Spring FullStack Backend Security

Author: Urunov

Part-9.SpringBoot-React-Projects/Project-2.SpringBoot-React-ShoppingMall/fullstack/backend/src/main/java/com/urunov/kafkaService/Producer.java

@@ -3,6 +3,7 @@
 import com.google.gson.Gson;
 import com.urunov.model.Orders;
 import com.urunov.payload.SmsResponse;
+import com.urunov.payload.order.OrderKafkaResponse;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;

Part-9.SpringBoot-React-Projects/Project-2.SpringBoot-React-ShoppingMall/fullstack/backend/src/main/java/com/urunov/payload/order/OrderKafkaResponse.java

@@ -0,0 +1,79 @@
+package com.urunov.payload.order;
+
+import com.urunov.model.OrderDetails;
+import com.urunov.model.Orders;
+import com.urunov.model.enumdto.OrderStatus;
+import com.urunov.payload.good.GoodOrderDetailsResponse;
+import com.urunov.payload.user.UserResponse;
+import lombok.*;
+
+import java.math.BigDecimal;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * User: hamdamboy
+ * Project: Shopping
+ * Github: @urunov
+ */
+@Data
+@Getter
+@Setter
+@AllArgsConstructor
+@NoArgsConstructor
+public class OrderKafkaResponse {
+
+ private Long id;
+
+ private String email;
+
+ private String additionsPhone;
+
+ private String address;
+
+ private String name;
+
+ private String comment;
+
+ private UserResponse user;
+
+ private OrderStatus orderStatus;
+
+ private List<GoodOrderDetailsResponse> goodList;
+
+ private Float deliveryPrice;
+
+ private BigDecimal totalSum = new BigDecimal(0);
+
+ public OrderKafkaResponse(Orders orders)
+ {
+ this.id = orders.getId();
+ this.email = orders.getEmail();
+ this.additionsPhone = orders.getAdditionalPhone();
+ this.address = orders.getAddress();
+ this.name = orders.getName();
+ this.comment = orders.getComment();
+ this.user = new UserResponse(orders.getUser());
+ this.orderStatus = orders.getStatus();
+ this.deliveryPrice = orders.getDeliveryPrice();
+ if(orders.getOrderDetailsList() != null)
+ {
+ List<GoodOrderDetailsResponse> orderDetailsResponses = new ArrayList<>();
+ for(OrderDetails goodOrderDetailsResponse: orders.getOrderDetailsList()){
+ orderDetailsResponses.add(new GoodOrderDetailsResponse(goodOrderDetailsResponse.getGood(), goodOrderDetailsResponse.getQuantity(),
+ goodOrderDetailsResponse.getGood().getImageUrl(), goodOrderDetailsResponse.getGood().getRetailer()));
+ }
+
+ this.goodList = orderDetailsResponses;
+ }
+
+ for(OrderDetails orderDetails: orders.getOrderDetailsList())
+ {
+ this.totalSum = this.totalSum.add(orderDetails.getGood().getCurrentPrice() !=null ?
+ orderDetails.getGood().getCurrentPrice().multiply(new BigDecimal(orderDetails.getQuantity())): new BigDecimal(0));
+ }
+ }
+
+
+
+}

Part-9.SpringBoot-React-Projects/Project-2.SpringBoot-React-ShoppingMall/fullstack/backend/src/main/java/com/urunov/payload/order/OrderResponse.java

@@ -61,4 +61,5 @@ public OrderResponse(Orders orders)
  }
 
 
+
 }

Part-9.SpringBoot-React-Projects/Project-2.SpringBoot-React-ShoppingMall/fullstack/backend/src/main/java/com/urunov/payload/payment/PaymentStatusResponse.java

