@reactionary/source 0.0.41 → 0.0.48

package/providers/commercetools/src/core/client.ts

@@ -1,147 +1,176 @@
-import { ClientBuilder } from '@commercetools/ts-client';
+import {
+  ClientBuilder,
+  type TokenCache,
+  type TokenCacheOptions,
+  type TokenStore,
+} from '@commercetools/ts-client';
 import { createApiBuilderFromCtpClient } from '@commercetools/platform-sdk';
-import { CommercetoolsConfiguration } from '../schema/configuration.schema';
-
-const ANONYMOUS_SCOPES = [
-  'view_published_products',
-  'manage_shopping_lists',
-  'view_shipping_methods',
-  'manage_customers',
-  'view_product_selections',
-  'view_categories',
-  'view_project_settings',
-  'manage_order_edits',
-  'view_sessions',
-  'view_standalone_prices',
-  'manage_orders',
-  'view_tax_categories',
-  'view_cart_discounts',
-  'view_discount_codes',
-  'create_anonymous_token',
-  'manage_sessions',
-  'view_products',
-  'view_types',
-];
-const GUEST_SCOPES = [...ANONYMOUS_SCOPES];
-const REGISTERED_SCOPES = [...GUEST_SCOPES];
-
-export class CommercetoolsClient {
-  protected config: CommercetoolsConfiguration;
-
-  constructor(config: CommercetoolsConfiguration) {
-    this.config = config;
-  }
-
-  public getClient(token?: string) {
-    if (token) {
-      return this.createClientWithToken(token);
+import type { CommercetoolsConfiguration } from '../schema/configuration.schema';
+import { randomUUID } from 'crypto';
+import { GuestIdentitySchema, IdentitySchema, type RequestContext } from '@reactionary/core';
+import * as crypto from 'crypto';
+
+export class RequestContextTokenCache implements TokenCache {
+  constructor(protected context: RequestContext) {}
+
+  public async get(
+    tokenCacheOptions?: TokenCacheOptions
+  ): Promise<TokenStore | undefined> {
+    const identity = this.context.identity;
+
+    if (identity.type !== 'Anonymous') {
+      return {
+        refreshToken: identity.refresh_token,
+        token: identity.token || '',
+        expirationTime: identity.expiry.getTime(),
+      };
     }
 
-    return this.createAnonymousClient();
+    return undefined;
   }
 
-  public async login(username: string, password: string) {
-    const scopes = REGISTERED_SCOPES.map(
-      (scope) => `${scope}:${this.config.projectKey}`
-    ).join(' ');
-    const queryParams = new URLSearchParams({
-      grant_type: 'password',
-      username: username,
-      password: password,
-      scope: scopes,
-    });
-    const url = `${this.config.authUrl}/oauth/${
-      this.config.projectKey
-    }/customers/token?${queryParams.toString()}`;
-    const headers = {
-      Authorization:
-        'Basic ' + btoa(this.config.clientId + ':' + this.config.clientSecret),
-    };
-
-    const remote = await fetch(url, { method: 'POST', headers });
-    const json = await remote.json();
+  public async set(
+    cache: TokenStore,
+    tokenCacheOptions?: TokenCacheOptions
+  ): Promise<void> {
+    const identity = this.context.identity;
 
-    return json;
+    identity.refresh_token = cache.refreshToken;
+    identity.token = cache.token;
+    identity.expiry = new Date(cache.expirationTime);
   }
+}
 
-  public async guest() {
-    const scopes = GUEST_SCOPES.map(
-      (scope) => `${scope}:${this.config.projectKey}`
-    ).join(' ');
-    const queryParams = new URLSearchParams({
-      grant_type: 'client_credentials',
-      scope: scopes,
-    });
-    const url = `${this.config.authUrl}/oauth/${
-      this.config.projectKey
-    }/anonymous/token?${queryParams.toString()}`;
-    const headers = {
-      Authorization:
-        'Basic ' + btoa(this.config.clientId + ':' + this.config.clientSecret),
-    };
-
-    const remote = await fetch(url, { method: 'POST', headers });
-    const json = await remote.json();
+export class CommercetoolsClient {
+  protected config: CommercetoolsConfiguration;
 
