feature: Add notification handler

samples/Axepta.Sample/Program.cs

@@ -22,7 +22,6 @@ CancellationToken ct
             new()
             {
                 Type = PaymentType.Sale,
-                ServiceId = "eff3207f-d2a0-4560-99ce-bba83267c90b",
                 Amount = 100,
                 Currency = "PLN",
                 OrderId = "123456789",
@@ -47,6 +46,24 @@ CancellationToken ct
     }
 );
 
+paymentEndpoints.MapPost(
+    "/webhook",
+    async (
+        IAxeptaNotification axeptaNotification,
+        HttpContext ctx,
+        CancellationToken ct
+    ) =>
+    {
+        if (await axeptaNotification.HasValidSignature(ctx))
+        {
+            return Results.Ok();
+        }
+
+        return Results.Unauthorized();
+    }
+);
+
+
 app.UseSwagger();
 app.UseSwaggerUI();
 

samples/Axepta.Sample/appsettings.Development.json

@@ -1,7 +1,11 @@
 {
   "axepta-paywall": {
-    "merchantId": "ir49nkdgnuex458f6wnq",
-    "authToken": "ttfc9ve4zeseca4egs0pguk15c3yckkwf7d1n1ts8e55y5hs68886ujt76z5glbl",
+    "merchantId": "5n3bxvzoxife15djkmpa",
+    "service": {
+        "id": "bf1efa70-a6d8-4c08-a512-52e8aa025952",
+        "key": "XrvZlCclg45zOOBtANK5reKo4onNlMrKAwgM"
+    },
+    "authToken": "rc9wg0rosqzfx4dcdh1epzloemn5fhuis62gy37faxhd7iojhhop6eb341jbqfpw",
     "sandbox": true
   }
 }

samples/Axepta.Sample/appsettings.json

@@ -1,7 +1,11 @@
 {
   "axepta-paywall": {
-    "merchantId": "ir49nkdgnuex458f6wnq",
-    "authToken": "ttfc9ve4zeseca4egs0pguk15c3yckkwf7d1n1ts8e55y5hs68886ujt76z5glbl",
-    "sandbox": false
+    "merchantId": "5n3bxvzoxife15djkmpa",
+    "service": {
+        "id": "bf1efa70-a6d8-4c08-a512-52e8aa025952",
+        "key": "XrvZlCclg45zOOBtANK5reKo4onNlMrKAwgM"
+    },
+    "authToken": "rc9wg0rosqzfx4dcdh1epzloemn5fhuis62gy37faxhd7iojhhop6eb341jbqfpw",
+    "sandbox": true
   }
 }

src/Axepta.SDK/Axepta.SDK.csproj

@@ -5,7 +5,7 @@
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
     <PackageId>Axepta.SDK</PackageId>
-    <VersionPrefix>1.0.2</VersionPrefix>
+    <VersionPrefix>1.0.3</VersionPrefix>
     <VersionSuffix>alpha</VersionSuffix>
     <Authors>Maksymilian Szokalski</Authors>
     <Description>Axepta.SDK is a class library for BNP Paribas Axepta Paywall</Description>
@@ -17,6 +17,10 @@
     <PackageLicenseFile>LICENSE</PackageLicenseFile>
   </PropertyGroup>
 
+	<ItemGroup>
+		<FrameworkReference Include="Microsoft.AspNetCore.App" />
+	</ItemGroup>
+
   <ItemGroup>
     <None Include="..\..\assets\AxeptaLogo.png" Pack="true" PackagePath="" Visible="false" />
     <None Include="..\..\README.md" Pack="true" PackagePath="" Visible="false" />

src/Axepta.SDK/Entities/Request/Payment.cs

@@ -20,7 +20,7 @@ public sealed record Payment
     /// Gets or sets the service ID associated with the payment. This is a unique identifier for the service involved in the payment.
     /// </summary>
     [JsonPropertyName("serviceId")]
-    public required string ServiceId { get; init; }
+    public string? ServiceId { get; private set; }
 
     /// <summary>
     /// Gets or sets the payment amount. The setter converts the input amount from a major currency unit (e.g., dollars) to a minor unit (e.g., cents).
@@ -140,4 +140,7 @@ public required int Amount
     /// </summary>
     [JsonPropertyName("activeTo")]
     public DateTime? ActiveTo { get; init; }
+
+    internal void SetServiceId(string serviceId)
+        => ServiceId = serviceId;
 }

src/Axepta.SDK/Entities/Request/Refund.cs

@@ -4,7 +4,7 @@ namespace Axepta.SDK;
 /// Represents a refund transaction, including information such as the type of transaction, 
 /// service ID, and the refund amount. This class is designed to handle the specifics of processing a refund.
 /// </summary>
-public sealed class Refund
+public sealed record Refund
 {
     private readonly int _amount;
 
@@ -20,7 +20,7 @@ public sealed class Refund
     /// This is a unique identifier for the service involved in the refund transaction.
     /// </summary>
     [JsonPropertyName("serviceId")]
-    public required string ServiceId { get; init; }
+    public string? ServiceId { get; private set; }
 
