@easypayment/medusa-paypal 0.6.8 → 0.7.0

package/src/subscribers/paypal-order-invoice.ts

@@ -1,115 +1,172 @@
-import type { SubscriberArgs, SubscriberConfig } from "@medusajs/framework"
-import type PayPalModuleService from "../modules/paypal/service"
-import { getPayPalAccessToken } from "../modules/paypal/utils/paypal-auth"
-import { isPayPalProviderId } from "../modules/paypal/utils/provider-ids"
-
-export default async function paypalOrderInvoiceHandler({
-  event,
-  container,
-}: SubscriberArgs<{ id: string }>) {
-  const orderId = event?.data?.id
-  if (!orderId) return
-
-  try {
-    const query = container.resolve("query") as any
-    const paypal = container.resolve<PayPalModuleService>("paypal_onboarding")
-
-    // Fetch the order with payment session data
-    const { data: orders } = await query.graph({
-      entity: "order",
-      fields: [
-        "id",
-        "display_id",
-        "payment_collections.payment_sessions.id",
-        "payment_collections.payment_sessions.data",
-        "payment_collections.payment_sessions.provider_id",
-        "payment_collections.payment_sessions.status",
-        "payment_collections.payment_sessions.created_at",
-      ],
-      filters: { id: orderId },
-    })
-
-    const order = orders?.[0]
-    if (!order) return
-
-    // Find the PayPal session
-    const sessions = (order.payment_collections || []).flatMap(
-      (pc: any) => pc.payment_sessions || []
-    )
-
-    const paypalSession = sessions
-      .filter((s: any) => isPayPalProviderId(s.provider_id))
-      .sort(
-        (a: any, b: any) =>
-          new Date(b.created_at || 0).getTime() -
-          new Date(a.created_at || 0).getTime()
-      )[0]
-
-    if (!paypalSession) {
-      console.info("[PayPal] invoice subscriber: no PayPal session found for order", orderId)
-      return
-    }
-
-    const paypalData = ((paypalSession.data || {}).paypal || {}) as Record<string, any>
-    const paypalOrderId = String(paypalData.order_id || "")
-    if (!paypalOrderId) {
-      console.info("[PayPal] invoice subscriber: no PayPal order_id in session for order", orderId)
-      return
-    }
-
-    // Get invoice prefix from settings
-    const settings = await paypal.getSettings().catch(() => ({}))
-    const settingsData =
-      settings && typeof settings === "object" && "data" in settings
-        ? ((settings as { data?: Record<string, any> }).data ?? {})
-        : {}
-    const additionalSettings = (settingsData.additional_settings || {}) as Record<string, any>
-    const invoicePrefix =
-      typeof additionalSettings.invoicePrefix === "string"
-        ? additionalSettings.invoicePrefix
-        : ""
-
-    // Build industry-standard invoice ID: prefix + order display_id
-    // e.g. "WC-140" or "ORD-140"
-    const displayId = String(order.display_id || "")
-    const invoiceId = `${invoicePrefix}${displayId}`.trim()
-    if (!invoiceId) return
-
-    // Patch the PayPal order with the correct invoice_id
-    const creds = await paypal.getActiveCredentials()
-    const { accessToken, base } = await getPayPalAccessToken(creds)
-
-    const patchResp = await fetch(`${base}/v2/checkout/orders/${paypalOrderId}`, {
-      method: "PATCH",
-      headers: {
-        Authorization: `Bearer ${accessToken}`,
-        "Content-Type": "application/json",
-      },
-      body: JSON.stringify([
-        {
-          op: "replace",
-          path: "/purchase_units/@reference_id=='default'/invoice_id",
-          value: invoiceId,
-        },
-      ]),
-    })
-
-    if (patchResp.ok || patchResp.status === 204) {
-      console.info(
-        `[PayPal] invoice_id updated to "${invoiceId}" for PayPal order ${paypalOrderId} (Medusa order #${displayId})`
-      )
-    } else {
-      const text = await patchResp.text().catch(() => "")
-      console.warn(
-        `[PayPal] invoice_id patch failed (${patchResp.status}) for PayPal order ${paypalOrderId}: ${text}`
-      )
-    }
-  } catch (e: any) {
-    // Non-fatal — never block order placement
-    console.warn("[PayPal] paypalOrderInvoiceHandler error:", e?.message || e)
-  }
-}
-
-export const config: SubscriberConfig = {
-  event: "order.placed",
-}
+import type { SubscriberArgs, SubscriberConfig } from "@medusajs/framework"
+import type PayPalModuleService from "../modules/paypal/service"
+import { getPayPalAccessToken } from "../modules/paypal/utils/paypal-auth"
+import { isPayPalProviderId } from "../modules/paypal/utils/provider-ids"
+
+export default async function paypalOrderInvoiceHandler({
+  event,
+  container,
+}: SubscriberArgs<{ id: string }>) {
+  const orderId = event?.data?.id
+  if (!orderId) return
+
+  try {
+    const query = container.resolve("query") as any
+    const paypal = container.resolve<PayPalModuleService>("paypal_onboarding")
+
+    // Fetch the Medusa order with payment session data
+    const { data: orders } = await query.graph({
+      entity: "order",
+      fields: [
+        "id",
+        "display_id",