@@ -0,0 +1,48 @@
+package com.urunov.payload.payment;
+
+import lombok.*;
+
+/**
+ * User: hamdamboy
+ * Project: Shopping
+ * Github: @urunov
+ */
+
+@Data
+@Getter
+@Setter
+@AllArgsConstructor
+@NoArgsConstructor
+public class PaymentStatusResponse {
+ /**
+ * статус платежа
+ */
+ private String state;
+
+ /**
+ * сумма платежа в копейках
+ */
+ private String totalAmount;
+
+ /**
+ * время создания платежа (Время должно быть в формате: yyyy-mm-dd hh:mm:ss)
+ */
+ private String createdDate;
+
+ /**
+ * уникальный код провайдера услуг
+ */
+ private String providerServCode;
+
+ /**
+ * название провайдера услуг
+ */
+ private String providerName;
+
+ /**
+ * код ошибки, используется для локализации проблемы.(
+ */
+ private String errorCode;
+
+
+}

Part-9.SpringBoot-React-Projects/Project-2.SpringBoot-React-ShoppingMall/fullstack/backend/src/main/java/com/urunov/payload/user/UserResponse.java

@@ -0,0 +1,43 @@
+package com.urunov.payload.user;
+
+import com.urunov.model.User;
+
+/**
+ * User: hamdamboy
+ * Project: Shopping
+ * Github: @urunov
+ */
+public class UserResponse {
+
+ private Long id;
+
+ private String username;
+
+ private String name;
+
+ private String phone;
+
+ private String email;
+
+ private String city;
+
+
+ public UserResponse(User user){
+ this.id = user.getId();
+ this.username = user.getUsername();
+ this.name = user.getName();
+ this.phone = user.getPhone();
+ this.email = user.getEmail();
+ this.city = user.getCity();
+ }
+
+ public UserResponse(Long id, String username, String name, String phone, String email)
+ {
+ this.id = id;
+ this.username = username;
+ this.phone = phone;
+ this.email = email;
+ }
+
+
+}

Part-9.SpringBoot-React-Projects/Project-2.SpringBoot-React-ShoppingMall/fullstack/backend/src/main/java/com/urunov/service/order/OrderService.java

@@ -12,16 +12,15 @@
 import com.urunov.repository.UserRepository;
 import com.urunov.security.UserPrincipal;
 import com.urunov.utils.AppConstants;
-import org.hibernate.criterion.Order;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
+import org.springframework.data.domain.Pageable;
 import org.springframework.data.domain.Sort;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Service;
 
-import java.awt.print.Pageable;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Date;
@@ -48,7 +47,7 @@ public PagedResponse<OrderResponse> getAllUserOrders(int page, int size, String
  {
  validatePageNumberAndSize(page, size);
  Pageable pageable;
- Page<Order> orderList;
+ Page<Orders> ordersList;
 
  if(sortOrder.equals("ascend"))
  pageable = (Pageable) PageRequest.of(page, size, Sort.by(
@@ -66,20 +65,20 @@ public PagedResponse<OrderResponse> getAllUserOrders(int page, int size, String
  }
 
  if(isActive)
- orderList = orderRepository.findAllByUserAndStatusIn(user, Arrays.asList(OrderStatus.inProgress, OrderStatus.awaitingPayment,
+ ordersList = orderRepository.findAllByUserAndStatusIn(user, Arrays.asList(OrderStatus.inProgress, OrderStatus.awaitingPayment,
  OrderStatus.paid, OrderStatus.deliveryInProgress, OrderStatus.courierFound, OrderStatus.courierSearch, OrderStatus.awaitingConfirmation), pageable);
  else
- orderList = orderRepository.findAllByUserAndStatusIn(user, Arrays.asList(OrderStatus.delivered, OrderStatus.canceled), pageable);
+ ordersList = orderRepository.findAllByUserAndStatusIn(user, Arrays.asList(OrderStatus.delivered, OrderStatus.canceled), pageable);
 
- if(orderList.getNumberOfElements() == 0)
+ if(ordersList.getNumberOfElements() == 0)
  {
- return new PagedResponse<>(Collections.emptyList(), orderList.getNumber(),
- orderList.getSize(), orderList.getTotalElements(), orderList.getTotalPages(), orderList.isLast());
+ return new PagedResponse<>(Collections.emptyList(), ordersList.getNumber(),
+ ordersList.getSize(), ordersList.getTotalElements(), ordersList.getTotalPages(), ordersList.isLast());
  }
 
