payment-kit 1.18.10 → 1.18.12

package/api/src/libs/util.ts

@@ -11,7 +11,7 @@ import { joinURL, withQuery, withTrailingSlash } from 'ufo';
 import axios from 'axios';
 import dayjs from './dayjs';
 import { blocklet, wallet } from './auth';
-import type { Subscription } from '../store/models';
+import type { PaymentMethod, Subscription } from '../store/models';
 import logger from './logger';
 
 export const OCAP_PAYMENT_TX_TYPE = 'fg:t:transfer_v2';
@@ -73,7 +73,7 @@ export const STRIPE_EVENTS: any[] = [
   'refund.updated',
 ];
 
-const api = axios.create({
+export const api = axios.create({
   timeout: 10 * 1000,
 });
 
@@ -458,3 +458,53 @@ export function getAdminBillingSubscriptionUrl({
 export function getCustomerIndexUrl({ locale, userDid }: { locale: string; userDid: string }) {
   return getUrl(withQuery('customer', { locale, ...getConnectQueryParam({ userDid }) }));
 }
+
+// Check if user is in blocklist
+export async function isUserInBlocklist(did: string, paymentMethod: PaymentMethod): Promise<boolean> {
+  try {
+    // Get API host from payment method settings
+    // @ts-ignore
+    const apiHost = paymentMethod?.settings?.[paymentMethod.type]?.api_host;
+    if (!apiHost) {
+      logger.warn('No API host found in payment method settings', { paymentMethodId: paymentMethod.id });
+      return false;
+    }
+
+    // Get user information
+    const { user }: { user: any } = await blocklet.getUser(did);
+    if (!user) {
+      logger.error('User not found', { did });
+      return false;
+    }
+    // Get all wallet DIDs associated with the user
+    const connectedAccounts = user.connectedAccounts || user.extraConfigs?.connectedAccounts || [];
+    const walletDids = connectedAccounts
+      .filter((account: any) => account.provider === 'wallet')
+      .map((account: any) => account.did);
+
+    if (!walletDids.length) {
+      logger.info('No wallet DIDs found for user', { did });
+      return false;
+    }
+
+    const blockedUrl = joinURL(apiHost, '/blocked');
+    const blockedResponse = await api.get(blockedUrl);
+    const blockedDids = blockedResponse.data || [];
+
+    if (!Array.isArray(blockedDids) || blockedDids.length === 0) {
+      return false;
+    }
+
+    // Check if any of the user's DIDs are in the blocklist
+    const isBlocked = walletDids.some((walletDid: string) => blockedDids.includes(walletDid));
+
+    if (isBlocked) {
+      logger.info('User is in blocklist', { did, walletDids, blockedDids });
+    }
+
+    return isBlocked;
+  } catch (error) {
+    logger.error('Error checking blocklist', { error: error.message, did });
+    return false; // Default to allowing payment on error
+  }
+}

package/api/src/routes/checkout-sessions.ts

@@ -48,7 +48,13 @@ import {
   getSubscriptionCreateSetup,
   getSubscriptionTrialSetup,
 } from '../libs/subscription';
-import { CHECKOUT_SESSION_TTL, formatAmountPrecisionLimit, formatMetadata, getDataObjectFromQuery } from '../libs/util';
+import {
+  CHECKOUT_SESSION_TTL,
+  formatAmountPrecisionLimit,
+  formatMetadata,
+  getDataObjectFromQuery,
+  isUserInBlocklist,
+} from '../libs/util';
 import { invoiceQueue } from '../queues/invoice';
 import { paymentQueue } from '../queues/payment';
 import {
@@ -70,6 +76,7 @@ import { SetupIntent } from '../store/models/setup-intent';
 import { Subscription } from '../store/models/subscription';
 import { SubscriptionItem } from '../store/models/subscription-item';
 import { ensureInvoiceForCheckout } from './connect/shared';
+import { CHARGE_SUPPORTED_CHAIN_TYPES } from '../libs/constants';
 
 const router = Router();
 
