ - private String kty; - /** - * Public Key Use - */ - private String use; - /** - * Key ID - */ - private String kid; - /** - * Modulus - */ - private String n; - /** - * Exponent - */ - private String e; - - public String getKty() { - return kty; - } - - public void setKty(String keyType) { - this.kty = keyType; - } - - public String getUse() { - return use; - } - - public void setUse(String keyUse) { - this.use = keyUse; - } - - public String getKid() { - return kid; - } - - public void setKid(String keyId) { - this.kid = keyId; - } - - public String getN() { - return n; - } - - public void setN(String modulus) { - this.n = modulus; - } - - public String getE() { - return e; - } - - public void setE(String exponent) { - this.e = exponent; - } -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/models/KeyParameters.java b/java8/spring-boot/src/main/java/com/cybersource/flex/models/KeyParameters.java deleted file mode 100644 index 70d3d70..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/models/KeyParameters.java +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.models; - -import java.io.Serializable; - -public class KeyParameters implements Serializable { - - private String encryptionType = "RsaOaep256"; - - public String getEncryptionType() { - return encryptionType; - } - - public void setEncryptionType(String encryptionType) { - this.encryptionType = encryptionType; - } - - @Override - public String toString() { - return "{\"encryptionType\": \"" + encryptionType + "\"}"; - } - -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/models/KeyParametersMessageConverter.java b/java8/spring-boot/src/main/java/com/cybersource/flex/models/KeyParametersMessageConverter.java deleted file mode 100644 index 510728c..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/models/KeyParametersMessageConverter.java +++ /dev/null @@ -1,47 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.models; - -import com.cybersource.flex.vdp.VDPSignatureHelper; -import java.io.IOException; -import java.nio.charset.StandardCharsets; -import org.springframework.http.HttpInputMessage; -import org.springframework.http.HttpOutputMessage; -import org.springframework.http.MediaType; -import org.springframework.http.converter.AbstractHttpMessageConverter; -import org.springframework.http.converter.HttpMessageNotReadableException; -import org.springframework.http.converter.HttpMessageNotWritableException; - -public class KeyParametersMessageConverter extends AbstractHttpMessageConverter { - - private final String apiKey; - private final String sharedSecret; - - public KeyParametersMessageConverter(final String apiKey, final String sharedSecret) { - super(MediaType.APPLICATION_JSON); - this.apiKey = apiKey; - this.sharedSecret = sharedSecret; - } - - @Override - protected boolean supports(Class clazz) { - return KeyParameters.class.equals(clazz); - } - - @Override - protected KeyParameters readInternal(Class clazz, HttpInputMessage inputMessage) throws IOException, HttpMessageNotReadableException { - throw new UnsupportedOperationException("Not expected as response."); - } - - @Override - protected void writeInternal(KeyParameters keyParameters, HttpOutputMessage outputMessage) throws IOException, HttpMessageNotWritableException { - final String body = keyParameters.toString(); - final String xPayToken = VDPSignatureHelper.generateXpaytoken("payments/flex/v1/keys", "apikey=" + apiKey, body, sharedSecret); - - outputMessage.getHeaders().set(VDPSignatureHelper.HTTP_REQHDR_XPAYTOKEN, xPayToken); - outputMessage.getBody().write(body.getBytes(StandardCharsets.UTF_8)); - } - -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/models/KeyResult.java b/java8/spring-boot/src/main/java/com/cybersource/flex/models/KeyResult.java deleted file mode 100644 index 7e04c82..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/models/KeyResult.java +++ /dev/null @@ -1,37 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.models; - -public class KeyResult { - - private String keyId; - private DerPublicKey der; - private JsonWebKey jwk; - - public String getKeyId() { - return keyId; - } - - public void setKeyId(String keyId) { - this.keyId = keyId; - } - - public DerPublicKey getDer() { - return der; - } - - public void setDer(DerPublicKey derPublicKey) { - this.der = derPublicKey; - } - - public JsonWebKey getJwk() { - return jwk; - } - - public void setJwk(JsonWebKey jsonWebKey) { - this.jwk = jsonWebKey; - } - -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/vdp/VDPEnpoints.java b/java8/spring-boot/src/main/java/com/cybersource/flex/vdp/VDPEnpoints.java deleted file mode 100644 index af4b44f..