solidus_stripe 3.0.0 → 4.1.0

data/app/assets/javascripts/spree/frontend/solidus_stripe/stripe-payment-request-button-shared.js

@@ -83,36 +83,73 @@
         this.showError(response.error);
         this.completePaymentRequest(payment, 'fail');
       } else if (response.requires_action) {
-        this.stripe.handleCardAction(
-          response.stripe_payment_intent_client_secret
-        ).then(this.onIntentsClientSecret.bind(this));
+        var clientSecret = response.stripe_payment_intent_client_secret;
+        var onConfirmCardPayment = this.onConfirmCardPayment.bind(this);
+
+        this.stripe.confirmCardPayment(
+          clientSecret,
+          {payment_method: payment.paymentMethod.id},
+          {handleActions: false}
+        ).then(function(confirmResult) {
+          onConfirmCardPayment(confirmResult, payment, clientSecret)
+        });
       } else {
-        this.completePaymentRequest(payment, 'success');
-        this.submitPayment(payment);
+        this.completePayment(payment, response.stripe_payment_intent_id)
       }
     },
 
-    onIntentsClientSecret: function(result) {
-      if (result.error) {
-        this.showError(result.error);
+    onConfirmCardPayment: function(confirmResult, payment, clientSecret) {
+      onStripeResponse = function(response, payment) {
+        if (response.error) {
+          this.showError(response.error);
+        } else {
+          this.completePayment(payment, response.paymentIntent.id)
+        }
+      }.bind(this);
+
+      if (confirmResult.error) {
+        this.completePaymentRequest(payment, 'fail');
+        this.showError(confirmResult.error);
       } else {
-        fetch('/stripe/confirm_intents', {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify({
-            spree_payment_method_id: this.config.id,
-            stripe_payment_intent_id: result.paymentIntent.id,
-            authenticity_token: this.authToken
-          })
-        }).then(function(confirmResult) {
-          return confirmResult.json();
-        }).then(this.handleServerResponse.bind(this));
+        this.completePaymentRequest(payment, 'success');
+        this.stripe.confirmCardPayment(clientSecret).then(function(response) {
+          onStripeResponse(response, payment);
+        });
       }
     },
 
+    completePayment: function(payment, stripePaymentIntentId) {
+      var onCreateBackendPayment = function (response) {
+        if (response.error) {
+          this.completePaymentRequest(payment, 'fail');
+          this.showError(response.error);
+        } else {
+          this.completePaymentRequest(payment, 'success');
+          this.submitPayment(payment);
+        }
+      }.bind(this);
+
+      fetch('/stripe/create_payment', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          form_data: this.form ? this.form.serialize() : payment.shippingAddress,
+          spree_payment_method_id: this.config.id,
+          stripe_payment_intent_id: stripePaymentIntentId,
+          authenticity_token: this.authToken
+        })
+      }).then(function(solidusPaymentResponse) {
+        return solidusPaymentResponse.json();
+      }).then(onCreateBackendPayment)
+    },
+
     completePaymentRequest: function(payment, state) {
       if (payment && typeof payment.complete === 'function') {
         payment.complete(state);
+        if (state === 'fail') {
+          // restart the button (required in order to force address choice)
+          new SolidusStripe.CartPageCheckout().init();
+        }
       }
     }
   };

data/app/assets/javascripts/spree/frontend/solidus_stripe/stripe-payment.js

@@ -6,5 +6,11 @@ SolidusStripe.Payment = function() {
   this.authToken = $('meta[name="csrf-token"]').attr('content');
 
   this.stripe = Stripe(this.config.publishable_key);
-  this.elements = this.stripe.elements({locale: 'en'});
+  this.elements = this.stripe.elements(this.elementsBaseOptions());
+};
+
+SolidusStripe.Payment.prototype.elementsBaseOptions = function () {
+  return {
+    locale: 'en'
+  };
 };

data/app/controllers/solidus_stripe/intents_controller.rb

@@ -4,27 +4,23 @@ module SolidusStripe
   class IntentsController < Spree::BaseController
     include Spree::Core::ControllerHelpers::Order
 
-    def confirm
-      begin
-        if params[:stripe_payment_method_id].present?
-          intent = stripe.create_intent(
-            (current_order.total * 100).to_i,
-            params[:stripe_payment_method_id],
-            currency: current_order.currency,
-            confirmation_method: 'manual',
-            confirm: true,
-            setup_future_usage: 'on_session',
-            metadata: { order_id: current_order.id }
-          )
-        elsif params[:stripe_payment_intent_id].present?
-          intent = stripe.confirm_intent(params[:stripe_payment_intent_id], nil)
-        end
-      rescue Stripe::CardError => e
-        render json: { error: e.message }, status: 500
-        return
-      end
+    def create_intent
+      @intent = create_payment_intent
+      generate_payment_response
+    end
+
+    def create_payment
+      create_payment_service = SolidusStripe::CreateIntentsPaymentService.new(
+        params[:stripe_payment_intent_id],
+        stripe,
+        self
+      )
 
