Added AuthorizedNetSensitiveTagsConfig.json to sdk-php instead of only client.

Author: ashtru

lib/net/authorize/api/controller/base/ApiOperationBase.php

@@ -111,8 +111,7 @@ public function executeWithApiResponse($endPoint = \net\authorize\api\constants\
     public function execute($endPoint = \net\authorize\api\constants\ANetEnvironment::CUSTOM)
     {
         $this->beforeExecute();
-//        $this->logger->debugFormat("Request object :%s", $this->apiRequest);
-        $this->logger->debug($this->apiRequest);
+
         $this->logger->info("Request Serialization Begin");
         $xmlRequest = $this->serializer->serialize($this->apiRequest, 'xml');
         $this->logger->info("Request  Serialization End");

lib/net/authorize/util/ANetSensitiveFields.php

@@ -19,21 +19,22 @@ private static function getDefaulSensitiveXmlTags(){
     }
     public static function getSensitiveXmlTags(){
         $sensitiveTags = array();
-        if (file_exists(ANET_SENSITIVE_XMLTAGS_JSON_FILE)) {
+        $configFilePath = dirname(__FILE__) . "/" . ANET_SENSITIVE_XMLTAGS_JSON_FILE;
+        if (file_exists($configFilePath)) {
             //read list of tags(and associate regex-patterns and replacements) from .json file
-            $sensitiveTags = json_decode(file_get_contents(ANET_SENSITIVE_XMLTAGS_JSON_FILE));
+            $sensitiveTags = json_decode(file_get_contents($configFilePath));
             if (json_last_error() === JSON_ERROR_NONE) {
                 // JSON is valid
             }
             else{
-                echo "ERROR: Invalid json in: " . ANET_SENSITIVE_XMLTAGS_JSON_FILE  . " json_last_error_msg : " . json_last_error_msg();
+                echo "ERROR: Invalid json in: " . $configFilePath  . " json_last_error_msg : " . json_last_error_msg();
                 return self::getDefaulSensitiveXmlTags();
             }
         }
         else {
             // if not present, create a local config file
             $sensitiveTags = self::getDefaulSensitiveXmlTags();
-            file_put_contents(ANET_SENSITIVE_XMLTAGS_JSON_FILE, json_encode($sensitiveTags, JSON_PRETTY_PRINT));
+            file_put_contents($configFilePath, json_encode($sensitiveTags, JSON_PRETTY_PRINT));
         }
         //Check for disableMask flag in case of client json.
         $applySensitiveTags = array();

lib/net/authorize/util/AuthorizedNetSensitiveTagsConfig.json

@@ -0,0 +1,20 @@
+[
+    {
+        "tagName": "cardCode",
+        "pattern": "",
+        "replacement": "",
+        "disableMask": false
+    },
+    {
+        "tagName": "cardNumber",
+        "pattern": "^(\\d+)(\\d{4})$",
+        "replacement": "$xxxx-$3$4",
+        "disableMask": false
+    },
+    {
+        "tagName": "expirationDate",
+        "pattern": "",
+        "replacement": "",
+        "disableMask": false
+    }
+]

lib/net/authorize/util/Log.php

@@ -16,39 +16,27 @@
 define("ANET_LOG_INFO",2);
 define("ANET_LOG_WARN",3);
 define("ANET_LOG_ERROR",4);
-
 //set level
 define("ANET_LOG_LEVEL",ANET_LOG_DEBUG);
 
-/**
- * A class to implement logging.
- *
- * @package    AuthorizeNet
- * @subpackage net\authorize\util
- */
-
 class Log
 {
     private $sensitiveXmlTags = NULL;
-	
-	/**
-	* Takes an xml as string and masks the sensitive fields.
-	*
-	* @param string $rawString		The xml as a string.
-	*
-	* @return string 		The xml as a string after masking sensitive fields
-	*/
+
     private function maskSensitiveXmlString($rawString){
+        //Tag name is compulsory, can leave patterns and repalcements blank
+//        $tags= array("cardCode","cardNumber","expirationDate");
+//        $patterns=array("","([^0-9]*)(\d+)(\d{4})(.*)","");
         $patterns=array();
+//        $replacements=array("","$1xxxx-$3$4","");
         $replacements=array();
-		
         foreach ($this->sensitiveXmlTags as $i => $sensitiveTag){
             $tag = $sensitiveTag->tagName;
-            $inputPattern = "(.+)"; //no need to mask null data
-            $inputReplacement = "xxxx";
+            $inputPattern = $sensitiveTag->pattern;
+            $inputReplacement = "XXXX";
 
-            if(trim($sensitiveTag->pattern)) {
-                $inputPattern = $sensitiveTag->pattern;
+            if(!trim($inputPattern)) {
+                $inputPattern = "(.+)"; //no need to mask null data
             }
             $pattern = "/<" . $tag . ">". $inputPattern ."<\/" . $tag . ">/";
 
@@ -64,138 +52,32 @@ private function maskSensitiveXmlString($rawString){
         return $maskedString;
     }
 
