payment-kit 1.21.15 → 1.21.17

package/api/src/queues/vendors/return-processor.ts

@@ -4,6 +4,8 @@ import { VendorFulfillmentService } from '../../libs/vendor-util/fulfillment';
 import { CheckoutSession } from '../../store/models';
 import { VendorInfo } from './fulfillment-coordinator';
 
+export const MAX_RETURN_RETRY = 3;
+
 type ReturnProcessorJob = {
   checkoutSessionId: string;
 };
@@ -39,13 +41,14 @@ async function handleReturnProcessorJob(job: ReturnProcessorJob): Promise<void>
     let i = -1;
     for (const vendor of vendorInfoList) {
       i++;
-      // Only process vendors with 'completed' status
-      if (vendor.status !== 'completed') {
-        logger.info('Skipping vendor return because status is not completed', {
+      const returnRetry = vendor.returnRetry ? vendor.returnRetry + 1 : 1;
+      if (vendor.status === 'returned') {
+        logger.info('Skipping vendor return because status is returned', {
           checkoutSessionId,
           vendorId: vendor.vendor_id,
           orderId: vendor.order_id,
           status: vendor.status,
+          returnRetry,
         });
         // eslint-disable-next-line no-continue
         continue;
@@ -56,53 +59,51 @@ async function handleReturnProcessorJob(job: ReturnProcessorJob): Promise<void>
           checkoutSessionId,
           vendorId: vendor.vendor_id,
           orderId: vendor.order_id,
+          returnRetry,
         });
 
         // eslint-disable-next-line no-await-in-loop
-        const returnResult = await callVendorReturn(vendor, checkoutSession);
-
-        if (returnResult.success) {
-          // Return successful, update status to 'returned'
-          vendorInfoList[i] = {
-            ...vendor,
-            status: 'returned',
-            lastAttemptAt: new Date().toISOString(),
-          };
-          hasChanges = true;
-
-          logger.info('Vendor return successful', {
-            checkoutSessionId,
-            vendorId: vendor.vendor_id,
-            orderId: vendor.order_id,
-          });
-        } else {
-          // Return failed, keep 'completed' status for next scan retry
-          vendorInfoList[i] = {
-            ...vendor,
-            lastAttemptAt: new Date().toISOString(),
-            error_message: returnResult.message || 'Return request failed',
-          };
-
-          logger.warn('Vendor return failed', {
-            checkoutSessionId,
-            vendorId: vendor.vendor_id,
-            orderId: vendor.order_id,
-            error: returnResult.message,
-          });
-        }
+        await callVendorReturn(vendor, checkoutSession);
+
+        // Return successful, update status to 'returned'
+        vendorInfoList[i] = {
+          ...vendor,
+          status: 'returned',
+          lastAttemptAt: new Date().toISOString(),
+        };
+        hasChanges = true;
+
+        logger.info('Vendor return successful', {
+          checkoutSessionId,
+          vendorId: vendor.vendor_id,
+          orderId: vendor.order_id,
+          returnRetry,
+        });
       } catch (error: any) {
         logger.error('Error processing vendor return', {
           checkoutSessionId,
           vendorId: vendor.vendor_id,
           orderId: vendor.order_id,
-          error: error.message,
+          error,
+          returnRetry,
         });
 
+        if (returnRetry >= MAX_RETURN_RETRY) {
+          logger.warn('Skipping vendor return because return retry is greater than 5', {
+            checkoutSessionId,
+            vendorId: vendor.vendor_id,
+            orderId: vendor.order_id,
+            returnRetry,
+          });
+        }
+
         // Record error but keep status unchanged for retry
         vendorInfoList[i] = {
           ...vendor,
+          status: returnRetry >= MAX_RETURN_RETRY ? 'returned' : vendor.status,
           lastAttemptAt: new Date().toISOString(),
           error_message: error.message,
+          returnRetry,
         };
         hasChanges = true;
       }
@@ -110,14 +111,14 @@ async function handleReturnProcessorJob(job: ReturnProcessorJob): Promise<void>
 