-      generate_payment_response(intent)
+      if create_payment_service.call
+        render json: { success: true }
+      else
+        render json: { error: "Could not create payment" }, status: 500
+      end
     end
 
     private
@@ -33,20 +29,38 @@ module SolidusStripe
       @stripe ||= Spree::PaymentMethod::StripeCreditCard.find(params[:spree_payment_method_id])
     end
 
-    def generate_payment_response(intent)
-      response = intent.params
+    def generate_payment_response
+      response = @intent.params
       # Note that if your API version is before 2019-02-11, 'requires_action'
       # appears as 'requires_source_action'.
       if %w[requires_source_action requires_action].include?(response['status']) && response['next_action']['type'] == 'use_stripe_sdk'
-          render json: {
-            requires_action: true,
-            stripe_payment_intent_client_secret: response['client_secret']
-          }
-      elsif response['status'] == 'succeeded'
-        render json: { success: true }
+        render json: {
+          requires_action: true,
+          stripe_payment_intent_client_secret: response['client_secret']
+        }
+      elsif response['status'] == 'requires_capture'
+        render json: {
+          success: true,
+          requires_capture: true,
+          stripe_payment_intent_id: response['id']
+        }
       else
         render json: { error: response['error']['message'] }, status: 500
       end
     end
+
+    def create_payment_intent
+      stripe.create_intent(
+        (current_order.total * 100).to_i,
+        params[:stripe_payment_method_id],
+        description: "Solidus Order ID: #{current_order.number} (pending)",
+        currency: current_order.currency,
+        confirmation_method: 'automatic',
+        capture_method: 'manual',
+        confirm: true,
+        setup_future_usage: 'off_session',
+        metadata: { order_id: current_order.id }
+      )
+    end
   end
 end

data/app/decorators/models/spree/order_update_attributes_decorator.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module Spree
+  module OrderUpdateAttributesDecorator
+    def assign_payments_attributes
+      return if payments_attributes.empty?
+      return if adding_new_stripe_payment_intents_card?
+
+      stripe_intents_pending_payments.each(&:void_transaction!)
+
+      super
+    end
+
+    private
+
+    def adding_new_stripe_payment_intents_card?
+      paying_with_stripe_intents? && stripe_intents_pending_payments.any?
+    end
+
+    def stripe_intents_pending_payments
+      @stripe_intents_pending_payments ||= order.payments.valid.select do |payment|
+        payment_method = payment.payment_method
+        payment.pending? && stripe_intents?(payment_method)
+      end
+    end
+
+    def paying_with_stripe_intents?
+      if id = payments_attributes.first&.dig(:payment_method_id)
+        stripe_intents?(Spree::PaymentMethod.find(id))
+      end
+    end
+
+    def stripe_intents?(payment_method)
+      payment_method.respond_to?(:v3_intents?) && payment_method.v3_intents?
+    end
+
+    ::Spree::OrderUpdateAttributes.prepend(self)
+  end
+end

data/app/decorators/models/spree/payment_decorator.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Spree
+  module PaymentDecorator
+    def gateway_order_identifier
+      gateway_order_id
+    end
+
+    ::Spree::Payment.prepend(self)
+  end
+end

data/app/decorators/models/spree/refund_decorator.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module Spree
+  module RefundDecorator
+    attr_reader :response
+
+    Spree::Refund.prepend(self)
+  end
+end

data/app/models/solidus_stripe/address_from_params_service.rb

@@ -4,7 +4,7 @@ module SolidusStripe
   class AddressFromParamsService
     attr_reader :address_params, :user
 
-    def initialize(address_params, user)
+    def initialize(address_params, user = nil)
       @address_params, @user = address_params, user
     end
 