-    return json;
+  constructor(config: CommercetoolsConfiguration) {
+    this.config = config;
   }
 
-  public async logout(token: string) {
-    const queryParams = new URLSearchParams({
-      token: token,
-      token_type_hint: 'access_token',
-    });
-    const url = `${
-      this.config.authUrl
-    }/oauth/token/revoke?${queryParams.toString()}`;
-    const headers = {
-      Authorization:
-        'Basic ' + btoa(this.config.clientId + ':' + this.config.clientSecret),
-    };
-
-    const remote = await fetch(url, { method: 'POST', headers });
-
-    return remote;
+  public async getClient(reqCtx: RequestContext) {
+    return this.createClient(reqCtx);
   }
 
-  public async introspect(token: string) {
-    const queryParams = new URLSearchParams({
-      token,
-    });
-    const url = `${this.config.authUrl}/oauth/introspect?` + queryParams;
-    const headers = {
-      Authorization:
-        'Basic ' + btoa(this.config.clientId + ':' + this.config.clientSecret),
-    };
+  public async register(
+    username: string,
+    password: string,
+    reqCtx: RequestContext
+  ) {
+    const cache = new RequestContextTokenCache(reqCtx);
+
+    const registrationBuilder =
+      this.createBaseClientBuilder().withAnonymousSessionFlow({
+        host: this.config.authUrl,
+        projectKey: this.config.projectKey,
+        credentials: {
+          clientId: this.config.clientId,
+          clientSecret: this.config.clientSecret,
+        },
+        scopes: this.config.scopes,
+        tokenCache: cache,
+      });
 
-    const remote = await fetch(url, { method: 'POST', headers });
-    const json = await remote.json();
+    const registrationClient = createApiBuilderFromCtpClient(
+      registrationBuilder.build()
+    );
+    const registration = await registrationClient
+      .withProjectKey({ projectKey: this.config.projectKey })
+      .me()
+      .signup()
+      .post({
+        body: {
+          email: username,
+          password: password,
+        },
+      })
+      .execute();
 
-    return json;
+    const login = await this.login(username, password, reqCtx);
   }
 
-  public createAnonymousClient() {
-    const scopes = ANONYMOUS_SCOPES.map(
-      (scope) => `${scope}:${this.config.projectKey}`
-    ).join(' ');
-    const builder = this.createBaseClientBuilder().withClientCredentialsFlow({
+  public async login(
+    username: string,
+    password: string,
+    reqCtx: RequestContext
+  ) {
+    const cache = new RequestContextTokenCache(reqCtx);
+    const identity = reqCtx.identity;
+
+    const loginBuilder = this.createBaseClientBuilder().withPasswordFlow({
       host: this.config.authUrl,
       projectKey: this.config.projectKey,
       credentials: {
         clientId: this.config.clientId,
         clientSecret: this.config.clientSecret,
+        user: { username, password },
       },
-      scopes: [scopes],
+      tokenCache: cache,
+      scopes: this.config.scopes,
     });
 
-    return createApiBuilderFromCtpClient(builder.build());
+    const loginClient = createApiBuilderFromCtpClient(loginBuilder.build());
+
+    const login = await loginClient
+      .withProjectKey({ projectKey: this.config.projectKey })
+      .me()
+      .get()
+      .execute();
+
+    identity.type = 'Registered';
+    identity.logonId = username;
+    identity.id = {
+      userId: login.body.id
+    };
   }
 
