@wopr-network/platform-core 0.1.0

package/dist/billing/payram/webhook.test.js

@@ -0,0 +1,248 @@
+/**
+ * Unit tests for PayRam webhook handler (WOP-407).
+ *
+ * Covers FILLED/OVER_FILLED crediting the ledger, PARTIALLY_FILLED/CANCELLED
+ * no-op status, idempotency, replay guard, and bot reactivation.
+ */
+import { afterAll, beforeAll, beforeEach, describe, expect, it, vi } from "vitest";
+import { createTestDb, truncateAllTables } from "../../test/db.js";
+import { CreditLedger } from "../../credits/credit-ledger.js";
+import { DrizzleWebhookSeenRepository } from "../drizzle-webhook-seen-repository.js";
+import { noOpReplayGuard } from "../webhook-seen-repository.js";
+import { PayRamChargeRepository } from "./charge-store.js";
+import { handlePayRamWebhook } from "./webhook.js";
+function makePayload(overrides = {}) {
+    return {
+        reference_id: "ref-test-001",
+        status: "FILLED",
+        amount: "25.00",
+        currency: "USDC",
+        filled_amount: "25.00",
+        ...overrides,
+    };
+}
+// TOP OF FILE - shared across ALL describes
+let pool;
+let db;
+beforeAll(async () => {
+    ({ db, pool } = await createTestDb());
+});
+afterAll(async () => {
+    await pool.close();
+});
+describe("handlePayRamWebhook", () => {
+    let chargeStore;
+    let creditLedger;
+    let deps;
+    beforeEach(async () => {
+        await truncateAllTables(pool);
+        chargeStore = new PayRamChargeRepository(db);
+        creditLedger = new CreditLedger(db);
+        deps = { chargeStore, creditLedger, replayGuard: noOpReplayGuard };
+        // Create a default test charge
+        await chargeStore.create("ref-test-001", "tenant-a", 2500);
+    });
+    // ---------------------------------------------------------------------------
+    // FILLED / OVER_FILLED — should credit ledger
+    // ---------------------------------------------------------------------------
+    describe("FILLED status", () => {
+        it("credits the ledger with the requested USD amount", async () => {
+            const result = await handlePayRamWebhook(deps, makePayload({ status: "FILLED" }));
+            expect(result.handled).toBe(true);
+            expect(result.status).toBe("FILLED");
+            expect(result.tenant).toBe("tenant-a");
+            expect(result.creditedCents).toBe(2500);
+            const balance = await creditLedger.balance("tenant-a");
+            expect(balance.toCents()).toBe(2500);
+        });
+        it("uses payram: prefix on reference ID in credit transaction", async () => {
+            await handlePayRamWebhook(deps, makePayload({ status: "FILLED" }));
+            const history = await creditLedger.history("tenant-a");
+            expect(history).toHaveLength(1);
+            expect(history[0].referenceId).toBe("payram:ref-test-001");
+            expect(history[0].type).toBe("purchase");
+        });
+        it("records fundingSource as payram", async () => {
+            await handlePayRamWebhook(deps, makePayload({ status: "FILLED" }));
+            const history = await creditLedger.history("tenant-a");
+            expect(history[0].fundingSource).toBe("payram");
+        });
+        it("marks the charge as credited after FILLED", async () => {
+            await handlePayRamWebhook(deps, makePayload({ status: "FILLED" }));
+            expect(await chargeStore.isCredited("ref-test-001")).toBe(true);
+        });
+        it("is idempotent — duplicate FILLED webhook does not double-credit", async () => {
+            await handlePayRamWebhook(deps, makePayload({ status: "FILLED" }));
+            const result2 = await handlePayRamWebhook(deps, makePayload({ status: "FILLED" }));
+            expect(result2.handled).toBe(true);
+            expect(result2.creditedCents).toBe(0);
+            const balance = await creditLedger.balance("tenant-a");
+            expect(balance.toCents()).toBe(2500); // Only credited once
+        });
+    });
+    describe("OVER_FILLED status", () => {
+        it("credits the requested USD amount (not the overpayment)", async () => {
+            await chargeStore.create("ref-over-001", "tenant-b", 1000);
+            const result = await handlePayRamWebhook(deps, makePayload({
+                reference_id: "ref-over-001",
+                status: "OVER_FILLED",
+                filled_amount: "12.50", // Overpaid by $2.50
+                currency: "ETH",
+            }));
