flowcommerce-solidus 0.1.11

data/static/app/flow/flow/order.rb

@@ -0,0 +1,267 @@
+# represents flow.io order
+# for easy intgration we pass current
+# - flow experirnce
+# - solidus / spree order
+# - current customer, presetnt as  @current_spree_user controller instance variable
+#
+# example:
+#  flow_order = Flow::Order.new    # init flow-order object
+#    order: Spree::Order.last,
+#    experience: @flow_session.experience
+#    customer: Spree::User.last
+#  fo.build_flow_request           # builds json body to be posted to flow api
+#  fo.synchronize!                 # sends order to flow
+
+class Flow::Order
+  FLOW_CENTER = 'default' unless defined?(::Flow::Order::FLOW_CENTER)
+
+  attr_reader     :response
+  attr_reader     :order
+  attr_reader     :customer
+  attr_reader     :body
+
+  class << self
+    def clear_cache order
+      return unless order.flow_data['order']
+      order.flow_data.delete('order')
+      order.update_column :flow_data, order.flow_data.dup
+    end
+  end
+
+  ###
+
+  def initialize order:, experience: nil, customer: nil
+    # when sending email, we do not have experience defined
+    unless experience
+      if order.flow_order
+        experience = Flow::Experience.get(order.flow_order['experience']['key'])
+      else
+        raise(ArgumentError, 'Experience not defined and not found in flow data')
+      end
+    end
+
+    @experience = experience
+    @order      = order
+    @customer   = customer
+    @items      = []
+  end
+
+  # helper method to send complete order from spreee to flow
+  def synchronize!
+    sync_body!
+    check_state!
+    write_response_in_cache
+    @response
+  end
+
+  def error
+    @response['messages'].join(', ')
+  end
+
+  def error_code
+    @response['code']
+  end
+
+  def error?
+    @response && @response['code'] && @response['messages']
+  end
+
+  def delivery
+    deliveries.select{ |el| el[:active] }.first
+  end
+
+  # delivery methods are defined in flow console
+  def deliveries
+    # if we have erorr with an order, but still using this method
+    return [] unless @order.flow_order
+
+    @order.flow_data ||= {}
+
+    delivery_list = @order.flow_order['deliveries'][0]['options']
+    delivery_list = delivery_list.map do |opts|
+      name         = opts['tier']['name']
+      name        += ' (%s)' % opts['tier']['strategy'] if opts['tier']['strategy']
+      selection_id = opts['id']
+
+      {
+        id:    selection_id,
+        price: { label: opts['price']['label'] },
+        active: @order.flow_order['selections'].include?(selection_id),
+        name: name
+      }
+    end.to_a
+
+    # make first one active unless we have active element
+    delivery_list.first[:active] = true unless delivery_list.select{ |el| el[:active] }.first
+
+    delivery_list
+  end
+
+  def total_price
+    @order.flow_total
+  end
+
+  def delivered_duty
+    # paid is default
+    @order.flow_data['delivered_duty'] || ::Io::Flow::V0::Models::DeliveredDuty.paid.value
+  end
+
+  private
+
+  # if customer is defined, add customer info
+  # it is possible to have order in solidus without customer info (new guest session)
+  def add_customer opts
+    return unless @customer
+
+    address = @customer.ship_address
+    # address = nil
+    if address
+      opts[:customer] = {
+        name:   {
+          first: address.firstname,
+          last: address.lastname
+        },
+        email:  @customer.email,
+        number: @customer.flow_number,
+        phone:  address.phone
+      }
+
+      streets = []
+      streets.push address.address1 unless address.address1.blank?
+      streets.push address.address2 unless address.address2.blank?
+
+      opts[:destination] = {
+        streets:  streets,
+        city:     address.city,
+        province: address.state_name,
+        postal:   address.zipcode,
+        country: (address.country.iso3 rescue 'USA'),
