payment-kit 1.29.1 → 1.29.3

package/api/src/routes/{payment-intents.ts → hono/payment-intents.ts}

@@ -1,12 +1,17 @@
+// Phase 3 (express→hono) — hono fork of routes/payment-intents.ts. Sub-app with
+// routes relative to /api/payment-intents (mounted via mountResourceGroup). The
+// business logic is unchanged; only the express plumbing becomes hono:
+//   req.body → c.get('sanitizedBody'); res.status(n).json(x) → c.json(x, n).
 import { isValid } from '@arcblock/did';
-import { Router } from 'express';
+import { Hono } from 'hono';
 import Joi from 'joi';
 import pick from 'lodash/pick';
 import { Op } from 'sequelize';
 
 import { BN, fromTokenToUnit } from '@ocap/util';
-import { syncStripeInvoice } from '../integrations/stripe/handlers/invoice';
-import { syncStripePayment } from '../integrations/stripe/handlers/payment-intent';
+import type { Context } from 'hono';
+import { syncStripeInvoice } from '../../integrations/stripe/handlers/invoice';
+import { syncStripePayment } from '../../integrations/stripe/handlers/payment-intent';
 import {
   BNPositiveValidator,
   createListParamSchema,
@@ -14,22 +19,23 @@ import {
   getWhereFromKvQuery,
   getWhereFromQuery,
   MetadataSchema,
-} from '../libs/api';
-import { authenticate } from '../libs/security';
-import { formatMetadata } from '../libs/util';
-import { paymentQueue } from '../queues/payment';
-import { CheckoutSession } from '../store/models/checkout-session';
-import { Customer } from '../store/models/customer';
-import { Invoice } from '../store/models/invoice';
-import { PaymentCurrency } from '../store/models/payment-currency';
-import { PaymentIntent } from '../store/models/payment-intent';
-import { PaymentMethod } from '../store/models/payment-method';
-import { Subscription } from '../store/models/subscription';
-import logger from '../libs/logger';
-import { Payout, Refund } from '../store/models';
-import { getRefundAmountSetup } from '../libs/refund';
-
-const router = Router();
+} from '../../libs/api';
+import { authenticate } from '../../middlewares/hono/security';
+import { formatMetadata } from '../../libs/util';
+import { paymentQueue } from '../../queues/payment';
+import { CheckoutSession } from '../../store/models/checkout-session';
+import { Customer } from '../../store/models/customer';
+import { Invoice } from '../../store/models/invoice';
+import { PaymentCurrency } from '../../store/models/payment-currency';
+import { PaymentIntent } from '../../store/models/payment-intent';
+import { PaymentMethod } from '../../store/models/payment-method';
+import { Subscription } from '../../store/models/subscription';
+import logger from '../../libs/logger';
+import { Payout, Refund } from '../../store/models';
+import { getRefundAmountSetup } from '../../libs/refund';
+
+const app = new Hono();
+
 const authAdmin = authenticate<PaymentIntent>({ component: true, roles: ['owner', 'admin'] });
 const authMine = authenticate<PaymentIntent>({ component: true, roles: ['owner', 'admin'], mine: true });
 const authPortal = authenticate<PaymentIntent>({
@@ -42,8 +48,8 @@ const authPortal = authenticate<PaymentIntent>({
   },
 });
 
-async function syncStripePaymentAndInvoice(paymentIntent: PaymentIntent, invoice: Invoice | null, req: any) {
-  const shouldSync = paymentIntent.status !== 'succeeded' || req.query.sync === '1';
+async function syncStripePaymentAndInvoice(paymentIntent: PaymentIntent, invoice: Invoice | null, c: Context) {
+  const shouldSync = paymentIntent.status !== 'succeeded' || c.req.query('sync') === '1';
   if (shouldSync) {
     await syncStripePayment(paymentIntent);
   }
@@ -66,8 +72,9 @@ const paginationSchema = createListParamSchema<{
   customer_did: Joi.string().empty(''),
   currency_id: Joi.string().empty(''),
 });
-router.get('/', authMine, async (req, res) => {
-  const { page, pageSize, status, livemode, ...query } = await paginationSchema.validateAsync(req.query, {
+
+app.get('/', authMine, async (c) => {
+  const { page, pageSize, status, livemode, ...query } = await paginationSchema.validateAsync(c.req.query(), {
     stripUnknown: false,
     allowUnknown: true,
   });
@@ -79,16 +86,15 @@ router.get('/', authMine, async (req, res) => {
       .map((x) => x.trim())
       .filter(Boolean);
   }
-  if (query.customer_id) {
-    where.customer_id = query.customer_id;
+  if (c.get('customer_id') ?? query.customer_id) {
+    where.customer_id = c.get('customer_id') ?? query.customer_id;
   }
   if (query.customer_did && isValid(query.customer_did)) {
     const customer = await Customer.findOne({ where: { did: query.customer_did } });
     if (customer) {
       where.customer_id = customer.id;
     } else {
-      res.json({ count: 0, list: [] });
-      return;
+      return c.json({ count: 0, list: [] });
     }
   }
   if (query.invoice_id) {
@@ -113,7 +119,7 @@ router.get('/', authMine, async (req, res) => {
   try {
     const { rows: list, count } = await PaymentIntent.findAndCountAll({
       where,
-      order: getOrder(req.query, [['created_at', query.o === 'asc' ? 'ASC' : 'DESC']]),
+      order: getOrder(c.req.query(), [['created_at', query.o === 'asc' ? 'ASC' : 'DESC']]),
       offset: (page - 1) * pageSize,
       limit: pageSize,
       include: [
@@ -123,10 +129,10 @@ router.get('/', authMine, async (req, res) => {
       ],
     });
 