-  protected createClientWithToken(token: string) {
-    const builder = this.createBaseClientBuilder().withExistingTokenFlow(
-      `Bearer ${token}`,
-      { force: true }
-    );
+  public async logout(reqCtx: RequestContext) {
+    const cache = new RequestContextTokenCache(reqCtx);
+    await cache.set({ token: '', refreshToken: '', expirationTime: 0 });
+
+    reqCtx.identity = IdentitySchema.parse({});
+
+    // TODO: We could do token revocation here, if we wanted to. The above simply whacks the session.
+  }
+
+  protected createClient(reqCtx: RequestContext) {
+    const cache = new RequestContextTokenCache(reqCtx);
+    
+    if (reqCtx.identity.type === 'Anonymous') {
+      reqCtx.identity = GuestIdentitySchema.parse({
+        id: {
+          userId: crypto.randomUUID().toString(),
+        },
+        type: 'Guest'
+      });
+    }
+
+    const identity = reqCtx.identity;
+    let builder = this.createBaseClientBuilder();
+
+    if (!identity.token || !identity.refresh_token) {
+      builder = builder.withAnonymousSessionFlow({
+        host: this.config.authUrl,
+        projectKey: this.config.projectKey,
+        credentials: {
+          clientId: this.config.clientId,
+          clientSecret: this.config.clientSecret,
+          anonymousId: identity.id.userId,
+        },
+        tokenCache: cache,
+      });
+    } else {
+      builder = builder.withRefreshTokenFlow({
+        credentials: {
+          clientId: this.config.clientId,
+          clientSecret: this.config.clientSecret,
+        },
+        host: this.config.authUrl,
+        projectKey: this.config.projectKey,
+        refreshToken: identity.refresh_token || '',
+        tokenCache: cache,
+      });
+    }
 
     return createApiBuilderFromCtpClient(builder.build());
   }
@@ -152,6 +181,24 @@ export class CommercetoolsClient {
       .withQueueMiddleware({
         concurrency: 20,
       })
+      .withConcurrentModificationMiddleware({
+        concurrentModificationHandlerFn: (version: number, request: any) => {
+          // We basically ignore concurrency issues for now.
+          // And yes, ideally the frontend would handle this, but as the customer is not really in a position to DO anything about it,
+          // we might as well just deal with it here.....
+
+          console.log(
+            `Concurrent modification error, retry with version ${version}`
+          );
+          const body = request.body as Record<string, any>;
+          body['version'] = version;
+          return Promise.resolve(body);
+        },
+      })
+      .withCorrelationIdMiddleware({
+        // ideally this would be pushed in as part of the session context, so we can trace it end-to-end
+        generate: () => `REACTIONARY-${randomUUID()}`,
+      })
       .withHttpMiddleware({
         retryConfig: {
           backoff: true,

package/providers/commercetools/src/core/initialize.ts

@@ -1,38 +1,43 @@
-import { 
-    CartSchema, 
-    IdentitySchema, 
-    InventorySchema, 
-    PriceSchema, 
-    ProductSchema, 
-    SearchResultSchema, 
-    Cache, 
-    CategorySchema,
+import type {
+    Cache,
     ProductProvider,
     SearchProvider,
     IdentityProvider,
     CartProvider,
     InventoryProvider,
     PriceProvider,
-    CategoryProvider
+    CategoryProvider,
+    StoreProvider} from "@reactionary/core";
+import {
+    CartSchema,
+    IdentitySchema,
+    InventorySchema,
+    PriceSchema,
+    ProductSchema,
+    SearchResultSchema,
+    CategorySchema,
+    CartPaymentInstructionSchema
 } from "@reactionary/core";
-import { CommercetoolsCapabilities } from "../schema/capabilities.schema";
+import type { CommercetoolsCapabilities } from "../schema/capabilities.schema";
 import { CommercetoolsSearchProvider } from "../providers/search.provider";
 import { CommercetoolsProductProvider } from '../providers/product.provider';
-import { CommercetoolsConfiguration } from "../schema/configuration.schema";
+import type { CommercetoolsConfiguration } from "../schema/configuration.schema";
 import { CommercetoolsIdentityProvider } from "../providers/identity.provider";
 import { CommercetoolsCartProvider } from "../providers/cart.provider";
 import { CommercetoolsInventoryProvider } from "../providers/inventory.provider";
 import { CommercetoolsPriceProvider } from "../providers/price.provider";
 import { CommercetoolsCategoryProvider } from "../providers/category.provider";
+import { CommercetoolsCartPaymentProvider } from "../providers/cart-payment.provider";
 