     // Update vendor_info if there are changes
     if (hasChanges) {
-      await checkoutSession.update({ vendor_info: vendorInfoList });
+      await CheckoutSession.update({ vendor_info: vendorInfoList }, { where: { id: checkoutSessionId } });
     }
 
     // Check if all vendors have been returned
     const allReturned = vendorInfoList.every((vendor) => vendor.status === 'returned');
 
     if (allReturned && checkoutSession.fulfillment_status !== 'returned') {
-      await checkoutSession.update({ fulfillment_status: 'returned' });
+      await CheckoutSession.update({ fulfillment_status: 'returned' }, { where: { id: checkoutSessionId } });
 
       logger.info('All vendors returned, updated fulfillment status to returned', {
         checkoutSessionId,
@@ -140,44 +141,20 @@ async function handleReturnProcessorJob(job: ReturnProcessorJob): Promise<void>
   }
 }
 
-async function callVendorReturn(
-  vendor: VendorInfo,
-  checkoutSession: CheckoutSession
-): Promise<{ success: boolean; message?: string }> {
-  try {
-    const vendorAdapter = await VendorFulfillmentService.getVendorAdapter(vendor.vendor_key);
-
-    if (!vendorAdapter) {
-      return {
-        success: false,
-        message: `No adapter found for vendor: ${vendor.vendor_id}`,
-      };
-    }
+async function callVendorReturn(vendor: VendorInfo, checkoutSession: CheckoutSession) {
+  const vendorAdapter = await VendorFulfillmentService.getVendorAdapter(vendor.vendor_key);
 
-    const returnResult = await vendorAdapter.requestReturn({
-      orderId: vendor.order_id,
-      reason: 'Subscription canceled',
-      customParams: {
-        checkoutSessionId: checkoutSession.id,
-        subscriptionId: checkoutSession.subscription_id,
-        vendorKey: vendor.vendor_key,
-      },
-    });
-
-    return {
-      success: returnResult.success || false,
-      message: returnResult.message,
-    };
-  } catch (error: any) {
-    logger.error('Failed to call vendor return API', {
-      vendorId: vendor.vendor_id,
-      orderId: vendor.order_id,
-      error: error.message,
-    });
-
-    return {
-      success: false,
-      message: error.message,
-    };
+  if (!vendorAdapter) {
+    throw new Error(`No adapter found for vendor: ${vendor.vendor_id}`);
   }
+
+  return vendorAdapter.requestReturn({
+    orderId: vendor.order_id,
+    reason: 'Subscription canceled',
+    customParams: {
+      checkoutSessionId: checkoutSession.id,
+      subscriptionId: checkoutSession.subscription_id,
+      vendorKey: vendor.vendor_key,
+    },
+  });
 }

package/api/src/queues/vendors/return-scanner.ts

@@ -1,9 +1,11 @@
 import { Op } from 'sequelize';
+import dayjs from 'dayjs';
 import logger from '../../libs/logger';
 import createQueue from '../../libs/queue';
 import { CheckoutSession, Subscription } from '../../store/models';
 import { vendorReturnProcessorQueue } from './return-processor';
 import { VendorInfo } from './fulfillment-coordinator';
+import { events } from '../../libs/event';
 
 export const vendorReturnScannerQueue = createQueue({
   name: 'vendor-return-scanner',
@@ -52,8 +54,10 @@ async function handleReturnScannerJob(): Promise<void> {
 async function findSessionsNeedingVendorReturn(): Promise<CheckoutSession[]> {
   try {
     // First, find canceled subscriptions
+    const oneWeekAgo = dayjs().subtract(7, 'day').unix();
+
     const canceledSubscriptions = await Subscription.findAll({
-      where: { status: 'canceled' },
+      where: { status: 'canceled', canceled_at: { [Op.gt]: oneWeekAgo } },
       attributes: ['id'],
     });
 