@@ -692,6 +699,16 @@ router.put('/:id/submit', user, ensureCheckoutSessionOpen, async (req, res) => {
       });
     }
 
+    // check if user in block list
+    if (CHARGE_SUPPORTED_CHAIN_TYPES.includes(paymentMethod.type)) {
+      const inBlock = await isUserInBlocklist(req.user.did, paymentMethod);
+      if (inBlock) {
+        return res
+          .status(403)
+          .json({ code: 'PAYMENT_RESTRICTED', error: 'Unable to process your purchase at this time' });
+      }
+    }
+
     await checkoutSession.update({ customer_id: customer.id, customer_did: req.user.did });
 
     // payment intent is only created when checkout session is in payment mode

package/api/src/routes/connect/change-payment.ts

@@ -17,6 +17,7 @@ import logger from '../../libs/logger';
 export default {
   action: 'change-payment',
   authPrincipal: false,
+  persistentDynamicClaims: true,
   claims: {
     authPrincipal: async ({ extraParams }: CallbackArgs) => {
       const { paymentMethod } = await ensureChangePaymentContext(extraParams.subscriptionId);

package/api/src/routes/connect/change-plan.ts

@@ -21,6 +21,7 @@ import logger from '../../libs/logger';
 export default {
   action: 'change-plan',
   authPrincipal: false,
+  persistentDynamicClaims: true,
   claims: {
     authPrincipal: async ({ extraParams }: CallbackArgs) => {
       const { paymentMethod } = await ensureSubscription(extraParams.subscriptionId);

package/api/src/routes/connect/setup.ts

@@ -22,6 +22,7 @@ import { EVM_CHAIN_TYPES } from '../../libs/constants';
 export default {
   action: 'setup',
   authPrincipal: false,
+  persistentDynamicClaims: true,
   claims: {
     authPrincipal: async ({ extraParams }: CallbackArgs) => {
       const { paymentMethod } = await ensureSetupIntent(extraParams.checkoutSessionId);

package/api/src/routes/connect/shared.ts

@@ -1011,6 +1011,7 @@ export async function executeOcapTransactions(
   nonce?: string
 ) {
   const client = paymentMethod.getOcapClient();
+  logger.info('start executeOcapTransactions', claims);
   const delegation = claims.find((x) => x.type === 'signature' && x.meta?.purpose === 'delegation');
   const staking = claims.find((x) => x.type === 'prepareTx' && x.meta?.purpose === 'staking');
   const transactions = [
@@ -1021,40 +1022,45 @@ export async function executeOcapTransactions(
   const stakingAmount =
     staking?.requirement?.tokens?.find((x: any) => x.address === paymentCurrencyContract)?.value || '0';
 
-  const [delegationTxHash, stakingTxHash] = await Promise.all(
-    transactions.map(async ([claim, type]) => {
-      if (!claim) {
-        return '';
-      }
-
-      const tx: Partial<Transaction> = client.decodeTx(claim.finalTx || claim.origin);
-      if (claim.sig) {
-        tx.signature = claim.sig;
-      }
-
-      // @ts-ignore
-      const { buffer } = await client[`encode${type}Tx`]({ tx });
-      // @ts-ignore
-      const txHash = await client[`send${type}Tx`](
-        // @ts-ignore
-        { tx, wallet: fromPublicKey(userPk, toTypeInfo(userDid)) },
-        getGasPayerExtra(buffer, client.pickGasPayerHeaders(request))
+    try {
+      const [delegationTxHash, stakingTxHash] = await Promise.all(
+        transactions.map(async ([claim, type]) => {
+          if (!claim) {
+            return '';
+          }
+    
+          const tx: Partial<Transaction> = client.decodeTx(claim.finalTx || claim.origin);
+          if (claim.sig) {
+            tx.signature = claim.sig;
+          }
+    
+          // @ts-ignore
+          const { buffer } = await client[`encode${type}Tx`]({ tx });
+          // @ts-ignore
+          const txHash = await client[`send${type}Tx`](
+            // @ts-ignore
+            { tx, wallet: fromPublicKey(userPk, toTypeInfo(userDid)) },
+            getGasPayerExtra(buffer, client.pickGasPayerHeaders(request))
+          );
+    
+          return txHash;
+        })
       );
-
-      return txHash;
-    })
-  );
-
-  return {
-    tx_hash: delegationTxHash,
-    payer: userDid,
-    type: 'delegate',
-    staking: {
-      tx_hash: stakingTxHash,
-      address: await getCustomerStakeAddress(userDid, nonce || subscriptionId || ''),
-    },
-    stakingAmount,
-  };
+      
+      return {
+        tx_hash: delegationTxHash,
+        payer: userDid,
+        type: 'delegate',
+        staking: {
+          tx_hash: stakingTxHash,
+          address: await getCustomerStakeAddress(userDid, nonce || subscriptionId || ''),
+        },
+        stakingAmount,
+      };
+    } catch (err) {
+      logger.error('executeOcapTransactions failed', err);
+      throw err;
+    }
 }
 