+            expect(result.handled).toBe(true);
+            expect(result.creditedCents).toBe(1000); // Only the requested amount
+            expect((await creditLedger.balance("tenant-b")).toCents()).toBe(1000);
+        });
+    });
+    // ---------------------------------------------------------------------------
+    // Statuses that should NOT credit the ledger
+    // ---------------------------------------------------------------------------
+    describe("PARTIALLY_FILLED status", () => {
+        it("does NOT credit the ledger", async () => {
+            const result = await handlePayRamWebhook(deps, makePayload({ status: "PARTIALLY_FILLED" }));
+            expect(result.handled).toBe(true);
+            expect(result.tenant).toBe("tenant-a");
+            expect(result.creditedCents).toBeUndefined();
+            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(0);
+        });
+    });
+    describe("VERIFYING status", () => {
+        it("does NOT credit the ledger", async () => {
+            const result = await handlePayRamWebhook(deps, makePayload({ status: "VERIFYING" }));
+            expect(result.handled).toBe(true);
+            expect(result.creditedCents).toBeUndefined();
+            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(0);
+        });
+    });
+    describe("OPEN status", () => {
+        it("does NOT credit the ledger", async () => {
+            const result = await handlePayRamWebhook(deps, makePayload({ status: "OPEN" }));
+            expect(result.handled).toBe(true);
+            expect(result.creditedCents).toBeUndefined();
+            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(0);
+        });
+    });
+    describe("CANCELLED status", () => {
+        it("does NOT credit the ledger", async () => {
+            const result = await handlePayRamWebhook(deps, makePayload({ status: "CANCELLED" }));
+            expect(result.handled).toBe(true);
+            expect(result.creditedCents).toBeUndefined();
+            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(0);
+        });
+    });
+    // ---------------------------------------------------------------------------
+    // Unknown reference ID
+    // ---------------------------------------------------------------------------
+    describe("unknown reference_id", () => {
+        it("returns handled:false when charge not found", async () => {
+            const result = await handlePayRamWebhook(deps, makePayload({ reference_id: "ref-unknown-999" }));
+            expect(result.handled).toBe(false);
+            expect(result.tenant).toBeUndefined();
+        });
+    });
+    // ---------------------------------------------------------------------------
+    // Charge store updates
+    // ---------------------------------------------------------------------------
+    describe("charge store updates", () => {
+        it("updates charge status on every webhook call", async () => {
+            await handlePayRamWebhook(deps, makePayload({ status: "VERIFYING" }));
+            const charge = await chargeStore.getByReferenceId("ref-test-001");
+            expect(charge?.status).toBe("VERIFYING");
+        });
+        it("updates currency and filled_amount on FILLED", async () => {
+            await handlePayRamWebhook(deps, makePayload({ status: "FILLED", currency: "USDT", filled_amount: "25.00" }));
+            const charge = await chargeStore.getByReferenceId("ref-test-001");
+            expect(charge?.currency).toBe("USDT");
+            expect(charge?.filledAmount).toBe("25.00");
+        });
+    });
+    // ---------------------------------------------------------------------------
+    // Multiple tenants / reference IDs
+    // ---------------------------------------------------------------------------
+    describe("different reference IDs", () => {
+        it("processes multiple reference IDs independently", async () => {
+            await chargeStore.create("ref-b-001", "tenant-b", 5000);
+            await chargeStore.create("ref-c-001", "tenant-c", 1500);
+            await handlePayRamWebhook(deps, makePayload({ reference_id: "ref-b-001", status: "FILLED" }));
+            await handlePayRamWebhook(deps, makePayload({ reference_id: "ref-c-001", status: "FILLED" }));
+            expect((await creditLedger.balance("tenant-b")).toCents()).toBe(5000);
+            expect((await creditLedger.balance("tenant-c")).toCents()).toBe(1500);
