invertedlogic/Scripts/Billing/process-order.sh at 46f79949bf8bfad74f5c41b0d704ed1efd389c62

Fork: 0
jryland / invertedlogic
Find file
Newer
Older
invertedlogic / Scripts / Billing / process-order.sh
John Ryland on 14 Jul 2015 6 KB Fix path, make input a parameter, use mail to send mail
Raw Blame History
#!/bin/bash

BILLING_PATH="$HOME/Scripts/Billing"
OUTPUT=`$BILLING_PATH/dkim-verify.sh $1`
RESULT=$?
if [ "$RESULT" != "0" ]
then
	echo "DKIM check failed"
	exit $RESULT
fi

KEY=`echo $OUTPUT | cut -d '=' -f 1`
VAL=`echo $OUTPUT | cut -d '=' -f 2- | cut -d ' ' -f 1`
if [ "$KEY" == "TEMPDIR" ]
then
	TEMPDIR=$VAL		
fi

# echo "tempdir = -$TEMPDIR-"

echo > $TEMPDIR/check-params.sh
cat $TEMPDIR/cheaders.txt | while read LINE
do
	KEY=`echo $LINE | cut -d ':' -f 1`
	VAL=`echo $LINE | cut -d ':' -f 2-`
	[ "$KEY" == "reply-to" ] && echo "REPLYTO_EMAIL='$VAL'" >> $TEMPDIR/check-params.sh
	[ "$KEY" == "content-type" ] && echo "CONTENT_TYPE='$VAL'" >> $TEMPDIR/check-params.sh
done

# We are expecting that PayPal will DKIM sign the from and subject fields and so we search
# for those fields in dkim-headers.dos so we only detect them if they were signed
# If they are not in the dkim-headers that are signed, then the idea is that the rest of 
# the script will fail as the names and emails will mis-match
cat $TEMPDIR/dkim-headers.dos | while read LINE
do
	KEY=`echo $LINE | cut -d ':' -f 1`
	VAL=`echo $LINE | cut -d ':' -f 2-`
	[ "$KEY" == "from" ] && echo "$VAL" | sed 's/\(.*\) via PayPal.*/FROM_NAME='\''\1'\''/' >> $TEMPDIR/check-params.sh
	[ "$KEY" == "subject" ] && echo "$VAL" | sed 's/\(.*\) - Notification of Payment Received from \(.*\) (\(.*\)).*/ITEM='\''\1'\''\nSENDER_NAME='\''\2'\''\nSENDER_EMAIL='\''\3'\''\n/' >> $TEMPDIR/check-params.sh
done
echo >> $TEMPDIR/check-params.sh

. $TEMPDIR/check-params.sh

echo > $TEMPDIR/plain-body.txt
MULTIPART_TYPE=`echo "$CONTENT_TYPE" | cut -d ';' -f 1`
if [ "$MULTIPART_TYPE" == "multipart/alternative" ]
then
	MULTIPART_SEPERATOR=`echo "$CONTENT_TYPE" | cut -d ';' -f 2- | cut -d '=' -f 2`
	PART=0
	cat $TEMPDIR/body.txt | while read LINE
	do
		[ "$PART" == "1" ] && echo "$LINE" >> $TEMPDIR/plain-body.txt
		[ "$PART" == "1" ] && [ "$LINE" == "--$MULTIPART_SEPERATOR" ] && break
		[ "$PART" == "0" ] && [ "$LINE" == "--$MULTIPART_SEPERATOR" ] && PART=1
	done
else
	cat $TEMPDIR/body.txt >> $TEMPDIR/plain-body.txt
fi

cat $TEMPDIR/plain-body.txt | perl -pe 'use MIME::QuotedPrint; $_=MIME::QuotedPrint::decode($_);' > $TEMPDIR/plain.txt

STATE=0
echo > $TEMPDIR/vals.sh
cat $TEMPDIR/plain.txt | while read LINE
do
	KEY=`echo $LINE | cut -d ':' -f 1`
	VAL=`echo $LINE | cut -d ':' -f 2- | sed 's/[ \t]*\(.*\)/\1/'`
	[ "$LINE" == "" ] && STATE=0
	[ "$STATE" == "2" ] && echo "BUYER_EMAIL='$LINE'" >> $TEMPDIR/vals.sh && STATE=0
	[ "$STATE" == "1" ] && echo "BUYER_NAME='$LINE'" >> $TEMPDIR/vals.sh && STATE=2
	[ "$LINE" == "Buyer:" ] && STATE=1
	[ "$STATE" == "3" ] && echo "SHIPPING=\$SHIPPING' | $LINE'" >> $TEMPDIR/vals.sh
	[ "$LINE" == "Shipping address:" ] && STATE=3
	[ "$KEY" == "Description" ]     && echo "DESC='$VAL'" >> $TEMPDIR/vals.sh
	[ "$KEY" == "Qty" ]             && echo "QTY='$VAL'" >> $TEMPDIR/vals.sh
	[ "$KEY" == "Unit price" ]      && echo "UNIT_PRICE='$VAL'" >> $TEMPDIR/vals.sh
	[ "$KEY" == "Total" ]           && echo "PRICE='$VAL'" >> $TEMPDIR/vals.sh
	[ "$KEY" == "Payment" ]         && echo "PAID='$VAL'" >> $TEMPDIR/vals.sh
	[ "$KEY" == "Payment sent to" ] && echo "ME='$VAL'" >> $TEMPDIR/vals.sh
done

