Multiple vpn connection for VPN Gateway

All the PCs in the LAN currently connects to internet via a single VPN Connection:

                    +------+ Devices +---------> | TUN0 |+-----> ISP ROUTER                     +------+ 

Now, I need to connect the devices to the internet via 2 VPN Connection; some of them to connect via tun0, while others via tun1.

                    +------+ Device 1 +--------> | TUN0 |                            |+------> ISP ROUTER    Device 2 +--------> | TUN1 |                     +------+ 

How can I do this?

azure application gateway spring boot app vm scaleset

I have a setup of azure vm scaleset, each linux vm running java spring boot app on specific port (8070). I need to use a domain with https on application gateway and use linux vmss with java app as backend pools.

I am aware this can be done with azure lb but i need to use ssl. If this is possible with gateway, what would be configurations for ‘listeners’, ‘rules’ and ‘http settings’

I saw a question which is relevant to mine , but i need much more help.


Payment Gateway needs Initialize and Authorize

I am developing Saferpay payment gateway for Commerce 2.x Drupal 8. It should be off-site (iFrame) payment.

So in short. In order to complete transaction, first I have to call “/Payment/v1/PaymentPage/Initialize” which returns me a link for an Iframe and that actually works.

$  payload = array(   'RequestHeader' => array(     'SpecVersion' => "1.10",     'CustomerId' => "custID",     'RequestId' => "reqID",     'RetryIndicator' => 0   ),   'TerminalId' => "TermID",   'PaymentMethods' => array("VISA", "MASTERCARD"),   'Payment' => array(     'Amount' => array(       'Value' => "1234",       'CurrencyCode' => "EUR"     ),     'OrderId' => "123",     'Description' => "desc_123"   ),   'ReturnUrls' => array(     'Success' => $  form['#return_url'],     'Fail' => $  form['#cancel_url']   ),   'Styling' => array(     'Theme' => "NONE"   ) ); 

Then i build an iFrame

$  response = RedirectCheckout::do_curl($  username, $  password, $  url_init, $  payload); $  redirectURL = $  response['body']['RedirectUrl']; $  form = $  this->buildRedirectForm($  form, $  form_state, $  redirectURL, $  response, "POST"); return $  form; 


public function buildRedirectForm(array $  form, FormStateInterface $  form_state, $  redirect_url, array $  data, $  redirect_method = BasePaymentOffsiteForm::REDIRECT_POST){ $  form['saferpay_markup'] = [   '#type' => 'inline_template',   '#template' => '<iframe src="' . $  redirect_url . '"></iframe>', ]; return $  form;} 

Second, I have to use “/Payment/v1/Transaction/Authorize” to autohrize the transaction.

My problem is that “onReturn” function always finishes the Order before its actually finished, before I run it through Autohrize.

My Questions:

  1. How can I read data that has been sent from off-site payment form (redirect method = POST)
  2. Whats the best way to implement Authorize in between.

Sorry for the long post guys, I wanted to explain as best as I can.

Thanks for your response.

Problem getting custom payment gateway setup on Magento Cloud

So I am working on a custom payment gateway extension. It installs and works beautifully in my test server. Right now I’m trying to get it install on Magento Cloud.

I follow their installation instructions, and can see that my database changes are present, but my payment gateway doesn’t show up in the store configuration.

Here is my repo:

Any ideas?

Magento2 set order status after payment gateway response

I’m implementing a payment gateway and I successfully created the payment method. But now, I need to get the new order status and pass it to admin order grid. For that I wrote a controller that receives a post from the payment gateway and a model, but not is happening in the order grid. Status is stuck at payment review all the time. I posted my code bellow to see if someone can help me find the reason why it is not working.



<?php   namespace Vendor\Module\Controller\Notification;   class Index extends \Magento\Framework\App\Action\Action {  protected $  _logger;  protected $  _helper;  protected $  _notification;  protected $  _modelOrder;  public function __construct(\Magento\Payment\Model\Method\Logger $  logger, \Magento\Sales\Model\Order $  modelOrder, \Vendor\Module\Helper\Abstract $  helper, \Vendor\Module\Model\Notification $  notification, \Magento\Framework\App\Action\Context $  context) {     $  this->_notification = $  notification;     $  this->_logger = $  logger;     $  this->_helper = $  helper;     $  this->_modelOrder = $  modelOrder;     parent::__construct($  context); }  public function execute() {     $  this->_helper->initApiLib();        try{       if (\Api\Helpers\Xhr::hasPost()) {          $  notification = $  this->_notification->transactionNotification();//I called the Api class in Model and here it returns an array containing the id of the order and id of status.          $  reference = $  notification->getReference(); // it returns the order id         $  this->_modelOrder->loadByIncrementId($  reference);         $  status = $  transaction->getStatus(); //it returns the id of status in payment gateway          $  this->_notification->setStatusOrder($  this->_modelOrder->loadByIncrementId($  reference), $  status);                     } else {             throw new \InvalidArgumentException($  _POST);         }          } catch (Exception $  e) {         die($  e->getMessage());         }    }  } 

And my model


<?php   namespace Vendor\Module\Model;     class Notification   {  public function __construct(\Vendor\Module\Helper\Abstract $  helper) {     $  this->_helper = $  helper; }   public function transactionNotification(){       $  transaction =      \Api\Services\Transactions\Notification::check(         \Api\Configuration\Configure::getAccountCredentials()     );       if($  transaction){         return $  transaction;     } }      public function setStatusOrder(\Magento\Sales\Model\Order $  order){     if($  status == 3){         if($  order->getStatus() != 'processing') {             $  order->setStatus('processing');             $  order->setState('processing');             $  order->addStatusHistoryComment('Success', 'processing');             $  order->setTotalPaid($  order->getGrandTotal());             $  order->setBaseTotalPaid($  order->getGrandTotal());             $  invoice = $  order->getInvoiceCollection()->getLastItem();             $  this->_invoice->load($  invoice->getId());             $  this->_invoice->setTransactionId($  transaction->getCode());             $  this->_invoice->pay();             $  this->_invoice->save();         }     }elseif($  status == 7){         $  invoice = $  order->getInvoiceCollection()->getLastItem();         $  this->_invoice->load($  invoice->getId());         $  this->_invoice->cancel();         $  order->cancel();         $  order->addStatusHistoryComment('Cancelled', 'canceled');     }     $  order->save();   }  } 

Security implications of exposing payment gateway secret API key


In payment gateways such as Coinbase or G2A Pay, the typical payment flow goes as follow:

  1. POST to the gateway with the secret API key and metadata (price etc) to generate a payment URL.
  2. Redirect the client to the payment URL.
  3. Server receives payment notification through webhook and verify the payment (through the signature attached to the payload).


Step 1 is typically performed by the server to avoid leaking the API key to the client.

However, if I were to generate the payment URL on the client’s side (for performance — eliminate one RTT to server), the API key will be leaked to the public.
What would be the security implications of that?

Step 3 security

For Coinbase, the webhook signature uses a different API key so I can still verify the authenticity of the payment notification through the signature.
For G2A Pay, I can perform a GET to the payment gateway with the transaction id to verify the payment.

Potential vulnerabilities considered

With the API key, any user will be able to make a payment and attribute it to another user (by specifying the other user’s id in the metadata). However, there would be no incentive for any user to do so.