+        });
+    });
+    // ---------------------------------------------------------------------------
+    // Replay guard
+    // ---------------------------------------------------------------------------
+    describe("replay guard", () => {
+        it("blocks duplicate reference_id + status combos", async () => {
+            const replayGuard = new DrizzleWebhookSeenRepository(db);
+            const depsWithGuard = { ...deps, replayGuard };
+            const first = await handlePayRamWebhook(depsWithGuard, makePayload({ status: "FILLED" }));
+            expect(first.handled).toBe(true);
+            expect(first.creditedCents).toBe(2500);
+            expect(first.duplicate).toBeUndefined();
+            const second = await handlePayRamWebhook(depsWithGuard, makePayload({ status: "FILLED" }));
+            expect(second.handled).toBe(true);
+            expect(second.duplicate).toBe(true);
+            expect(second.creditedCents).toBeUndefined();
+            // Only credited once
+            expect((await creditLedger.balance("tenant-a")).toCents()).toBe(2500);
+        });
+        it("same reference_id with different status is not blocked by replay guard", async () => {
+            const replayGuard = new DrizzleWebhookSeenRepository(db);
+            const depsWithGuard = { ...deps, replayGuard };
+            await handlePayRamWebhook(depsWithGuard, makePayload({ status: "VERIFYING" }));
+            const result = await handlePayRamWebhook(depsWithGuard, makePayload({ status: "FILLED" }));
+            expect(result.duplicate).toBeUndefined();
+            expect(result.creditedCents).toBe(2500);
+        });
+    });
+    // ---------------------------------------------------------------------------
+    // Bot reactivation
+    // ---------------------------------------------------------------------------
+    describe("resource reactivation via onCreditsPurchased", () => {
+        it("calls onCreditsPurchased on FILLED and includes reactivatedBots in result", async () => {
+            const mockOnCreditsPurchased = vi.fn().mockResolvedValue(["bot-1", "bot-2"]);
+            const depsWithCallback = {
+                ...deps,
+                onCreditsPurchased: mockOnCreditsPurchased,
+            };
+            const result = await handlePayRamWebhook(depsWithCallback, makePayload({ status: "FILLED" }));
+            expect(mockOnCreditsPurchased).toHaveBeenCalledWith("tenant-a", creditLedger);
+            expect(result.reactivatedBots).toEqual(["bot-1", "bot-2"]);
+        });
+        it("does not include reactivatedBots when no resources reactivated", async () => {
+            const mockOnCreditsPurchased = vi.fn().mockResolvedValue([]);
+            const depsWithCallback = {
+                ...deps,
+                onCreditsPurchased: mockOnCreditsPurchased,
+            };
+            const result = await handlePayRamWebhook(depsWithCallback, makePayload({ status: "FILLED" }));
+            expect(result.reactivatedBots).toBeUndefined();
+        });
+    });
+});
+// ---------------------------------------------------------------------------
+// DrizzleWebhookSeenRepository unit tests (replaces PayRamReplayGuard)
+// ---------------------------------------------------------------------------
+describe("DrizzleWebhookSeenRepository (payram replay guard)", () => {
+    beforeEach(async () => {
+        await truncateAllTables(pool);
+    });
+    it("reports unseen keys as not duplicate", async () => {
+        const guard = new DrizzleWebhookSeenRepository(db);
+        expect(await guard.isDuplicate("ref-001:FILLED", "payram")).toBe(false);
+    });
+    it("reports seen keys as duplicate", async () => {
+        const guard = new DrizzleWebhookSeenRepository(db);
+        await guard.markSeen("ref-001:FILLED", "payram");
+        expect(await guard.isDuplicate("ref-001:FILLED", "payram")).toBe(true);
+    });
+    it("purges expired entries via purgeExpired", async () => {
+        const guard = new DrizzleWebhookSeenRepository(db);
+        await guard.markSeen("ref-expire:FILLED", "payram");
+        expect(await guard.isDuplicate("ref-expire:FILLED", "payram")).toBe(true);
+        // Negative TTL pushes cutoff into the future — entry is expired
+        await guard.purgeExpired(-24 * 60 * 60 * 1000);
+        expect(await guard.isDuplicate("ref-expire:FILLED", "payram")).toBe(false);
+    });
+});

package/dist/billing/stripe/cents-credits-boundary.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/billing/stripe/cents-credits-boundary.test.js

@@ -0,0 +1,62 @@
+import { describe, expect, it } from "vitest";
+import { CREDIT_PRICE_POINTS, getCreditAmountForPurchase } from "./credit-prices.js";
+/**
+ * Regression tests for the cents/credits boundary (WOP-1058).
+ *
+ * These tests verify that:
+ * 1. CreditPricePoint.amountCents values are valid USD cent amounts (not nanodollars)
+ * 2. CreditPricePoint.creditCents values are >= amountCents (bonus never negative)
+ * 3. getCreditAmountForPurchase returns creditCents (not some other unit)
+ * 4. No price point value approaches nanodollar scale (SCALE = 1_000_000_000)
+ *
+ * If any of these tests fail after a rename/refactor, a _cents field was
+ * incorrectly changed to store Credit raw units (nanodollars) instead of
+ * USD cents. See src/monetization/credits/credit-ledger.ts for naming convention.
+ */
+describe("WOP-1058: Stripe cents/credits boundary", () => {
+    it("all amountCents values are positive integers representing USD cents", () => {
+        for (const point of CREDIT_PRICE_POINTS) {
+            expect(point.amountCents).toBeGreaterThan(0);
+            expect(Number.isInteger(point.amountCents)).toBe(true);
+            // Sanity: no tier charges more than $1000 (100_000 cents)
+            expect(point.amountCents).toBeLessThanOrEqual(100_000);
+        }
+    });
+    it("amountCents values are never in nanodollar range (would indicate unit confusion)", () => {
+        for (const point of CREDIT_PRICE_POINTS) {
+            // Credit.SCALE = 1_000_000_000. If a value is in this range,
+            // a _cents field was mistakenly assigned a Credit.toRaw() value.
+            expect(point.amountCents).toBeLessThan(1_000_000);
+        }
+    });
+    it("all creditCents values are >= amountCents (bonus is non-negative)", () => {
+        for (const point of CREDIT_PRICE_POINTS) {
+            expect(point.creditCents).toBeGreaterThanOrEqual(point.amountCents);
+        }
+    });
+    it("creditCents values are never in nanodollar range (would indicate unit confusion)", () => {
+        for (const point of CREDIT_PRICE_POINTS) {
+            expect(point.creditCents).toBeLessThan(1_000_000);
+        }
+    });
+    it("getCreditAmountForPurchase returns creditCents for known tiers", () => {
+        for (const point of CREDIT_PRICE_POINTS) {
+            const result = getCreditAmountForPurchase(point.amountCents);
+            expect(result).toBe(point.creditCents);
+        }
+    });
+    it("getCreditAmountForPurchase returns input for unknown amounts (1:1 fallback)", () => {
+        const unknownAmount = 1234;
+        expect(getCreditAmountForPurchase(unknownAmount)).toBe(unknownAmount);
+    });
+    it("bonus tier percentages produce correct creditCents (not raw credit units)", () => {
+        // $25 + 2% bonus = $25.50 = 2550 cents (NOT 25_500_000_000 nanodollars)
+        const tier25 = CREDIT_PRICE_POINTS.find((p) => p.amountCents === 2500);
+        expect(tier25).not.toBeNull();
+        expect(tier25?.creditCents).toBe(2550);
+        // $100 + 10% bonus = $110 = 11000 cents (NOT 110_000_000_000 nanodollars)
+        const tier100 = CREDIT_PRICE_POINTS.find((p) => p.amountCents === 10000);
+        expect(tier100).not.toBeNull();
+        expect(tier100?.creditCents).toBe(11000);
+    });
+});

package/dist/billing/stripe/checkout.d.ts

@@ -0,0 +1,20 @@
+import type Stripe from "stripe";
+import type { ITenantCustomerRepository, TenantCustomerRepository } from "./tenant-store.js";
+import type { CreditCheckoutOpts, VpsCheckoutOpts } from "./types.js";
+/**
+ * Create a Stripe Checkout session for a one-time credit purchase.
+ *
+ * Uses mode: "payment" (not "subscription") — credits are purchased
+ * as one-time payments and credited to the tenant's ledger via webhook.
+ *
+ * If the tenant already has a Stripe customer, it reuses that customer.
+ * Otherwise, Stripe creates a new customer during checkout.
+ */
+export declare function createCreditCheckoutSession(stripe: Stripe, tenantRepo: TenantCustomerRepository, opts: CreditCheckoutOpts): Promise<Stripe.Checkout.Session>;
+/**
+ * Create a Stripe Checkout session for a VPS subscription.
+ *
+ * Uses mode: "subscription" — VPS is a $15/month recurring subscription.
+ * The webhook handler processes customer.subscription.created to activate VPS status.
+ */
+export declare function createVpsCheckoutSession(stripe: Stripe, tenantRepo: ITenantCustomerRepository, opts: VpsCheckoutOpts): Promise<Stripe.Checkout.Session>;

