payment-kit 1.18.12 → 1.18.14

package/api/src/queues/payout.ts

@@ -0,0 +1,297 @@
+import dayjs from '../libs/dayjs';
+import { events } from '../libs/event';
+import logger from '../libs/logger';
+import { getGasPayerExtra } from '../libs/payment';
+import createQueue from '../libs/queue';
+import { wallet, ethWallet } from '../libs/auth';
+import { sendErc20ToUser } from '../integrations/ethereum/token';
+import { PaymentMethod } from '../store/models/payment-method';
+import { PaymentCurrency } from '../store/models/payment-currency';
+import { Payout } from '../store/models/payout';
+import { EVM_CHAIN_TYPES } from '../libs/constants';
+import type { PaymentError } from '../store/models/types';
+import { getNextRetry, MAX_RETRY_COUNT } from '../libs/util';
+
+type PayoutJob = {
+  payoutId: string;
+  retryOnError?: boolean;
+};
+
+type ValidationResult =
+  | { valid: false }
+  | { valid: true; payout: Payout; paymentMethod: PaymentMethod; paymentCurrency: PaymentCurrency };
+
+// Validate payout and fetch required data
+async function validatePayoutAndFetchData(job: PayoutJob): Promise<ValidationResult> {
+  const payout = await Payout.findByPk(job.payoutId);
+  if (!payout) {
+    logger.warn('Payout not found', { id: job.payoutId });
+    return { valid: false };
+  }
+
+  if (payout.status !== 'pending') {
+    logger.warn('Payout status not expected', { id: payout.id, status: payout.status });
+    return { valid: false };
+  }
+
+  const paymentMethod = await PaymentMethod.findByPk(payout.payment_method_id);
+  if (!paymentMethod) {
+    logger.warn('PaymentMethod not found', { id: payout.payment_method_id });
+    return { valid: false };
+  }
+
+  const paymentCurrency = await PaymentCurrency.findByPk(payout.currency_id);
+  if (!paymentCurrency) {
+    logger.warn('PaymentCurrency not found', { id: payout.currency_id });
+    return { valid: false };
+  }
+
+  return {
+    valid: true,
+    payout,
+    paymentMethod,
+    paymentCurrency,
+  };
+}
+
+// Process Arcblock chain payout
+async function processArcblockPayout(payout: Payout, paymentMethod: PaymentMethod, paymentCurrency: PaymentCurrency) {
+  const client = paymentMethod.getOcapClient();
+
+  const signed = await client.signTransferV2Tx({
+    tx: {
+      itx: {
+        to: payout.destination,
+        value: '0',
+        assets: [],
+        tokens: [{ address: paymentCurrency.contract, value: payout.amount }],
+        data: {
+          typeUrl: 'json',
+          // @ts-ignore Type issue, won't affect server runtime
+          value: {
+            appId: wallet.address,
+            reason: 'payout',
+            payoutId: payout.id,
+          },
+        },
+      },
+    },
+    wallet,
+  });
+  // @ts-ignore
+  const { buffer } = await client.encodeTransferV2Tx({ tx: signed });
+  // @ts-ignore
+  const txHash = await client.sendTransferV2Tx({ tx: signed, wallet }, getGasPayerExtra(buffer));
+
+  logger.info('Payout completed', { id: payout.id, txHash });
+
+  await payout.update({
+    status: 'paid',
+    last_attempt_error: null,
+    attempt_count: payout.attempt_count + 1,
+    attempted: true,
+    payment_details: {
+      arcblock: {
+        tx_hash: txHash,
+        payer: wallet.address,
+        type: 'transfer',
+      },
+    },
+  });
+}
+
+// Process EVM chain payout
+async function processEvmPayout(payout: Payout, paymentMethod: PaymentMethod, paymentCurrency: PaymentCurrency) {
+  if (!paymentCurrency.contract) {
+    throw new Error('Payout not supported for ethereum payment currencies without contract');
+  }
+
+  const client = paymentMethod.getEvmClient();
+  const paymentType = paymentMethod.type;
+
+  // Send ERC20 tokens from system wallet to user address
+  const receipt = await sendErc20ToUser(client, paymentCurrency.contract, payout.destination, payout.amount);
+
+  logger.info('Payout completed', { id: payout.id, txHash: receipt.hash });
+
+  await payout.update({
+    status: 'paid',
+    last_attempt_error: null,
+    attempt_count: payout.attempt_count + 1,
+    attempted: true,
+    payment_details: {
+      [paymentType]: {
+        tx_hash: receipt.hash,
+        payer: ethWallet.address,
+        block_height: receipt.blockNumber.toString(),
+        gas_used: receipt.gasUsed.toString(),
+        gas_price: receipt.gasPrice.toString(),
+        type: 'transfer',
+      },
+    },
+  });
+}
+
+// Handle payout failure with retry logic
+async function handlePayoutFailure(payout: Payout, paymentMethod: PaymentMethod, error: any, retryOnError: boolean) {
