From e3a79361bd12d33a149ffa4c5fdea82ebf074735 Mon Sep 17 00:00:00 2001 From: Ramon Gutierrez Date: Mon, 9 Oct 2023 14:05:25 +0800 Subject: [PATCH] Remove auth from insurance listener. Fail silently if invalid callback given #761 --- config/packages/security.yaml | 4 ++++ src/Controller/InsuranceController.php | 7 +++++++ src/Controller/PayMongoController.php | 7 +++++++ 3 files changed, 18 insertions(+) diff --git a/config/packages/security.yaml b/config/packages/security.yaml index b745b4e3..7e9140dc 100644 --- a/config/packages/security.yaml +++ b/config/packages/security.yaml @@ -53,6 +53,10 @@ security: pattern: ^\/test_capi\/ security: false + insurance: + pattern: ^\/insurance\/ + security: false + paymongo: pattern: ^\/paymongo\/ security: false diff --git a/src/Controller/InsuranceController.php b/src/Controller/InsuranceController.php index f13c83d1..a60efe90 100644 --- a/src/Controller/InsuranceController.php +++ b/src/Controller/InsuranceController.php @@ -39,6 +39,13 @@ class InsuranceController extends Controller // END DEBUG + // if no transaction code given, silently fail + if (empty($attr['transaction_code'])) { + return $this->json([ + 'success' => true, + ]); + } + // get event type and process accordingly $event_name = $payload['transaction_code']; diff --git a/src/Controller/PayMongoController.php b/src/Controller/PayMongoController.php index 245cedfa..82625c36 100644 --- a/src/Controller/PayMongoController.php +++ b/src/Controller/PayMongoController.php @@ -34,6 +34,13 @@ class PayMongoController extends Controller // END DEBUG + // if no event type given, silently fail + if (empty($attr['type'])) { + return $this->json([ + 'success' => true, + ]); + } + // get event type and process accordingly $attr = $payload['data']['attributes']; $event = $attr['data'];