public static boolean isExpired(int year, int month) always return true on active cards

PaystackHQ / paystack-android

Paystack SDK for Android. Accept payments on Android

Apache License 2.0

126 stars 102 forks source link

public static boolean isExpired(int year, int month) always return true on active cards #11

Closed stonekase closed 7 years ago

stonekase commented 7 years ago

The cause of the problem for now is in the "CardUtils class" of the android SDK and needs to be fixed asap. The method isExpired always returns true for a valid card given valid dates ,this leads to valid cards always not passing the verification stage.

How to recreate it is to pass valid date of card to it and it will return true which implies expired.I also attached screenshots. I have lso added my CardUtils class i modified that worked. CardUtils.zip

alwaysreturntrue cardutilsissues codeexpired screenshot_2017-02-18-10-54-25

ibrahimlawal commented 7 years ago

@stonekase the util expects a 4 digit year

stonekase commented 7 years ago

but it has a function that handles that within and it works perfectly, method called (normalize) look at the second image i posted.i circled near normalize and normalize does that job if year is not 4 digit

stonekase commented 7 years ago

Kindly look at my fix,there seem to be an internal java error with the method you employed to verify valid year and month and its not your fault...........i had to explicitly use if-else to fix it

stonekase commented 7 years ago

zipped fix that work attached. CardUtils.zip

ibrahimlawal commented 7 years ago

Please make a Pull Request so we can check and merge

ibrahimlawal commented 7 years ago

card.validExpiryDate() would help ensure the isExpired function is called properly.

I would suggest you build the card then call the Validation functions on that object. That's how you'll truly take advantage of our library's validation.

stonekase commented 7 years ago

i get your point but it is best most of the checks are done on the client and also independent of creating the card object as there is no default constructor and several inputs might not be valid before it gets to the part to create the card object.

for example, i already detect a bad CVV or Bad card year,it is pointless to proceed to create the card object as there is no default constructor and these parameters are invalid.

for the pull request,i really dont use it so i don't know how to go about it that's why i posted the Zip.

ibrahimlawal commented 7 years ago

@stonekase it's really cheaper for you.

E.g. to validate ExpiryDate

card = new Card.Builder("", 0, 0, "").build();
card.setExpiryMonth(month);
card.setExpiryYear(year);

card.validExpiryDate()

As for default constructor, we can expose that in a future build. You may submit that as a fresh issue. Making your code depend on the internals of a library can make it hard to sustain.

Hope that helps.

stonekase commented 7 years ago

well i know about the class above but doesnt help a textwatcher but swell writting an sdk can get u exhausted i get.