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/vdp/VDPEnpoints.java +++ /dev/null @@ -1,31 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.vdp; - -public enum VDPEnpoints { - Sandbox("https://sandbox.api.visa.com/cybersource/payments/flex/v1/keys", "https://sandbox.webapi.visa.com/cybersource/payments/flex/v1/tokens"), - Production("https://api.visa.com/cybersource/payments/flex/v1/keys", "https://api.visa.com/cybersource/payments/flex/v1/tokens"); - - private final String keysEnpoint; - private final String tokensEnpoint; - - private VDPEnpoints(String keysEnpoint, String tokensEnpoint) { - this.keysEnpoint = keysEnpoint; - this.tokensEnpoint = tokensEnpoint; - } - - public String getKeysEnpoint() { - return keysEnpoint; - } - - public String getTokensEnpoint() { - return tokensEnpoint; - } - - public String keysUrl(final String apiKey) { - return String.format("%s?apikey=%s", keysEnpoint, apiKey); - } - -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/vdp/VDPSignatureException.java b/java8/spring-boot/src/main/java/com/cybersource/flex/vdp/VDPSignatureException.java deleted file mode 100644 index 60f1882..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/vdp/VDPSignatureException.java +++ /dev/null @@ -1,16 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.vdp; - -/** - * Runtime exception raised, when unable to properly sign VDP request. - */ -public final class VDPSignatureException extends RuntimeException { - - VDPSignatureException(final Throwable t) { - super(t); - } - -} diff --git a/java8/spring-boot/src/main/java/com/cybersource/flex/vdp/VDPSignatureHelper.java b/java8/spring-boot/src/main/java/com/cybersource/flex/vdp/VDPSignatureHelper.java deleted file mode 100644 index 3644ad0..0000000 --- a/java8/spring-boot/src/main/java/com/cybersource/flex/vdp/VDPSignatureHelper.java +++ /dev/null @@ -1,75 +0,0 @@ -/** - * Copyright (c) 2016 by CyberSource - * Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md - */ -package com.cybersource.flex.vdp; - -import java.math.BigInteger; -import java.nio.charset.StandardCharsets; -import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; -import javax.crypto.Mac; -import javax.crypto.spec.SecretKeySpec; - -/** - * VISA Developer Platform helper - */ -public final class VDPSignatureHelper { - - private VDPSignatureHelper() { - throw new IllegalStateException(); - } - - /** - * The name of HTTP header carrying the authentication token - */ - public static final String HTTP_REQHDR_XPAYTOKEN = "X-Pay-Token"; - - /** - * Hashing algorithm used for signing HTTP requests. - */ - private static final String HASH_ALG = "HmacSHA256"; - - /** - * Generic method to calculate HMAC signature for VDP endpoint. - * - * @param resource_path This is the API endpoint you would like to invoke - * after the context path. - * @param query_string The API key is a required query parameter. Query - * parameters should be in lexicographical order. - * @param request_body This is the API endpoint specific request body - * string. - * @param shared_secret The Shared Secret from the application details page. - * @return - * @throws VDPSignatureException - */ - public static String generateXpaytoken(final String resource_path, final String query_string, final String request_body, final String shared_secret) throws VDPSignatureException { - try { - final long timestamp = System.currentTimeMillis() / 1000L; - final Mac sha256HMAC = Mac.getInstance(HASH_ALG); - final SecretKeySpec secretKey = new SecretKeySpec(shared_secret.getBytes(StandardCharsets.UTF_8), HASH_ALG); - sha256HMAC.init(secretKey); - - sha256HMAC.update(Long.toString(timestamp).getBytes(StandardCharsets.UTF_8)); - sha256HMAC.update(resource_path.getBytes(StandardCharsets.UTF_8)); - sha256HMAC.update(query_string.getBytes(StandardCharsets.UTF_8)); - sha256HMAC.update(request_body.getBytes(StandardCharsets.UTF_8)); - - final byte[] hashByte = sha256HMAC.doFinal(); - return "xv2:" + timestamp + ":" + toHex(hashByte).toLowerCase(); - } catch (NoSuchAlgorithmException | InvalidKeyException | IllegalStateException e) { - throw new VDPSignatureException(e); - } - } - - /** - * Converts byte array to hex string representation. - * - * @param bytes byte array to be converted to hex string - * @return hex string representation of byte array - */ - private static String toHex(byte[] bytes) { - final BigInteger bi = new BigInteger(1, bytes); - return String.format("%0" + (bytes.length << 1) + "X", bi); - } -} diff --git a/java8/spring-boot/src/main/resources/.gitignore