@@ -62,7 +66,7 @@ async function findSessionsNeedingVendorReturn(): Promise<CheckoutSession[]> {
     // Find checkout sessions with completed fulfillment and canceled subscriptions
     const readyToReturnSessions = await CheckoutSession.findAll({
       where: {
-        fulfillment_status: 'completed',
+        fulfillment_status: { [Op.notIn]: ['returning', 'returned', 'failed'] },
         subscription_id: { [Op.in]: canceledSubscriptionIds },
       },
       order: [['updated_at', 'DESC']],
@@ -102,7 +106,10 @@ async function findSessionsNeedingVendorReturn(): Promise<CheckoutSession[]> {
       if (!vendorInfoList || vendorInfoList.length === 0) {
         return false;
       }
-      const hasVendorNeedingReturn = vendorInfoList.some((vendor) => vendor.status === 'completed');
+
+      const hasVendorNeedingReturn = vendorInfoList.some(
+        (vendor) => !['cancelled', 'return_requested', 'returned'].includes(vendor.status)
+      );
       return hasVendorNeedingReturn;
     });
 
@@ -117,3 +124,31 @@ export function scheduleVendorReturnScan(): void {
   const scanId = `scan-${Date.now()}`;
   vendorReturnScannerQueue.push({ id: scanId, job: {} });
 }
+
+events.on('customer.subscription.deleted', async (subscription: Subscription) => {
+  logger.info('Customer subscription deleted', { subscription });
+  if (subscription.status !== 'canceled') {
+    logger.info('Subscription is not canceled, skipping vendor return process[customer.subscription.deleted]', {
+      subscriptionId: subscription.id,
+    });
+    return;
+  }
+
+  const session = await CheckoutSession.findOne({
+    where: { subscription_id: subscription.id },
+  });
+
+  if (session) {
+    const id = `vendor-return-process-${session.id}`;
+    // eslint-disable-next-line no-await-in-loop
+    const exists = await vendorReturnProcessorQueue.get(id);
+    if (!exists) {
+      vendorReturnProcessorQueue.push({
+        id,
+        job: {
+          checkoutSessionId: session.id,
+        },
+      });
+    }
+  }
+});

package/api/src/routes/connect/change-payer.ts

@@ -0,0 +1,148 @@
+import { executeEvmTransaction, waitForEvmTxConfirm } from '../../integrations/ethereum/tx';
+import type { CallbackArgs } from '../../libs/auth';
+import { getTxMetadata } from '../../libs/util';
+import { type TLineItemExpanded } from '../../store/models';
+import {
+  ensurePayerChangeContext,
+  executeOcapTransactions,
+  getAuthPrincipalClaim,
+  getDelegationTxClaim,
+} from './shared';
+import { EVM_CHAIN_TYPES } from '../../libs/constants';
+
+export default {
+  action: 'change-payer',
+  authPrincipal: false,
+  persistentDynamicClaims: true,
+  claims: {
+    authPrincipal: async ({ extraParams }: CallbackArgs) => {
+      const { paymentMethod } = await ensurePayerChangeContext(extraParams.subscriptionId);
+      return getAuthPrincipalClaim(paymentMethod, 'continue');
+    },
+  },
+  onConnect: async ({ userDid, userPk, extraParams }: CallbackArgs) => {
+    const { subscriptionId } = extraParams;
+    const { subscription, paymentMethod, paymentCurrency, payerAddress } =
+      await ensurePayerChangeContext(subscriptionId);
+
+    if (userDid === payerAddress) {
+      throw new Error('The current payer is the same as the new payer, please use another account to change payer');
+    }
+    const claimsList: any[] = [];
+    // @ts-ignore
+    const items = subscription!.items as TLineItemExpanded[];
+    const trialing = true;
+    const billingThreshold = Number(subscription.billing_thresholds?.amount_gte || 0);
+
+    if (paymentMethod.type === 'arcblock') {
+      claimsList.push({
+        signature: await getDelegationTxClaim({
+          mode: 'delegation',
+          userDid,
+          userPk,
+          nonce: subscription.id,
+          data: getTxMetadata({ subscriptionId: subscription.id }),
+          paymentCurrency,
+          paymentMethod,
+          trialing,
+          billingThreshold,
+          items,
+          requiredStake: false,
+        }),
+      });
+      return claimsList;
+    }
+
+    if (EVM_CHAIN_TYPES.includes(paymentMethod.type)) {
+      if (!paymentCurrency.contract) {
+        throw new Error(`Payment currency ${paymentMethod.type}:${paymentCurrency.id} does not support subscription`);
+      }
+
+      claimsList.push({
+        signature: await getDelegationTxClaim({
+          mode: 'subscription',
+          userDid,
+          userPk,
+          nonce: `change-payer-${subscription!.id}`,
+          data: getTxMetadata({ subscriptionId: subscription!.id }),
+          paymentCurrency,
+          paymentMethod,
+          trialing,
+          billingThreshold,
+          items,
+        }),
+      });
+
+      return claimsList;
+    }
+
+    throw new Error(`ChangePayer: Payment method ${paymentMethod.type} not supported`);
+  },
+
+  onAuth: async ({ request, userDid, userPk, claims, extraParams, step }: CallbackArgs) => {
+    const { subscriptionId } = extraParams;
+    const { subscription, paymentMethod, paymentCurrency } = await ensurePayerChangeContext(subscriptionId);
+
+    const result = request?.context?.store?.result || [];
+    result.push({
+      step,
+      claim: claims?.[0],
+      stepRequest: {
+        headers: request?.headers,
+      },
+    });
+    const claimsList = result.map((x: any) => x.claim);
+
+    const afterTxExecution = async (paymentDetails: any) => {
+      await subscription?.update({
+        payment_settings: {
+          payment_method_types: [paymentMethod.type],
+          payment_method_options: {
+            [paymentMethod.type]: { payer: userDid },
+          },
+        },
+        payment_details: {
+          ...subscription.payment_details,
+          [paymentMethod.type]: {
+            ...(subscription.payment_details?.[paymentMethod.type as keyof typeof subscription.payment_details] || {}),
+            type: 'delegate',
+            payer: userDid,
+            tx_hash: paymentDetails.tx_hash,
+          },
+        },
+      });
+    };
+
+    if (paymentMethod.type === 'arcblock') {
+      const requestArray = result
+        .map((item: { stepRequest?: Request }) => item.stepRequest)
+        .filter(Boolean) as Request[];
+      const requestSource = requestArray.length > 0 ? requestArray : request;
+
+      const paymentDetails = await executeOcapTransactions(
+        userDid,
+        userPk,
+        claimsList,
+        paymentMethod,
+        requestSource,
+        subscription?.id,
+        paymentCurrency.contract
+      );
+
+      await afterTxExecution(paymentDetails);
+      return { hash: paymentDetails.tx_hash };
+    }
+
+    if (EVM_CHAIN_TYPES.includes(paymentMethod.type)) {
+      const paymentDetails = await executeEvmTransaction('approve', userDid, claimsList, paymentMethod);
+      waitForEvmTxConfirm(paymentMethod.getEvmClient(), +paymentDetails.block_height, paymentMethod.confirmation.block)
+        .then(async () => {
+          await afterTxExecution(paymentDetails);
+        })
+        .catch(console.error);
+      return { hash: paymentDetails.tx_hash };
+    }
+
+    throw new Error(`ChangePayer: Payment method ${paymentMethod.type} not supported`);
+  },
+};

package/api/src/routes/connect/shared.ts

@@ -1224,6 +1224,36 @@ export async function ensureChangePaymentContext(subscriptionId: string) {
   };
 }
 
+export async function ensurePayerChangeContext(subscriptionId: string) {
+  const subscription = await Subscription.findByPk(subscriptionId);
+  if (!subscription) {
+    throw new Error(`Subscription not found: ${subscriptionId}`);
+  }
+  if (!['active', 'trialing', 'past_due'].includes(subscription.status)) {
+    throw new Error(`Subscription ${subscriptionId} is not in a valid status to change payer`);
+  }
+  const paymentMethod = await PaymentMethod.findByPk(subscription.default_payment_method_id);
+  if (!paymentMethod) {
+    throw new Error(`Payment method not found for subscription ${subscriptionId}`);
+  }
+  const payerAddress = getSubscriptionPaymentAddress(subscription, paymentMethod?.type);
+  const paymentCurrency = await PaymentCurrency.findByPk(subscription.currency_id);
+  if (!paymentCurrency) {
+    throw new Error(`PaymentCurrency ${subscription.currency_id} not found for subscription ${subscriptionId}`);
+  }
+
+  // @ts-ignore
+  subscription.items = await expandSubscriptionItems(subscription.id);
+
+  return {
+    subscription,
+    paymentCurrency,
+    paymentMethod,
+    customer: await Customer.findByPk(subscription.customer_id),
+    payerAddress,
+  };
+}
+
 export async function ensureReStakeContext(subscriptionId: string) {
   const subscription = await Subscription.findByPk(subscriptionId);
   if (!subscription) {

package/api/src/routes/invoices.ts

@@ -8,6 +8,7 @@ import { Op } from 'sequelize';
 import { BN } from '@ocap/util';
 import { syncStripeInvoice } from '../integrations/stripe/handlers/invoice';
 import { syncStripePayment } from '../integrations/stripe/handlers/payment-intent';
+import { ensureStripeCustomer, ensureStripeSetupIntentForInvoicePayment } from '../integrations/stripe/resource';
 import { createListParamSchema, getOrder, getWhereFromKvQuery, MetadataSchema } from '../libs/api';
 import { authenticate } from '../libs/security';
 import { expandLineItems } from '../libs/session';
@@ -662,9 +663,11 @@ router.get('/:id', authPortal, async (req, res) => {
     })) as TInvoiceExpanded | null;
 
     if (doc) {
-      if (doc.metadata?.stripe_id && (doc.status !== 'paid' || req.query.forceSync)) {
+      const shouldSync = req.query.sync === 'true' || !!req.query.forceSync;
+      // Sync Stripe invoice when sync=true query parameter is present
+      if (doc.metadata?.stripe_id && doc.status !== 'paid') {
         // @ts-ignore
-        await syncStripeInvoice(doc);
+        await syncStripeInvoice(doc, shouldSync);
       }
       if (doc.payment_intent_id) {
         const paymentIntent = await PaymentIntent.findByPk(doc.payment_intent_id);
@@ -799,6 +802,142 @@ router.get('/:id', authPortal, async (req, res) => {
   }
 });
 
+router.post('/pay-stripe', authPortal, async (req, res) => {
+  try {
+    const { invoice_ids, subscription_id, customer_id, currency_id } = req.body;
+
+    if (!currency_id) {
+      return res.status(400).json({ error: 'currency_id is required' });
+    }
+
+    if (!invoice_ids && !subscription_id && !customer_id) {
+      return res.status(400).json({ error: 'Must provide invoice_ids, subscription_id, or customer_id' });
+    }
+
+    let invoices: Invoice[];
+    let customer: Customer | null;
+    let paymentMethod: PaymentMethod | null = null;
+
+    if (invoice_ids && Array.isArray(invoice_ids) && invoice_ids.length > 0) {
+      invoices = await Invoice.findAll({
+        where: {
+          id: { [Op.in]: invoice_ids },
+          currency_id,
+          status: { [Op.in]: ['open', 'uncollectible'] },
+        },
+        include: [
+          { model: Customer, as: 'customer' },
+          { model: PaymentCurrency, as: 'paymentCurrency' },
+        ],
+      });
+
+      if (invoices.length === 0) {
+        return res.status(404).json({ error: 'No payable invoices found' });
+      }
+
+      // @ts-ignore
+      customer = invoices[0]?.customer;
+      paymentMethod = await PaymentMethod.findByPk(invoices[0]!.default_payment_method_id);
+    } else if (subscription_id) {
+      const subscription = await Subscription.findByPk(subscription_id, {
+        include: [{ model: Customer, as: 'customer' }],
+      });
+
+      if (!subscription) {
+        return res.status(404).json({ error: 'Subscription not found' });
+      }
+
+      // @ts-ignore
+      customer = subscription.customer;
+      paymentMethod = await PaymentMethod.findByPk(subscription.default_payment_method_id);
+
+      invoices = await Invoice.findAll({
+        where: {
+          subscription_id,
+          currency_id,
+          status: { [Op.in]: ['open', 'uncollectible'] },
+        },
+        include: [
+          { model: Customer, as: 'customer' },
+          { model: PaymentCurrency, as: 'paymentCurrency' },
+        ],
+      });
+    } else {
+      customer = await Customer.findByPkOrDid(customer_id!);
+      if (!customer) {
+        return res.status(404).json({ error: 'Customer not found' });
+      }
+
+      invoices = await Invoice.findAll({
+        where: {
+          customer_id: customer.id,
+          currency_id,
+          status: { [Op.in]: ['open', 'uncollectible'] },
+        },
+        include: [
+          { model: Customer, as: 'customer' },
+          { model: PaymentCurrency, as: 'paymentCurrency' },
+        ],
+      });
+
+      if (invoices.length === 0) {
+        return res.status(404).json({ error: 'No payable invoices found' });
+      }
+
+      paymentMethod = await PaymentMethod.findByPk(invoices[0]!.default_payment_method_id);
+    }
+
+    if (!customer) {
+      return res.status(404).json({ error: 'Customer not found' });
+    }
+
+    if (!paymentMethod || paymentMethod.type !== 'stripe') {
+      return res.status(400).json({ error: 'Not using Stripe payment method' });
+    }
+
+    if (invoices.length === 0) {
+      return res.status(400).json({ error: 'No payable invoices found' });
+    }
+
+    await ensureStripeCustomer(customer, paymentMethod);
+
+    const settings = PaymentMethod.decryptSettings(paymentMethod.settings);
+
+    const paymentCurrency = await PaymentCurrency.findByPk(currency_id);
+    if (!paymentCurrency) {
+      return res.status(404).json({ error: `Payment currency ${currency_id} not found` });
+    }
+    const totalAmount = invoices.reduce((sum, invoice) => {
+      const amount = invoice.amount_remaining || '0';
+      return new BN(sum).add(new BN(amount)).toString();
+    }, '0');
+
+    const metadata: any = {
+      currency_id,
+      customer_id: customer.id,
+      invoices: JSON.stringify(invoices.map((inv) => inv.id)),
+    };
+
+    const setupIntent = await ensureStripeSetupIntentForInvoicePayment(customer, paymentMethod, metadata);
+
+    return res.json({
+      client_secret: setupIntent.client_secret,
+      publishable_key: settings.stripe?.publishable_key,
+      setup_intent_id: setupIntent.id,
+      invoices: invoices.map((inv) => inv.id),
+      amount: totalAmount,
+      currency: paymentCurrency,
+      customer,
+    });
+  } catch (err) {
+    logger.error('Failed to create setup intent for stripe payment', {
+      error: err,
+      body: req.body,
+    });
+    return res.status(400).json({ error: err.message });
+  }
+});
+
 // eslint-disable-next-line consistent-return
 router.put('/:id', authAdmin, async (req, res) => {
   try {

package/api/src/routes/payment-links.ts

@@ -449,7 +449,8 @@ router.get('/:id/benefits', async (req, res) => {
     if (!doc) {
       return res.status(404).json({ error: 'payment link not found' });
     }
-    const benefits = await getDonationBenefits(doc);
+    const locale = req.query.locale as string;
+    const benefits = await getDonationBenefits(doc, '', locale);
     return res.json(benefits);
   } catch (err) {
     logger.error('Get donation benefits error', { error: err.message, stack: err.stack, id: req.params.id });