+        contact: opts[:customer]
+      }
+
+      opts[:destination].delete_if { |k,v| v.nil? }
+    end
+
+    opts
+  end
+
+  # builds object that can be sent to api.flow.io to sync order data
+  def build_flow_request
+    @order.line_items.each do |line_item|
+      add_item line_item
+    end
+
+    flow_number = @order.flow_number
+
+    opts = {}
+    opts[:organization] = Flow.organization
+    opts[:experience]   = @experience.key
+    opts[:expand]       = 'experience'
+
+    body = {}
+    body = {
+      items:  @items,
+      number: flow_number
+    }
+
+    add_customer body if @customer
+
+    # if defined, add selection (delivery options) and delivered_duty from flow_data
+    body[:selections]     = [@order.flow_data['selection']]    if @order.flow_data['selection']
+    body[:delivered_duty] = @order.flow_data['delivered_duty'] if @order.flow_data['delivered_duty']
+
+    # discount on full order is applied
+    if @order.adjustment_total != 0
+      body[:discount] = {
+        amount: @order.adjustment_total,
+        currency: @order.currency
+      }
+    end
+
+    # calculate digest body and cache it
+    @digest = Digest::SHA1.hexdigest(opts.to_json + body.to_json)
+
+    [opts, body]
+  end
+
+  def sync_body!
+    opts, @body = build_flow_request
+
+    @use_get = false
+
+    # use get if order is completed and closed
+    @use_get = true if @order.state == 'complete'
+
+    # use get if local digest hash check said there is no change
+    @use_get ||= true if @order.flow_data['digest'] == @digest
+
+    # do not use get if there is no local order cache
+    @use_get = false unless @order.flow_data['order']
+
+    if @use_get
+      @response = Flow.api :get, '/:organization/orders/%s' % @body[:number], expand: 'experience'
+    else
+      # replace when fixed integer error
+      # @body[:items].map! { |item| ::Io::Flow::V0::Models::LineItemForm.new(item) }
+      # opts[:experience] = @experience.key
+      # order_put_form = ::Io::Flow::V0::Models::OrderPutForm.new(@body)
+      # r FlowCommerce.instance.orders.put_by_number(Flow.organization, @order.flow_number, order_put_form, opts)
+
+      @response = Flow.api :put, '/:organization/orders/%s' % @body[:number], opts, @body
+    end
+  end
+
+  def check_state!
+    # authorize if not authorized
+    # if !@order.flow_order_authorized?
+
+    # authorize payment on complete, unless authorized
+    if @order.state == 'complete' && !@order.flow_order_authorized?
+      simple_gateway = Flow::SimpleGateway.new(@order)
+      simple_gateway.cc_authorization
+    end
+
+    @order.flow_finalize! if @order.flow_order_authorized? && @order.state != 'complete'
+  end
+
+  def add_item line_item
+    variant    = line_item.variant
+    price_root = variant.flow_data['exp'][@experience.key]['prices'][0] rescue {}
+
+    # create flow order line item
+    item = {
+      center: FLOW_CENTER,
+      number: variant.id.to_s,
+      quantity: line_item.quantity,
+      price: {
+        amount:   price_root['amount']   || variant.cost_price,
+        currency: price_root['currency'] || variant.cost_currency
+      }
+    }
+
+    @items.push item
+  end
+
+  # set cache for total order ammount
+  # written in flow_data field inside spree_orders table
+  def write_response_in_cache
+    if !@response || error?
+      @order.flow_data.delete('digest')
+      @order.flow_data.delete('order')
+    else
+      response_total = @response.dig('total', 'label')
+      cache_total    = @order.flow_data.dig('order', 'total', 'label')
+
+      # return if total is not changed, no products removed or added
+      return if @use_get && response_total == cache_total
+
+      # update local order
+      @order.flow_data['digest'] = @digest
+      @order.flow_data['order']  = @response.to_hash
+    end
+
+    @order.save
+  end
+
+end
+

data/static/app/flow/flow/pay_pal.rb

@@ -0,0 +1,27 @@
+# Flow.io (2017)
+# communicates with flow api, responds to webhook events
+
+module Flow::PayPal
+  extend self
+
+  def get_id(order)
+    if order.flow_order
+      # get PayPal ID using Flow api
+      body = {
+        # discriminator: 'merchant_of_record_payment_form',
+        method:        'paypal',
+        order_number:  order.number,
+        amount:        order.flow_order.total.amount,
+        currency:      order.flow_order.total.currency,
+      }
+
+      # Flow.api :post, '/:organization/payments', {}, body
+
+      form     = ::Io::Flow::V0::Models::MerchantOfRecordPaymentForm.new body
+      FlowCommerce.instance.payments.post Flow.organization, form
+    else
+      # to do
+      raise 'PayPal only supported while using flow'
+    end
+  end
+end

data/static/app/flow/flow/session.rb

@@ -0,0 +1,77 @@
+# Flow.io (2017)
+  # communicates with flow api, easy access to session
+
+class Flow::Session
+  attr_accessor :session, :localized, :visitor
+
+  def self.restore packed_session
+    Marshal.load packed_session
+  end
+
+  # flow session can ve created via IP or local cached OrganizationSession dump
+  # Flow::Experience.all.first.key
+  # Flow sessions need buest-guess visitor_id and
+  def initialize ip:, visitor:
+    ip = '127.0.0.1' if ip == '::1'
+
+    @ip      = ip
+    @visitor = visitor
+  end
+
+  # create session with blank data
+  def create
+    data = {
+      ip:    @ip,
+      visit: {
+        id:         @visitor,
+        expires_at: (Time.now+30.minutes).iso8601
+      }
+    }
+
+    session_model = ::Io::Flow::V0::Models::SessionForm.new data
+    @session      = FlowCommerce.instance.sessions.post_organizations_by_organization Flow.organization, session_model
+  end
+
+  # if we want to manualy switch to specific country or experience
+  def update data
+    @session = FlowCommerce.instance.sessions.put_by_session(
+      @session.id,
+      ::Io::Flow::V0::Models::SessionPutForm.new(data)
+    )
+  end
+
+  def dump
+    Marshal.dump self
+  end
+
+  # get local experience or return nil
+  def experience
+    @session.local ? @session.local.experience : Flow::Experience.default
+  end
+
+  def local
+    @session.local
+  end
+
+  def id
+    @session.id
+  end
+
+  def localized?
+    # use flow if we are not in default country
+    return false unless local
+    return false if @localized.class == FalseClass
+    local.country.iso_3166_3 != ENV.fetch('FLOW_BASE_COUNTRY').upcase
+  end
+
+  # because we do not get full experience from session, we have to get from exp list
+  def delivered_duty_options
+    Hashie::Mash.new Flow::Experience.get(experience.key).settings.delivered_duty.to_hash
+  end
+
+  # if we have more than one choice, we show choice popup
+  def offers_delivered_duty_choice?
+    delivered_duty_options.available.length > 1
+  end
+end
+

data/static/app/flow/flow/simple_crypt.rb

@@ -0,0 +1,30 @@
+# Flow.io (2017)
+# Module uses rails engine for encrypt and decrypt
+
+# example
+# enc1 = Flow::SimpleCrypt.encrypt('foo')
+# Flow::SimpleCrypt.encrypt(enc1)
+#
+# example with salt
+# enc2 = Flow::SimpleCrypt.encrypt('bar', '127.0.0.1')
+# Flow::SimpleCrypt.encrypt(enc2)              # raises error: ActiveSupport::MessageVerifier::InvalidSignature
+# Flow::SimpleCrypt.encrypt(enc2, '127.0.0.1') # ok
+
+module Flow::SimpleCrypt
+  extend self
+
+  def encrypt_base(salt)
+    local_secret = Rails.application.secrets.secret_key_base[0,32]
+    key          = ActiveSupport::KeyGenerator.new(local_secret).generate_key(salt || '', 32)
+
+    ActiveSupport::MessageEncryptor.new(key)
+  end
+
+  def encrypt(raw_data, salt=nil)
+    encrypt_base(salt).encrypt_and_sign(raw_data)
+  end
+
+  def decrypt(enc_data, salt=nil)
+    encrypt_base(salt).decrypt_and_verify(enc_data)
+  end
+end

data/static/app/flow/flow/simple_gateway.rb

@@ -0,0 +1,123 @@
+# Flow.io (2017)
+# communicates with Flow payments API, easy access to session
+# to basic shop frontend and backend needs
+
+class Flow::SimpleGateway
+  cattr_accessor :clear_zero_amount_payments
+
+  def initialize(order)
+    @order = order
+  end
+
+  # authorises credit card and prepares for capture
+  def cc_authorization
+    auth_form      = get_authorization_form
+    response       = FlowCommerce.instance.authorizations.post(Flow.organization, auth_form)
+    status_message = response.result.status.value
+    status         = status_message == ::Io::Flow::V0::Models::AuthorizationStatus.authorized.value
+
+    store = {
+                   key: response.key,
+                amount: response.amount,
+              currency: response.currency,
+      authorization_id: response.id
+    }
+
+    @order.update_column :flow_data, @order.flow_data.merge('authorization': store)
+
+    if self.class.clear_zero_amount_payments
+      @order.payments.where(amount:0, state: ['invalid', 'processing', 'pending']).map(&:destroy)
+    end
+
+    ActiveMerchant::Billing::Response.new(status, status_message, { response: response }, { authorization: store })
+  rescue Io::Flow::V0::HttpClient::ServerError => exception
+    error_response(exception)
+  end
+
+  # capture authorised funds
+  def cc_capture
+    # GET /:organization/authorizations, order_number: abc
+    data = @order.flow_data['authorization']
+
+    raise ArgumentError, 'No Authorization data, please authorize first' unless data
+
+    capture_form = ::Io::Flow::V0::Models::CaptureForm.new(data)
+    response     = FlowCommerce.instance.captures.post(Flow.organization, capture_form)
+
+    if response.id
+      @order.update_column :flow_data, @order.flow_data.merge('capture': response.to_hash)
+      @order.flow_finalize!
+
+      ActiveMerchant::Billing::Response.new true, 'success', { response: response }
+    else
+      ActiveMerchant::Billing::Response.new false, 'error', { response: response }
+    end
+  rescue => exception
+    error_response(exception)
+  end
+
+  def cc_refund
+    raise ArgumentError, 'capture info is not available' unless @order.flow_data['capture']
+
+    # we allways have capture ID, so we use it
+    refund_data = { capture_id: @order.flow_data['capture']['id'] }
+    refund_form = ::Io::Flow::V0::Models::RefundForm.new(refund_data)
+    response    = FlowCommerce.instance.refunds.post(Flow.organization, refund_form)
+
+    if response.id
+      @order.update_column :flow_data, @order.flow_data.merge('refund': response.to_hash)
+      ActiveMerchant::Billing::Response.new true, 'success', { response: response }
+    else
+      ActiveMerchant::Billing::Response.new false, 'error', { response: response }
+    end
+  rescue => exception
+    error_response(exception)
+  end
+
+  private
+
+  # if order is not in flow, we use local solidus settings
+  def in_flow?
+    @order.flow_order ? true : false
+  end
+
+  def get_authorization_form
+    if in_flow?
+      # we have order id so we allways use MerchantOfRecordAuthorizationForm
+      ::Io::Flow::V0::Models::MerchantOfRecordAuthorizationForm.new({
+        'order_number':  @order.flow_number,
+        'currency':      @order.flow_order.total.currency,
+        'amount':        @order.flow_order.total.amount,
+        'token':         cc_get_token,
+      })
+    else
+      # when not using flow, we fall back to solidus default
+      ::Io::Flow::V0::Models::DirectAuthorizationForm.new({
+        'currency':      @order.currency,
+        'amount':        @order.total,
+        'token':         cc_get_token,
+      })
+    end
+  end
+
+  # gets credit card token
+  def cc_get_token
+    cards = @order.credit_cards.select{ |cc| cc[:flow_data]['cc_token'] }
+    raise StandarError.new('Credit card not found') unless cards.first
+
+    cards.first.flow_data['cc_token'] || raise(StandardError.new 'Flow credit card token not found')
+  end
+
+  # we want to return errors in standardized format
+  def error_response(exception_object, message=nil)
+    message = if exception_object.respond_to?(:body) && exception_object.body.length > 0
+      description  = JSON.load(exception_object.body)['messages'].to_sentence
+      '%s: %s (%s)' % [exception_object.details, description, exception_object.code]
+    else
+      exception_object.message
+    end
+
+    ActiveMerchant::Billing::Response.new(false, message, exception: exception_object)
+  end
+end
+