b/java8/spring-boot/src/main/resources/.gitignore deleted file mode 100644 index edd25bc..0000000 --- a/java8/spring-boot/src/main/resources/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.p12 diff --git a/java8/spring-boot/src/main/resources/README.md b/java8/spring-boot/src/main/resources/README.md deleted file mode 100644 index a814e01..0000000 --- a/java8/spring-boot/src/main/resources/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# Folder contents - -| Folder / Filename | Purpose | -|------------------------|----------------| -| /public | Assets placed here are served publicly from the root of the webserver. In our example this contains all the scripts and css used. | -| /templates | All [Thymeleaf templates](http://www.thymeleaf.org/) used by the application in rendering html pages. | -| application.properties | The Spring-Boot application configuration. In our example this is used to enable HTTPS via embedded Tomcat as the WebCryptoAPI requires pages to be served via secure protocol only. Additionally, this is where all merchant credentials and configuration is stored (as per setup instructions step 1). | -| embedded-tomcat.jks | Self signed X.509 certificate keystore generated with keytool command. This certificate is used to mock “merchant site” being served over HTTPS. In a real production environment the SSL certificate should not be part of source code and would typically be provisioned directly to production servers. | -| .gitignore | Prevents any accidental commit of p12 keystore to the git repository. | \ No newline at end of file diff --git a/java8/spring-boot/src/main/resources/application.properties b/java8/spring-boot/src/main/resources/application.properties deleted file mode 100644 index 5e951eb..0000000 --- a/java8/spring-boot/src/main/resources/application.properties +++ /dev/null @@ -1,20 +0,0 @@ -# VISA Developer Platform credentials - https://developer.visa.com/ -# -# This property file is for demonstartion purposes only. -# You MUST take proper precautions to protect your credentials, such as -# NEVER storing your credentials unencrypted with application code. -# -vdp.api-key=_YOUR_APPLICATION_SPECIFIC_API_KEY_ -vdp.shared-secret=_YOUR_APPLICATION_SPECIFIC_SHARED_SECRET_ - -# Embedded Tomcat configuration properties -# -# The properties below enable HTTPS on TCP port 8443. -server.port=8443 -# Please note that this example uses self-signed X.509 certificate with CN=localhost. -# Keystore and private key passwords provided below are not encrypted. -# While it is acceptable for demonstration and example purposes, -# it must not be treated as production grade configuration. -server.ssl.key-store=classpath:embedded-tomcat.jks -server.ssl.key-store-password=changeit -server.ssl.key-password=changeit \ No newline at end of file diff --git a/java8/spring-boot/src/main/resources/embedded-tomcat.jks b/java8/spring-boot/src/main/resources/embedded-tomcat.jks deleted file mode 100644 index 72b0a31..0000000 Binary files a/java8/spring-boot/src/main/resources/embedded-tomcat.jks and /dev/null differ diff --git a/java8/spring-boot/src/main/resources/public/flex.js b/java8/spring-boot/src/main/resources/public/flex.js deleted file mode 100644 index 53df74f..0000000 --- a/java8/spring-boot/src/main/resources/public/flex.js +++ /dev/null @@ -1,162 +0,0 @@ -/** -* Copyright (c) 2016 by CyberSource -* Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md -*/ - -(function(global) { - - var _flexPublicKey; - - var _endpoints = { - keys: "https://sandbox.api.visa.com/cybersource/payments/flex/v1/keys", - // note that you mustn't pass API Key with a call to tokens endpoint. - tokens: "https://sandbox.webapi.visa.com/cybersource/payments/flex/v1/tokens" - } - /* PRIVATE FUNCTIONS */ - var _isFunction = function(functionToCheck) { - var getType = {}; - return functionToCheck && getType.toString.call(functionToCheck) === '[object Function]'; - } - - var _arrayBufferToString = function (buf) { - return String.fromCharCode.apply(null, new Uint8Array(buf)); - } - - var _stringToArrayBuffer = function(str) { - var buf = new ArrayBuffer(str.length); // 2 bytes for each char - var bufView = new Uint8Array(buf); - for (var i=0, strLen=str.length; i < strLen; i++) { - bufView[i] = str.charCodeAt(i); - } - return buf; - } - - // If webcrypto-shim + promiz libs we will have IE11 & Safari 8+ support - var _crypto = global.crypto; - if(_crypto === undefined) { - throw new Error("Browser does not support WebCryptoApi"); - } - - var _importKey = function(keystore){ - - // Remove "use" var due to bug currently in Edge browser - // https://connect.microsoft.com/IE/feedback/details/2242108/webcryptoapi-importing-jwk-with-use-field-fails - // https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/6202624/ - if (/Edge/.test(global.navigator.userAgent)) { - delete keystore.use; - } - - return _crypto.subtle.importKey( - "jwk", keystore, - { name: "RSA-OAEP", hash: { name: "SHA-256" }}, - true, ["encrypt"]); - } - - var _encrypt = function (input, publicKey){ - if(!publicKey){ throw new Error("Public key has not been imported."); } - return _crypto.subtle.encrypt( - { - name: "RSA-OAEP", - // this is out of spec but required for edge - // http://answers.microsoft.com/en-us/windows/forum/apps_windows_10-msedge/rsa-public-key-encryption-in-edge/c6634469-283c-46ce-a4d8-357baaab267f - hash: { name: "SHA-256" } - }, - publicKey, - _stringToArrayBuffer(input) - ); - } - - var _tokenise = function(options, responseHandler, errorHandler){ - if(_flexPublicKey === undefined) { - throw new Error("FLEX.setup has not been called."); - } - - /* Check our response handlers are functions */ - if(responseHandler === undefined || !_isFunction(responseHandler)) { - throw new Error("responseHandler is not a function"); - } - if(errorHandler === undefined || !_isFunction(errorHandler)) { - throw new Error("errorHandler is not a function"); - } - - _encrypt(options.cardNumber, _flexPublicKey).then(function(encryptedCardNumber) { - - var request = new XMLHttpRequest(); - request.open('POST', _endpoints.tokens, true); - request.setRequestHeader("Content-Type", "application/json;charset=UTF-8"); - - /* Response handler */ - request.onload = function(){ - if (request.readyState === 4 && request.status >= 200 && request.status < 400) { - responseHandler(request.status, JSON.parse(request.responseText)); - } - else { - errorHandler(request.status, request.responseText); - } - } - - /* Catch all for connectivity issues */ - request.onerror = function() { - errorHandler(request.status, request.responseText); - }; - - var ciphertext = new Uint8Array(encryptedCardNumber); - var base64Encoded = global.btoa(String.fromCharCode.apply(null, ciphertext)); - - var tokensRequest = { - keyId: global.keystore['kid'], - cardInfo: { - cardNumber: base64Encoded, - cardType: options.cardType - } - }; - - // Optional params - if (options.cardExpirationMonth) { tokensRequest['cardInfo']['cardExpirationMonth'] = options.cardExpirationMonth; } - if (options.cardExpirationYear) { tokensRequest['cardInfo']['cardExpirationYear'] = options.cardExpirationYear; } - - console.info("Tokenising..."); - request.send(JSON.stringify(tokensRequest)); - }) - .catch(function(err){ - console.log(err); - console.error("There was an error during tokenisation"); - }); - } - - var _checkBrowserSupport = function(){ - - /* Web Crypto API */ - if(_crypto === undefined || _crypto.subtle === undefined || !_isFunction(_crypto.subtle.encrypt)){ - throw new Error("Your browser does not support Web Crypto API."); - } - - /* btoa */ - if(global.btoa === undefined || !_isFunction(global.btoa)){ - throw new Error("Your browser does not support btoa."); - } - } - - var _setup = function(keystore, options){ - /* This will throw if the browser doesn't support the required functions - * in future browser support will be much broader with graceful fallback - * through polyfils etc. - **/ - _checkBrowserSupport(); - - var importKey = _importKey(keystore) - .then(function (importedKey) { _flexPublicKey = importedKey; }) - .catch(function (err) { console.error(err); }); - } - - /* PUBLIC FUNCTIONS */ - var _FLEX = { - setup: _setup, - createToken: _tokenise - }; - - /* Expose FLEX as a global */ - global.FLEX = _FLEX; - console.info("FLEX: SDK loaded"); - -}(this)) \ No newline at end of file diff --git a/java8/spring-boot/src/main/resources/templates/checkout.html b/java8/spring-boot/src/main/resources/templates/checkout.html deleted file mode 100644 index fd1d2b3..0000000 --- a/java8/spring-boot/src/main/resources/templates/checkout.html +++ /dev/null @@ -1,138 +0,0 @@ - - - - - - - - Checkout - - - - - -
-
-
- Payment Form -
-
-
-
- - -
-
- - -
-
- - -
-
- -
-
- -
-
- -
-
-
- - - - - - - - - - - - -
-
-
-
- - - - - - - - - - - \ No newline at end of file diff --git a/java8/spring-boot/src/main/resources/templates/receipt.html b/java8/spring-boot/src/main/resources/templates/receipt.html deleted file mode 100644 index 65b52c5..0000000 --- a/java8/spring-boot/src/main/resources/templates/receipt.html +++ /dev/null @@ -1,46 +0,0 @@ - - - - - - - - Receipt - - - - - -
-
-
- Receipt - - Repeat checkout process - -
-
-
-

This is what was posted to the merchant servers.

