payment-kit 1.13.15

package/api/src/routes/connect/shared.ts

@@ -0,0 +1,410 @@
+import { BN } from '@ocap/util';
+
+import { blocklet } from '../../libs/auth';
+import dayjs from '../../libs/dayjs';
+import logger from '../../libs/logger';
+import { TLineItemExpanded, getStatementDescriptor } from '../../libs/session';
+import { CheckoutSession } from '../../store/models/checkout-session';
+import { Customer } from '../../store/models/customer';
+import { Invoice } from '../../store/models/invoice';
+import { InvoiceItem } from '../../store/models/invoice-item';
+import { PaymentCurrency } from '../../store/models/payment-currency';
+import { PaymentIntent } from '../../store/models/payment-intent';
+import { PaymentMethod } from '../../store/models/payment-method';
+import { Price } from '../../store/models/price';
+import { SetupIntent } from '../../store/models/setup-intent';
+import { Subscription } from '../../store/models/subscription';
+import { SubscriptionItem } from '../../store/models/subscription-item';
+
+type Result = {
+  checkoutSession: CheckoutSession;
+  customer: Customer;
+  paymentIntent?: PaymentIntent;
+  subscription?: Subscription;
+  paymentCurrency: PaymentCurrency;
+  paymentMethod: PaymentMethod;
+};
+
+export async function ensureCheckoutSession(checkoutSessionId: string) {
+  const checkoutSession = await CheckoutSession.findByPk(checkoutSessionId);
+  if (!checkoutSession) {
+    throw new Error('Checkout session not found');
+  }
+  if (checkoutSession.status === 'complete') {
+    throw new Error('Checkout session completed');
+  }
+  if (checkoutSession.status === 'expired') {
+    throw new Error('Checkout session expired');
+  }
+
+  return checkoutSession;
+}
+
+export async function ensurePaymentIntent(checkoutSessionId: string, userDid: string): Promise<Result> {
+  const checkoutSession = await ensureCheckoutSession(checkoutSessionId);
+
+  let customerId;
+  let paymentCurrencyId;
+  let paymentMethodId;
+
+  let paymentIntent;
+  if (checkoutSession.payment_intent_id) {
+    paymentIntent = await PaymentIntent.findByPk(checkoutSession.payment_intent_id);
+    if (!paymentIntent) {
+      throw new Error('Payment intent not found');
+    }
+    if (paymentIntent.status === 'succeeded') {
+      throw new Error('Payment intent completed');
+    }
+    if (paymentIntent.status === 'canceled') {
+      throw new Error('Payment intent canceled');
+    }
+    if (paymentIntent.status === 'processing') {
+      throw new Error('Payment intent processing');
+    }
+
+    customerId = paymentIntent.customer_id;
+    paymentCurrencyId = paymentIntent.currency_id;
+    paymentMethodId = paymentIntent.payment_method_id;
+  }
+
+  let subscription;
+  if (checkoutSession.subscription_id) {
+    subscription = await Subscription.findByPk(checkoutSession.subscription_id);
+    if (!subscription) {
+      throw new Error('Subscription not found');
+    }
+    if (subscription.status !== 'incomplete') {
+      throw new Error('Subscription is not in incomplete status');
+    }
+
+    customerId = subscription.customer_id;
+    paymentCurrencyId = subscription.currency_id;
+    paymentMethodId = subscription.default_payment_method_id;
+  }
+
+  let customer;
+  if (customerId) {
+    customer = await Customer.findByPk(customerId);
+    if (!customer) {
+      throw new Error('Customer not found');
+    }
+    const { user } = await blocklet.getUser(userDid, { enableConnectedAccount: true });
+    if (customer.did !== user.did) {
+      throw new Error('This is not your payment intent');
+    }
+  }
+
+  const [paymentMethod, paymentCurrency] = await Promise.all([
+    PaymentMethod.findByPk(paymentMethodId),
+    PaymentCurrency.findByPk(paymentCurrencyId),