package/dist/billing/stripe/checkout.js

@@ -0,0 +1,63 @@
+/**
+ * Create a Stripe Checkout session for a one-time credit purchase.
+ *
+ * Uses mode: "payment" (not "subscription") — credits are purchased
+ * as one-time payments and credited to the tenant's ledger via webhook.
+ *
+ * If the tenant already has a Stripe customer, it reuses that customer.
+ * Otherwise, Stripe creates a new customer during checkout.
+ */
+export async function createCreditCheckoutSession(stripe, tenantRepo, opts) {
+    const existing = await tenantRepo.getByTenant(opts.tenant);
+    const params = {
+        mode: "payment",
+        line_items: [
+            {
+                price: opts.priceId,
+                quantity: 1,
+            },
+        ],
+        success_url: opts.successUrl,
+        cancel_url: opts.cancelUrl,
+        client_reference_id: opts.tenant,
+        metadata: {
+            wopr_tenant: opts.tenant,
+            wopr_purchase_type: "credits",
+        },
+    };
+    // Reuse existing Stripe customer if we have one.
+    if (existing) {
+        params.customer = existing.processor_customer_id;
+    }
+    return stripe.checkout.sessions.create(params);
+}
+/**
+ * Create a Stripe Checkout session for a VPS subscription.
+ *
+ * Uses mode: "subscription" — VPS is a $15/month recurring subscription.
+ * The webhook handler processes customer.subscription.created to activate VPS status.
+ */
+export async function createVpsCheckoutSession(stripe, tenantRepo, opts) {
+    const existing = await tenantRepo.getByTenant(opts.tenant);
+    const params = {
+        mode: "subscription",
+        line_items: [
+            {
+                price: opts.vpsPriceId,
+                quantity: 1,
+            },
+        ],
+        success_url: opts.successUrl,
+        cancel_url: opts.cancelUrl,
+        client_reference_id: opts.tenant,
+        metadata: {
+            wopr_tenant: opts.tenant,
+            wopr_bot_id: opts.botId,
+            wopr_purchase_type: "vps",
+        },
+    };
+    if (existing) {
+        params.customer = existing.processor_customer_id;
+    }
+    return stripe.checkout.sessions.create(params);
+}

package/dist/billing/stripe/checkout.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/billing/stripe/checkout.test.js