+  const paymentError: PaymentError = {
+    type: 'card_error',
+    code: error.code,
+    message: error.message,
+    payment_method_id: paymentMethod.id,
+    payment_method_type: paymentMethod.type,
+  };
+
+  if (!retryOnError) {
+    // Mark as failed without retry
+    await payout.update({
+      status: 'failed',
+      last_attempt_error: paymentError,
+      attempt_count: payout.attempt_count + 1,
+      attempted: true,
+      failure_message: error.message,
+    });
+    return;
+  }
+
+  const attemptCount = payout.attempt_count + 1;
+
+  if (attemptCount >= MAX_RETRY_COUNT) {
+    // Exceeded max retry count
+    await payout.update({
+      status: 'failed',
+      last_attempt_error: paymentError,
+      attempt_count: attemptCount,
+      attempted: true,
+      failure_message: error.message,
+    });
+    logger.info('Payout job deleted since max retry exceeded', { id: payout.id });
+    payoutQueue.delete(payout.id);
+    return;
+  }
+
+  const nextAttempt = getNextRetry(attemptCount);
+  await payout.update({
+    status: 'pending',
+    last_attempt_error: paymentError,
+    attempt_count: attemptCount,
+    attempted: true,
+    next_attempt: nextAttempt,
+  });
+
+  payoutQueue.push({
+    id: payout.id,
+    job: { payoutId: payout.id, retryOnError: true },
+    runAt: nextAttempt,
+  });
+
+  logger.error('Payout retry scheduled', { id: payout.id, nextAttempt, retryCount: attemptCount });
+}
+
+// Process payout transaction
+export const handlePayout = async (job: PayoutJob) => {
+  logger.info('handle payout', job);
+
+  const result = await validatePayoutAndFetchData(job);
+  if (!result.valid) {
+    return;
+  }
+
+  const { payout, paymentMethod, paymentCurrency } = result;
+
+  logger.info('Payout attempt', { id: payout.id, attempt: payout.attempt_count });
+  try {
+    await payout.update({ status: 'in_transit', last_attempt_error: null });
+    logger.info('Payout status updated to in_transit', { payoutId: payout.id });
+
+    if (paymentMethod.type === 'arcblock') {
+      await processArcblockPayout(payout, paymentMethod, paymentCurrency);
+    } else if (EVM_CHAIN_TYPES.includes(paymentMethod.type)) {
+      await processEvmPayout(payout, paymentMethod, paymentCurrency);
+    }
+  } catch (err) {
+    logger.error('Payout failed', { error: err, id: payout.id });
+    await handlePayoutFailure(payout, paymentMethod, err, !!job.retryOnError);
+  }
+};
+
+// Create queue processor
+export const payoutQueue = createQueue<PayoutJob>({
+  name: 'payout',
+  onJob: handlePayout,
+  options: {
+    concurrency: 1,
+    maxRetries: 0,
+    enableScheduledJob: true,
+  },
+});
+
+// Handle queue failure events
+payoutQueue.on('failed', ({ id, job, error }) => {
+  logger.error('Payout job failed', { id, job, error });
+});
+
+// Start queue, find all payouts with "pending" status
+export const startPayoutQueue = async () => {
+  const payouts = await Payout.findAll({
+    where: {
+      status: 'pending',
+    },
+  });
+
+  payouts.forEach(async (payout) => {
+    const exist = await payoutQueue.get(payout.id);
+    if (!exist) {
+      // Use next attempt time if set
+      if (payout.next_attempt && payout.next_attempt > dayjs().unix()) {
+        payoutQueue.push({
+          id: payout.id,
+          job: { payoutId: payout.id, retryOnError: true },
+          runAt: payout.next_attempt,
+        });
+      } else {
+        payoutQueue.push({
+          id: payout.id,
+          job: { payoutId: payout.id, retryOnError: true },
+        });
+      }
+    }
+  });
+};
+
+// Listen for newly created payouts
+events.on('payout.created', async (payout: Payout) => {
+  if (payout.status === 'pending') {
+    const exist = await payoutQueue.get(payout.id);
+    if (!exist) {
+      payoutQueue.push({
+        id: payout.id,
+        job: { payoutId: payout.id, retryOnError: true },
+      });
+    }
+  }
+});
+
+// Add synchronous payout processing event
+events.on('payout.queued', async (id, job, args = {}) => {
+  const { sync, ...extraArgs } = args;
+  if (sync) {
+    try {
+      await payoutQueue.pushAndWait({
+        id,
+        job,
+        ...extraArgs,
+      });
+      events.emit('payout.queued.done');
+    } catch (error) {
+      logger.error('Error in payout.queued', { id, job, error });
+      events.emit('payout.queued.error', error);
+    }
+    return;
+  }
+  payoutQueue.push({
+    id,
+    job,
+    ...extraArgs,
+  });
+});

