Strona główna Odkrywaj Pomoc
Zaloguj się
r-group
/
BulkPrintingAPI
Obserwuj 2
Polub 0
Forkuj 0
Kod Problemy 0 Oczekujące zmiany 0 Commity 31 Wydania 0 Wiki
Przeglądaj źródła

Add logging before and after placing an order through MAX.
Add logging after saving a batch.

Andrew Klopper 8 lat temu
rodzic
81cedc06e4
commit
4448a46fae
2 zmienionych plików z 29 dodań i 0 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 2 0
      BulkPrintingAPI/Controllers/BatchesController.cs
  2. 27 0
      MAXClient/Client.cs

+ 2 - 0
BulkPrintingAPI/Controllers/BatchesController.cs
Wyświetl plik 

@@ -140,6 +140,8 @@ namespace BulkPrintingAPI.Controllers
140 140 
             credentials.User.Account.Balance = orderResponse.RemainingBalance;
141 141 
             await _context.SaveChangesAsync();
142 142
143 
+            _logger.LogDebug("Saved batchId={0} for {1}", orderResponse.Batch.Id, credentials.ToString());
144 
+
143 145 
             try
144 146 
             {
145 147 
                 await Utils.DownloadVouchersAsync(_sftpOptions, _context, _logger, orderResponse.Batch);

+ 27 - 0
MAXClient/Client.cs
Wyświetl plik 

@@ -91,6 +91,13 @@ namespace MAX
91 91 
             var response = ExpectResponse(await ReadMessageAsync().ConfigureAwait(false), "Hi");
92 92
93 93 
             // Request server RSA key
94 
+            //
95 
+            // WARNING:
96 
+            //
97 
+            // The protocol does not do any form of server authentication so this step is
98 
+            // trivially vulnerable to a man-in-the-middle attack where an intermediary
99 
+            // intercepts this request and sends their own RSA key while keeping the server RSA
100 
+            // key to themselves.
94 101 
             await WriteMessageAsync(new MessageBuilder().Append("PK")).ConfigureAwait(false);
95 102 
             response = await ReadMessageAsync().ConfigureAwait(false);
96 103 
 
@@ -373,6 +380,19 @@ namespace MAX
373 380 
                 throw new ArgumentException("24 byte key expected", nameof(key));
374 381 
             }
375 382
383 
+            _logger.LogDebug(
384 
+                "Placing order for {0}: date={1} quantity={2} productId={3} productDescription={4} networkId={5} networkName={6} customerRef={7} internalRef={8}",
385 
+                LoginCredentials.Format(_userId, _username, _vendorId, _serialNumber),
386 
+                DateTimeOffset.UtcNow,
387 
+                quantity,
388 
+                product.Id,
389 
+                product.Description,
390 
+                product.Network.Id,
391 
+                product.Network.Name,
392 
+                customerReference,
393 
+                internalReference
394 
+            );
395 
+
376 396 
             await WriteMessageAsync(new MessageBuilder()
377 397 
                 .Append("Order ")
378 398 
                 .Append(Encrypt(new StringBuilder()
 
@@ -393,6 +413,13 @@ namespace MAX
393 413
394 414 
             var response = ExpectResponse(Decrypt(await ReadMessageAsync().ConfigureAwait(false)), "OK");
395 415
416 
+            _logger.LogDebug("Order response for {0} customerRef={1} internalRef={2}: {3}",
417 
+                LoginCredentials.Format(_userId, _username, _vendorId, _serialNumber),
418 
+                customerReference,
419 
+                internalReference,
420 
+                response
421 
+            );
422 
+
396 423 
             var parts = response.Split('|');
397 424 
             return new OrderResponse()
398 425 
             {