-

Note the masked PAN and payment token. These can be used to process a transaction with out directly handling the PAN data.

-
- - - - - - - - - - - - - - -
ParamValue
-
-
-
- - \ No newline at end of file diff --git a/jsp-flexjs/.idea/compiler.xml b/jsp-flexjs/.idea/compiler.xml new file mode 100644 index 0000000..d809885 --- /dev/null +++ b/jsp-flexjs/.idea/compiler.xml @@ -0,0 +1,16 @@ + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/jsp-flexjs/.idea/encodings.xml b/jsp-flexjs/.idea/encodings.xml new file mode 100644 index 0000000..b26911b --- /dev/null +++ b/jsp-flexjs/.idea/encodings.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/jsp-flexjs/.idea/libraries/Maven__com_cybersource_flex_server_sdk_0_3_0.xml b/jsp-flexjs/.idea/libraries/Maven__com_cybersource_flex_server_sdk_0_3_0.xml new file mode 100644 index 0000000..5dda2c0 --- /dev/null +++ b/jsp-flexjs/.idea/libraries/Maven__com_cybersource_flex_server_sdk_0_3_0.xml @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/jsp-flexjs/.idea/libraries/Maven__javax_servlet_javax_servlet_api_3_1_0.xml b/jsp-flexjs/.idea/libraries/Maven__javax_servlet_javax_servlet_api_3_1_0.xml new file mode 100644 index 0000000..c24f7e3 --- /dev/null +++ b/jsp-flexjs/.idea/libraries/Maven__javax_servlet_javax_servlet_api_3_1_0.xml @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/jsp-flexjs/.idea/libraries/Maven__javax_servlet_jsp_javax_servlet_jsp_api_2_3_1.xml b/jsp-flexjs/.idea/libraries/Maven__javax_servlet_jsp_javax_servlet_jsp_api_2_3_1.xml new file mode 100644 index 0000000..61d9cb7 --- /dev/null +++ b/jsp-flexjs/.idea/libraries/Maven__javax_servlet_jsp_javax_servlet_jsp_api_2_3_1.xml @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/jsp-flexjs/.idea/misc.xml b/jsp-flexjs/.idea/misc.xml new file mode 100644 index 0000000..21640d8 --- /dev/null +++ b/jsp-flexjs/.idea/misc.xml @@ -0,0 +1,13 @@ + + + + + + + + + \ No newline at end of file diff --git a/jsp-flexjs/.idea/modules.xml b/jsp-flexjs/.idea/modules.xml new file mode 100644 index 0000000..3fc0fc8 --- /dev/null +++ b/jsp-flexjs/.idea/modules.xml @@ -0,0 +1,8 @@ + + + + + + + + \ No newline at end of file diff --git a/jsp-flexjs/.idea/workspace.xml b/jsp-flexjs/.idea/workspace.xml new file mode 100644 index 0000000..934cc2d --- /dev/null +++ b/jsp-flexjs/.idea/workspace.xml @@ -0,0 +1,315 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + +
+
+ + +
+
+ +
+
+ +
+
+ +
+
+
+ + + + + + + + + + + + + + + + diff --git a/java8/jsp-microform-nosdk/src/main/webapp/receipt.jsp b/jsp-flexjs/src/main/webapp/receipt.jsp similarity index 100% rename from java8/jsp-microform-nosdk/src/main/webapp/receipt.jsp rename to jsp-flexjs/src/main/webapp/receipt.jsp diff --git a/java8/spring-boot/src/main/resources/public/Site.css b/jsp-flexjs/src/main/webapp/site.css similarity index 95% rename from java8/spring-boot/src/main/resources/public/Site.css rename to jsp-flexjs/src/main/webapp/site.css index 0c045da..a9248cc 100644 --- a/java8/spring-boot/src/main/resources/public/Site.css +++ b/jsp-flexjs/src/main/webapp/site.css @@ -1,22 +1,22 @@ -/** -* Copyright (c) 2016 by CyberSource -* Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md -*/ - -body { - margin-top: 50px; -} -.container { - max-width: 400px; -} -.receipt-container { - max-width: 600px; -} -.receipt-container .panel-heading .btn.pull-right { - margin-top: -5px; -} -.receipt-container .table { - table-layout: fixed; - word-wrap: break-word; - white-space: pre-wrap; +/** +* Copyright (c) 2016 by CyberSource +* Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md +*/ + +body { + margin-top: 50px; +} +.container { + max-width: 400px; +} +.receipt-container { + max-width: 600px; +} +.receipt-container .panel-heading .btn.pull-right { + margin-top: -5px; +} +.receipt-container .table { + table-layout: fixed; + word-wrap: break-word; + white-space: pre-wrap; } \ No newline at end of file diff --git a/jsp-flexjs/target/classes/com/cybersource/example/CharArrayProperties.class b/jsp-flexjs/target/classes/com/cybersource/example/CharArrayProperties.class new file mode 100644 index 0000000..6295ccc Binary files /dev/null and b/jsp-flexjs/target/classes/com/cybersource/example/CharArrayProperties.class differ diff --git a/jsp-flexjs/target/classes/com/cybersource/example/FlexKeyProvider.class b/jsp-flexjs/target/classes/com/cybersource/example/FlexKeyProvider.class new file mode 100644 index 0000000..d4df887 Binary files /dev/null and b/jsp-flexjs/target/classes/com/cybersource/example/FlexKeyProvider.class differ diff --git a/jsp-flexjs/target/classes/com/cybersource/example/FlexServletContextListener.class b/jsp-flexjs/target/classes/com/cybersource/example/FlexServletContextListener.class new file mode 100644 index 0000000..ae015fb Binary files /dev/null and b/jsp-flexjs/target/classes/com/cybersource/example/FlexServletContextListener.class differ diff --git a/jsp-flexjs/target/classes/com/cybersource/example/MerchantCredentials.class b/jsp-flexjs/target/classes/com/cybersource/example/MerchantCredentials.class new file mode 100644 index 0000000..ab5ccec Binary files /dev/null and b/jsp-flexjs/target/classes/com/cybersource/example/MerchantCredentials.class differ diff --git a/jsp-flexjs/target/jsp-flexjs-1.0.war b/jsp-flexjs/target/jsp-flexjs-1.0.war new file mode 100644 index 0000000..240422d Binary files /dev/null and b/jsp-flexjs/target/jsp-flexjs-1.0.war differ diff --git a/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/CharArrayProperties.class b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/CharArrayProperties.class new file mode 100644 index 0000000..6295ccc Binary files /dev/null and b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/CharArrayProperties.class differ diff --git a/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/FlexKeyProvider.class b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/FlexKeyProvider.class new file mode 100644 index 0000000..d4df887 Binary files /dev/null and b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/FlexKeyProvider.class differ diff --git a/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/FlexServletContextListener.class b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/FlexServletContextListener.class new file mode 100644 index 0000000..ae015fb Binary files /dev/null and b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/FlexServletContextListener.class differ diff --git a/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/MerchantCredentials.class b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/MerchantCredentials.class new file mode 100644 index 0000000..ab5ccec Binary files /dev/null and b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/classes/com/cybersource/example/MerchantCredentials.class differ diff --git a/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/credentials.properties b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/credentials.properties new file mode 100644 index 0000000..c27da67 --- /dev/null +++ b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/credentials.properties @@ -0,0 +1,3 @@ +merchantId=anet_test_001 +keyId=e59adfd7-fd7f-40e9-adc9-e5a6b14c5a7b +sharedSecret=9hFzGFdwNvUD3WdAoueOndFxDMzJqMAhwNvCLwkRXFQ= diff --git a/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/lib/flex-server-sdk-0.3.0.jar b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/lib/flex-server-sdk-0.3.0.jar new file mode 100644 index 0000000..4236c9b Binary files /dev/null and b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/lib/flex-server-sdk-0.3.0.jar differ diff --git