@@ -43,7 +43,10 @@ module SolidusStripe
     end
 
     def state
-      @state ||= country.states.find_by_abbr(address_params[:region])
+      @state ||= begin
+        region = address_params[:region]
+        country.states.find_by(abbr: region) || country.states.find_by(name: region)
+      end
     end
 
     def default_attributes

data/app/models/solidus_stripe/create_intents_payment_service.rb

@@ -0,0 +1,113 @@
+# frozen_string_literal: true
+
+module SolidusStripe
+  class CreateIntentsPaymentService
+    attr_reader :intent_id, :stripe, :controller
+
+    delegate :request, :current_order, :params, to: :controller
+
+    def initialize(intent_id, stripe, controller)
+      @intent_id, @stripe, @controller = intent_id, stripe, controller
+    end
+
+    def call
+      invalidate_previous_payment_intents_payments
+      if (payment = create_payment)
+        description = "Solidus Order ID: #{payment.gateway_order_identifier}"
+        stripe.update_intent(nil, intent_id, nil, description: description)
+        true
+      else
+        invalidate_current_payment_intent
+        false
+      end
+    end
+
+    private
+
+    def intent
+      @intent ||= stripe.show_intent(intent_id, {})
+    end
+
+    def invalidate_current_payment_intent
+      stripe.cancel(intent_id)
+    end
+
+    def invalidate_previous_payment_intents_payments
+      if stripe.v3_intents?
+        current_order.payments.pending.where(payment_method: stripe).each(&:void_transaction!)
+      end
+    end
+
+    def create_payment
+      Spree::OrderUpdateAttributes.new(
+        current_order,
+        payment_params,
+        request_env: request.headers.env
+      ).apply
+
+      created_payment = Spree::Payment.find_by(response_code: intent_id)
+      created_payment&.tap { |payment| payment.update!(state: :pending) }
+    end
+
+    def payment_params
+      {
+        payments_attributes: [{
+          payment_method_id: stripe.id,
+          amount: current_order.total,
+          response_code: intent_id,
+          source_attributes: {
+            month: intent_card['exp_month'],
+            year: intent_card['exp_year'],
+            cc_type: intent_card['brand'],
+            last_digits: intent_card['last4'],
+            gateway_payment_profile_id: intent_customer_profile,
+            name: card_holder_name || address_full_name,
+            address_attributes: address_attributes
+          }
+        }]
+      }
+    end
+
+    def intent_card
+      intent_data['payment_method_details']['card']
+    end
+
+    def intent_customer_profile
+      intent.params['payment_method']
+    end
+
+    def card_holder_name
+      (html_payment_source_data['name'] || intent_data['billing_details']['name']).presence
+    end
+
+    def intent_data
+      intent.params['charges']['data'][0]
+    end
+
+    def form_data
+      params[:form_data]
+    end
+
+    def html_payment_source_data
+      if form_data.is_a?(String)
+        data = Rack::Utils.parse_nested_query(form_data)
+        data['payment_source'][stripe.id.to_s]
+      else
+        {}
+      end
+    end
+
+    def address_attributes
+      html_payment_source_data['address_attributes'] || SolidusStripe::AddressFromParamsService.new(form_data).call.attributes
+    end
+
+    def address_full_name
+      current_order.bill_address&.full_name || form_data[:recipient]
+    end
+
+    def update_stripe_payment_description
+      description = "Solidus Order ID: #{payment.gateway_order_identifier}"
+      stripe.update_intent(nil, intent_id, nil, description: description)
+    end
+  end
+end

data/app/models/spree/payment_method/stripe_credit_card.rb

@@ -15,6 +15,8 @@ module Spree
         'Visa' => 'visa'
       }
 
+      delegate :create_intent, :update_intent, :confirm_intent, :show_intent, to: :gateway
+
       def stripe_config(order)
         {
           id: id,
@@ -59,14 +61,6 @@ module Spree
         true
       end
 
-      def create_intent(*args)
-        gateway.create_intent(*args)
-      end
-
-      def confirm_intent(*args)
-        gateway.confirm_intent(*args)
-      end
-
       def purchase(money, creditcard, transaction_options)
         gateway.purchase(*options_for_purchase_or_auth(money, creditcard, transaction_options))
       end
@@ -87,6 +81,21 @@ module Spree
         gateway.void(response_code, {})
       end
 
+      def payment_intents_refund_reason
+        Spree::RefundReason.where(name: Spree::Payment::Cancellation::DEFAULT_REASON).first_or_create
+      end
+
+      def try_void(payment)
+        if v3_intents? && payment.completed?
+          payment.refunds.create!(
+            amount: payment.credit_allowed,
+            reason: payment_intents_refund_reason
+          ).response
+        else
+          payment.void_transaction!
+        end
+      end
+
       def cancel(response_code)
         gateway.void(response_code, {})
       end
@@ -140,8 +149,9 @@ module Spree
 
       def options_for_purchase_or_auth(money, creditcard, transaction_options)
         options = {}
-        options[:description] = "Spree Order ID: #{transaction_options[:order_id]}"
+        options[:description] = "Solidus Order ID: #{transaction_options[:order_id]}"
         options[:currency] = transaction_options[:currency]
+        options[:off_session] = true if v3_intents?
 
         if customer = creditcard.gateway_customer_profile_id
           options[:customer] = customer