     /// <summary>
     /// Gets the amount of the refund. 
@@ -32,4 +32,7 @@ public required int Amount
         get => _amount;
         init => _amount = value * 100; 
     }
+
+    internal void SetServiceId(string serviceId)
+        => ServiceId = serviceId;
 }

src/Axepta.SDK/Entities/Response/NotificationHeaderDto.cs

@@ -0,0 +1,23 @@
+namespace Axepta.SDK.Entities.Response;
+
+internal sealed record NotificationHeaderDto(
+    [property: JsonPropertyName("merchantid")] string MerchantId,
+    [property: JsonPropertyName("serviceid")] string ServiceId,
+    [property: JsonPropertyName("signature")] string Signature,
+    [property: JsonPropertyName("alg")] string Algorithm
+)
+{
+    public static NotificationHeaderDto FromString(string input)
+    {
+        var keyValuePairs = input.Split(';')
+            .Select(part => part.Split('='))
+            .ToDictionary(split => split[0], split => split[1]);
+
+        return new NotificationHeaderDto(
+            keyValuePairs["merchantid"],
+            keyValuePairs["serviceid"],
+            keyValuePairs["signature"],
+            keyValuePairs["alg"]
+        );
+    }
+}

src/Axepta.SDK/Enums/PaymentMethodChannel.cs

@@ -28,7 +28,7 @@ public enum PaymentMethodChannel
     Oneclick,
     Recurring,
 #endregion
-#region Blik
+#region blik
     Blik
 #endregion
 }

src/Axepta.SDK/Extensions.cs

@@ -55,6 +55,8 @@ IConfiguration cfg
                 )
             );
 
+        services.AddSingleton<IAxeptaNotification, AxeptaNotification>();
+
         return services;
     }
 

src/Axepta.SDK/Usings.cs → src/Axepta.SDK/GlobalUsings.cs

@@ -12,3 +12,9 @@
 global using Axepta.SDK.Regex;
 global using Axepta.SDK.Attributes;
 global using Axepta.SDK.Options;
+global using Microsoft.Extensions.Options;
+global using Microsoft.Extensions.Primitives;
+global using Microsoft.AspNetCore.Http;
+global using System.Security.Cryptography;
+global using Axepta.SDK.Entities.Response;
+global using Axepta.SDK.Services;

src/Axepta.SDK/Options/AxeptaPaywallOptions.cs

@@ -5,6 +5,7 @@ internal sealed record AxeptaPaywallOptions
     public const string SelectionName = "axepta-paywall";
 
     public required string MerchantId { get; init; }
+    public required ServiceOptions Service { get; init; }
     public required string AuthToken { get; init; }
     public required bool Sandbox { get; init; }
 }

src/Axepta.SDK/Options/ServiceOptions.cs

@@ -0,0 +1,7 @@
+namespace Axepta.SDK.Options;
+
+internal sealed record ServiceOptions
+{
+    public required string Id { get; init; }
+    public required string Key { get; init; }
+}

src/Axepta.SDK/Services/Abstractions/IAxeptaNotification.cs

@@ -0,0 +1,6 @@
+namespace Axepta.SDK;
+
+public interface IAxeptaNotification
+{
+    Task<bool> HasValidSignature(HttpContext ctx);
+}

src/Axepta.SDK/Services/Axepta.cs

@@ -1,34 +1,43 @@
 namespace Axepta.SDK.Services;
 
-internal sealed class Axepta(HttpClient http) : IAxepta
+internal sealed class Axepta(
+    HttpClient http,
+    IOptions<AxeptaPaywallOptions> options
+ ) : IAxepta
 {
     public Task<ResponseRoot> CreatePaymentAsync(
         Payment payment,
         CancellationToken ct = default
     )
-        => http.PostAsync<Payment, ResponseRoot>(
+    {
+        payment.SetServiceId(options.Value.Service.Id);
+        return http.PostAsync<Payment, ResponseRoot>(
             "transaction",
             payment,
             ct
         );
+    }
 
     public Task<ResponseRoot> CreateRefundAsync(
         Guid paymentId,
         Refund refund,
         CancellationToken ct = default
     )
-        => http.PostAsync<Refund, ResponseRoot>(
+    {
+        refund.SetServiceId(options.Value.Service.Id);
+        return http.PostAsync<Refund, ResponseRoot>(
             $"payment/{paymentId}/refund",
             refund,
             ct
         );
+    }
 
     public async Task<Transaction> GetTransactionAsync(
-        Guid transationId,
+        Guid transactionId,
         CancellationToken ct = default
     )
         => (await http.GetAsync<ResponseRoot>(
-            $"transaction/{transationId}",
+            $"transaction/{transactionId}",
             ct
         )).Data.Transaction!;
 

src/Axepta.SDK/Services/AxeptaNotification.cs

@@ -0,0 +1,30 @@
+namespace Axepta.SDK.Services;
+
+internal sealed class AxeptaNotification(IOptions<AxeptaPaywallOptions> options) : IAxeptaNotification
+{
+    public async Task<bool> HasValidSignature(HttpContext ctx)
+    {
+        var dto = NotificationHeaderDto.FromString(ctx.Request.Headers["X-Axepta-Signature"].ToString());
+
+        using var reader = new StreamReader(ctx.Request.Body);
+
+        var body = await reader.ReadToEndAsync();
+
+        reader.Close();
+
+        return dto.Signature == ComputeSha256Hash(body + "XrvZlCclg45zOOBtANK5reKo4onNlMrKAwgM");
+    }
+
+    private string ComputeSha256Hash(string data)
+    {
+        using SHA256 sha256Hash = SHA256.Create();
+        var bytes = sha256Hash.ComputeHash(Encoding.UTF8.GetBytes(data));
+
+        var builder = new StringBuilder();
+        foreach (var t in bytes)
+        {
+            builder.Append(t.ToString("x2"));
+        }
+        return builder.ToString();
+    }
+}