. $TEMPDIR/vals.sh

if [ "$ME" != "billing@subflexion.com" ]
then
	echo "Wrong account:"
	echo "  -$ME- is not -billing@subflexion.com- "
	echo "  Or perhaps the email isn't formatted as expected, perhaps paypal have changed the format?"
	exit -1
fi
if [ "$SENDER_NAME" != "$FROM_NAME" ]
then
	echo "Name mismatch:"
	echo "  -$SENDER_NAME- is not -$FROM_NAME- "
	echo "  Perhaps the from or subject header fields were not signed, so can we really trust this email?"
	exit -1
fi
if [ "$REPLYTO_EMAIL" != "$SENDER_EMAIL" ]
then
	echo "Email mismatch:"
	echo "  -$REPLYTO_EMAIL- is not -$SENDER_EMAIL- "
	echo "  Perhaps the from or subject header fields were not signed, so can we really trust this email?"
	exit -1
fi
if [ "$SENDER_NAME" != "$BUYER_NAME" ]
then
	echo "Name mismatch:"
	echo "  -$SENDER_NAME- is not -$BUYER_NAME- "
	echo "  The email doesn't not appear to be formatted as expected, perhaps paypal have changed the format"
	exit -1
fi
if [ "$BUYER_EMAIL" != "$SENDER_EMAIL" ]
then
	echo "Email mismatch:"
	echo "  -$BUYER_EMAIL- is not -$SENDER_EMAIL- "
	echo "  The email doesn't not appear to be formatted as expected, perhaps paypal have changed the format"
	exit -1
fi

if [ "$ITEM" == "Item no.v1.0" ]
then
	echo "Found requested stock item"
	if [ "$UNIT_PRICE" != "\$0.99 USD" ]
	then
		echo "Price mismatch:"
		echo "  -$UNIT_PRICE- != \$0.99 USD"
		echo "  Prices changed, but this script not updated?"
		echo "  Or potentially someone is trying to make a paypal payment with the correct details except for the price" 
		exit -1
	fi
	# TODO: calculate that the total price is the correctly calculated product of the unit price by the quantitya
else
	exit -1
fi

echo "Generating license..."

echo > $TEMPDIR/license.txt
echo "PRODUCT=$DESC" >> $TEMPDIR/license.txt
echo "COUNT=$QTY" >> $TEMPDIR/license.txt
echo "ID=`uuidgen`" >> $TEMPDIR/license.txt
echo "NAME=$BUYER_NAME" >> $TEMPDIR/license.txt
echo "EMAIL=$BUYER_EMAIL" >> $TEMPDIR/license.txt
echo "ADDRESS_LINE1=`echo $SHIPPING | cut -d '|' -f 2 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt
echo "ADDRESS_LINE2=`echo $SHIPPING | cut -d '|' -f 3 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt
echo "ADDRESS_LINE3=`echo $SHIPPING | cut -d '|' -f 4 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt
echo "ADDRESS_LINE4=`echo $SHIPPING | cut -d '|' -f 5 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt
echo "ADDRESS_LINE5=`echo $SHIPPING | cut -d '|' -f 6 | sed 's/[ \t]*\(.*\)/\1/'`" >> $TEMPDIR/license.txt

# openssl genrsa -out $BILLING_PATH/private.pem 2048 > /dev/null
# openssl rsa -in $BILLING_PATH/private.pem -outform PEM -pubout -out $BILLING_PATH/public.pem 

cat $TEMPDIR/license.txt | openssl dgst -keyform pem -sha256 -sign $BILLING_PATH/private.pem > $TEMPDIR/sig.bin

cat $TEMPDIR/license.txt | openssl dgst -keyform pem -sha256 -verify $BILLING_PATH/public.pem -signature $TEMPDIR/sig.bin

SIG=`cat $TEMPDIR/sig.bin | base64 -w 50`

echo "SIGNATURE_LINE1=`echo $SIG | tr ' ' '\n' | head -n 1 | tail -n 1`" >> $TEMPDIR/license.txt
echo "SIGNATURE_LINE2=`echo $SIG | tr ' ' '\n' | head -n 2 | tail -n 1`" >> $TEMPDIR/license.txt
echo "SIGNATURE_LINE3=`echo $SIG | tr ' ' '\n' | head -n 3 | tail -n 1`" >> $TEMPDIR/license.txt
echo "SIGNATURE_LINE4=`echo $SIG | tr ' ' '\n' | head -n 4 | tail -n 1`" >> $TEMPDIR/license.txt
echo "SIGNATURE_LINE5=`echo $SIG | tr ' ' '\n' | head -n 5 | tail -n 1`" >> $TEMPDIR/license.txt
echo "SIGNATURE_LINE6=`echo $SIG | tr ' ' '\n' | head -n 6 | tail -n 1`" >> $TEMPDIR/license.txt
echo "SIGNATURE_LINE7=`echo $SIG | tr ' ' '\n' | head -n 7 | tail -n 1`" >> $TEMPDIR/license.txt

cat $TEMPDIR/license.txt

# Cleanup temporary files
if [ -d "$TEMPDIR" ]
then
	if [ `dirname $TEMPDIR` == "$HOME/tmp" ]
	then
		rm -rf $TEMPDIR
	fi
fi