 

package/api/src/routes/connect/subscribe.ts

@@ -23,6 +23,7 @@ import { EVM_CHAIN_TYPES } from '../../libs/constants';
 export default {
   action: 'subscription',
   authPrincipal: false,
+  persistentDynamicClaims: true,
   claims: {
     authPrincipal: async ({ extraParams }: CallbackArgs) => {
       const { paymentMethod } = await ensurePaymentIntent(extraParams.checkoutSessionId);
@@ -151,15 +152,15 @@ export default {
     if (!subscription) {
       throw new Error('Subscription for checkoutSession not found');
     }
-
+    const paymentSettings = {
+      payment_method_types: [paymentMethod.type],
+      payment_method_options: {
+        [paymentMethod.type]: { payer: userDid },
+      },
+    };
     const prepareTxExecution = async () => {
       await subscription.update({
-        payment_settings: {
-          payment_method_types: [paymentMethod.type],
-          payment_method_options: {
-            [paymentMethod.type]: { payer: userDid },
-          },
-        },
+        payment_settings: paymentSettings,
       });
     };
 
@@ -179,7 +180,9 @@ export default {
     if (paymentMethod.type === 'arcblock') {
       await prepareTxExecution();
       const { invoice } = await ensureInvoiceForCheckout({ checkoutSession, customer, subscription });
-
+      if (invoice) {
+        await invoice.update({ payment_settings: paymentSettings });
+      }
       const { stakingAmount, ...paymentDetails } = await executeOcapTransactions(
         userDid,
         userPk,
@@ -217,6 +220,9 @@ export default {
     if (EVM_CHAIN_TYPES.includes(paymentMethod.type)) {
       await prepareTxExecution();
       const { invoice } = await ensureInvoiceForCheckout({ checkoutSession, customer, subscription });
+      if (invoice) {
+        await invoice.update({ payment_settings: paymentSettings });
+      }
       broadcastEvmTransaction(checkoutSessionId, 'pending', claimsList);
 
       const paymentDetails = await executeEvmTransaction('approve', userDid, claimsList, paymentMethod);

package/api/tests/libs/util.spec.ts

@@ -11,8 +11,13 @@ import {
   getNextRetry,
   tryWithTimeout,
   getSubscriptionNotificationCustomActions,
+  isUserInBlocklist,
+  api,
 } from '../../src/libs/util';
-import type { Subscription } from '../../src/store/models';
+import type { Subscription, PaymentMethod } from '../../src/store/models';
+
+import { blocklet } from '../../src/libs/auth';
+import logger from '../../src/libs/logger';
 
