6iPddlZddlZddlZddlZddlmZmZmZddlm Z ddl Z ddl Z ddl Z ddl Z d dZ d dZ d dZdZdZd Zd Zy) N)Cipher algorithmsmodes)default_backendc|d||d}tj|d}tj|j dj dj d}tj|j dj dj d}|d|} |j d} |dk(rCtj| | j dtjj} n|d k(rCtj| | j dtjj} nV|d k(rCtj| | j dtjj} ntd |tj| j dj d} |d|d| } | S) a Sign data using JWS with HMAC for BillDesk integration Args: payload_string (str): The data to sign (usually encrypted JWE) signing_key (str): BillDesk provided signing key key_id (str): BillDesk provided signing key ID client_id (str): BillDesk provided client ID algorithm (str): JWS algorithm (default: "HS256") Returns: str: JWS signed string JWT)algtypkidclientid,: separatorsutf-8=.HS256HS384HS512Unsupported algorithm: )jsondumpsbase64urlsafe_b64encodeencodedecoderstriphmacnewhashlibsha256digestsha384sha512 ValueError)payload_string signing_keykey_id client_id algorithm jws_header header_json header_b64 payload_b64 signing_inputsigning_key_bytes signature signature_b64jws_signed_datas 7E:\Akash\Saasvaap\Navya-Bakers\orders\billdesk_utils.pysign_jws_billdeskr7 s" J**ZJ?K))+*<*+@+@+IJQQRYZaabefK"l!K=1M$**73GHH. 0D0DW0Mw~~^eeg g HH. 0D0DW0Mw~~^eeg g HH. 0D0DW0Mw~~^eeg 29+>??,,Y7>>wGNNsSM$ Ak]!M?CO c dttj|tjd|| || d| dddd} tj| d } t | |||}t ||||}| ||fS) a Complete BillDesk payment flow: Create payload -> Encrypt with JWE -> Sign with JWS Args: merc_id (str): Merchant ID amount (str): Payment amount return_url (str): Return URL encryption_key (str): Encryption key enc_key_id (str): Encryption key ID enc_client_id (str): Encryption client ID signing_key (str): Signing key sign_key_id (str): Signing key ID sign_client_id (str): Signing client ID currency (str): Currency code (default: "356" for INR) itemcode (str): Item code (default: "DIRECT") user_ip (str): User's IP address Returns: tuple: (original_payload, encrypted_data, signed_data) TEST%Y-%m-%dT%H:%M:%S+05:30internetIMozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0gapplication/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 init_channelip user_agent accept_headerorderidmercid order_dateamountcurrencyruitemcodedevicer r)inttimestrftimerrencrypt_jwe_billdeskr7)merc_idrH return_urlencryption_key enc_key_id enc_client_idr) sign_key_idsign_client_idrIrKuser_ippayload payload_jsonencrypted_data signed_datas r6!encrypt_and_sign_billdesk_paymentr]@s6#diik*+,mm$=>&eG  G ::g*=L*, TabN$NKn]K  44r8c dttj|tjd||||d|dddd} tj| d } t | |||S) a\ Create and encrypt a BillDesk payment payload Args: merc_id (str): Merchant ID provided by BillDesk amount (str): Payment amount return_url (str): Return URL after payment encryption_key (str): BillDesk provided encryption key key_id (str): BillDesk provided encryption key ID client_id (str): BillDesk provided client ID currency (str): Currency code (default: "356" for INR) itemcode (str): Item code (default: "DIRECT") user_ip (str): User's IP address Returns: str: JWE encrypted payment data r:r;r<r=r>r?rDr r)rMrNrOrrrP) rQrHrRrSr*r+rIrKrXrYrZs r6encrypt_billdesk_paymentr_vsv,#diik*+,mm$=>&eG  G"::g*=L nfi PPr8c *|jd}t|dkr|jdd}nt|dkDr|dd}dd||d}tj|d }t j |jdjdjd }tjd }ttj|tj|t! } | j#} |jd } | j%| |jd} | j'| | j)z} | j*}d}t j |jdjd }t j | jdjd }t j |jdjd }|d|d|d|d| }|S)aq Encrypt data using JWE with AES-256-GCM for BillDesk integration Args: response_string (str): The payload to