+        "payment_collections.payment_sessions.id",
+        "payment_collections.payment_sessions.data",
+        "payment_collections.payment_sessions.provider_id",
+        "payment_collections.payment_sessions.status",
+        "payment_collections.payment_sessions.created_at",
+      ],
+      filters: { id: orderId },
+    })
+
+    const order = orders?.[0]
+    if (!order) return
+
+    // Find the PayPal payment session
+    const sessions = (order.payment_collections || []).flatMap(
+      (pc: any) => pc.payment_sessions || []
+    )
+    const paypalSession = sessions
+      .filter((s: any) => isPayPalProviderId(s.provider_id))
+      .sort(
+        (a: any, b: any) =>
+          new Date(b.created_at || 0).getTime() -
+          new Date(a.created_at || 0).getTime()
+      )[0]
+
+    if (!paypalSession) {
+      console.info(
+        "[PayPal] invoice subscriber: no PayPal session for order",
+        orderId
+      )
+      return
+    }
+
+    const paypalData = (
+      (paypalSession.data || {}).paypal || {}
+    ) as Record<string, any>
+    const paypalOrderId = String(paypalData.order_id || "")
+
+    if (!paypalOrderId) {
+      console.info(
+        "[PayPal] invoice subscriber: no order_id in session for order",
+        orderId
+      )
+      return
+    }
+
+    // Build invoice_id: invoicePrefix + display_id (industry standard)
+    const settings = await paypal.getSettings().catch(() => ({}))
+    const settingsData =
+      settings && typeof settings === "object" && "data" in settings
+        ? ((settings as { data?: Record<string, any> }).data ?? {})
+        : {}
+    const additionalSettings = (
+      settingsData.additional_settings || {}
+    ) as Record<string, any>
+    const invoicePrefix =
+      typeof additionalSettings.invoicePrefix === "string"
+        ? additionalSettings.invoicePrefix
+        : ""
+    const displayId = String(order.display_id || "")
+    const invoiceId = `${invoicePrefix}${displayId}`.trim()
+
+    if (!invoiceId) return
+
+    // Get PayPal access token
+    const creds = await paypal.getActiveCredentials()
+    const { accessToken, base } = await getPayPalAccessToken(creds)
+
+    // ── HIGH-VOLUME GUARD ──────────────────────────────────────────────
+    // Check if invoice_id is already correct before sending a PATCH.
+    // Prevents redundant API calls and duplicate-key errors at scale.
+    try {
+      const currentResp = await fetch(
+        `${base}/v2/checkout/orders/${paypalOrderId}`,
+        { headers: { Authorization: `Bearer ${accessToken}` } }
+      )
+      if (currentResp.ok) {
+        const currentOrder = await currentResp.json().catch(() => ({}))
+        const currentInvoiceId =
+          currentOrder?.purchase_units?.[0]?.invoice_id || ""
+        if (currentInvoiceId === invoiceId) {
+          console.info(
+            `[PayPal] invoice_id already "${invoiceId}" — skipping PATCH`
+          )
+          return
+        }
+      }
+    } catch (e: any) {
+      // Non-fatal — proceed with PATCH anyway
+      console.warn("[PayPal] pre-PATCH order fetch failed:", e?.message)
+    }
+    // ──────────────────────────────────────────────────────────────────
+
+    // Try two PATCH paths for robustness:
+    //   Path 1: standard "default" reference_id (new orders after this fix)
+    //   Path 2: array index fallback (orders created before this fix)
+    const patchPaths = [
+      "/purchase_units/@reference_id=='default'/invoice_id",
+      "/purchase_units/0/invoice_id",
+    ]
+
+    let patched = false
+    for (const path of patchPaths) {
+      const patchResp = await fetch(
+        `${base}/v2/checkout/orders/${paypalOrderId}`,
+        {
+          method: "PATCH",
+          headers: {
+            Authorization: `Bearer ${accessToken}`,
+            "Content-Type": "application/json",
+          },
+          body: JSON.stringify([{ op: "replace", path, value: invoiceId }]),
+        }
+      )
+
+      if (patchResp.ok || patchResp.status === 204) {
+        console.info(
+          `[PayPal] invoice_id set to "${invoiceId}"`,
+          `(PayPal order ${paypalOrderId} / Medusa #${displayId})`,
+          `via path: ${path}`
+        )
+        patched = true
+        break
+      }
+
+      const errText = await patchResp.text().catch(() => "")
+      console.warn("[PayPal] invoice_id PATCH attempt failed", {
+        status: patchResp.status,
+        path,
+        paypalOrderId,
+        errText,
+      })
+    }
+
+    if (!patched) {
+      // Hard error log — failures must never be silently swallowed at scale
+      console.error(
+        "[PayPal] CRITICAL: invoice_id PATCH failed for ALL paths.",
+        { paypalOrderId, invoiceId, displayId }
+      )
+    }
+
+  } catch (e: any) {
+    // Non-fatal — never block order placement
+    console.warn("[PayPal] paypalOrderInvoiceHandler error:", e?.message || e)
+  }
+}
+
+export const config: SubscriberConfig = {
+  event: "order.placed",
+}