+  ]);
+  if (!paymentMethod) {
+    throw new Error('Payment method not found');
+  }
+  if (!paymentCurrency) {
+    throw new Error('Payment currency not found');
+  }
+
+  if (['arcblock', 'ethereum'].includes(paymentMethod.type) === false) {
+    throw new Error(`Payment method ${paymentMethod.type} should not be here`);
+  }
+
+  checkoutSession.line_items = await Price.expand(checkoutSession.line_items, false);
+
+  return {
+    checkoutSession,
+    paymentIntent,
+    customer: customer as Customer,
+    subscription,
+    paymentMethod,
+    paymentCurrency,
+  };
+}
+
+export async function ensureSetupIntent(checkoutSessionId: string, userDid: string) {
+  const checkoutSession = await ensureCheckoutSession(checkoutSessionId);
+
+  let customerId;
+  let paymentCurrencyId;
+  let paymentMethodId;
+
+  let setupIntent;
+  if (checkoutSession.setup_intent_id) {
+    setupIntent = await SetupIntent.findByPk(checkoutSession.setup_intent_id);
+    if (!setupIntent) {
+      throw new Error('Payment intent not found');
+    }
+    if (setupIntent.status === 'succeeded') {
+      throw new Error('Payment intent completed');
+    }
+    if (setupIntent.status === 'canceled') {
+      throw new Error('Payment intent canceled');
+    }
+    if (setupIntent.status === 'processing') {
+      throw new Error('Payment intent processing');
+    }
+
+    customerId = setupIntent.customer_id;
+    paymentCurrencyId = setupIntent.currency_id;
+    paymentMethodId = setupIntent.payment_method_id;
+  }
+
+  let subscription;
+  if (checkoutSession.subscription_id) {
+    subscription = await Subscription.findByPk(checkoutSession.subscription_id);
+    if (!subscription) {
+      throw new Error('Subscription not found');
+    }
+    if (subscription.status !== 'incomplete') {
+      throw new Error('Subscription is not in incomplete status');
+    }
+
+    customerId = subscription.customer_id;
+    paymentCurrencyId = subscription.currency_id;
+    paymentMethodId = subscription.default_payment_method_id;
+  }
+
+  let customer;
+  if (customerId) {
+    customer = await Customer.findByPk(customerId);
+    if (!customer) {
+      throw new Error('Customer not found');
+    }
+    const { user } = await blocklet.getUser(userDid, { enableConnectedAccount: true });
+    if (customer.did !== user.did) {
+      throw new Error('This is not your payment intent');
+    }
+  }
+
+  const [paymentMethod, paymentCurrency] = await Promise.all([
+    PaymentMethod.findByPk(paymentMethodId),
+    PaymentCurrency.findByPk(paymentCurrencyId),
+  ]);
+  if (!paymentMethod) {
+    throw new Error('Payment method not found');
+  }
+  if (!paymentCurrency) {
+    throw new Error('Payment currency not found');
+  }
+
+  if (['arcblock', 'ethereum'].includes(paymentMethod.type) === false) {
+    throw new Error(`Payment method ${paymentMethod.type} should not be here`);
+  }
+
+  checkoutSession.line_items = await Price.expand(checkoutSession.line_items, false);
+
+  return {
+    checkoutSession,
+    setupIntent: setupIntent as SetupIntent,
+    customer: customer as Customer,
+    subscription,
+    paymentMethod,
+    paymentCurrency,
+  };
+}
+
+type Args = {
+  checkoutSession: CheckoutSession;
+  customer: Customer;
+  paymentIntent?: PaymentIntent;
+  subscription?: Subscription;
+};
+
+export async function ensureInvoiceForCheckout({
+  checkoutSession,
+  customer,
+  paymentIntent,
+  subscription,
+}: Args): Promise<{ invoice: Invoice | null; items: InvoiceItem[] }> {
+  // invoices are optional when checkout session is in payment mode
+  if (checkoutSession.mode === 'payment' && !checkoutSession.invoice_creation?.enabled) {
+    logger.warn('Invoice creation disabled for payment mode');
