More explicit about apple payment session request

- fixed the certkeypath
- Added the request JSON (optional) to specify the URL (domain)
- Added minor details about the opaque response

Author: rgaudin

donation-api/Dockerfile

@@ -40,6 +40,8 @@ ENV APPLEPAY_DISPLAYNAME=
 ENV APPLEPAY_PAYMENT_SESSION_INITIATIVE=
 ENV APPLEPAY_PAYMENT_SESSION_INITIATIVE_CONTEXT=
 # ENV APPLEPAY_PAYMENT_SESSION_REQ_TIMEOUT_SEC=5
+ENV APPLEPAY_MERCHANT_CERTIFICATE=
+ENV APPLEPAY_MERCHANT_CERTIFICATE_KEY=
 ENV APPLEPAY_MERCHANT_CERTIFICATE_PATH=/etc/ssl/certs/applepay_merchant.pem
 ENV APPLEPAY_MERCHANT_CERTIFICATE_KEY_PATH=/etc/ssl/certs/applepay_merchant.key
 

donation-api/src/donation_api/constants.py

@@ -76,7 +76,7 @@ def __post_init__(self):
             self.applepay_merchant_certificate_path = pathlib.Path(certpath)
         certkeypath = os.getenv("APPLEPAY_MERCHANT_CERTIFICATE_KEY_PATH") or ""
         if certkeypath:
-            self.applepay_merchant_certificate_key_path = pathlib.Path(certpath)
+            self.applepay_merchant_certificate_key_path = pathlib.Path(certkeypath)
 
     @property
     def stripe_secret_api_key(self) -> str:

donation-api/src/donation_api/stripe.py

@@ -61,9 +61,17 @@ class StripeWebhookResponse(BaseModel):
     status: str
 
 
+class ApplePayPaymentSessionRequest(BaseModel):
+    # defaulting to test gateway
+    validation_url: str = "apple-pay-gateway-cert.apple.com"
+
+
 class OpaqueApplePayPaymentSession(BaseModel):
     model_config = ConfigDict(extra="allow")
 
+    initiative: str
+    initiativeContext: str
+
 
 async def get_body(request: Request):
     """raw request body"""
@@ -285,7 +293,23 @@ def webhook_received(
     },
     status_code=HTTPStatus.OK,
 )
-async def create_payment_session():
+async def create_payment_session(ps_payload: ApplePayPaymentSessionRequest):
+    allowed_domains: list[str] = [
+        # Global
+        "apple-pay-gateway.apple.com",
+        # China
+        "cn-apple-pay-gateway.apple.com",
+        # Testing (Global)
+        "apple-pay-gateway-cert.apple.com",
+        # Testing (China)
+        "cn-apple-pay-gateway-cert.apple.com",
+    ]
+    if ps_payload.validation_url not in allowed_domains:
+        raise HTTPException(
+            status_code=HTTPStatus.FORBIDDEN,
+            detail="Validation URL is not in Apple's whitelist",
+        )
+
     payload = {
         "merchantIdentifier": conf.applepay_merchant_identifier,
         "displayName": conf.applepay_displayname,
@@ -295,7 +319,7 @@ async def create_payment_session():
 
     data: dict[str, Any] = {}
     resp = requests.post(
-        url="https://apple-pay-gateway.apple.com/paymentservices/paymentSession",
+        url=f"https://{ps_payload.validation_url}/paymentservices/paymentSession",
         cert=(
             str(conf.applepay_merchant_certificate_path),
             str(conf.applepay_merchant_certificate_key_path),