a/java8/flex-sdk-spring-boot/src/main/resources/public/Site.css b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/site.css similarity index 95% rename from java8/flex-sdk-spring-boot/src/main/resources/public/Site.css rename to jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/site.css index 0c045da..a9248cc 100644 --- a/java8/flex-sdk-spring-boot/src/main/resources/public/Site.css +++ b/jsp-flexjs/target/jsp-flexjs-1.0/WEB-INF/site.css @@ -1,22 +1,22 @@ -/** -* Copyright (c) 2016 by CyberSource -* Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md -*/ - -body { - margin-top: 50px; -} -.container { - max-width: 400px; -} -.receipt-container { - max-width: 600px; -} -.receipt-container .panel-heading .btn.pull-right { - margin-top: -5px; -} -.receipt-container .table { - table-layout: fixed; - word-wrap: break-word; - white-space: pre-wrap; +/** +* Copyright (c) 2016 by CyberSource +* Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md +*/ + +body { + margin-top: 50px; +} +.container { + max-width: 400px; +} +.receipt-container { + max-width: 600px; +} +.receipt-container .panel-heading .btn.pull-right { + margin-top: -5px; +} +.receipt-container .table { + table-layout: fixed; + word-wrap: break-word; + white-space: pre-wrap; } \ No newline at end of file diff --git a/java8/flex-sdk-spring-boot/src/main/resources/templates/checkout.html b/jsp-flexjs/target/jsp-flexjs-1.0/index.jsp similarity index 76% rename from java8/flex-sdk-spring-boot/src/main/resources/templates/checkout.html rename to jsp-flexjs/target/jsp-flexjs-1.0/index.jsp index 3f58830..a41796a 100644 --- a/java8/flex-sdk-spring-boot/src/main/resources/templates/checkout.html +++ b/jsp-flexjs/target/jsp-flexjs-1.0/index.jsp @@ -1,5 +1,6 @@ - - +<%@page language="java" contentType="text/html" pageEncoding="UTF-8"%> +<%@page import="com.cybersource.example.FlexKeyProvider"%> + @@ -7,7 +8,7 @@ Checkout - + @@ -17,7 +18,7 @@ Payment Form
-
+
- - - - - - + + @@ -84,17 +79,17 @@
- - + + + - + diff --git a/jsp-flexjs/target/jsp-flexjs-1.0/integration.js b/jsp-flexjs/target/jsp-flexjs-1.0/integration.js new file mode 100644 index 0000000..13ee965 --- /dev/null +++ b/jsp-flexjs/target/jsp-flexjs-1.0/integration.js @@ -0,0 +1,27 @@ +// integration.js +import flex from '@cybersource/flex-sdk-web'; + +document.querySelector('#payBtn').on('click', () => { + const options = { + kid: jwk.kid, + keystore: jwk, + cardInfo: { + cardNumber: document.querySelector('#cardNumber').value, + cardType: document.querySelector('select[name="cardType"]').value, + expiryMonth: document.querySelector('input[name="expiryMonth"]').value, + expiryYear: document.querySelector('input[name="expiryYear"]').value + }, + // production: true // without specifying this tokens are created in test env + }; + + flex.createToken(options, (response) => { + if (response.error) { + alert('There has been an error!'); + console.log(response); + return; + } + + document.querySelector("input[name='token']").value = response.token; + document.querySelector('#paymentForm').submit(); + }); +}); \ No newline at end of file diff --git a/java8/jsp-microform/src/main/webapp/receipt.jsp b/jsp-flexjs/target/jsp-flexjs-1.0/receipt.jsp similarity index 100% rename from java8/jsp-microform/src/main/webapp/receipt.jsp rename to jsp-flexjs/target/jsp-flexjs-1.0/receipt.jsp diff --git a/jsp-flexjs/target/jsp-flexjs-1.0/site.css b/jsp-flexjs/target/jsp-flexjs-1.0/site.css new file mode 100644 index 0000000..a9248cc --- /dev/null +++ b/jsp-flexjs/target/jsp-flexjs-1.0/site.css @@ -0,0 +1,22 @@ +/** +* Copyright (c) 2016 by CyberSource +* Governing licence: https://github.com/CyberSource/cybersource-flex-samples/blob/master/LICENSE.md +*/ + +body { + margin-top: 50px; +} +.container { + max-width: 400px; +} +.receipt-container { + max-width: 