 describe('createIdGenerator', () => {
   it('should return a function that generates an ID with the specified prefix and size', () => {
@@ -375,3 +380,276 @@ describe('getSubscriptionNotificationCustomActions', () => {
     });
   });
 });
+
+describe('isUserInBlocklist', () => {
+  let mockAxios: any;
+  let mockBlocklet: any;
+  let mockLogger: any;
+
+  beforeEach(() => {
+    mockAxios = jest.spyOn(api, 'get').mockImplementation();
+
+    mockBlocklet = jest.spyOn(blocklet, 'getUser').mockImplementation();
+
+    mockLogger = {
+      warn: jest.spyOn(logger, 'warn').mockImplementation(),
+      info: jest.spyOn(logger, 'info').mockImplementation(),
+      error: jest.spyOn(logger, 'error').mockImplementation(),
+    };
+  });
+
+  afterEach(() => {
+    jest.clearAllMocks();
+    jest.resetAllMocks();
+    jest.restoreAllMocks();
+  });
+
+  it('should return true when user DID is in blocklist', async () => {
+    // Setup mocks
+    const userDid = 'did:user:123';
+    const paymentMethod = {
+      id: 'pm_123',
+      type: 'arcblock',
+      settings: {
+        arcblock: {
+          api_host: 'https://api.example.com',
+        },
+      },
+    } as PaymentMethod;
+
+    mockAxios.mockResolvedValueOnce({ data: ['did:user:123', 'did:user:456'] });
+    mockBlocklet.mockResolvedValueOnce({
+      user: {
+        did: userDid,
+        connectedAccounts: [{ provider: 'wallet', did: userDid }],
+      },
+    });
+
+    // Execute
+    const result = await isUserInBlocklist(userDid, paymentMethod);
+
+    // Verify
+    expect(result).toBe(true);
+    expect(mockAxios).toHaveBeenCalledWith('https://api.example.com/blocked');
+    expect(mockBlocklet).toHaveBeenCalledWith(userDid);
+    expect(mockLogger.info).toHaveBeenCalled();
+  });
+
+  it('should return true when user wallet DID is in blocklist', async () => {
+    // Setup mocks
+    const userDid = 'did:user:123';
+    const walletDid = 'did:wallet:456';
+    const paymentMethod = {
+      id: 'pm_123',
+      type: 'arcblock',
+      settings: {
+        arcblock: {
+          api_host: 'https://api.example.com',
+        },
+      },
+    } as PaymentMethod;
+
+    mockAxios.mockResolvedValueOnce({ data: ['did:wallet:456', 'did:user:789'] });
+    mockBlocklet.mockResolvedValueOnce({
+      user: {
+        did: userDid,
+        connectedAccounts: [{ provider: 'wallet', did: walletDid }],
+      },
+    });
+
+    // Execute
+    const result = await isUserInBlocklist(userDid, paymentMethod);
+
+    // Verify
+    expect(result).toBe(true);
+    expect(mockAxios).toHaveBeenCalledWith('https://api.example.com/blocked');
+    expect(mockBlocklet).toHaveBeenCalledWith(userDid);
+  });
+
+  it('should return false when user is not in blocklist', async () => {
+    // Setup mocks
+    const userDid = 'did:user:123';
+    const walletDid = 'did:wallet:456';
+    const paymentMethod = {
+      id: 'pm_123',
+      type: 'arcblock',
+      settings: {
+        arcblock: {
+          api_host: 'https://api.example.com',
+        },
+      },
+    } as PaymentMethod;
+
+    mockAxios.mockResolvedValueOnce({ data: ['did:user:789', 'did:wallet:789'] });
+    mockBlocklet.mockResolvedValueOnce({
+      user: {
+        did: userDid,
+        connectedAccounts: [{ provider: 'wallet', did: walletDid }],
+      },
+    });
+
+    // Execute
+    const result = await isUserInBlocklist(userDid, paymentMethod);
+
+    // Verify
+    expect(result).toBe(false);
+    expect(mockAxios).toHaveBeenCalledWith('https://api.example.com/blocked');
+    expect(mockBlocklet).toHaveBeenCalledWith(userDid);
+  });
+
+  it('should handle API host with trailing slash', async () => {
+    // Setup mocks
+    const userDid = 'did:user:123';
+    const paymentMethod = {
+      id: 'pm_123',
+      type: 'arcblock',
+      settings: {
+        arcblock: {