package/api/src/routes/checkout-sessions.ts

@@ -17,11 +17,7 @@ import { MetadataSchema } from '../libs/api';
 import { checkPassportForPaymentLink } from '../integrations/blocklet/passport';
 import { handleStripePaymentSucceed } from '../integrations/stripe/handlers/payment-intent';
 import { handleStripeSubscriptionSucceed } from '../integrations/stripe/handlers/subscription';
-import {
-  ensureStripePaymentCustomer,
-  ensureStripePaymentIntent,
-  ensureStripeSubscription,
-} from '../integrations/stripe/resource';
+import { ensureStripePaymentIntent, ensureStripeSubscription } from '../integrations/stripe/resource';
 import dayjs from '../libs/dayjs';
 import logger from '../libs/logger';
 import { isCreditSufficientForPayment, isDelegationSufficientForPayment } from '../libs/payment';
@@ -1048,12 +1044,11 @@ router.put('/:id/submit', user, ensureCheckoutSessionOpen, async (req, res) => {
           trialInDays,
           trialEnd
         );
-        const stripeCustomer = await ensureStripePaymentCustomer(subscription, paymentMethod);
         if (stripeSubscription) {
           await subscription.update({
             payment_details: {
               stripe: {
-                customer_id: stripeCustomer.id,
+                customer_id: stripeSubscription.customer,
                 subscription_id: stripeSubscription.id,
                 setup_intent_id: stripeSubscription.pending_setup_intent?.id,
               },

package/api/src/routes/customers.ts

@@ -11,6 +11,7 @@ import { formatMetadata } from '../libs/util';
 import { Customer } from '../store/models/customer';
 import { blocklet } from '../libs/auth';
 import logger from '../libs/logger';
+import { Invoice } from '../store/models';
 
 const router = Router();
 const auth = authenticate<Customer>({ component: true, roles: ['owner', 'admin'] });
@@ -86,26 +87,99 @@ router.get('/me', sessionMiddleware(), async (req, res) => {
   }
 