@@ -0,0 +1,148 @@
+import { describe, expect, it, vi } from "vitest";
+import { createCreditCheckoutSession, createVpsCheckoutSession } from "./checkout.js";
+describe("createCreditCheckoutSession", () => {
+    function mockStripe(sessionCreateResult = { id: "cs_test", url: "https://checkout.stripe.com/cs_test" }) {
+        return {
+            checkout: {
+                sessions: {
+                    create: vi.fn().mockResolvedValue(sessionCreateResult),
+                },
+            },
+        };
+    }
+    function mockTenantStore(existingMapping = null) {
+        return {
+            getByTenant: vi.fn().mockReturnValue(existingMapping),
+        };
+    }
+    it("creates a payment-mode checkout session", async () => {
+        const stripe = mockStripe();
+        const store = mockTenantStore();
+        const session = await createCreditCheckoutSession(stripe, store, {
+            tenant: "t-1",
+            priceId: "price_abc",
+            successUrl: "https://example.com/success",
+            cancelUrl: "https://example.com/cancel",
+        });
+        expect(session.id).toBe("cs_test");
+        expect(stripe.checkout.sessions.create).toHaveBeenCalledWith(expect.objectContaining({
+            mode: "payment",
+            line_items: [{ price: "price_abc", quantity: 1 }],
+            success_url: "https://example.com/success",
+            cancel_url: "https://example.com/cancel",
+            client_reference_id: "t-1",
+            metadata: expect.objectContaining({ wopr_tenant: "t-1" }),
+        }));
+    });
+    it("reuses existing Stripe customer when available", async () => {
+        const stripe = mockStripe();
+        const store = mockTenantStore({ processor_customer_id: "cus_existing" });
+        await createCreditCheckoutSession(stripe, store, {
+            tenant: "t-1",
+            priceId: "price_abc",
+            successUrl: "https://example.com/s",
+            cancelUrl: "https://example.com/c",
+        });
+        expect(stripe.checkout.sessions.create).toHaveBeenCalledWith(expect.objectContaining({ customer: "cus_existing" }));
+    });
+    it("does not set customer when no existing mapping", async () => {
+        const stripe = mockStripe();
+        const store = mockTenantStore(null);
+        await createCreditCheckoutSession(stripe, store, {
+            tenant: "t-new",
+            priceId: "price_abc",
+            successUrl: "https://example.com/s",
+            cancelUrl: "https://example.com/c",
+        });
+        const callArgs = stripe.checkout.sessions.create.mock.calls[0][0];
+        expect(callArgs.customer).toBeUndefined();
+    });
+    it("propagates Stripe API errors", async () => {
+        const stripe = mockStripe();
+        stripe.checkout.sessions.create.mockRejectedValue(new Error("Stripe error"));
+        const store = mockTenantStore();
+        await expect(createCreditCheckoutSession(stripe, store, {
+            tenant: "t-1",
+            priceId: "price_abc",
+            successUrl: "https://example.com/s",
+            cancelUrl: "https://example.com/c",
+        })).rejects.toThrow("Stripe error");
+    });
+});
+describe("createVpsCheckoutSession", () => {
+    function mockStripe(sessionCreateResult = { id: "cs_vps_test", url: "https://checkout.stripe.com/cs_vps_test" }) {
+        return {
+            checkout: {
+                sessions: {
+                    create: vi.fn().mockResolvedValue(sessionCreateResult),
+                },
+            },
+        };
+    }
+    function mockTenantStore(existingMapping = null) {
+        return {
+            getByTenant: vi.fn().mockReturnValue(existingMapping),
+        };
+    }
+    it("creates a subscription-mode checkout session", async () => {
+        const stripe = mockStripe();
+        const store = mockTenantStore();
+        const session = await createVpsCheckoutSession(stripe, store, {
+            tenant: "t-1",
+            botId: "bot-abc",
+            vpsPriceId: "price_vps_15",
+            successUrl: "https://example.com/success",
+            cancelUrl: "https://example.com/cancel",
+        });
+        expect(session.id).toBe("cs_vps_test");
+        expect(stripe.checkout.sessions.create).toHaveBeenCalledWith(expect.objectContaining({
+            mode: "subscription",
+            line_items: [{ price: "price_vps_15", quantity: 1 }],
+            success_url: "https://example.com/success",
+            cancel_url: "https://example.com/cancel",
+            client_reference_id: "t-1",
+            metadata: expect.objectContaining({
+                wopr_tenant: "t-1",
+                wopr_bot_id: "bot-abc",
+                wopr_purchase_type: "vps",
+            }),
+        }));
+    });
+    it("reuses existing Stripe customer when available", async () => {
+        const stripe = mockStripe();
+        const store = mockTenantStore({ processor_customer_id: "cus_existing" });
+        await createVpsCheckoutSession(stripe, store, {
+            tenant: "t-1",
+            botId: "bot-abc",
+            vpsPriceId: "price_vps_15",
+            successUrl: "https://example.com/s",
+            cancelUrl: "https://example.com/c",
+        });
+        expect(stripe.checkout.sessions.create).toHaveBeenCalledWith(expect.objectContaining({ customer: "cus_existing" }));
+    });
+    it("does not set customer when no existing mapping", async () => {
+        const stripe = mockStripe();
+        const store = mockTenantStore(null);
+        await createVpsCheckoutSession(stripe, store, {
+            tenant: "t-new",
+            botId: "bot-xyz",
+            vpsPriceId: "price_vps_15",
+            successUrl: "https://example.com/s",
+            cancelUrl: "https://example.com/c",
+        });
+        const callArgs = stripe.checkout.sessions.create.mock.calls[0][0];
+        expect(callArgs.customer).toBeUndefined();
+    });
+    it("propagates Stripe API errors", async () => {
+        const stripe = mockStripe();
+        stripe.checkout.sessions.create.mockRejectedValue(new Error("VPS Stripe error"));
+        const store = mockTenantStore();
+        await expect(createVpsCheckoutSession(stripe, store, {
+            tenant: "t-1",
+            botId: "bot-abc",
+            vpsPriceId: "price_vps_15",
+            successUrl: "https://example.com/s",
+            cancelUrl: "https://example.com/c",
+        })).rejects.toThrow("VPS Stripe error");
+    });
+});