-type CommercetoolsClient<T extends CommercetoolsCapabilities> = 
+type CommercetoolsClient<T extends CommercetoolsCapabilities> =
     (T['cart'] extends true ? { cart: CartProvider } : object) &
     (T['product'] extends true ? { product: ProductProvider } : object) &
     (T['search'] extends true ? { search: SearchProvider } : object) &
     (T['identity'] extends true ? { identity: IdentityProvider } : object) &
     (T['category'] extends true ? { category: CategoryProvider } : object) &
     (T['inventory'] extends true ? { inventory: InventoryProvider } : object) &
-    (T['price'] extends true ? { price: PriceProvider } : object);
+    (T['price'] extends true ? { price: PriceProvider } : object) &
+    (T['store'] extends true ? { store: StoreProvider } : object);
 
 export function withCommercetoolsCapabilities<T extends CommercetoolsCapabilities>(
     configuration: CommercetoolsConfiguration,
@@ -69,6 +74,11 @@ export function withCommercetoolsCapabilities<T extends CommercetoolsCapabilitie
             client.category = new CommercetoolsCategoryProvider(configuration, CategorySchema, cache);
         }
 
+        if (capabilities.cartPayment) {
+          client.cartPayment = new CommercetoolsCartPaymentProvider(configuration, CartPaymentInstructionSchema, cache);
+        }
+
+
         return client;
     };
 }