encrypt encryption_key (str): BillDesk provided encryption key key_id (str): BillDesk provided encryption key ID client_id (str): BillDesk provided client ID Returns: str: JWE encrypted string r NdirA256GCM)r encr r r rr backendasciir)rlenljustrrrrrrosurandomrrAESrGCMr encryptorauthenticate_additional_dataupdatefinalizetag)response_stringrSr*r+key jwe_headerr.r/ivcipherrqaad payload_bytes ciphertextauth_tag encrypted_keyiv_b64ciphertext_b64tag_b64jwe_encrypted_datas r6rPrPs    (C 3x"}iiE" SB#2h J**ZJ?K))+*<*.base64url_decode#s4CAD A $5#:;;F++F3 3r8z0Expected empty encrypted key for 'dir' algorithmz!Failed to decode JWE components: rfzInvalid IV length: z , expected 12rgriDecryption failed: z Failed to parse decrypted JSON: z!Failed to decode decrypted data: z$Decrypted data is not a dictionary: )splitrkrrr Exceptionr'strrloadsgetr startswith b64decoderrrorrpr decryptorrrrsrtJSONDecodeError isinstancedict)r[rSpartsjws_header_b64jws_payload_b64jws_signature_b64jws_payload_paddedre jwe_partsr/encrypted_key_b64rrrheader_b64_paddedr.headerrwrryr}r~rzrr{decrypted_bytesdecrypted_stringdecrypted_jsons r6decryptrsxf9$$S) u:?AF >NO->!031s??SVW?W;W[\:\3]!]  L%+%=%=>P%Q%X%XY`%a"Z1_!/ 4SZL@cde e',,S1 y>Q KCPYNK[\] ]IRF %v~w'S_q5H1HA0M)NN P 223DELLWUKZZ ,F ::e  %6vzz%7H6IIYZ[ [ ::e  )>vzz%?P>QQefg g B ''0C((0&&~ab'9:3x2~ #HS !STT  4 OP P K!&)B).9J'0H r7b=23r7)=IJ J =JNN3/2x1HRaRcdF((*I##G,C  2 23 7'..z:Y=O=O=QQO  K.55g> !ZZ(89N.$/CNCSTU Uu L #A#a&!JKK L> PEc!fXNO O P  B7Ax@A A B K@QIJ J K =23q6(;< < =## J?AxHI I K@QIJ J K 9.s1vh7889s?P,$L&BP,)9L7"A$P,AM&P,8N&P,7BN/ &O/P, L4L//L44P,7 MMMP, N(M??NP, N,N''N,,P,/ O8OOP,P)*P P) P$$P))P,, Q5Q  Qcp t||}|S#t$r}tdt|d}~wwxYw)a Decrypt JWE data using AES-256-GCM for BillDesk integration Handles both direct JWE and nested JWS->JWE formats Args: encrypted_data (str): The JWE encrypted string or JWS containing JWE encryption_key (str): BillDesk provided encryption key Returns: dict: Decrypted and parsed JSON payload with 'bdorderid' key Raises: ValueError: If decryption, JSON parsing, or structure validation fails rN)rrr'r)r[rSrrs r6decrypt_jwe_billdeskrOs@9 @ 9.s1vh7889s  505cp|jd}tdt|t|dk(rtd|\}}} |ddt|dzz zdzz}tjt j |jd}tdtj|d  |ddt|dzz zdzz}t j |jd}td ||jd} td t| t| dk(r{ | dddt| ddzz zdzz} tjt j | jd} tdtj| d nt|dk(rtd |dddt|ddzz zdzz} tjt j | jd}tdtj|d tdy#td YxYw#tdYxYw#t$r} td| Yd} ~ Md} ~ wwxYw#tdYdxYw)z? Analyze the structure of encrypted data from BillDesk rzNumber of parts: rz Format: JWS (JSON Web Signature)rrrz JWS Header: )indentzCould not decode JWS headerzJWS Payload (JWE): zJWE parts in payload: rrz JWE Header: zCould not decode JWE headerzCould not decode JWS payload: Nz!Format: JWE (JSON Web Encryption)z2--------------------------------------------------) rprintrkrrrrrrr)r[rrrrjws_header_paddedr-r jws_payloadrjwe_header_paddedrxr header_paddedrs r6analyze_encrypted_datares   %E c%j\ *+ 5zQ 01=B:): 1 .CRUV>V:V3WZ[3[![  223EFMMgVK ' }5 6$))#.I *3y>*:; <9~"9(1! sa#iPQlBSVWBW>W7X[\7\(\%!%F,D,DEV,W,^,^_f,g!hJLJq)I(JKL Uq 12 1!!Hsa#eAh-!2C.C'Dq'HHMZZ 8 8 G N Nw WXF LF1!= >? @ (OG 1 / 0$978 8 21#6 7 7 8 1 / 0sF A4I?BJA:I0A:J& I-0 I?=J J# JJ#& J5)r)356DIRECTz 123.0.0.1)rrr r"&cryptography.hazmat.primitives.ciphersrrrcryptography.hazmat.backendsrrmrNrequestsuuidr7r]r_rPrrrr8r6rs[ LL8 3rP[25nGR)Q\>Bg9T9,3r8