- List<OrderResponse> responseList = orderList.map(order -> new OrderResponse(orders)).getContent();
- return new PagedResponse<>(responseList, orderList.getTotalPages(),
- orderList.isLast());
+ List<OrderResponse> responseList = ordersList.map(orders -> new OrderResponse(orders)).getContent();
+ return new PagedResponse<>(responseList, ordersList.getNumber(),
+ ordersList.getSize(), ordersList.getTotalElements(), ordersList.getTotalPages(), ordersList.isLast());
  }
 
 
@@ -123,7 +122,7 @@ public ResponseEntity<?> statusDelivered(UserPrincipal userPrincipal, OrderRespo
  }
  orderRepository.save(orders);
  producer.sendOrderRequest(orders);
- return new ResponseEntity(new ApiResponse(true, "Status updated sucessfully/ Статус заказа успешно изменен!", new Date(), orderResponse), HttpStatus.OK));
+ return new ResponseEntity(new ApiResponse(true, "Status updated sucessfully/ Статус заказа успешно изменен!", new Date(), orderResponse), HttpStatus.OK);
  }
  else
  {

Part-9.SpringBoot-React-Projects/Project-2.SpringBoot-React-ShoppingMall/fullstack/backend/src/main/java/com/urunov/service/order/payment/PaymentService.java

@@ -1,10 +1,21 @@
 package com.urunov.service.order.payment;
 
 import com.google.gson.Gson;
+import com.urunov.payload.order.OrderResponse;
+import com.urunov.payload.payment.CKassaRequestProperties;
 import com.urunov.payload.payment.PaymentResponse;
+import com.urunov.payload.payment.PaymentStatusResponse;
 import org.apache.http.client.utils.DateUtils;
 import org.springframework.stereotype.Service;
 
+import java.math.BigDecimal;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.apache.commons.codec.digest.MessageDigestAlgorithms.MD5;
+
 /**
  * User: hamdamboy
  * Project: Shopping
@@ -30,7 +41,124 @@ public String registerUser() throws Exception{
 