   try {
-    const doc = await Customer.findByPkOrDid(req.user.did as string);
+    let doc = await Customer.findByPkOrDid(req.user.did as string);
     const livemode = req.query.livemode ? !!req?.livemode : !!doc?.livemode;
     if (!doc) {
       if (req.query.fallback) {
         const result = await blocklet.getUser(req.user.did);
-        res.json({ ...result.user, address: {}, livemode });
+        return res.json({ ...result.user, address: {}, livemode });
+      }
+      if (req.query.create) {
+        // create customer
+        const { user } = await blocklet.getUser(req.user.did);
+        const customer = await Customer.create({
+          livemode: true,
+          did: req.user.did,
+          name: user.fullName,
+          email: user.email,
+          phone: '',
+          address: {},
+          description: user.remark,
+          metadata: {},
+          balance: '0',
+          next_invoice_sequence: 1,
+          delinquent: false,
+          invoice_prefix: Customer.getInvoicePrefix(),
+        });
+        logger.info('customer created', {
+          customerId: customer.id,
+          did: customer.did,
+        });
+        doc = customer;
       } else {
-        res.json({ error: 'Customer not found' });
+        return res.json({ error: 'Customer not found' });
       }
-    } else {
+    }
+    try {
       const [summary, stake, token] = await Promise.all([
         doc.getSummary(livemode),
         getStakeSummaryByDid(doc.did, livemode),
         getTokenSummaryByDid(doc.did, livemode),
       ]);
       res.json({ ...doc.toJSON(), summary: { ...summary, stake, token }, livemode });
+    } catch (summaryErr) {
+      logger.error('get customer summary failed', summaryErr);
+      if (req.query.skipError) {
+        return res.json({
+          ...doc.toJSON(),
+          summary: { stake: {}, token: {} },
+          livemode,
+          summaryError: summaryErr.message,
+          error: `Failed to get customer: ${summaryErr.message}`,
+        });
+      }
+      throw summaryErr;
     }
   } catch (err) {
     logger.error('get customer failed', err);
-    res.status(500).json({ error: `Failed to get customer: ${err.message}` });
+    if (req.query.skipError) {
+      return res.json({
+        error: `Failed to get customer: ${err.message}`,
+        did: req.user?.did,
+        name: req.user?.fullName,
+        address: {},
+        livemode: !!req.query.livemode,
+        summary: { stake: {}, token: {} },
+      });
+    }
+    return res.status(500).json({ error: `Failed to get customer: ${err.message}` });
+  }
+});
+
+// get overdue invoices
+router.get('/:id/overdue/invoices', auth, async (req, res) => {
+  if (!req.user) {
+    return res.status(403).json({ error: 'Unauthorized' });
+  }
+  try {
+    const doc = await Customer.findByPkOrDid(req.params.id as string);
+    if (!doc) {
+      return res.status(404).json({ error: 'Customer not found' });
+    }
+    const [summary, detail, invoices] = await Invoice!.getUncollectibleAmount({
+      customerId: doc.id,
+      livemode: req.query.livemode ? !!req.query.livemode : doc.livemode,
+    });
+    const subscriptionCount = new Set(invoices.map((x) => x.subscription_id)).size;
+    return res.json({
+      summary,
+      invoices,
+      subscriptionCount,
+      detail,
+    });
+  } catch (err) {
+    logger.error(err);
+    return res.status(500).json({ error: `Failed to get overdue invoices: ${err.message}` });
   }
 });
 

package/api/src/routes/payment-currencies.ts

@@ -9,11 +9,16 @@ import { authenticate } from '../libs/security';
 import { PaymentCurrency, TPaymentCurrency } from '../store/models/payment-currency';
 import { PaymentMethod } from '../store/models/payment-method';
 import { EVM_CHAIN_TYPES } from '../libs/constants';
+import { ethWallet, getVaultAddress, wallet } from '../libs/auth';
+import { resolveAddressChainTypes } from '../libs/util';
+import { depositVaultQueue } from '../queues/payment';
+import { checkDepositVaultAmount } from '../libs/payment';
+import { getTokenSummaryByDid } from '../integrations/arcblock/stake';
 
 const router = Router();
 
 const auth = authenticate<PaymentCurrency>({ component: true, roles: ['owner', 'admin'] });
-
+const authOwner = authenticate<PaymentCurrency>({ component: true, roles: ['owner'] });
 router.post('/', auth, async (req, res) => {
   const raw: Partial<TPaymentCurrency> = req.body;
 
@@ -140,6 +145,81 @@ router.get('/', auth, async (req, res) => {
   res.json(list);
 });
 
