| Age | Commit message (Collapse) | Author |
|---|
|
Trying to add a little more entropy to the calculation.
Went with chrono instead of `std::time` because it gives me an `i64`
timestamp instead of a `Result`.
|
|
If the purchaser coming from POST params is found in the database,
generate a license for the purchaser, zip the license, and send a
response containing the zipped data.
zip:
Change the writer input to a mutable reference to enable us to use the
zip data when writing to the response. Otherwise we get a borrow error.
|
|
|
|
Binary to generate a license plist.
|
|
Make it easier on users by not requiring them to pass a signature into
the method. This means they don't have to extract the `p_signature`
param and base64 decode it themselves.
Essentially, we want to move the code from `request` that removes the
`p_signature` key and base64 decodes it into the
`paddle::verify_signature()` function.
We need to make the string-like type params in `verify_signature()`
conform additionally to `PartialEq<str>` and `PartialOrd`. Doing so
allows us to find the key "p_signature".
To remove the `p_signature` param from the iterator, we partition it
into two iterators: one for the `p_signature` entry, and another for the
rest. We then extract the value of `p_signature` and base64 decode it
for verification.
Add a new error type in case no `p_signature` entry is found in the
iterator.
|
|
In order to verify the signature, it needs to be encoded as bytes.
|
|
The new `request::verified()` takes POST params as a string as does all
the work needed to call `paddle::verify_signature()`.
This involves extracting the `p_signature` POST parameter to get the
signature, and getting the public key PEM.
Change `params::parse()` to return a
`BTreeMap<Cow<'a, str>, Cow<'a, str>>` instead of `String` keys &
values. This is because `paddle::verify_signature()` needs a `(<&str,
&str)` iterator. Actually, it still doesn't solve the problem because
the types don't match. We need to modify the input type of
`verify_signature()`, but at least this change gives us references.
Make `params` private to the crate because we no longer need to use it
in `main()`.
|
|
We want a dictionary to be able to remove the Paddle `p_signature` entry.
|
|
Get a file path from the `LOG_FILE` environment variable and use it for
log output.
Call `database::get_database_connection()` and log the error if it
fails.
Worried about exiting early from the FastCGI program, as DreamHost says
this causes problems
(https://help.dreamhost.com/hc/en-us/articles/217298967). But I don't
see how the program can continue without a database connection.
Return a `Result` from `main()` because it's easier to use the `?`
operator for errors that happen before logging is initialised.
|
|
This new method generates a secret, which is a SHA1 digest of the
purchaser's name, email, and a random integer.
In order to use the `hexdigest()` method in the 'sha1' crate, I needed
to add the feature `std`
(https://docs.rs/sha1/0.6.0/sha1/struct.Sha1.html#method.hexdigest).
Needed to change the `secret` field to a `String` because otherwise the
generated digest string doesn't have a long enough lifetime to assign to
it.
Update `with_secret()` to use the new `String` type.
Update `insert()` to correctly handle the `Option` in `secret`.
|
|
|
|
|
|
Should verify a Paddle webhook. This ensures that the request really
does come from Paddle.
In order to verify the request, we need to sign the serialized POST
parameters. And, weirdly, Paddle requires you to serialize parameters in
PHP's serialization format.
Using this Gist by 'drewmccormack' as a reference for the format:
https://gist.github.com/drewmccormack/a51b18ffeda8f596a11a8623481344d8
|
|
We'll use this new library crate to generate licenses in the Aquatic
Prime format. Planning on just porting the C code directly to Rust.
|
|
|
|
Generated with:
$ cargo new --bin license-generator
using
$ rustc --version
rustc 1.28.0 (9634041f0 2018-07-30)
This will be a FastCGI program to respond to a webhook from Paddle, and
respond with a generated license key file.
|