600px; +} +.receipt-container .panel-heading .btn.pull-right { + margin-top: -5px; +} +.receipt-container .table { + table-layout: fixed; + word-wrap: break-word; + white-space: pre-wrap; +} \ No newline at end of file diff --git a/jsp-flexjs/target/maven-archiver/pom.properties b/jsp-flexjs/target/maven-archiver/pom.properties new file mode 100644 index 0000000..10d0e9f --- /dev/null +++ b/jsp-flexjs/target/maven-archiver/pom.properties @@ -0,0 +1,4 @@ +#Created by Apache Maven 3.6.0 +groupId=com.cybersource.examples.flex +artifactId=jsp-flexjs +version=1.0 diff --git a/jsp-flexjs/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst b/jsp-flexjs/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst new file mode 100644 index 0000000..e69de29 diff --git a/jsp-flexjs/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst b/jsp-flexjs/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst new file mode 100644 index 0000000..e132504 --- /dev/null +++ b/jsp-flexjs/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst @@ -0,0 +1,4 @@ +/Users/brianmac/Code/cybersource-flex-samples/jsp-flexjs/src/main/java/com/cybersource/example/FlexServletContextListener.java +/Users/brianmac/Code/cybersource-flex-samples/jsp-flexjs/src/main/java/com/cybersource/example/CharArrayProperties.java +/Users/brianmac/Code/cybersource-flex-samples/jsp-flexjs/src/main/java/com/cybersource/example/FlexKeyProvider.java +/Users/brianmac/Code/cybersource-flex-samples/jsp-flexjs/src/main/java/com/cybersource/example/MerchantCredentials.java diff --git a/jsp-microform/.idea/compiler.xml b/jsp-microform/.idea/compiler.xml new file mode 100644 index 0000000..3c3e575 --- /dev/null +++ b/jsp-microform/.idea/compiler.xml @@ -0,0 +1,16 @@ + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/jsp-microform/.idea/encodings.xml b/jsp-microform/.idea/encodings.xml new file mode 100644 index 0000000..b26911b --- /dev/null +++ b/jsp-microform/.idea/encodings.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/jsp-microform/.idea/libraries/Maven__com_cybersource_flex_server_sdk_0_3_0.xml b/jsp-microform/.idea/libraries/Maven__com_cybersource_flex_server_sdk_0_3_0.xml new file mode 100644 index 0000000..5dda2c0 --- /dev/null +++ b/jsp-microform/.idea/libraries/Maven__com_cybersource_flex_server_sdk_0_3_0.xml @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/jsp-microform/.idea/libraries/Maven__javax_servlet_javax_servlet_api_3_1_0.xml b/jsp-microform/.idea/libraries/Maven__javax_servlet_javax_servlet_api_3_1_0.xml new file mode 100644 index 0000000..c24f7e3 --- /dev/null +++ b/jsp-microform/.idea/libraries/Maven__javax_servlet_javax_servlet_api_3_1_0.xml @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/jsp-microform/.idea/libraries/Maven__javax_servlet_jsp_javax_servlet_jsp_api_2_3_1.xml b/jsp-microform/.idea/libraries/Maven__javax_servlet_jsp_javax_servlet_jsp_api_2_3_1.xml new file mode 100644 index 0000000..61d9cb7 --- /dev/null +++ b/jsp-microform/.idea/libraries/Maven__javax_servlet_jsp_javax_servlet_jsp_api_2_3_1.xml @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/jsp-microform/.idea/misc.xml b/jsp-microform/.idea/misc.xml new file mode 100644 index 0000000..21640d8 --- /dev/null +++ b/jsp-microform/.idea/misc.xml @@ -0,0 +1,13 @@ + + + + + + + + + \ No newline at end of file diff --git a/jsp-microform/.idea/modules.xml b/jsp-microform/.idea/modules.xml new file mode 100644 index 0000000..be81153 --- /dev/null +++ b/jsp-microform/.idea/modules.xml @@ -0,0 +1,8 @@ + + + + + + + + \ No newline at end of file diff --git a/jsp-microform/.idea/workspace.xml b/jsp-microform/.idea/workspace.xml new file mode 100644 index 0000000..6686636 --- /dev/null +++ b/jsp-microform/.idea/workspace.xml @@ -0,0 +1,441 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +