improved logging + autotests

api/gateway/mntx/internal/service/monetix/client.go

@@ -2,10 +2,6 @@ package monetix
 
 import (
 	"context"
-	"crypto/hmac"
-	"crypto/sha256"
-	"encoding/hex"
-	"encoding/json"
 	"net/http"
 
 	"github.com/tech/sendico/pkg/mlogger"
@@ -45,21 +41,3 @@ func (c *Client) CreateCardTokenPayout(ctx context.Context, req CardTokenPayoutR
 func (c *Client) CreateCardTokenization(ctx context.Context, req CardTokenizeRequest) (*TokenizationResult, error) {
 	return c.sendTokenization(ctx, req)
 }
-
-func signPayload(payload any, secret string) (string, error) {
-	data, err := json.Marshal(payload)
-	if err != nil {
-		return "", err
-	}
-
-	h := hmac.New(sha256.New, []byte(secret))
-	if _, err := h.Write(data); err != nil {
-		return "", err
-	}
-	return hex.EncodeToString(h.Sum(nil)), nil
-}
-
-// SignPayload exposes signature calculation for callback verification.
-func SignPayload(payload any, secret string) (string, error) {
-	return signPayload(payload, secret)
-}

api/gateway/mntx/internal/service/monetix/mask_test.go

@@ -0,0 +1,23 @@
+package monetix
+
+import "testing"
+
+func TestMaskPAN(t *testing.T) {
+	cases := []struct {
+		input    string
+		expected string
+	}{
+		{input: "1234", expected: "****"},
+		{input: "1234567890", expected: "12******90"},
+		{input: "1234567890123456", expected: "123456******3456"},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.input, func(t *testing.T) {
+			got := MaskPAN(tc.input)
+			if got != tc.expected {
+				t.Fatalf("expected %q, got %q", tc.expected, got)
+			}
+		})
+	}
+}

api/gateway/mntx/internal/service/monetix/sender.go

@@ -24,7 +24,7 @@ func (c *Client) sendCardPayout(ctx context.Context, req CardPayoutRequest) (*Ca
 	maskedPAN := MaskPAN(req.Card.PAN)
 	return c.send(ctx, &req, "/v2/payment/card/payout",
 		func() {
-			c.logger.Info("dispatching Monetix card payout",
+			c.logger.Info("Dispatching Monetix card payout",
 				zap.String("payout_id", req.General.PaymentID),
 				zap.Int64("amount_minor", req.Payment.Amount),
 				zap.String("currency", req.Payment.Currency),
@@ -47,7 +47,7 @@ func (c *Client) sendCardPayout(ctx context.Context, req CardPayoutRequest) (*Ca
 func (c *Client) sendCardTokenPayout(ctx context.Context, req CardTokenPayoutRequest) (*CardPayoutSendResult, error) {
 	return c.send(ctx, &req, "/v2/payment/card/payout/token",
 		func() {
-			c.logger.Info("dispatching Monetix card token payout",
+			c.logger.Info("Dispatching Monetix card token payout",
 				zap.String("payout_id", req.General.PaymentID),
 				zap.Int64("amount_minor", req.Payment.Amount),
 				zap.String("currency", req.Payment.Currency),
@@ -101,7 +101,7 @@ func (c *Client) sendTokenization(ctx context.Context, req CardTokenizeRequest)
 	httpReq.Header.Set("Content-Type", "application/json")
 	httpReq.Header.Set("Accept", "application/json")
 
-	c.logger.Info("dispatching Monetix card tokenization",
+	c.logger.Info("Dispatching Monetix card tokenization",
 		zap.String("request_id", req.General.PaymentID),
 		zap.String("masked_pan", MaskPAN(req.Card.PAN)),
 	)
@@ -111,7 +111,7 @@ func (c *Client) sendTokenization(ctx context.Context, req CardTokenizeRequest)
 	duration := time.Since(start)
 	if err != nil {
 		observeRequest(outcomeNetworkError, duration)
-		c.logger.Warn("monetix tokenization request failed", zap.Error(err))
+		c.logger.Warn("Monetix tokenization request failed", zap.Error(err))
 		return nil, merrors.Internal("monetix tokenization request failed: " + err.Error())
 	}
 	defer resp.Body.Close()
@@ -133,7 +133,7 @@ func (c *Client) sendTokenization(ctx context.Context, req CardTokenizeRequest)
 	var apiResp APIResponse
 	if len(body) > 0 {
 		if err := json.Unmarshal(body, &apiResp); err != nil {
-			c.logger.Warn("failed to decode Monetix tokenization response", zap.String("request_id", req.General.PaymentID), zap.Int("status_code", resp.StatusCode), zap.Error(err))
+			c.logger.Warn("Failed to decode Monetix tokenization response", zap.String("request_id", req.General.PaymentID), zap.Int("status_code", resp.StatusCode), zap.Error(err))
 		} else {
 			var tokenData struct {
 				Token       string `json:"token"`
@@ -245,7 +245,7 @@ func (c *Client) send(ctx context.Context, req any, path string, dispatchLog fun
 	var apiResp APIResponse
 	if len(body) > 0 {
 		if err := json.Unmarshal(body, &apiResp); err != nil {
-			c.logger.Warn("failed to decode Monetix response", zap.Int("status_code", resp.StatusCode), zap.Error(err))
+			c.logger.Warn("Failed to decode Monetix response", zap.Int("status_code", resp.StatusCode), zap.Error(err))
 		}
 	}
 

api/gateway/mntx/internal/service/monetix/sender_test.go

@@ -0,0 +1,128 @@
+package monetix
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"io"
+	"net/http"
+	"strings"
+	"testing"
+
+	"go.uber.org/zap"
+)
+
+type roundTripperFunc func(*http.Request) (*http.Response, error)
+
+func (f roundTripperFunc) RoundTrip(r *http.Request) (*http.Response, error) {
+	return f(r)
+}
+
+func TestSendCardPayout_SignsPayload(t *testing.T) {
+	secret := "secret"
+	var captured CardPayoutRequest
+
+	httpClient := &http.Client{
+		Transport: roundTripperFunc(func(r *http.Request) (*http.Response, error) {
+			if r.URL.Path != "/v2/payment/card/payout" {
+				t.Fatalf("expected payout path, got %q", r.URL.Path)
+			}
+			body, _ := io.ReadAll(r.Body)
+			if err := json.Unmarshal(body, &captured); err != nil {
+				t.Fatalf("failed to decode request: %v", err)
+			}
+			resp := APIResponse{}
+			resp.Operation.RequestID = "req-1"
+			payload, _ := json.Marshal(resp)
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Body:       io.NopCloser(bytes.NewReader(payload)),
+				Header:     http.Header{"Content-Type": []string{"application/json"}},
+			}, nil
+		}),
+	}
+
+	cfg := Config{
+		BaseURL:   "https://monetix.test",
+		SecretKey: secret,
+	}
+	client := NewClient(cfg, httpClient, zap.NewNop())
+
+	req := CardPayoutRequest{
+		General: General{ProjectID: 1, PaymentID: "payout-1"},
+		Customer: Customer{
+			ID:        "cust-1",
+			FirstName: "Jane",
+			LastName:  "Doe",
+			IP:        "203.0.113.10",
+		},
+		Payment: Payment{Amount: 1000, Currency: "RUB"},
+		Card:    Card{PAN: "4111111111111111", Year: 2030, Month: 12, CardHolder: "JANE DOE"},
+	}
+
+	result, err := client.CreateCardPayout(context.Background(), req)
+	if err != nil {
+		t.Fatalf("expected no error, got %v", err)
+	}
+	if !result.Accepted {
+		t.Fatalf("expected accepted response")
+	}
+	if captured.General.Signature == "" {
+		t.Fatalf("expected signature in request")
+	}
+
+	signed := captured
+	signed.General.Signature = ""
+	expectedSig, err := SignPayload(signed, secret)
+	if err != nil {
+		t.Fatalf("failed to compute signature: %v", err)
+	}
+	if captured.General.Signature != expectedSig {
+		t.Fatalf("expected signature %q, got %q", expectedSig, captured.General.Signature)
+	}
+}
+
+func TestSendCardPayout_HTTPError(t *testing.T) {
+	httpClient := &http.Client{
+		Transport: roundTripperFunc(func(r *http.Request) (*http.Response, error) {
+			body := `{"code":"E100","message":"denied"}`
+			return &http.Response{
+				StatusCode: http.StatusBadRequest,
+				Body:       io.NopCloser(strings.NewReader(body)),
+				Header:     http.Header{"Content-Type": []string{"application/json"}},
+			}, nil
+		}),
+	}
+
+	cfg := Config{
+		BaseURL:   "https://monetix.test",
+		SecretKey: "secret",
+	}
+	client := NewClient(cfg, httpClient, zap.NewNop())
+
+	req := CardPayoutRequest{
+		General: General{ProjectID: 1, PaymentID: "payout-1"},
+		Customer: Customer{
+			ID:        "cust-1",
+			FirstName: "Jane",
+			LastName:  "Doe",
+			IP:        "203.0.113.10",
+		},
+		Payment: Payment{Amount: 1000, Currency: "RUB"},
+		Card:    Card{PAN: "4111111111111111", Year: 2030, Month: 12, CardHolder: "JANE DOE"},
+	}
+
+	result, err := client.CreateCardPayout(context.Background(), req)
+	if err != nil {
+		t.Fatalf("expected no error, got %v", err)
+	}
+	if result.Accepted {
+		t.Fatalf("expected rejected response")
+	}
+	if result.ErrorCode != "E100" {
+		t.Fatalf("expected error code E100, got %q", result.ErrorCode)
+	}
+	if result.ErrorMessage != "denied" {
+		t.Fatalf("expected error message denied, got %q", result.ErrorMessage)
+	}
+}

api/gateway/mntx/internal/service/monetix/signature.go

@@ -0,0 +1,112 @@
+package monetix
+
+import (
+	"bytes"
+	"crypto/hmac"
+	"crypto/sha512"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"sort"
+	"strconv"
+	"strings"
+)
+
+func signPayload(payload any, secret string) (string, error) {
+	canonical, err := signaturePayloadString(payload)
+	if err != nil {
+		return "", err
+	}
+
+	mac := hmac.New(sha512.New, []byte(secret))
+	if _, err := mac.Write([]byte(canonical)); err != nil {
+		return "", err
+	}
+	return base64.StdEncoding.EncodeToString(mac.Sum(nil)), nil
+}
+
+// SignPayload exposes signature calculation for callback verification.
+func SignPayload(payload any, secret string) (string, error) {
+	return signPayload(payload, secret)
+}
+
+func signaturePayloadString(payload any) (string, error) {
+	data, err := json.Marshal(payload)
+	if err != nil {
+		return "", err
+	}
+
+	var root any
+	decoder := json.NewDecoder(bytes.NewReader(data))
+	decoder.UseNumber()
+	if err := decoder.Decode(&root); err != nil {
+		return "", err
+	}
+
+	lines := make([]string, 0)
+	collectSignatureLines(nil, root, &lines)
+	sort.Strings(lines)
+
+	return strings.Join(lines, ";"), nil
+}
+
+func collectSignatureLines(path []string, value any, lines *[]string) {
+	switch v := value.(type) {
+	case map[string]any:
+		for key, child := range v {
+			if strings.EqualFold(key, "signature") {
+				continue
+			}
+			collectSignatureLines(append(path, key), child, lines)
+		}
+	case []any:
+		if len(v) == 0 {
+			return
+		}
+		for idx, child := range v {
+			collectSignatureLines(append(path, strconv.Itoa(idx)), child, lines)
+		}
+	default:
+		line := formatSignatureLine(path, v)
+		if line != "" {
+			*lines = append(*lines, line)
+		}
+	}
+}
+
+func formatSignatureLine(path []string, value any) string {
+	if len(path) == 0 {
+		return ""
+	}
+	val := signatureValueString(value)
+	segments := append(append([]string{}, path...), val)
+	return strings.Join(segments, ":")
+}
+
+func signatureValueString(value any) string {
+	switch v := value.(type) {
+	case nil:
+		return "null"
+	case string:
+		return v
+	case json.Number:
+		return v.String()
+	case bool:
+		if v {
+			return "1"
+		}
+		return "0"
+	case float64:
+		return strconv.FormatFloat(v, 'f', -1, 64)
+	case float32:
+		return strconv.FormatFloat(float64(v), 'f', -1, 32)
+	case int:
+		return strconv.Itoa(v)
+	case int8, int16, int32, int64:
+		return fmt.Sprint(v)
+	case uint, uint8, uint16, uint32, uint64:
+		return fmt.Sprint(v)
+	default:
+		return fmt.Sprint(v)
+	}
+}

api/gateway/mntx/internal/service/monetix/signature_test.go

@@ -0,0 +1,148 @@
+package monetix
+
+import "testing"
+
+func TestSignaturePayloadString_Example(t *testing.T) {
+	payload := map[string]any{
+		"general": map[string]any{
+			"project_id": 3254,
+			"payment_id": "id_38202316",
+			"signature":  "<ignored>",
+		},
+		"customer": map[string]any{
+			"id":         "585741",
+			"email":      "johndoe@example.com",
+			"first_name": "John",
+			"last_name":  "Doe",
+			"address":    "Downing str., 23",
+			"identify": map[string]any{
+				"doc_number": "54122312544",
+			},
+			"ip_address": "198.51.100.47",
+		},
+		"payment": map[string]any{
+			"amount":      10800,
+			"currency":    "USD",
+			"description": "Computer keyboards",
+		},
+		"receipt_data": map[string]any{
+			"positions": []any{
+				map[string]any{
+					"quantity":    "10",
+					"amount":      "108",
+					"description": "Computer keyboard",
+				},
+			},
+		},
+		"return_url": map[string]any{
+			"success": "https://paymentpage.example.com/complete-redirect?id=success",
+			"decline": "https://paymentpage.example.com/complete-redirect?id=decline",
+		},
+	}
+
+	got, err := signaturePayloadString(payload)
+	if err != nil {
+		t.Fatalf("failed to build signature string: %v", err)
+	}
+
+	expected := "customer:address:Downing str., 23;customer:email:johndoe@example.com;customer:first_name:John;customer:id:585741;customer:identify:doc_number:54122312544;customer:ip_address:198.51.100.47;customer:last_name:Doe;general:payment_id:id_38202316;general:project_id:3254;payment:amount:10800;payment:currency:USD;payment:description:Computer keyboards;receipt_data:positions:0:amount:108;receipt_data:positions:0:description:Computer keyboard;receipt_data:positions:0:quantity:10;return_url:decline:https://paymentpage.example.com/complete-redirect?id=decline;return_url:success:https://paymentpage.example.com/complete-redirect?id=success"
+	if got != expected {
+		t.Fatalf("unexpected signature string\nexpected: %s\ngot: %s", expected, got)
+	}
+}
+
+func TestSignPayload_Example(t *testing.T) {
+	payload := map[string]any{
+		"general": map[string]any{
+			"project_id": 3254,
+			"payment_id": "id_38202316",
+			"signature":  "<ignored>",
+		},
+		"customer": map[string]any{
+			"id":         "585741",
+			"email":      "johndoe@example.com",
+			"first_name": "John",
+			"last_name":  "Doe",
+			"address":    "Downing str., 23",
+			"identify": map[string]any{
+				"doc_number": "54122312544",
+			},
+			"ip_address": "198.51.100.47",
+		},
+		"payment": map[string]any{
+			"amount":      10800,
+			"currency":    "USD",
+			"description": "Computer keyboards",
+		},
+		"receipt_data": map[string]any{
+			"positions": []any{
+				map[string]any{
+					"quantity":    "10",
+					"amount":      "108",
+					"description": "Computer keyboard",
+				},
+			},
+		},
+		"return_url": map[string]any{
+			"success": "https://paymentpage.example.com/complete-redirect?id=success",
+			"decline": "https://paymentpage.example.com/complete-redirect?id=decline",
+		},
+	}
+
+	got, err := SignPayload(payload, "secret")
+	if err != nil {
+		t.Fatalf("failed to sign payload: %v", err)
+	}
+	expected := "lagSnuspAn+F6XkmQISqwtBg0PsiTy62fF9x33TM+278mnufIDZyi1yP0BQALuCxyikkIxIMbodBn2F8hMdRwA=="
+	if got != expected {
+		t.Fatalf("unexpected signature\nexpected: %s\ngot: %s", expected, got)
+	}
+}
+
+func TestSignaturePayloadString_BooleansAndArrays(t *testing.T) {
+	payload := map[string]any{
+		"flag":       true,
+		"false_flag": false,
+		"empty":      "",
+		"zero":       0,
+		"nested": map[string]any{
+			"list":  []any{},
+			"items": []any{"alpha", "beta"},
+		},
+	}
+
+	got, err := signaturePayloadString(payload)
+	if err != nil {
+		t.Fatalf("failed to build signature string: %v", err)
+	}
+
+	expected := "empty:;false_flag:0;flag:1;nested:items:0:alpha;nested:items:1:beta;zero:0"
+	if got != expected {
+		t.Fatalf("unexpected signature string\nexpected: %s\ngot: %s", expected, got)
+	}
+}
+
+func TestSignPayload_EthEstimateGasExample(t *testing.T) {
+	payload := map[string]any{
+		"jsonrpc": "2.0",
+		"id":      3,
+		"method":  "eth_estimateGas",
+		"params": []any{
+			map[string]any{
+				"from":     "0xfa89b4d534bdeb2713d4ffd893e79d6535fb58f8",
+				"to":       "0x44162e39eefd9296231e772663a92e72958e182f",
+				"gasPrice": "0x64",
+				"data":     "0xa9059cbb00000000000000000000000044162e39eefd9296231e772663a92e72958e182f00000000000000000000000000000000000000000000000000000000000f4240",
+			},
+		},
+	}
+
+	got, err := SignPayload(payload, "1")
+	if err != nil {
+		t.Fatalf("failed to sign payload: %v", err)
+	}
+	expected := "C4WbSvXKSMyX8yLamQcUe/Nzr6nSt9m3HYn4jHSyA7yi/FaTiqk0r8BlfIzfxSCoDaRgrSd82ihgZW+DxELhdQ=="
+	if got != expected {
+		t.Fatalf("unexpected signature\nexpected: %s\ngot: %s", expected, got)
+	}
+}