+    return { invoice: null, items: [] };
+  }
+
+  // Do not create invoice if it's already created
+  if (checkoutSession.invoice_id) {
+    logger.warn(`Invoice already created for checkout session ${checkoutSession.id}: ${checkoutSession.invoice_id}`);
+    return {
+      invoice: await Invoice.findByPk(checkoutSession.invoice_id),
+      items: await InvoiceItem.findAll({ where: { invoice_id: checkoutSession.invoice_id } }),
+    };
+  }
+
+  const invoice = await Invoice.create({
+    livemode: checkoutSession.livemode,
+    number: await customer.getInvoiceNumber(),
+    description: paymentIntent?.description || 'Subscription creation',
+    statement_descriptor: paymentIntent?.statement_descriptor || getStatementDescriptor(checkoutSession.line_items),
+    period_start: subscription?.current_period_start ?? 0,
+    period_end: subscription?.current_period_end ?? 0,
+
+    auto_advance: !paymentIntent,
+    paid: false,
+    paid_out_of_band: false,
+
+    status: 'open',
+    collection_method: 'charge_automatically',
+    billing_reason: subscription ? 'subscription_create' : 'manual',
+
+    currency_id: checkoutSession.currency_id,
+    customer_id: customer.id,
+    payment_intent_id: paymentIntent?.id,
+    subscription_id: subscription?.id,
+    checkout_session_id: checkoutSession.id,
+
+    subtotal: checkoutSession.amount_subtotal,
+    subtotal_excluding_tax: checkoutSession.amount_subtotal,
+    tax: '0',
+    total: checkoutSession.amount_total,
+    amount_due: checkoutSession.amount_total,
+    amount_paid: '0',
+    amount_remaining: checkoutSession.amount_total,
+    amount_shipping: '0',
+
+    starting_balance: '0',
+    ending_balance: '0',
+
+    attempt_count: 0,
+    attempted: false,
+    // next_payment_attempt: undefined,
+
+    custom_fields: [],
+    customer_address: customer.address,
+    customer_email: customer.email,
+    customer_name: customer.name,
+    customer_phone: customer.phone,
+
+    discounts: [],
+    total_discount_amounts: [],
+
+    due_date: undefined, // The date on which payment for this invoice is due
+    effective_at: dayjs().unix(), // The date when this invoice is in effect
+    status_transitions: {
+      finalized_at: dayjs().unix(),
+    },
+
+    payment_settings: subscription?.payment_settings,
+    default_payment_method_id: (subscription?.default_payment_method_id || paymentIntent?.payment_method_id) as string,
+
+    account_country: '',
+    account_name: '',
+    metadata: {},
+  });
+  logger.info(`Invoice created for checkoutSession ${checkoutSession.id}: ${invoice.id}`);
+
+  // persist invoice id
+  await checkoutSession.update({ invoice_id: invoice.id });
+  if (paymentIntent) {
+    await paymentIntent.update({ invoice_id: invoice.id });
+  }
+  if (subscription) {
+    await subscription.update({ latest_invoice_id: invoice.id });
+  }
+
+  // create invoice items: for those require payment this time
+  const subscriptionItems = subscription
+    ? await SubscriptionItem.findAll({ where: { subscription_id: subscription?.id } })
+    : [];
+  const lineItems = await Price.expand(checkoutSession.line_items, true);
+
+  const trailing = !!checkoutSession.subscription_data?.trial_period_days;
+  const getLineSetup = (x: TLineItemExpanded) => {
+    if (x.price.type === 'recurring' && trailing) {
+      return {
+        amount: '0',
+        // @ts-ignore
+        description: trailing ? `${x.price.product.name} (trailing)` : x.price.product.name,
+        period: {
+          start: subscription?.current_period_start as number,
+          end: subscription?.current_period_end as number,
+        },
+      };
+    }
+
+    return {
+      amount: new BN(x.price.unit_amount).mul(new BN(x.quantity)).toString(),
+      // @ts-ignore