-    res.json({ count, list, paging: { page, pageSize } });
+    return c.json({ count, list, paging: { page, pageSize } });
   } catch (err) {
     logger.error(err);
-    res.json({ count: 0, list: [], paging: { page, pageSize } });
+    return c.json({ count: 0, list: [], paging: { page, pageSize } });
   }
 });
 
@@ -136,8 +142,9 @@ const searchSchema = createListParamSchema<{
 }>({
   query: Joi.string(),
 });
-router.get('/search', authMine, async (req, res) => {
-  const { page, pageSize, query, livemode, q, o } = await searchSchema.validateAsync(req.query, {
+
+app.get('/search', authMine, async (c) => {
+  const { page, pageSize, query, livemode, q, o } = await searchSchema.validateAsync(c.req.query(), {
     stripUnknown: false,
     allowUnknown: true,
   });
@@ -149,7 +156,7 @@ router.get('/search', authMine, async (req, res) => {
 
   const { rows: list, count } = await PaymentIntent.findAndCountAll({
     where,
-    order: getOrder(req.query, [['created_at', o === 'asc' ? 'ASC' : 'DESC']]),
+    order: getOrder(c.req.query(), [['created_at', o === 'asc' ? 'ASC' : 'DESC']]),
     offset: (page - 1) * pageSize,
     limit: pageSize,
     include: [
@@ -159,13 +166,79 @@ router.get('/search', authMine, async (req, res) => {
     ],
   });
 
-  res.json({ count, list, paging: { page, pageSize } });
+  return c.json({ count, list, paging: { page, pageSize } });
+});
+
+app.get('/:id/retry', authAdmin, async (c) => {
+  try {
+    const doc = await PaymentIntent.findByPk(c.req.param('id') as string);
+    if (!doc) {
+      return c.json({ error: 'PaymentIntent not found' }, 404);
+    }
+    if (doc.status === 'succeeded') {
+      return c.json({ error: 'PaymentIntent already done' }, 403);
+    }
+    if (doc.status === 'processing') {
+      return c.json({ error: 'PaymentIntent already processing' }, 403);
+    }
+
+    await doc.update({ status: 'requires_capture', last_payment_error: null });
+    await paymentQueue.pushAndWait({
+      id: `${doc.id}-retry-${Date.now()}`,
+      job: { paymentIntentId: doc.id, retryOnError: false },
+    });
+    return c.json(doc);
+  } catch (err) {
+    logger.error(err);
+    return c.json(null);
+  }
+});
+
+app.get('/:id/refundable-amount', authPortal, async (c) => {
+  try {
+    const doc = await PaymentIntent.findOne({
+      where: { id: c.req.param('id') },
+    });
+
+    if (doc) {
+      const invoice = await Invoice.findByPk(doc.invoice_id);
+      await syncStripePaymentAndInvoice(doc, invoice, c);
+      const result = await getRefundAmountSetup({
+        paymentIntentId: doc.id,
+        currencyId: doc.currency_id,
+        customerId: doc.customer_id,
+        subscriptionId: invoice?.subscription_id,
+      });
+      const payouts = await Payout.findAll({
+        where: {
+          payment_intent_id: doc.id,
+          status: {
+            [Op.notIn]: ['canceled', 'reverted'],
+          },
+        },
+        attributes: ['id', 'amount'],
+      });
+      if (payouts.length > 0) {
+        let totalPayoutAmount = new BN('0');
+        payouts.forEach((payout) => {
+          totalPayoutAmount = totalPayoutAmount.add(new BN(payout.amount || '0'));
+        });
+
+        result.amount = new BN(result.amount || '0').sub(totalPayoutAmount).toString();
+      }
+      return c.json(result);
+    }
+    return c.json(null, 404);
+  } catch (err) {
+    logger.error(err);
+    return c.json({ error: `Failed to get payment intent refundable amount: ${(err as any).message}` }, 500);
+  }
 });
 
-router.get('/:id', authPortal, async (req, res) => {
+app.get('/:id', authPortal, async (c) => {
   try {
     const doc = await PaymentIntent.findOne({
-      where: { id: req.params.id },
+      where: { id: c.req.param('id') },
       include: [
         { model: PaymentCurrency, as: 'paymentCurrency' },
         { model: PaymentMethod, as: 'paymentMethod' },
@@ -179,7 +252,7 @@ router.get('/:id', authPortal, async (req, res) => {
 
     if (doc) {
       invoice = await Invoice.findByPk(doc.invoice_id);
-      await syncStripePaymentAndInvoice(doc, invoice, req);
+      await syncStripePaymentAndInvoice(doc, invoice, c);
 
       checkoutSession = await CheckoutSession.findOne({ where: { payment_intent_id: doc.id } });
       if (invoice && invoice.subscription_id) {
@@ -188,64 +261,37 @@ router.get('/:id', authPortal, async (req, res) => {
     }
 
     if (doc) {
-      res.json({ ...doc.toJSON(), checkoutSession, invoice, subscription });
-    } else {
-      res.status(404).json(null);
+      return c.json({ ...doc.toJSON(), checkoutSession, invoice, subscription });
     }
+    return c.json(null, 404);
   } catch (err) {
     logger.error(err);
-    res.status(500).json({ error: `Failed to get payment intent: ${err.message}` });
+    return c.json({ error: `Failed to get payment intent: ${(err as any).message}` }, 500);
   }
 });
 
-// eslint-disable-next-line consistent-return
-router.put('/:id', authAdmin, async (req, res) => {
+app.put('/:id', authAdmin, async (c) => {
   try {
-    const doc = await PaymentIntent.findByPk(req.params.id as string);
+    const doc = await PaymentIntent.findByPk(c.req.param('id') as string);
     if (!doc) {
-      return res.status(404).json({ error: 'PaymentIntent not found' });
+      return c.json({ error: 'PaymentIntent not found' }, 404);
     }
 
-    const raw = pick(req.body, ['metadata']);
+    const body = c.get('sanitizedBody') ?? {};
+    const raw = pick(body, ['metadata']);
     if (raw.metadata) {
       const { error: metadataError } = MetadataSchema.validate(raw.metadata);
       if (metadataError) {
-        return res.status(400).json({ error: `metadata invalid: ${metadataError.message}` });
+        return c.json({ error: `metadata invalid: ${metadataError.message}` }, 400);
       }
       raw.metadata = formatMetadata(raw.metadata);
     }
 
     await doc.update(raw);
-    res.json(doc);
-  } catch (err) {
-    logger.error(err);
-    res.json(null);
-  }
-});
-
-// eslint-disable-next-line consistent-return
-router.get('/:id/retry', authAdmin, async (req, res) => {
-  try {
-    const doc = await PaymentIntent.findByPk(req.params.id as string);
-    if (!doc) {
-      return res.status(404).json({ error: 'PaymentIntent not found' });
-    }
-    if (doc.status === 'succeeded') {
-      return res.status(403).json({ error: 'PaymentIntent already done' });
-    }
-    if (doc.status === 'processing') {
-      return res.status(403).json({ error: 'PaymentIntent already processing' });
-    }
-
-    await doc.update({ status: 'requires_capture', last_payment_error: null });
-    await paymentQueue.pushAndWait({
-      id: `${doc.id}-retry-${Date.now()}`,
-      job: { paymentIntentId: doc.id, retryOnError: false },
-    });
-    res.json(doc);
+    return c.json(doc);
   } catch (err) {
     logger.error(err);
-    res.json(null);
+    return c.json(null);
   }
 });
 
@@ -258,15 +304,15 @@ const refundRequestSchema = Joi.object({
   metadata: Joi.object().optional(),
 });
 
-// eslint-disable-next-line consistent-return
-router.put('/:id/refund', authAdmin, async (req, res) => {
+app.put('/:id/refund', authAdmin, async (c) => {
   try {
-    const { error } = refundRequestSchema.validate(req.body);
+    const body = c.get('sanitizedBody') ?? {};
+    const { error } = refundRequestSchema.validate(body);
     if (error) {
-      return res.status(400).json({ error: `payment intent refund request invalid: ${error.message}` });
+      return c.json({ error: `payment intent refund request invalid: ${error.message}` }, 400);
     }
     const doc = await PaymentIntent.findOne({
-      where: { id: req.params.id },
+      where: { id: c.req.param('id') },
       include: [
         { model: PaymentCurrency, as: 'paymentCurrency' },
         { model: PaymentMethod, as: 'paymentMethod' },
@@ -282,7 +328,7 @@ router.put('/:id/refund', authAdmin, async (req, res) => {
     }
 
     const invoice = await Invoice.findByPk(doc.invoice_id);
-    await syncStripePaymentAndInvoice(doc, invoice, req);
+    await syncStripePaymentAndInvoice(doc, invoice, c);
     // @ts-ignore
     const result = await getRefundAmountSetup({
       paymentIntentId: doc.id,
@@ -294,7 +340,7 @@ router.put('/:id/refund', authAdmin, async (req, res) => {
       throw new Error('refund amount setup failed');
     }
     // @ts-ignore
-    const amount = fromTokenToUnit(req.body.amount, doc.paymentCurrency?.decimal).toString();
+    const amount = fromTokenToUnit((body as any).amount, doc.paymentCurrency?.decimal).toString();
     const amountBN = new BN(amount);
 
     if (amountBN.gt(new BN(result.amount))) {
@@ -305,9 +351,9 @@ router.put('/:id/refund', authAdmin, async (req, res) => {
       type: 'refund',
       livemode: doc.livemode,
       amount,
-      description: req.body.description || 'payment_intent_cancel',
+      description: (body as any).description || 'payment_intent_cancel',
       status: 'pending',
-      reason: req.body.reason || 'requested_by_admin',
+      reason: (body as any).reason || 'requested_by_admin',
       currency_id: doc.currency_id,
       customer_id: doc.customer_id || '',
       payment_method_id: doc.payment_method_id,
@@ -323,62 +369,20 @@ router.put('/:id/refund', authAdmin, async (req, res) => {
       starting_token_balance: {},
       ending_token_balance: {},
       metadata: {
-        requested_by: req.user?.did,
+        requested_by: c.get('user')?.did,
       },
     });
     logger.info('payment intent refund created', {
-      ...req.params,
-      ...req.body,
+      id: c.req.param('id'),
+      ...pick(body as any, ['amount', 'reason', 'description']),
       ...pick(result, ['amount', 'totalAmount']),
       item: item.toJSON(),
     });
-    res.json(item.toJSON());
-  } catch (err) {
-    logger.error(err);
-    res.status(500).json({ error: `Failed to payment intent refund: ${err.message}` });
-  }
-});
-
-router.get('/:id/refundable-amount', authPortal, async (req, res) => {
-  try {
-    const doc = await PaymentIntent.findOne({
-      where: { id: req.params.id },
-    });
-
-    if (doc) {
-      const invoice = await Invoice.findByPk(doc.invoice_id);
-      await syncStripePaymentAndInvoice(doc, invoice, req);
-      const result = await getRefundAmountSetup({
-        paymentIntentId: doc.id,
-        currencyId: doc.currency_id,
-        customerId: doc.customer_id,
-        subscriptionId: invoice?.subscription_id,
-      });
-      const payouts = await Payout.findAll({
-        where: {
-          payment_intent_id: doc.id,
-          status: {
-            [Op.notIn]: ['canceled', 'reverted'],
-          },
-        },
-        attributes: ['id', 'amount'],
-      });
-      if (payouts.length > 0) {
-        let totalPayoutAmount = new BN('0');
-        payouts.forEach((payout) => {
-          totalPayoutAmount = totalPayoutAmount.add(new BN(payout.amount || '0'));
-        });
-
-        result.amount = new BN(result.amount || '0').sub(totalPayoutAmount).toString();
-      }
-      res.json(result);
-    } else {
-      res.status(404).json(null);
-    }
+    return c.json(item.toJSON());
   } catch (err) {
     logger.error(err);
-    res.status(500).json({ error: `Failed to get payment intent refundable amount: ${err.message}` });
+    return c.json({ error: `Failed to payment intent refund: ${(err as any).message}` }, 500);
   }
 });
 
-export default router;
+export default app;