-	/**
-	* Object data masking related functions START
-	*/
-	
-	/**
-	* private function getPropertiesInclBase($reflClass).
-	* 
-	* Receives a ReflectionObject, ...
-	* iteratively fetches the properties of the object (including from the base classes up the hierarchy), ...
-	* collects them in an array of ReflectionProperty and returns the array.
-	*
-	* @param ReflectionObject $reflClass
-	*
-	* @return \ReflectionProperty[]
-	*/
-	private function getPropertiesInclBase($reflClass)
-	{
-		$properties = array();
-		try {
-			do {
-				$curClassPropList = $reflClass->getProperties();
-				foreach ($curClassPropList as $p) {
-					$p->setAccessible(true);
-				}
-				$properties = array_merge($curClassPropList, $properties);
-			} while ($reflClass = $reflClass->getParentClass());
-		} catch (\ReflectionException $e) { }
-		return $properties;
-	}
-	
-	/**
-	* private function checkAndMask($prop, $obj).
-	* 
-	* Receives a ReflectionProperty and an object, and returns a masked object if the ReflectionProperty corresponds to a sensitive field, else returns false.
-	*
-	* @param ReflectionProperty $prop
-	* @param object $obj
-	*
-	* @return string|bool
-	*/
-	private function checkAndMask($prop, $obj){
-		foreach($this->sensitiveXmlTags as $i => $sensitiveTag)
-		{
-			$inputPattern = "(.+)";
-			$inputReplacement = "xxxx";
-
-            if(trim($sensitiveTag->pattern)) {
-                $inputPattern = $sensitiveTag->pattern;
-            }
-			$inputPattern='/'.$inputPattern.'/';
-			
-            if(trim($sensitiveTag->replacement)) {
-                $inputReplacement = $sensitiveTag->replacement;
-            }
-			
-			if(strcmp($prop->getName(),$sensitiveTag->tagName)==0)
-			{
-				$prop->setValue($obj,preg_replace($inputPattern,$inputReplacement,$prop->getValue($obj)));
-				return $prop->getValue($obj);
-			}
-		}
-		return false;
-	}
-	
-	/**
-	* called by getMasked() to mask sensitive fields of an object.
-	*
-	* @param object $obj
-	*
-	* @return object
-	*/
-    private function maskSensitiveProperties ($obj)
-    {
-		// first retrieve all properties of the passed object
-        $reflectObj = new \ReflectionObject($obj);
-        $props = $this->getPropertiesInclBase($reflectObj);
-
-		// for composite property recursively execute; for scalars, do a check and mask
-        foreach($props as $i => $prop){
-			$propValue=$prop->getValue($obj);
-			
-			// for object and arrays, recursively call for inner elements
-			if(is_object($propValue)){
-				$prop->setValue($obj, $this->maskSensitiveProperties($propValue));
-            }
-			else if(is_array($propValue)){
-				$newVals=array();
-				foreach($propValue as $i=>$arrEle)
-				{
-					$newVals[]=$this->maskSensitiveProperties($arrEle);
-				}
-				$prop->setValue($obj, $newVals);
-            }
-			// else check if the property represents a sensitive field. If so, mask.
-            else{
-				$res=$this->checkAndMask($prop, $obj);
-				if($res)
-					$prop->setValue($obj, $res);
-            }
-        }
-		
-        return $obj;
-    }
-	
-	/**
-	* Object data masking related functions END
-	*/
-	
-	/**
-	* private function getMasked($raw).
-	*
-	* called by log()
-	*
-	* @param mixed $raw
-	*
-	* @return string
-	*/
     private function getMasked($raw)
-    { //always returns string
+    {
         $messageType = gettype($raw);
         $message="";
         if ($messageType == "string") {
             $message = $this->maskSensitiveXmlString($raw);
         }
-        else if($messageType == "object"){
-			$obj = unserialize(serialize($raw)); // deep copying the object
-			$message = print_r($this->maskSensitiveProperties($obj), true); //object to string
-        }
         return $message;
     }
-	
-	private function log($logLevelPrefix, $logMessage, $flags){
+    public function debug($logMessage, $flags=FILE_APPEND)
+    {
+        if(ANET_LOG_DEBUG >= ANET_LOG_LEVEL){
+            $this->log(ANET_LOG_DEBUG_PREFIX, $logMessage,$flags);
+        }
+    }
+    public function info($logMessage, $flags=FILE_APPEND){
+        if(ANET_LOG_INFO >= ANET_LOG_LEVEL) {
+            $this->log(ANET_LOG_INFO_PREFIX, $logMessage,$flags);
+        }
+    }
+    public function error($logMessage, $flags=FILE_APPEND){
+        if(ANET_LOG_ERROR >= ANET_LOG_LEVEL) {
+            $this->log(ANET_LOG_ERROR_PREFIX, $logMessage,$flags);
+        }
+    }
+    private function log($logLevelPrefix, $logMessage, $flags){
         //masking
         $logMessage = $this->getMasked($logMessage);
 
@@ -215,26 +97,6 @@ private function log($logLevelPrefix, $logMessage, $flags){
             $methodName, $fileName, $lineNumber, $logMessage);
         file_put_contents(ANET_LOG_FILE, $logString, $flags);
     }
-	
-    public function debug($logMessage, $flags=FILE_APPEND)
-    {
-        if(ANET_LOG_DEBUG >= ANET_LOG_LEVEL){
-            $this->log(ANET_LOG_DEBUG_PREFIX, $logMessage,$flags);
-        }
-    }
-	
-    public function info($logMessage, $flags=FILE_APPEND){
-        if(ANET_LOG_INFO >= ANET_LOG_LEVEL) {
-            $this->log(ANET_LOG_INFO_PREFIX, $logMessage,$flags);
-        }
-    }
-	
-    public function error($logMessage, $flags=FILE_APPEND){
-        if(ANET_LOG_ERROR >= ANET_LOG_LEVEL) {
-            $this->log(ANET_LOG_ERROR_PREFIX, $logMessage,$flags);
-        }
-    }
-	
     public function __construct(){
         $this->sensitiveXmlTags = ANetSensitiveFields::getSensitiveXmlTags();
     }