From 09592fd4d3d9b981f4711fc6773375e3219a694b Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Fri, 22 Feb 2019 09:00:51 -0500 Subject: [PATCH] log warnings for bad requests or unsupported cases --- src/Billing/Controllers/BitPayController.cs | 10 +++++++++- src/Billing/Controllers/PayPalController.cs | 13 ++++++++++++- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/src/Billing/Controllers/BitPayController.cs b/src/Billing/Controllers/BitPayController.cs index a933faa57e..0101e3c0fc 100644 --- a/src/Billing/Controllers/BitPayController.cs +++ b/src/Billing/Controllers/BitPayController.cs @@ -4,6 +4,7 @@ using Bit.Core.Repositories; using Bit.Core.Services; using Bit.Core.Utilities; using Microsoft.AspNetCore.Mvc; +using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using System; using System.Data.SqlClient; @@ -24,6 +25,7 @@ namespace Bit.Billing.Controllers private readonly IUserRepository _userRepository; private readonly IMailService _mailService; private readonly IPaymentService _paymentService; + private readonly ILogger _logger; public BitPayController( IOptions billingSettings, @@ -32,7 +34,8 @@ namespace Bit.Billing.Controllers IOrganizationRepository organizationRepository, IUserRepository userRepository, IMailService mailService, - IPaymentService paymentService) + IPaymentService paymentService, + ILogger logger) { _billingSettings = billingSettings?.Value; _bitPayClient = bitPayClient; @@ -41,6 +44,7 @@ namespace Bit.Billing.Controllers _userRepository = userRepository; _mailService = mailService; _paymentService = paymentService; + _logger = logger; } [HttpPost("ipn")] @@ -66,12 +70,14 @@ namespace Bit.Billing.Controllers if(invoice == null || invoice.Status != "confirmed") { // Request forged...? + _logger.LogWarning("Forged invoice detected. #" + model.Data.Id); return new BadRequestResult(); } if(invoice.Currency != "USD") { // Only process USD payments + _logger.LogWarning("Non USD payment received. #" + invoice.Id); return new OkResult(); } @@ -85,12 +91,14 @@ namespace Bit.Billing.Controllers if(!isAccountCredit) { // Only processing credits + _logger.LogWarning("Non-credit payment received. #" + invoice.Id); return new OkResult(); } var transaction = await _transactionRepository.GetByGatewayIdAsync(GatewayType.BitPay, invoice.Id); if(transaction != null) { + _logger.LogWarning("Already processed this confirmed invoice. #" + invoice.Id); return new OkResult(); } diff --git a/src/Billing/Controllers/PayPalController.cs b/src/Billing/Controllers/PayPalController.cs index 9e001d8bfd..2a85c31617 100644 --- a/src/Billing/Controllers/PayPalController.cs +++ b/src/Billing/Controllers/PayPalController.cs @@ -4,6 +4,7 @@ using Bit.Core.Models.Table; using Bit.Core.Repositories; using Bit.Core.Services; using Microsoft.AspNetCore.Mvc; +using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using Newtonsoft.Json; using System.Data.SqlClient; @@ -24,6 +25,7 @@ namespace Bit.Billing.Controllers private readonly IUserRepository _userRepository; private readonly IMailService _mailService; private readonly IPaymentService _paymentService; + private readonly ILogger _logger; public PayPalController( IOptions billingSettings, @@ -33,7 +35,8 @@ namespace Bit.Billing.Controllers IOrganizationRepository organizationRepository, IUserRepository userRepository, IMailService mailService, - IPaymentService paymentService) + IPaymentService paymentService, + ILogger logger) { _billingSettings = billingSettings?.Value; _paypalClient = paypalClient; @@ -43,6 +46,7 @@ namespace Bit.Billing.Controllers _userRepository = userRepository; _mailService = mailService; _paymentService = paymentService; + _logger = logger; } [HttpPost("webhook")] @@ -182,12 +186,14 @@ namespace Bit.Billing.Controllers var verified = await _paypalIpnClient.VerifyIpnAsync(body); if(!verified) { + _logger.LogWarning("Unverified IPN received."); return new BadRequestResult(); } var ipnTransaction = new PayPalIpnClient.IpnTransaction(body); if(ipnTransaction.ReceiverId != _billingSettings.PayPal.BusinessId) { + _logger.LogWarning("Receiver was not proper business id. " + ipnTransaction.ReceiverId); return new BadRequestResult(); } @@ -201,12 +207,14 @@ namespace Bit.Billing.Controllers if(ipnTransaction.PaymentType == "echeck") { // Not accepting eChecks + _logger.LogWarning("Got an eCheck payment. " + ipnTransaction.TxnId); return new OkResult(); } if(ipnTransaction.McCurrency != "USD") { // Only process USD payments + _logger.LogWarning("Received a payment not in USD. " + ipnTransaction.TxnId); return new OkResult(); } @@ -228,6 +236,7 @@ namespace Bit.Billing.Controllers GatewayType.PayPal, ipnTransaction.TxnId); if(transaction != null) { + _logger.LogWarning("Already processed this completed transaction. #" + ipnTransaction.TxnId); return new OkResult(); } @@ -284,6 +293,7 @@ namespace Bit.Billing.Controllers GatewayType.PayPal, ipnTransaction.TxnId); if(refundTransaction != null) { + _logger.LogWarning("Already processed this refunded transaction. #" + ipnTransaction.TxnId); return new OkResult(); } @@ -291,6 +301,7 @@ namespace Bit.Billing.Controllers GatewayType.PayPal, ipnTransaction.ParentTxnId); if(parentTransaction == null) { + _logger.LogWarning("Parent transaction was not found. " + ipnTransaction.TxnId); return new BadRequestResult(); }