  PaymentResponse paymentResponse = new PaymentResponse();
  paymentResponse.setLogin("799999999");
+ paymentResponse.setEmail("adasd@gmail.com");
+ paymentResponse.setName("user");
+ paymentResponse.setSurName("user");
+ paymentResponse.setMiddleName("user");
+ paymentResponse.setShopToken(shopToken);
+ String requestBody = paymentResponse.getLogin() + '&'
+ + paymentResponse.getEmail() + '&'
+ + paymentResponse.getName() + '&'
+ + paymentResponse.getSurName() + '&'
+ + paymentResponse.getMiddleName() + '&'
+ + paymentResponse.getShopToken() + '&'
+ + secKey;
+ paymentResponse.setSign(MD5(MD5(requestBody).toUpperCase()).toUpperCase());
+
+ return cKassaApi.call("user/registration", new Gson().toJson(paymentResponse));
+ }
+
+ public String getUserStatus() throws Exception
+ {
+ PaymentResponse paymentResponse = new PaymentResponse();
+ paymentResponse.setLogin("799999999");
+ paymentResponse.setShopToken(shopToken);
+ String requestBody = paymentResponse.getLogin() + '&'
+ + paymentResponse.getShopToken() + '&'
+ + secKey;
+ paymentResponse.setSign(MD5(MD5(requestBody).toUpperCase()).toUpperCase());
+ return cKassaApi.call("user/status", new Gson().toJson(paymentResponse));
+ }
+
+ public String registerCard() throws Exception
+ {
+ PaymentResponse paymentResponse = new PaymentResponse();
+ paymentResponse.setUserToken("450c2adc-e19f-4194-b081-a028bc381b64");
+ paymentResponse.setShopToken(shopToken);
+
+ String requestBody =
+ paymentResponse.getUserToken() + '&'
+ + paymentResponse.getShopToken() + '&'
+ + secKey;
+ paymentResponse.setSign(MD5(MD5(requestBody).toUpperCase()).toUpperCase());
+
+ return cKassaApi.call("card/registration", new Gson().toJson(paymentResponse));
+ }
+
+ public String getCardList() throws Exception
+ {
+ PaymentResponse paymentResponse = new PaymentResponse();
+ paymentResponse.setUserToken("450c2adc-e19f-4194-b081-a028bc381b64");
+
+ paymentResponse.setShopToken(shopToken);
+ String requestBody =
+ paymentResponse.getUserToken() + '&'
+ + paymentResponse.getShopToken() + '&'
+ + secKey;
+ paymentResponse.setSign(MD5(MD5(requestBody.toString()).toUpperCase()).toUpperCase());
+ return cKassaApi.call("do/payment", new Gson().toJson(paymentResponse));
+ }
+
+ public String makeAnonymousPayment(OrderResponse orderResponse) throws Exception
+ {
+ PaymentResponse paymentResponse = new PaymentResponse();
+ paymentResponse.setServiceCode(servCode);
+ paymentResponse.setAmount(BigDecimal.valueOf(orderResponse.getDeliveryPrice()).add(orderResponse.getTotalSum()).multiply(new BigDecimal(100)).intValue());
+ paymentResponse.setComission("0");
+
+ List<CKassaRequestProperties> requestProperties = new ArrayList<>();
+ requestProperties.add(new CKassaRequestProperties("Number_Order", orderResponse.getId().toString()));
+ requestProperties.add(new CKassaRequestProperties("Order_date", orderResponse.getCreatedAt().substring(0, Integer.parseInt(orderResponse.getCreatedAt().substring(0, orderResponse.getCreatedAt().indexOf(" "))))));
+ requestProperties.add(new CKassaRequestProperties("Receiver", orderResponse.getRetailerName()));
+ paymentResponse.setProperties(requestProperties);
+ paymentResponse.setShopToken(shopToken);
+
+ StringBuilder requestBody = new StringBuilder(paymentResponse.getServiceCode() + '&'
+ + paymentResponse.getAmount() + '&'
+ + paymentResponse.getComission() + '&');
+
+ for(CKassaRequestProperties properties: requestProperties)
+ {
+ requestBody.append(properties.getName()).append('&').append(properties.getValue()).append('&');
+ }
+
+ requestBody.append(paymentResponse.getShopToken()).append('&');
+ requestBody.append(secKey);
+ paymentResponse.setSign(MD5(MD5(requestBody.toString()).toUpperCase()).toUpperCase());
+ return cKassaApi.call("do/payment/anonymous", new Gson().toJson(paymentResponse));
+ }
+
+ public PaymentStatusResponse getPaymentStatus(String paymentNumber) throws Exception
+ {
+ PaymentResponse paymentResponse = new PaymentResponse();
+ paymentResponse.setRegPayNum(paymentNumber);
+ paymentResponse.setShopToken(shopToken);
+
+ StringBuilder requestBody = new StringBuilder(paymentResponse.getRegPayNum() + '&');
+ requestBody.append(paymentResponse.getShopToken()).append('&');
+ requestBody.append(secKey);
+ paymentResponse.setSign(MD5(MD5(requestBody.toString()).toUpperCase()).toUpperCase());
+ return new Gson().fromJson(cKassaApi.call("check/payment/state", new Gson().toJson(paymentResponse)), PaymentStatusResponse.class);
+ }
+
+ private String MD5(String str){
+ MessageDigest md5;
+
+ StringBuffer nextString = new StringBuffer();
+ try {
+ md5 = MessageDigest.getInstance("md5");
+ md5.reset();
+ md5.update(str.getBytes());
+ byte messageDigest[] = md5.digest();
+ for(int i=0; i< messageDigest.length; i++){
+ nextString.append(Integer.toHexString(0xFF & messageDigest[i] | 0x100).substring(1, 3).toUpperCase());
+ }
+ }
+
+ catch (NoSuchAlgorithmException e){
+ return e.toString();
+ }
 
- return CKassaApi.call("user/registeration", new Gson().toJson(paymentResponse));
+ return nextString.toString();
  }
 }