+router.get('/vault-config', auth, async (req, res) => {
+  const vaultAddress = await getVaultAddress();
+  if (!vaultAddress) {
+    return res.json([]);
+  }
+  const chainTypes = resolveAddressChainTypes(vaultAddress);
+  try {
+    const paymentMethods = await PaymentMethod.findAll({
+      where: {
+        type: {
+          [Op.in]: chainTypes,
+        },
+      },
+      attributes: ['id'],
+    });
+
+    const paymentMethodIds = paymentMethods.map((method) => method.id);
+    const list = await PaymentCurrency.scope('withVaultConfig').findAll({
+      where: {
+        payment_method_id: {
+          [Op.in]: paymentMethodIds,
+        },
+        livemode: !!req.livemode,
+      },
+      include: [{ model: PaymentMethod, as: 'payment_method' }],
+    });
+    try {
+      const [arcblock, ethereum] = await Promise.all([
+        getTokenSummaryByDid(wallet.address, !!req.livemode, 'arcblock'),
+        getTokenSummaryByDid(ethWallet.address, !!req.livemode, EVM_CHAIN_TYPES),
+      ]);
+      return res.json({
+        list,
+        balances: {
+          ...arcblock,
+          ...ethereum,
+        },
+      });
+    } catch (err) {
+      logger.error('get token summary failed', err);
+      return res.status(400).json({ error: err.message, list, balances: {} });
+    }
+  } catch (err) {
+    logger.error('get payment currency vault config failed', err);
+    return res.status(400).json({ error: err.message });
+  }
+});
+
+router.get('/:id/deposit-vault', auth, async (req, res) => {
+  const { id } = req.params;
+  if (!id) {
+    return res.status(400).json({ error: 'Missing payment currency id' });
+  }
+  try {
+    const result = await checkDepositVaultAmount(id);
+    return res.json(result);
+  } catch (error) {
+    logger.error('Error checking deposit vault amount', { error, id });
+    return res.status(400).json({ error: 'Failed to check deposit vault amount', message: error.message });
+  }
+});
+
+router.put('/:id/deposit-vault', auth, async (req, res) => {
+  const paymentCurrency = await PaymentCurrency.findByPk(req.params.id);
+  if (!paymentCurrency) {
+    return res.status(404).json({ error: 'Payment currency not found' });
+  }
+  depositVaultQueue.push({
+    id: `deposit-vault-${paymentCurrency.id}`,
+    job: { currencyId: paymentCurrency.id },
+  });
+  logger.info('Deposit vault job pushed', { currencyId: paymentCurrency.id });
+  return res.json({ message: 'Deposit vault job pushed' });
+});
+
 router.get('/:id', auth, async (req, res) => {
   const doc = await PaymentCurrency.findOne({
     where: { [Op.or]: [{ id: req.params.id }, { symbol: req.params.id }] },
@@ -152,6 +232,42 @@ router.get('/:id', auth, async (req, res) => {
   }
 });
 
+const UpdateVaultConfigSchema = Joi.object({
+  enabled: Joi.boolean().required(),
+  deposit_threshold: Joi.number().greater(0).required(),
+  withdraw_threshold: Joi.number().min(0).required(),
+});
+router.put('/:id/vault-config', authOwner, async (req, res) => {
+  try {
+    const { id } = req.params;
+
+    const { error, value: vaultConfig } = UpdateVaultConfigSchema.validate(req.body);
+    if (error) {
+      return res.status(400).json({ error: error.message });
+    }
+
+    const paymentCurrency = await PaymentCurrency.findByPk(id);
+    if (!paymentCurrency) {
+      return res.status(404).json({ error: 'payment currency not found' });
+    }
+
+    const updateData: Partial<TPaymentCurrency> = {
+      vault_config: {
+        enabled: vaultConfig.enabled,
+        deposit_threshold: fromTokenToUnit(vaultConfig.deposit_threshold, paymentCurrency.decimal).toString(),
+        withdraw_threshold: fromTokenToUnit(vaultConfig.withdraw_threshold, paymentCurrency.decimal).toString(),
+      },
+    };
+
+    await paymentCurrency.update(updateData);
+
+    return res.json(paymentCurrency.toJSON());
+  } catch (err) {
+    logger.error('update payment currency vault config failed', err);
+    return res.status(400).json({ error: err.message });
+  }
+});
+
 const updateCurrencySchema = Joi.object({
   name: Joi.string().empty('').optional(),
   description: Joi.string().empty('').optional(),