+          api_host: 'https://api.example.com/',
+        },
+      },
+    } as PaymentMethod;
+
+    mockAxios.mockResolvedValueOnce({ data: ['did:user:789'] });
+    mockBlocklet.mockResolvedValueOnce({
+      user: {
+        did: userDid,
+        connectedAccounts: [{ provider: 'wallet', did: userDid }],
+      },
+    });
+
+    // Execute
+    await isUserInBlocklist(userDid, paymentMethod);
+
+    // Verify - 确保调用了正确的 URL
+    expect(mockAxios).toHaveBeenCalledWith('https://api.example.com/blocked');
+  });
+
+  it('should return false when API host is not found', async () => {
+    // Setup mocks
+    const userDid = 'did:user:123';
+    const paymentMethod = {
+      id: 'pm_123',
+      type: 'arcblock',
+      settings: {},
+    } as PaymentMethod;
+
+    // Execute
+    const result = await isUserInBlocklist(userDid, paymentMethod);
+
+    // Verify
+    expect(result).toBe(false);
+    expect(mockLogger.warn).toHaveBeenCalled();
+    expect(mockAxios).not.toHaveBeenCalled();
+  });
+
+  it('should return false when blocklist is empty', async () => {
+    // Setup mocks
+    const userDid = 'did:user:123';
+    const paymentMethod = {
+      id: 'pm_123',
+      type: 'arcblock',
+      settings: {
+        arcblock: {
+          api_host: 'https://api.example.com',
+        },
+      },
+    } as PaymentMethod;
+
+    // 先模拟用户信息获取
+    mockBlocklet.mockResolvedValueOnce({
+      user: {
+        did: userDid,
+        connectedAccounts: [{ provider: 'wallet', did: userDid }],
+      },
+    });
+
+    // 再模拟空黑名单
+    mockAxios.mockResolvedValueOnce({ data: [] });
+
+    // Execute
+    const result = await isUserInBlocklist(userDid, paymentMethod);
+
+    // Verify
+    expect(result).toBe(false);
+    expect(mockBlocklet).toHaveBeenCalled(); // 现在应该调用了用户信息获取
+  });
+
+  it('should return false when user is not found', async () => {
+    // Setup mocks
+    const userDid = 'did:user:123';
+    const paymentMethod = {
+      id: 'pm_123',
+      type: 'arcblock',
+      settings: {
+        arcblock: {
+          api_host: 'https://api.example.com',
+        },
+      },
+    } as PaymentMethod;
+
+    mockAxios.mockResolvedValueOnce({ data: ['did:user:123'] });
+    mockBlocklet.mockResolvedValueOnce({ user: null });
+
+    // Execute
+    const result = await isUserInBlocklist(userDid, paymentMethod);
+
+    // Verify
+    expect(result).toBe(false);
+    expect(mockLogger.error).toHaveBeenCalled();
+  });
+
+  it('should return false when API request fails', async () => {
+    // Setup mocks
+    const userDid = 'did:user:123';
+    const paymentMethod = {
+      id: 'pm_123',
+      type: 'arcblock',
+      settings: {
+        arcblock: {
+          api_host: 'https://api.example.com',
+        },
+      },
+    } as PaymentMethod;
+
+    mockAxios.mockRejectedValueOnce(new Error('Network error'));
+
+    // Execute
+    const result = await isUserInBlocklist(userDid, paymentMethod);
+
+    // Verify
+    expect(result).toBe(false);
+    expect(mockLogger.error).toHaveBeenCalled();
+  });
+
+  it('should handle extraConfigs for connected accounts', async () => {
+    // Setup mocks
+    const userDid = 'did:user:123';
+    const walletDid = 'did:wallet:456';
+    const paymentMethod = {
+      id: 'pm_123',
+      type: 'arcblock',
+      settings: {
+        arcblock: {
+          api_host: 'https://api.example.com',
+        },
+      },
+    } as PaymentMethod;
+
+    mockAxios.mockResolvedValueOnce({ data: ['did:wallet:456'] });
+    mockBlocklet.mockResolvedValueOnce({
+      user: {
+        did: userDid,
+        extraConfigs: {
+          connectedAccounts: [{ provider: 'wallet', did: walletDid }],
+        },
+      },
+    });
+
+    // Execute
+    const result = await isUserInBlocklist(userDid, paymentMethod);
+
+    // Verify
+    expect(result).toBe(true);
+  });
+});

package/blocklet.yml

@@ -14,7 +14,7 @@ repository:
   type: git
   url: git+https://github.com/blocklet/payment-kit.git
 specVersion: 1.2.8
-version: 1.18.10
+version: 1.18.12
 logo: logo.png
 files:
   - dist

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "payment-kit",
-  "version": "1.18.10",
+  "version": "1.18.12",
   "scripts": {
     "dev": "blocklet dev --open",
     "eject": "vite eject",
@@ -44,29 +44,29 @@
   },
   "dependencies": {
     "@abtnode/cron": "^1.16.39",
-    "@arcblock/did": "^1.19.10",
+    "@arcblock/did": "^1.19.14",
     "@arcblock/did-auth-storage-nedb": "^1.7.1",
     "@arcblock/did-connect": "^2.11.48",
-    "@arcblock/did-util": "^1.19.10",
-    "@arcblock/jwt": "^1.19.10",
+    "@arcblock/did-util": "^1.19.14",
+    "@arcblock/jwt": "^1.19.14",
     "@arcblock/ux": "^2.11.48",
-    "@arcblock/validator": "^1.19.10",
+    "@arcblock/validator": "^1.19.14",
     "@blocklet/js-sdk": "^1.16.39",
     "@blocklet/logger": "^1.16.39",
-    "@blocklet/payment-react": "1.18.10",
+    "@blocklet/payment-react": "1.18.12",
     "@blocklet/sdk": "^1.16.39",
     "@blocklet/ui-react": "^2.11.48",
-    "@blocklet/uploader": "^0.1.70",
-    "@blocklet/xss": "^0.1.25",
+    "@blocklet/uploader": "^0.1.71",
+    "@blocklet/xss": "^0.1.27",
     "@mui/icons-material": "^5.16.6",
     "@mui/lab": "^5.0.0-alpha.173",
     "@mui/material": "^5.16.6",
     "@mui/system": "^5.16.6",
-    "@ocap/asset": "^1.19.10",
-    "@ocap/client": "^1.19.10",
-    "@ocap/mcrypto": "^1.19.10",
-    "@ocap/util": "^1.19.10",
-    "@ocap/wallet": "^1.19.10",
+    "@ocap/asset": "^1.19.14",
+    "@ocap/client": "^1.19.14",
+    "@ocap/mcrypto": "^1.19.14",
+    "@ocap/util": "^1.19.14",
+    "@ocap/wallet": "^1.19.14",
     "@stripe/react-stripe-js": "^2.7.3",
     "@stripe/stripe-js": "^2.4.0",
     "ahooks": "^3.8.0",
@@ -121,7 +121,7 @@
   "devDependencies": {
     "@abtnode/types": "^1.16.39",
     "@arcblock/eslint-config-ts": "^0.3.3",
-    "@blocklet/payment-types": "1.18.10",
+    "@blocklet/payment-types": "1.18.12",
     "@types/cookie-parser": "^1.4.7",
     "@types/cors": "^2.8.17",
     "@types/debug": "^4.1.12",
@@ -167,5 +167,5 @@
       "parser": "typescript"
     }
   },
-  "gitHead": "942a9f4057f0cb1e7b3409d469b20c54ab7924a0"
+  "gitHead": "7efd2af5c272e4928da6864edfcbd3f9054c722b"
 }