payment-kit 1.14.30 → 1.14.31

package/api/src/index.ts

@@ -9,6 +9,9 @@ import dotenv from 'dotenv-flow';
 import express, { ErrorRequestHandler, Request, Response } from 'express';
 import morgan from 'morgan';
 
+// eslint-disable-next-line import/no-extraneous-dependencies
+import { xss } from 'express-xss-sanitizer';
+
 import crons from './crons/index';
 import { ensureStakedForGas } from './integrations/arcblock/stake';
 import { initResourceHandler } from './integrations/blocklet/resource';
@@ -52,6 +55,7 @@ app.use((req, res, next) => {
 });
 app.use(express.urlencoded({ extended: true, limit: '1 mb' }));
 app.use(cors());
+app.use(xss());
 app.use(ensureI18n());
 
 const router = express.Router();

package/api/src/libs/api.ts

@@ -153,3 +153,26 @@ export const BNPositiveValidator = Joi.string().custom((value, helpers) => {
   }
   return value;
 }, 'BN Positive Validation');
+
+function validateMetadataValue(value: any, helpers: any) {
+  if (value && typeof value === 'string' && value.length > 256) {
+    return helpers.message({ custom: 'Metadata value should be less than 256 characters' });
+  }
+  return value;
+}
+export const MetadataSchema = Joi.alternatives()
+  .try(
+    Joi.object()
+      .pattern(Joi.string().max(64), Joi.any().custom(validateMetadataValue, 'Custom Validation'))
+      .min(0)
+      .allow(null),
+    Joi.array()
+      .items(
+        Joi.object({
+          key: Joi.string().max(64).required(),
+          value: Joi.any().custom(validateMetadataValue, 'Custom Validation').required(),
+        })
+      )
+      .min(0)
+  )
+  .optional();

package/api/src/libs/subscription.ts

@@ -712,3 +712,35 @@ export async function getSubscriptionStakeReturnSetup(
     lastInvoice,
   };
 }
+
+export async function checkRemainingStake(
+  paymentMethod: PaymentMethod,
+  paymentCurrency: PaymentCurrency,
+  address: string,
+  amount: string
+): Promise<{ enough: boolean; staked: any; revoked: any }> {
+  if (paymentMethod?.type !== 'arcblock') {
+    return {
+      enough: false,
+      staked: '0',
+      revoked: '0',
+    };
+  }
+  const client = paymentMethod.getOcapClient();
+  const { state } = await client.getStakeState({ address });
+
+  const staked = state.tokens.find((x: any) => x.address === paymentCurrency.contract);
+  const revoked = state.revokedTokens.find((x: any) => x.address === paymentCurrency.contract);
+  let total = new BN(0);
+  if (staked) {
+    total = total.add(new BN(staked.value));
+  }
+  if (revoked) {
+    total = total.add(new BN(revoked.value));
+  }
+  return {
+    enough: total.gte(new BN(amount)),
+    staked,
+    revoked,
+  };
+}

package/api/src/queues/refund.ts

@@ -1,5 +1,6 @@
 import { toStakeAddress } from '@arcblock/did-util';
 import { isRefundReasonSupportedByStripe } from '@api/libs/refund';
+import { checkRemainingStake } from '@api/libs/subscription';
 import { sendErc20ToUser } from '../integrations/ethereum/token';
 import { wallet } from '../libs/auth';
 import CustomError from '../libs/error';
@@ -296,11 +297,47 @@ const handleStakeReturnJob = async (
       if (!arcblockDetail) {
         throw new Error('arcblockDetail info not found');
       }
+
+      if (refund.amount === '0') {
+        logger.warn('stake return aborted because amount is 0', { id: refund.id });
+        await refund.update({
+          status: 'failed',
+          last_attempt_error: {
+            type: 'card_error',
+            code: '400',
+            message: 'stake return amount is 0',
+            payment_method_id: paymentMethod.id,
+            payment_method_type: paymentMethod.type,
+          },
+        });
+        return;
+      }
       const client = paymentMethod.getOcapClient();
+      const address = toStakeAddress(customer.did, wallet.address, refund.subscription_id);
+      const stakeEnough = await checkRemainingStake(paymentMethod, paymentCurrency, address, refund.amount);
+      if (!stakeEnough.enough) {
+        logger.warn('Stake return aborted because stake is not enough ', {
+          subscription: refund.subscription_id,
+          address,
+          staked: stakeEnough.staked,
+          revoked: stakeEnough.revoked,
+        });
+        await refund.update({
+          status: 'failed',
+          last_attempt_error: {
+            type: 'card_error',
+            code: '400',
+            message: 'stake is not enough',
+            payment_method_id: paymentMethod.id,
+            payment_method_type: paymentMethod.type,
+          },
+        });
+        return;
+      }
       const signed = await client.signReturnStakeTx({
         tx: {
           itx: {
-            address: toStakeAddress(customer.did, wallet.address, refund.subscription_id),
+            address,
             outputs: [
               {
                 owner: arcblockDetail?.receiver,

package/api/src/queues/subscription.ts

@@ -1,5 +1,4 @@
 import { toStakeAddress } from '@arcblock/did-util';
-import { BN } from '@ocap/util';
 import type { LiteralUnion } from 'type-fest';
 
 import { ensurePassportRevoked } from '../integrations/blocklet/passport';
@@ -13,6 +12,7 @@ import { getGasPayerExtra } from '../libs/payment';
 import createQueue from '../libs/queue';
 import { getStatementDescriptor } from '../libs/session';
 import {
+  checkRemainingStake,
   getSubscriptionCycleAmount,
   getSubscriptionCycleSetup,
   getSubscriptionStakeReturnSetup,
@@ -328,7 +328,7 @@ const handleStakeSlashAfterCancel = async (subscription: Subscription) => {
 
   // check the staking
   const client = method.getOcapClient();
-  const address = toStakeAddress(customer.did, wallet.address);
+  const address = toStakeAddress(customer.did, wallet.address, subscription.id);
   const { state } = await client.getStakeState({ address });
   if (!state || !state.data?.value) {
     logger.warn('Stake slashing aborted because no staking state', {
@@ -337,7 +337,6 @@ const handleStakeSlashAfterCancel = async (subscription: Subscription) => {
     });
     return;
   }
-
   // check for staking for this subscription
   const data = JSON.parse(state.data.value || '{}');
   if (!data[subscription.id] && !state.nonce) {
@@ -350,22 +349,22 @@ const handleStakeSlashAfterCancel = async (subscription: Subscription) => {
   }
 
   // check for staking for amount
-  const staked = state.tokens.find((x: any) => x.address === currency.contract);
-  const revoked = state.revokedTokens.find((x: any) => x.address === currency.contract);
-  let total = new BN(0);
-  if (staked) {
-    total = total.add(new BN(staked.value));
-  }
-  if (revoked) {
-    total = total.add(new BN(revoked.value));
-  }
-  const isStakeEnough = total.gte(new BN(invoice.amount_remaining));
-  if (!isStakeEnough) {
+  const stakeEnough = await checkRemainingStake(method, currency, address, invoice.amount_remaining);
+  if (!stakeEnough.enough) {
     logger.warn('Stake slashing aborted because no enough staking', {
       subscription: subscription.id,
       address,
-      staked,
-      revoked,
+      staked: stakeEnough.staked,
+      revoked: stakeEnough.revoked,
+    });
+    return;
+  }
+
+  if (invoice.amount_remaining === '0') {
+    logger.warn('Stake slashing aborted because amount_remaining is 0', {
+      subscription: subscription.id,
+      address,
+      invoice: invoice.id,
     });
     return;
   }
@@ -374,7 +373,7 @@ const handleStakeSlashAfterCancel = async (subscription: Subscription) => {
   const signed = await client.signSlashStakeTx({
     tx: {
       itx: {
-        address: toStakeAddress(customer.did, wallet.address),
+        address: toStakeAddress(customer.did, wallet.address, subscription.id),
         outputs: [{ owner: wallet.address, tokens: [{ address: currency.contract, value: invoice.amount_remaining }] }],
         message: 'uncollectible_past_due_invoice',
         data: {
@@ -450,9 +449,27 @@ const ensureReturnStake = async (subscription: Subscription) => {
     logger.info(`Stake return skipped because subscription ${subscription.id} already has stake return records.`);
     return;
   }
+  const paymentCurrency = await PaymentCurrency.findByPk(subscription.currency_id);
+  if (!paymentCurrency) {
+    logger.warn('Stake return skipped because no payment currency', {
+      subscription: subscription.id,
+      currency: subscription.currency_id,
+    });
+    return;
+  }
 
   const result = await getSubscriptionStakeReturnSetup(subscription, address, paymentMethod);
 
+  const stakeEnough = await checkRemainingStake(paymentMethod, paymentCurrency, address, result.return_amount);
+  if (!stakeEnough.enough) {
+    logger.warn('Stake return skipped because no enough staking', {
+      subscription: subscription.id,
+      address,
+      staked: stakeEnough.staked,
+      revoked: stakeEnough.revoked,
+    });
+    return;
+  }
   if (result.return_amount !== '0') {
     // do the stake return
     const item = await Refund.create({
@@ -495,6 +512,148 @@ const ensureReturnStake = async (subscription: Subscription) => {
   }
 };
 
+const slashStakeOnCancel = async (subscription: Subscription) => {
+  const paymentMethod = await PaymentMethod.findByPk(subscription.default_payment_method_id);
+  if (paymentMethod?.type !== 'arcblock') {
+    logger.warn('Stake slashing skipped because payment method not arcblock', {
+      subscription: subscription.id,
+      paymentMethod: paymentMethod?.id,
+    });
+    return;
+  }
+  const customer = await Customer.findByPk(subscription.customer_id);
+  if (!customer) {
+    logger.warn('Stake slashing skipped because customer not found', {
+      subscription: subscription.id,
+      customer: subscription.customer_id,
+    });
+    return;
+  }
+  const client = paymentMethod.getOcapClient();
+  const address = toStakeAddress(customer.did, wallet.address, subscription.id);
+  const currency = await PaymentCurrency.findByPk(subscription.currency_id);
+  if (!currency) {
+    logger.warn('Stake slashing skipped because currency not found', {
+      subscription: subscription.id,
+      currency: subscription.currency_id,
+    });
+    return;
+  }
+  const result = await getSubscriptionStakeReturnSetup(subscription, address, paymentMethod);
+  const stakeEnough = await checkRemainingStake(paymentMethod, currency, address, result.return_amount);
+  if (!stakeEnough.enough) {
+    logger.warn('Stake slashing aborted because no enough staking', {
+      subscription: subscription.id,
+      address,
+      staked: stakeEnough.revoked,
+      revoked: stakeEnough.revoked,
+    });
+    return;
+  }
+
+  if (result.return_amount === '0') {
+    logger.warn('Stake slashing aborted because amount_remaining is 0', {
+      subscription: subscription.id,
+      address,
+      amount_remaining: result.return_amount,
+    });
+    return;
+  }
+
+  // do the slash
+  const signed = await client.signSlashStakeTx({
+    tx: {
+      itx: {
+        address: toStakeAddress(customer.did, wallet.address, subscription.id),
+        outputs: [{ owner: wallet.address, tokens: [{ address: currency.contract, value: result.return_amount }] }],
+        message: 'stake_slash_on_subscription_cancel',
+        data: {
+          typeUrl: 'json',
+          // @ts-ignore
+          value: {
+            appId: wallet.address,
+            reason: 'stake_slash_on_subscription_cancel',
+            subscriptionId: subscription.id,
+            invoiceId: subscription.latest_invoice_id,
+            paymentIntentId: result?.lastInvoice?.payment_intent_id as string,
+          },
+        },
+      },
+    },
+    wallet,
+  });
+  // @ts-ignore
+  const { buffer } = await client.encodeSlashStakeTx({ tx: signed });
+  // @ts-ignore
+  const txHash = await client.sendSlashStakeTx({ tx: signed, wallet }, getGasPayerExtra(buffer));
+  logger.info('Stake slashing done', {
+    subscription: subscription.id,
+    amount: result.return_amount,
+    address,
+    txHash,
+  });
+  // create new payment intent
+  const paymentIntent = await PaymentIntent.create({
+    livemode: subscription.livemode,
+    amount: result.return_amount,
+    amount_received: result.return_amount,
+    amount_capturable: '0',
+    currency_id: subscription.currency_id,
+    customer_id: subscription.customer_id,
+    payment_method_id: subscription.default_payment_method_id,
+    status: 'succeeded',
+    capture_method: 'manual',
+    last_payment_error: null,
+    description: 'Stake slash on subscription cancel',
+    statement_descriptor: result.lastInvoice?.statement_descriptor || getStatementDescriptor([]),
+    payment_method_types: ['arcblock'],
+    confirmation_method: '',
+    payment_details: {
+      arcblock: {
+        tx_hash: txHash,
+        payer: subscription.payment_details?.arcblock?.payer as string,
+        type: 'slash',
+      },
+    },
+  });
+  logger.info('Payment intent created for stake slash', {
+    paymentIntent: paymentIntent.id,
+    subscription: subscription.id,
+  });
+  // 创建一笔账单关联到该订阅
+  const { invoice } = await ensureInvoiceAndItems({
+    customer,
+    currency,
+    subscription,
+    trialing: false,
+    metered: true,
+    lineItems: [],
+    props: {
+      livemode: subscription.livemode,
+      description: 'Slash stake',
+      statement_descriptor: result.lastInvoice?.statement_descriptor,
+      period_start: subscription.canceled_at,
+      period_end: subscription.canceled_at,
+
+      auto_advance: true,
+      status: 'paid',
+      billing_reason: 'stake_slash_on_subscription_cancel',
+      currency_id: subscription.currency_id,
+
+      total: result.return_amount,
+      amount_paid: result.return_amount,
+      amount_remaining: '0',
+      amount_due: '0',
+
+      payment_settings: subscription.payment_settings,
+      default_payment_method_id: subscription.default_payment_method_id,
+      payment_intent_id: paymentIntent.id,
+    } as unknown as Invoice,
+  });
+  logger.info('Invoice created for stake slash', { invoice: invoice.id, subscription: subscription.id });
+  paymentIntent.update({ invoice_id: invoice.id });
+};
+
 // generate invoice for subscription periodically
 export const handleSubscription = async (job: SubscriptionJob) => {
   logger.info('handle subscription', job);
@@ -588,6 +747,44 @@ export const startSubscriptionQueue = async () => {
   await batchHandleStripeSubscriptions();
 };
 
+export const slashStakeQueue = createQueue({
+  name: 'slashStake',
+  onJob: async (job) => {
+    const { subscriptionId } = job;
+    const subscription = await Subscription.findByPk(subscriptionId);
+    if (!subscription) {
+      return;
+    }
+    await slashStakeOnCancel(subscription);
+  },
+  options: {
+    concurrency: 1,
+    maxRetries: 5,
+    retryDelay: 1000,
+    maxTimeout: 60000,
+    enableScheduledJob: true,
+  },
+});
+
+export const returnStakeQueue = createQueue({
+  name: 'returnStake',
+  onJob: async (job) => {
+    const { subscriptionId } = job;
+    const subscription = await Subscription.findByPk(subscriptionId);
+    if (!subscription) {
+      return;
+    }
+    await ensureReturnStake(subscription);
+  },
+  options: {
+    concurrency: 1,
+    maxRetries: 5,
+    retryDelay: 1000,
+    maxTimeout: 60000,
+    enableScheduledJob: true,
+  },
+});
+
 export async function addSubscriptionJob(
   subscription: Subscription,
   action: 'cycle' | 'cancel' | 'resume',
@@ -647,10 +844,10 @@ events.on('customer.subscription.deleted', (subscription: Subscription) => {
   });
   // FIXME: ensure invoices that are open or uncollectible are voided
 
-  if (subscription.cancelation_details?.return_stake) {
-    ensureReturnStake(subscription).catch((err) => {
-      logger.error('ensureReturnStake failed', { error: err, subscription: subscription.id });
-    });
+  if (subscription.cancelation_details?.slash_stake) {
+    slashStakeQueue.push({ id: `slash-stake-${subscription.id}`, job: { subscriptionId: subscription.id } });
+  } else if (subscription.cancelation_details?.return_stake) {
+    returnStakeQueue.push({ id: `return-stake-${subscription.id}`, job: { subscriptionId: subscription.id } });
   }
 });
 

package/api/src/routes/checkout-sessions.ts

@@ -13,6 +13,7 @@ import sortBy from 'lodash/sortBy';
 import uniq from 'lodash/uniq';
 import type { WhereOptions } from 'sequelize';
 
+import { MetadataSchema } from '@api/libs/api';
 import { checkPassportForPaymentLink } from '../integrations/blocklet/passport';
 import { handleStripePaymentSucceed } from '../integrations/stripe/handlers/payment-intent';
 import { handleStripeSubscriptionSucceed } from '../integrations/stripe/handlers/subscription';
@@ -1350,6 +1351,10 @@ router.put('/:id', auth, async (req, res) => {
 
   const raw = pick(req.body, ['metadata']);
   if (raw.metadata) {
+    const { error: metadataError } = MetadataSchema.validate(raw.metadata);
+    if (metadataError) {
+      return res.status(400).json({ error: metadataError });
+    }
     raw.metadata = formatMetadata(raw.metadata);
   }
 

package/api/src/routes/customers.ts

@@ -2,9 +2,10 @@ import { user } from '@blocklet/sdk/lib/middlewares';
 import { Router } from 'express';
 import Joi from 'joi';
 import pick from 'lodash/pick';
+import isEmail from 'validator/es/lib/isEmail';
 
 import { getStakeSummaryByDid, getTokenSummaryByDid } from '../integrations/arcblock/stake';
-import { createListParamSchema, getWhereFromKvQuery, getWhereFromQuery } from '../libs/api';
+import { createListParamSchema, getWhereFromKvQuery, getWhereFromQuery, MetadataSchema } from '../libs/api';
 import { authenticate } from '../libs/security';
 import { formatMetadata } from '../libs/util';
 import { Customer } from '../store/models/customer';
@@ -140,6 +141,27 @@ router.get('/:id/summary', auth, async (req, res) => {
   }
 });
 
+const updateCustomerSchema = Joi.object({
+  metadata: MetadataSchema,
+  name: Joi.string().min(2).max(30).empty(''),
+  email: Joi.string()
+    .custom((value, helpers) => {
+      if (!isEmail(value)) {
+        return helpers.error('any.invalid');
+      }
+      return value;
+    })
+    .empty(''),
+  phone: Joi.string().empty(''),
+  address: Joi.object({
+    country: Joi.string().empty(''),
+    state: Joi.string().max(50).empty(''),
+    city: Joi.string().max(50).empty(''),
+    line1: Joi.string().max(100).empty(''),
+    line2: Joi.string().max(100).empty(''),
+    postal_code: Joi.string().max(20).empty(''),
+  }).empty(''),
+}).unknown(true);
 // eslint-disable-next-line consistent-return
 router.put('/:id', authPortal, async (req, res) => {
   try {
@@ -149,6 +171,10 @@ router.put('/:id', authPortal, async (req, res) => {
     }
 
     const raw = pick(req.body, ['metadata', 'name', 'email', 'phone', 'address']);
+    const { error } = updateCustomerSchema.validate(raw);
+    if (error) {
+      return res.status(400).json({ error: error.message });
+    }
     if (raw.metadata) {
       raw.metadata = formatMetadata(raw.metadata);
     }

package/api/src/routes/invoices.ts

@@ -6,7 +6,7 @@ import { Op } from 'sequelize';
 
 import { syncStripeInvoice } from '../integrations/stripe/handlers/invoice';
 import { syncStripePayment } from '../integrations/stripe/handlers/payment-intent';
-import { createListParamSchema, getWhereFromKvQuery } from '../libs/api';
+import { createListParamSchema, getWhereFromKvQuery, MetadataSchema } from '../libs/api';
 import { authenticate } from '../libs/security';
 import { expandLineItems } from '../libs/session';
 import { formatMetadata } from '../libs/util';
@@ -323,6 +323,10 @@ router.put('/:id', authAdmin, async (req, res) => {
 
     const raw = pick(req.body, ['metadata']);
     if (raw.metadata) {
+      const { error } = MetadataSchema.validate(raw.metadata);
+      if (error) {
+        return res.status(400).json({ error: error.message });
+      }
       raw.metadata = formatMetadata(raw.metadata);
     }
 

package/api/src/routes/payment-intents.ts

@@ -6,7 +6,13 @@ import pick from 'lodash/pick';
 import { BN, fromTokenToUnit } from '@ocap/util';
 import { syncStripeInvoice } from '../integrations/stripe/handlers/invoice';
 import { syncStripePayment } from '../integrations/stripe/handlers/payment-intent';
-import { BNPositiveValidator, createListParamSchema, getWhereFromKvQuery, getWhereFromQuery } from '../libs/api';
+import {
+  BNPositiveValidator,
+  createListParamSchema,
+  getWhereFromKvQuery,
+  getWhereFromQuery,
+  MetadataSchema,
+} from '../libs/api';
 import { authenticate } from '../libs/security';
 import { formatMetadata } from '../libs/util';
 import { paymentQueue } from '../queues/payment';
@@ -200,6 +206,10 @@ router.put('/:id', authAdmin, async (req, res) => {
 
     const raw = pick(req.body, ['metadata']);
     if (raw.metadata) {
+      const { error: metadataError } = MetadataSchema.validate(raw.metadata);
+      if (metadataError) {
+        return res.status(400).json({ error: `metadata invalid: ${metadataError.message}` });
+      }
       raw.metadata = formatMetadata(raw.metadata);
     }
 
@@ -242,7 +252,7 @@ const refundRequestSchema = Joi.object({
   reason: Joi.string()
     .valid('duplicate', 'requested_by_customer', 'requested_by_admin', 'fraudulent', 'expired_uncaptured_charge')
     .required(),
-  description: Joi.string().required(),
+  description: Joi.string().max(200).required(),
   metadata: Joi.object().optional(),
 });
 
@@ -264,6 +274,11 @@ router.put('/:id/refund', authAdmin, async (req, res) => {
       throw new Error('PaymentIntent not found');
     }
 
+    // @ts-ignore
+    if (doc.payment_details?.arcblock?.type === 'slash' && doc.paymentMethod?.type === 'arcblock') {
+      throw new Error('PaymentIntent refund not supported for slash payment');
+    }
+
     const invoice = await Invoice.findByPk(doc.invoice_id);
     await syncStripePaymentAndInvoice(doc, invoice, req);
     // @ts-ignore