package/api/src/routes/payment-methods.ts

@@ -192,15 +192,25 @@ router.get('/', auth, async (req, res) => {
       include: [{ model: PaymentCurrency, as: 'payment_currencies', order: [['created_at', 'ASC']] }],
     });
     if (query.addresses === 'true') {
-      const [arcblock, ethereum] = await Promise.all([
-        getTokenSummaryByDid(wallet.address, !!req.livemode, 'arcblock'),
-        getTokenSummaryByDid(ethWallet.address, !!req.livemode, EVM_CHAIN_TYPES),
-      ]);
-      res.json({
-        list,
-        addresses: { arcblock: wallet.address, ethereum: ethWallet.address },
-        balances: { ...arcblock, ...ethereum },
-      });
+      try {
+        const [arcblock, ethereum] = await Promise.all([
+          getTokenSummaryByDid(wallet.address, !!req.livemode, 'arcblock'),
+          getTokenSummaryByDid(ethWallet.address, !!req.livemode, EVM_CHAIN_TYPES),
+        ]);
+        res.json({
+          list,
+          addresses: { arcblock: wallet.address, ethereum: ethWallet.address },
+          balances: { ...arcblock, ...ethereum },
+        });
+      } catch (err) {
+        logger.error('get token summary failed', err.message);
+        res.json({
+          list,
+          addresses: { arcblock: wallet.address, ethereum: ethWallet.address },
+          balances: {},
+          error: `get token summary failed: ${err.message}`,
+        });
+      }
     } else {
       res.json(list);
     }

package/api/src/routes/subscriptions.ts

@@ -9,12 +9,7 @@ import uniq from 'lodash/uniq';
 import { literal, Op, OrderItem } from 'sequelize';
 import { BN } from '@ocap/util';
 import { createEvent } from '../libs/audit';
-import {
-  ensureStripeCustomer,
-  ensureStripePaymentCustomer,
-  ensureStripePrice,
-  ensureStripeSubscription,
-} from '../integrations/stripe/resource';
+import { ensureStripeCustomer, ensureStripePrice, ensureStripeSubscription } from '../integrations/stripe/resource';
 import { createListParamSchema, getWhereFromKvQuery, getWhereFromQuery, MetadataSchema } from '../libs/api';
 import dayjs from '../libs/dayjs';
 import logger from '../libs/logger';
@@ -97,6 +92,7 @@ const schema = createListParamSchema<{
   activeFirst?: boolean;
   price_id?: string;
   order?: string | string[] | OrderItem | OrderItem[];
+  showTotalCount?: boolean;
 }>({
   status: Joi.string().empty(''),
   customer_id: Joi.string().empty(''),
@@ -110,6 +106,7 @@ const schema = createListParamSchema<{
       Joi.array().items(Joi.array().ordered(Joi.string(), Joi.string().valid('ASC', 'DESC').insensitive()))
     )
     .optional(),
+  showTotalCount: Joi.boolean().optional(),
 });
 
 const parseOrder = (orderStr: string): OrderItem => {
@@ -195,7 +192,17 @@ router.get('/', authMine, async (req, res) => {
     // @ts-ignore
     docs.forEach((x) => expandLineItems(x.items, products, prices));
 
-    res.json({ count, list: docs, paging: { page, pageSize } });
+    if (query.showTotalCount) {
+      const totalCount = await Subscription.count({
+        where: {
+          customer_id: where.customer_id,
+        },
+        distinct: true,
+      });
+      res.json({ count, list: docs, paging: { page, pageSize }, totalCount });
+    } else {
+      res.json({ count, list: docs, paging: { page, pageSize } });
+    }
   } catch (err) {
     logger.error(err);
     res.json({ count: 0, list: [], paging: { page, pageSize } });
@@ -1528,7 +1535,6 @@ router.post('/:id/change-payment', authPortal, async (req, res) => {
         const settings = PaymentMethod.decryptSettings(paymentMethod.settings);
 
         // changing from crypto to stripe: create/resume stripe subscription, pause crypto subscription
-        const stripeCustomer = await ensureStripePaymentCustomer(subscription, paymentMethod);
         const stripeSubscription = await ensureStripeSubscription(
           subscription,
           paymentMethod,
@@ -1542,7 +1548,7 @@ router.post('/:id/change-payment', authPortal, async (req, res) => {
             payment_details: {
               ...subscription.payment_details,
               stripe: {
-                customer_id: stripeCustomer.id,
+                customer_id: stripeSubscription.customer,
                 subscription_id: stripeSubscription.id,
                 setup_intent_id: stripeSubscription.pending_setup_intent?.id,
               },