package/dist/billing/stripe/client.d.ts

@@ -0,0 +1,14 @@
+import Stripe from "stripe";
+import type { StripeBillingConfig } from "./types.js";
+/**
+ * Create a configured Stripe client.
+ *
+ * All Stripe config comes from env vars — no billing logic in WOPR,
+ * just a thin wrapper around the Stripe SDK.
+ */
+export declare function createStripeClient(config: StripeBillingConfig): Stripe;
+/**
+ * Load Stripe billing config from environment variables.
+ * Returns null if required vars are missing.
+ */
+export declare function loadStripeConfig(): StripeBillingConfig | null;

package/dist/billing/stripe/client.js

@@ -0,0 +1,33 @@
+import Stripe from "stripe";
+/**
+ * The Stripe API version to use for all requests.
+ * Pinning this ensures stability across Stripe API releases.
+ */
+const STRIPE_API_VERSION = "2024-12-18.acacia";
+/**
+ * Create a configured Stripe client.
+ *
+ * All Stripe config comes from env vars — no billing logic in WOPR,
+ * just a thin wrapper around the Stripe SDK.
+ */
+export function createStripeClient(config) {
+    return new Stripe(config.secretKey, {
+        // @ts-expect-error stripe-version-2024-12-18.acacia
+        apiVersion: STRIPE_API_VERSION,
+    });
+}
+/**
+ * Load Stripe billing config from environment variables.
+ * Returns null if required vars are missing.
+ */
+export function loadStripeConfig() {
+    const secretKey = process.env.STRIPE_SECRET_KEY;
+    const webhookSecret = process.env.STRIPE_WEBHOOK_SECRET;
+    if (!secretKey || !webhookSecret) {
+        return null;
+    }
+    return {
+        secretKey,
+        webhookSecret,
+    };
+}

package/dist/billing/stripe/client.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/billing/stripe/client.test.js

@@ -0,0 +1,58 @@
+import { afterEach, beforeEach, describe, expect, it } from "vitest";
+import { createStripeClient, loadStripeConfig } from "./client.js";
+describe("loadStripeConfig", () => {
+    let origSecretKey;
+    let origWebhookSecret;
+    beforeEach(() => {
+        origSecretKey = process.env.STRIPE_SECRET_KEY;
+        origWebhookSecret = process.env.STRIPE_WEBHOOK_SECRET;
+    });
+    afterEach(() => {
+        if (origSecretKey === undefined) {
+            delete process.env.STRIPE_SECRET_KEY;
+        }
+        else {
+            process.env.STRIPE_SECRET_KEY = origSecretKey;
+        }
+        if (origWebhookSecret === undefined) {
+            delete process.env.STRIPE_WEBHOOK_SECRET;
+        }
+        else {
+            process.env.STRIPE_WEBHOOK_SECRET = origWebhookSecret;
+        }
+    });
+    it("returns null when both env vars are missing", () => {
+        delete process.env.STRIPE_SECRET_KEY;
+        delete process.env.STRIPE_WEBHOOK_SECRET;
+        expect(loadStripeConfig()).toBeNull();
+    });
+    it("returns null when only STRIPE_SECRET_KEY is set", () => {
+        process.env.STRIPE_SECRET_KEY = "sk_test_abc";
+        delete process.env.STRIPE_WEBHOOK_SECRET;
+        expect(loadStripeConfig()).toBeNull();
+    });
+    it("returns null when only STRIPE_WEBHOOK_SECRET is set", () => {
+        delete process.env.STRIPE_SECRET_KEY;
+        process.env.STRIPE_WEBHOOK_SECRET = "whsec_abc";
+        expect(loadStripeConfig()).toBeNull();
+    });
+    it("returns config when both env vars are present", () => {
+        process.env.STRIPE_SECRET_KEY = "sk_test_abc123";
+        process.env.STRIPE_WEBHOOK_SECRET = "whsec_def456";
+        const config = loadStripeConfig();
+        expect(config).not.toBeNull();
+        expect(config?.secretKey).toBe("sk_test_abc123");
+        expect(config?.webhookSecret).toBe("whsec_def456");
+    });
+});
+describe("createStripeClient", () => {
+    it("creates a Stripe client with pinned API version", () => {
+        const client = createStripeClient({ secretKey: "sk_test_abc", webhookSecret: "whsec_abc" });
+        // Stripe client stores the API version internally
+        // We verify it was created successfully
+        expect(client).toEqual(expect.any(Object));
+        expect(client.checkout).toEqual(expect.any(Object));
+        expect(client.paymentIntents).toEqual(expect.any(Object));
+        expect(client.setupIntents).toEqual(expect.any(Object));
+    });
+});