package/providers/commercetools/src/providers/cart-payment.provider.ts

@@ -0,0 +1,193 @@
+
+import type { CommercetoolsConfiguration } from "../schema/configuration.schema";
+import { CommercetoolsClient } from "../core/client";
+import type { Payment as CTPayment} from "@commercetools/platform-sdk";
+import { PaymentStatus } from "@commercetools/platform-sdk";
+import { traced } from "@reactionary/otel";
+import type { CommercetoolsCartIdentifier} from "../schema/commercetools.schema";
+import { CommercetoolsCartIdentifierSchema, CommercetoolsCartPaymentInstructionIdentifierSchema } from "../schema/commercetools.schema";
+import {  CartPaymentProvider, PaymentMethodIdentifierSchema,  } from "@reactionary/core";
+import type { CartPaymentQueryByCart, CartPaymentMutationAddPayment, CartPaymentMutationCancelPayment, Session, RequestContext , Cache, CartPaymentInstruction, Currency} from "@reactionary/core";
+import type z from "zod";
+
+export class CommercetoolsCartPaymentProvider<
+  T extends CartPaymentInstruction = CartPaymentInstruction
+> extends CartPaymentProvider<T> {
+  protected config: CommercetoolsConfiguration;
+
+  constructor(config: CommercetoolsConfiguration, schema: z.ZodType<T>, cache: Cache) {
+    super(schema, cache);
+
+    this.config = config;
+  }
+
+  protected async getClient(reqCtx: RequestContext) {
+    const client = await new CommercetoolsClient(this.config).getClient(reqCtx);
+
+    return {
+      payments: client.withProjectKey({ projectKey: this.config.projectKey }).me().payments(),
+      carts: client.withProjectKey({ projectKey: this.config.projectKey }).me().carts()
+    };
+  }
+
+
+
+  @traced()
+  public override async getByCartIdentifier(payload: CartPaymentQueryByCart, reqCtx: RequestContext): Promise<T[]> {
+    const client = await this.getClient(reqCtx);
+
+    const ctId = payload.cart as CommercetoolsCartIdentifier;
+    const ctVersion = ctId.version || 0;
+
+    const cart = await client.carts.withId({ ID: ctId.key })
+        .get({
+            queryArgs: {
+              expand: 'paymentInfo.payments[*]',
+            },
+          })
+          .execute();
+
+      let payments = (cart.body.paymentInfo?.payments || []).map(x => x.obj!).filter(x => x);
+      if (payload.status) {
+        payments = payments.filter(payment => payload.status!.some(status => payment.paymentStatus?.interfaceCode === status));
+      }
+
+      // Map over the payments and parse each one
+      const parsedPayments = payments.map(payment => this.parseSingle(payment, reqCtx));
+
+      // Commercetools does not link carts to payments, but the other way around, so for this we have to synthesize the link.
+      const returnPayments = parsedPayments.map(x => {
+        x.cart = { key: cart.body.id, version: cart.body.version || 0 };
+        return x;
+      });
+      return returnPayments;
+  }
+
+
+
+  public override async initiatePaymentForCart(payload: CartPaymentMutationAddPayment, reqCtx: RequestContext): Promise<T> {
+    const client = await this.getClient(reqCtx);
+    const cartId = payload.cart as CommercetoolsCartIdentifier;
+    const response = await client.payments.post({
+      body: {
+
+        amountPlanned: {
+          centAmount: Math.round(payload.paymentInstruction.amount.value * 100),
+          currencyCode: payload.paymentInstruction.amount.currency
+        },
+        paymentMethodInfo: {
+          method: payload.paymentInstruction.paymentMethod.method,
+          name: {
+            [reqCtx.languageContext.locale]: payload.paymentInstruction.paymentMethod.name
+          },
+          paymentInterface: payload.paymentInstruction.paymentMethod.paymentProcessor
+        },
+        custom:{
+          type: {
+            typeId: 'type',
+            key: 'reactionaryPaymentCustomFields',
+          },
+          fields: {
+            cartId: cartId.key,
+            cartVersion: cartId.version + '',
+          }
+        },
+
+      },
+    }).execute();
+
+    // Now add the payment to the cart
+    const ctId = payload.cart as CommercetoolsCartIdentifier
+    const updatedCart = await client.carts.withId({ ID: ctId.key }).post({
+      body: {
+        version: ctId.version,
+        actions: [
+          {
+            'action': 'addPayment',
+            'payment': {
+              'typeId': 'payment',
+              'id': response.body.id
+            }
+          }
+        ]
+      }
+    }).execute();
+
+    const payment = this.parseSingle(response.body, reqCtx);
+
+    // we return the newest cart version so caller can update their cart reference, if they want to.
+    // hopefully this wont cause excessive confusion
+    payment.cart = CommercetoolsCartIdentifierSchema.parse({
+        key: updatedCart.body.id,
+        version: updatedCart.body.version || 0
+      });
+    return payment;
+  }
+
+
+  @traced()
+  public override async cancelPaymentInstruction(payload: CartPaymentMutationCancelPayment, reqCtx: RequestContext): Promise<T> {
+    const client = await this.getClient(reqCtx);
+
+    // get newest version
+    const newestVersion = await client.payments.withId({ ID: payload.paymentInstruction.key }).get().execute();
+
+
+    // we set the planned amount to 0, which effectively cancels the payment, and also allows the backend to clean it up.
+    // Note: This does NOT remove the payment from the cart, as that would be a breaking change to the cart, and we want to avoid that during checkout.
+    // Instead, the payment will remain on the cart, but with status 'canceled', and can be removed later if needed.
+    // This also allows us to keep a record of the payment instruction for auditing purposes.
+    // The cart can be re-used, and a new payment instruction can be added to it later.
+    // The frontend should ignore any payment instructions with status 'canceled' when displaying payment options to the user.
+    const response = await client.payments.withId({ ID: payload.paymentInstruction.key }).post({
+      body: {
+        version: newestVersion.body.version,
+        actions: [
+          {
+            action: 'changeAmountPlanned',
+            amount: {
+              centAmount: 0,
+              currencyCode: newestVersion.body.amountPlanned.currencyCode
+            }
+          },
+        ]
+      }
+    }).execute();
+
+    const payment = this.parseSingle(response.body, reqCtx);
+    payment.cart = payload.cart;
+    return payment;
+  }
+
+
+
+  @traced()
+  protected override parseSingle(_body: unknown, reqCtx: RequestContext): T {
+    const body = _body as CTPayment;
+
+    const base = this.newModel();
+    base.identifier = CommercetoolsCartPaymentInstructionIdentifierSchema.parse({
+      key: body.id,
+      version: body.version || 0
+    });
+
+    base.amount = {
+      value: body.amountPlanned.centAmount / 100,
+      currency: body.amountPlanned.currencyCode as Currency,
+    };
+
+
+    base.paymentMethod = PaymentMethodIdentifierSchema.parse({
+      key: body.paymentMethodInfo?.method
+    });
+
+    // FIXME: seems wrong
+    base.status = body.paymentStatus?.interfaceCode as unknown as any;
+
+    base.cart = { key: '', version: 0 };
+
+    return this.assert(base);
+  }
+
+
+}