+      description: x.price.product.name,
+      period: undefined,
+    };
+  };
+
+  const items = await Promise.all(
+    lineItems.map((x: TLineItemExpanded) => {
+      const setup = getLineSetup(x);
+      let { quantity } = x;
+      if (x.price.type === 'recurring') {
+        if (x.price.recurring?.usage_type === 'metered') {
+          quantity = 0;
+        }
+        if (trailing) {
+          quantity = 0;
+        }
+      }
+
+      return InvoiceItem.create({
+        livemode: checkoutSession.livemode,
+        amount: setup.amount,
+        quantity,
+        description: setup.description,
+        period: setup.period,
+        currency_id: checkoutSession.currency_id,
+        customer_id: customer.id,
+        price_id: x.price_id,
+        invoice_id: invoice.id,
+        subscription_id: subscription?.id,
+        subscription_item_id: subscriptionItems.find((si) => si.price_id === x.price_id)?.id,
+        discountable: false,
+        discounts: [],
+        discount_amounts: [],
+        proration: false,
+        proration_details: {},
+        metadata: {},
+      });
+    })
+  );
+
+  return { invoice, items };
+}
+
+export async function ensureInvoiceForCollect(invoiceId: string) {
+  const invoice = await Invoice.findByPk(invoiceId);
+  if (!invoice) {
+    throw new Error('Invoice not found');
+  }
+  if (invoice.status === 'paid') {
+    throw new Error('Invoice already paid');
+  }
+  if (invoice.status === 'void') {
+    throw new Error('Invoice already void');
+  }
+  if (invoice.status === 'draft') {
+    throw new Error('Invoice is draft');
+  }
+
+  const paymentIntent = await PaymentIntent.findByPk(invoice.payment_intent_id);
+  if (!paymentIntent) {
+    throw new Error('Payment intent not found for invoice');
+  }
+  if (paymentIntent.status === 'canceled') {
+    throw new Error('Payment intent already canceled');
+  }
+  if (paymentIntent.status === 'succeeded') {
+    throw new Error('Payment intent already succeeded');
+  }
+  if (paymentIntent.status === 'processing') {
+    throw new Error('Payment intent processing');
+  }
+
+  const paymentCurrency = await PaymentCurrency.findByPk(paymentIntent.currency_id);
+  const paymentMethod = await PaymentMethod.findByPk(paymentIntent.payment_method_id);
+
+  return {
+    invoice,
+    paymentIntent,
+    paymentCurrency: paymentCurrency as PaymentCurrency,
+    paymentMethod: paymentMethod as PaymentMethod,
+  };
+}

package/api/src/routes/connect/subscribe.ts

@@ -0,0 +1,128 @@
+import { toTypeInfo } from '@arcblock/did';
+import { toDelegateAddress } from '@arcblock/did-util';
+import type { Transaction } from '@ocap/client';
+import { BN } from '@ocap/util';
+import { fromPublicKey } from '@ocap/wallet';
+
+import { invoiceQueue } from '../../jobs/invoice';
+import { subscriptionQueue } from '../../jobs/subscription';
+import type { CallbackArgs } from '../../libs/auth';
+import { wallet } from '../../libs/auth';
+import { getClient } from '../../libs/chain/arcblock';
+import { ensureInvoiceForCheckout, ensurePaymentIntent } from './shared';
+
+export default {
+  action: 'subscription',
+  onConnect: async ({ userDid, userPk, extraParams }: CallbackArgs) => {
+    const { checkoutSessionId } = extraParams;
+    const { checkoutSession, paymentMethod, paymentCurrency, subscription } = await ensurePaymentIntent(
+      checkoutSessionId,
+      userDid
+    );
+    if (!subscription) {
+      throw new Error('Subscription for checkoutSession not found');
+    }
+
+    // TODO: support multiple chain and multiple currency
+    if (paymentMethod.type === 'arcblock') {
+      if (checkoutSession.amount_total > '0') {
+        const client = getClient(paymentMethod.settings.arcblock?.api_host as string);
+        const result = await client.getAccountTokens({ address: userDid, token: paymentCurrency.contract });
+        const balance = result.tokens[0]?.balance || '0';
+        if (new BN(balance).lt(new BN(checkoutSession.amount_total))) {
+          throw new Error(
+            `Your account ${userDid} does not have enough ${paymentCurrency.symbol} to complete this subscription`
+          );
+        }
+      }
+
+      return {
+        signature: {
+          type: 'DelegateTx',
+          description: `Sign the delegation to complete subscription ${subscription.id}`,
+          wallet: fromPublicKey(userPk, toTypeInfo(userDid)),
+          data: {
+            itx: {
+              address: toDelegateAddress(userDid, wallet.address),
+              to: wallet.address,
+              // FIXME: we need to enforce which token can be transferred, and how much, and at what interval on chain
+              ops: [{ typeUrl: 'fg:t:transfer_v2', rules: [] }],
+              data: {
+                type: 'json',
+                // @ts-ignore
+                value: {
+                  appId: wallet.address,
+                  subscriptionId: subscription.id,
+                  checkoutSessionId,
+                },
+              },
+            },
+          },
+          chainInfo: {
+            host: paymentMethod.settings?.arcblock?.api_host as string,
+            id: paymentMethod.settings?.arcblock?.chain_id as string,
+          },
+        },
+      };
+    }
+
+    throw new Error(`Payment method ${paymentMethod.type} not supported`);
+  },
+  onAuth: async ({ userDid, userPk, claims, request, extraParams }: CallbackArgs) => {
+    const { checkoutSessionId } = extraParams;
+    const { checkoutSession, customer, paymentMethod, subscription } = await ensurePaymentIntent(
+      checkoutSessionId,
+      userDid
+    );
+
+    if (!subscription) {
+      throw new Error('Subscription for checkoutSession not found');
+    }
+
+    if (paymentMethod.type === 'arcblock') {
+      await subscription.update({
+        payment_settings: {
+          payment_method_types: ['arcblock'],
+          payment_method_options: {
+            arcblock: { payer: userDid },
+          },
+        },
+      });
+
+      const { invoice } = await ensureInvoiceForCheckout({ checkoutSession, customer, subscription });
+
+      const client = getClient(paymentMethod.settings.arcblock?.api_host as string);
+      const claim = claims.find((x) => x.type === 'signature');
+
+      // execute the delegate tx
+      const tx: Partial<Transaction> = client.decodeTx(claim.origin);
+      const txHash = await client.sendDelegateTx(
+        // @ts-ignore
+        { tx, wallet: fromPublicKey(userPk, toTypeInfo(userDid)), signature: claim.sig },
+        { headers: client.pickGasPayerHeaders(request) }
+      );
+
+      await subscription.update({
+        payment_details: {
+          tx_hash: txHash,
+          payer: userDid,
+        },
+      });
+
+      // FIXME: handle error on the invoice payment job
+      if (invoice) {
+        invoiceQueue.push({ id: invoice.id, job: { invoiceId: invoice.id, retryOnError: false } });
+      }
+      subscriptionQueue.push({
+        id: subscription.id,
+        job: { subscriptionId: subscription.id, action: 'cycle' },
+        // our next invoice should be generated at the end of current period, either trailing or normal
+        runAt: subscription.trail_end || subscription.current_period_end,
+      });
+
+      return { hash: txHash };
+    }
+
+    throw new Error(`Payment method ${paymentMethod.type} not supported`);
+  },
+};

package/api/src/routes/customers.ts

@@ -0,0 +1,70 @@
+import { user } from '@blocklet/sdk/lib/middlewares';
+import { Router } from 'express';
+import Joi from 'joi';
+import type { WhereOptions } from 'sequelize';
+
+import { authenticate } from '../libs/security';
+import { Customer } from '../store/models/customer';
+
+const router = Router();
+const auth = authenticate<Customer>({ component: true, roles: ['owner', 'admin'] });
+
+const schema = Joi.object<{
+  page: number;
+  size: number;
+  livemode?: boolean;
+}>({
+  page: Joi.number().integer().min(1).default(1),
+  size: Joi.number().integer().min(1).max(100).default(20),
+  livemode: Joi.boolean().empty(''),
+});
+router.get('/', auth, async (req, res) => {
+  const { page, size, ...query } = await schema.validateAsync(req.query, { stripUnknown: true });
+  const where: WhereOptions<Customer> = {};
+
+  if (typeof query.livemode === 'boolean') {
+    where.livemode = query.livemode;
+  }
+
+  try {
+    const { rows: list, count } = await Customer.findAndCountAll({
+      where,
+      order: [['created_at', 'DESC']],
+      offset: (page - 1) * size,
+      limit: size,
+      include: [],
+    });
+
+    res.json({ count, list });
+  } catch (err) {
+    console.error(err);
+    res.json({ count: 0, list: [] });
+  }
+});
+
+// eslint-disable-next-line consistent-return
+router.get('/me', user(), async (req, res) => {
+  if (!req.user) {
+    return res.status(403).json({ error: 'Unauthorized' });
+  }
+
+  try {
+    const doc = await Customer.findByPkOrDid(req.user.did as string);
+    res.json(doc);
+  } catch (err) {
+    console.error(err);
+    res.json(null);
+  }
+});
+
+router.get('/:id', auth, async (req, res) => {
+  try {
+    const doc = await Customer.findByPkOrDid(req.params.id as string);
+    res.json(doc);
+  } catch (err) {
+    console.error(err);
+    res.json(null);
+  }
+});
+
+export default router;

package/api/src/routes/events.ts

@@ -0,0 +1,76 @@
+import { Router } from 'express';
+import Joi from 'joi';
+import type { WhereOptions } from 'sequelize';
+
+import { authenticate } from '../libs/security';
+import { Event } from '../store/models/event';
+
+const router = Router();
+const auth = authenticate<Event>({ component: true, roles: ['owner', 'admin'] });
+
+const schema = Joi.object<{
+  page: number;
+  size: number;
+  livemode?: boolean;
+  type?: string;
+  object_id?: string;
+}>({
+  page: Joi.number().integer().min(1).default(1),
+  size: Joi.number().integer().min(1).max(100).default(20),
+  livemode: Joi.boolean().empty(''),
+  type: Joi.string().empty(''),
+  object_id: Joi.string().empty(''),
+});
+router.get('/', auth, async (req, res) => {
+  const { page, size, ...query } = await schema.validateAsync(req.query, { stripUnknown: true });
+  const where: WhereOptions<Event> = {};
+
+  if (query.type) {
+    where.type = query.type
+      .split(',')
+      .map((x) => x.trim())
+      .filter(Boolean);
+  }
+  if (query.object_id) {
+    where.object_id = query.object_id;
+  }
+  if (typeof query.livemode === 'boolean') {
+    where.livemode = query.livemode;
+  }
+
+  try {
+    const { rows: list, count } = await Event.findAndCountAll({
+      where,
+      attributes: { exclude: ['data', 'request'] },
+      order: [['created_at', 'DESC']],
+      offset: (page - 1) * size,
+      limit: size,
+      include: [],
+    });
+
+    res.json({ count, list });
+  } catch (err) {
+    console.error(err);
+    res.json({ count: 0, list: [] });
+  }
+});
+
+router.get('/:id', auth, async (req, res) => {
+  try {
+    const doc = await Event.findOne({
+      where: { id: req.params.id },
+      include: [],
+    });
+
+    if (doc) {
+      res.json(doc);
+    } else {
+      res.json(null);
+    }
+  } catch (err) {
+    console.error(err);
+    res.json(null);
+  }
+});
+
+export default router;