1
0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-10 13:12:50 +01:00
invoiceninja/app/Ninja/PaymentDrivers/StripePaymentDriver.php

403 lines
13 KiB
PHP
Raw Normal View History

2016-07-21 14:35:23 +02:00
<?php namespace App\Ninja\PaymentDrivers;
2016-06-20 16:14:43 +02:00
use Exception;
use Cache;
2016-06-23 15:15:52 +02:00
use App\Models\Payment;
2016-06-20 16:14:43 +02:00
use App\Models\PaymentMethod;
class StripePaymentDriver extends BasePaymentDriver
{
protected $customerReferenceParam = 'customerReference';
2016-06-22 20:42:09 +02:00
public function gatewayTypes()
2016-06-20 16:14:43 +02:00
{
$types = [
GATEWAY_TYPE_CREDIT_CARD,
GATEWAY_TYPE_TOKEN
];
2016-06-22 20:42:09 +02:00
if ($this->accountGateway && $this->accountGateway->getAchEnabled()) {
2016-06-20 16:14:43 +02:00
$types[] = GATEWAY_TYPE_BANK_TRANSFER;
}
return $types;
}
public function tokenize()
{
return $this->accountGateway->getPublishableStripeKey();
}
public function rules()
{
$rules = parent::rules();
if ($this->isGatewayType(GATEWAY_TYPE_BANK_TRANSFER)) {
$rules['authorize_ach'] = 'required';
}
return $rules;
}
protected function checkCustomerExists($customer)
{
$response = $this->gateway()
->fetchCustomer(['customerReference' => $customer->token])
->send();
if ( ! $response->isSuccessful()) {
return false;
}
$this->tokenResponse = $response->getData();
// import Stripe tokens created before payment methods table was added
if ( ! count($customer->payment_methods)) {
if ($paymentMethod = $this->createPaymentMethod($customer)) {
$customer->default_payment_method_id = $paymentMethod->id;
$customer->save();
$customer->load('payment_methods');
}
}
return true;
}
public function isTwoStep()
{
return $this->isGatewayType(GATEWAY_TYPE_BANK_TRANSFER) && empty($this->input['plaidPublicToken']);
}
2016-07-21 14:35:23 +02:00
protected function paymentDetails($paymentMethod = false)
2016-06-20 16:14:43 +02:00
{
$data = parent::paymentDetails($paymentMethod);
2016-06-26 12:45:50 +02:00
if ($paymentMethod) {
return $data;
}
2016-06-28 20:21:54 +02:00
// Stripe complains if the email field is set
unset($data['email']);
2016-06-20 16:14:43 +02:00
if ( ! empty($this->input['sourceToken'])) {
$data['token'] = $this->input['sourceToken'];
unset($data['card']);
}
if ( ! empty($this->input['plaidPublicToken'])) {
$data['plaidPublicToken'] = $this->input['plaidPublicToken'];
$data['plaidAccountId'] = $this->input['plaidAccountId'];
unset($data['card']);
}
return $data;
}
public function createToken()
{
$invoice = $this->invitation->invoice;
$client = $invoice->client;
$data = $this->paymentDetails();
$data['description'] = $client->getDisplayName();
if ( ! empty($data['plaidPublicToken'])) {
$plaidResult = $this->getPlaidToken($data['plaidPublicToken'], $data['plaidAccountId']);
unset($data['plaidPublicToken']);
unset($data['plaidAccountId']);
$data['token'] = $plaidResult['stripe_bank_account_token'];
}
// if a customer already exists link the token to it
if ($customer = $this->customer()) {
$data['customerReference'] = $customer->token;
}
$tokenResponse = $this->gateway()
->createCard($data)
->send();
if ($tokenResponse->isSuccessful()) {
$this->tokenResponse = $tokenResponse->getData();
return parent::createToken();
} else {
throw new Exception($tokenResponse->getMessage());
}
}
public function creatingCustomer($customer)
{
$customer->token = $this->tokenResponse['id'];
return $customer;
}
2016-07-21 14:35:23 +02:00
protected function creatingPaymentMethod($paymentMethod)
2016-06-20 16:14:43 +02:00
{
$data = $this->tokenResponse;
if (!empty($data['object']) && ($data['object'] == 'card' || $data['object'] == 'bank_account')) {
$source = $data;
} elseif (!empty($data['object']) && $data['object'] == 'customer') {
$sources = !empty($data['sources']) ? $data['sources'] : $data['cards'];
$source = reset($sources['data']);
} else {
$source = !empty($data['source']) ? $data['source'] : $data['card'];
}
if ( ! $source) {
return false;
}
$paymentMethod->source_reference = $source['id'];
$paymentMethod->last4 = $source['last4'];
2016-07-27 11:53:11 +02:00
// For older users the Stripe account may just have the customer token but not the card version
// In that case we'd use GATEWAY_TYPE_TOKEN even though we're creating the credit card
if ($this->isGatewayType(GATEWAY_TYPE_CREDIT_CARD) || $this->isGatewayType(GATEWAY_TYPE_TOKEN)) {
2016-06-20 16:14:43 +02:00
$paymentMethod->expiration = $source['exp_year'] . '-' . $source['exp_month'] . '-01';
$paymentMethod->payment_type_id = $this->parseCardType($source['brand']);
} elseif ($this->isGatewayType(GATEWAY_TYPE_BANK_TRANSFER)) {
$paymentMethod->routing_number = $source['routing_number'];
$paymentMethod->payment_type_id = PAYMENT_TYPE_ACH;
$paymentMethod->status = $source['status'];
$currency = Cache::get('currencies')->where('code', strtoupper($source['currency']))->first();
if ($currency) {
$paymentMethod->currency_id = $currency->id;
$paymentMethod->setRelation('currency', $currency);
}
}
return $paymentMethod;
}
2016-07-21 14:35:23 +02:00
protected function creatingPayment($payment, $paymentMethod)
2016-06-20 16:14:43 +02:00
{
2016-06-23 19:17:02 +02:00
if ($this->isGatewayType(GATEWAY_TYPE_BANK_TRANSFER, $paymentMethod)) {
2016-07-21 14:35:23 +02:00
$payment->payment_status_id = $this->purchaseResponse['status'] == 'succeeded' ? PAYMENT_STATUS_COMPLETED : PAYMENT_STATUS_PENDING;
2016-06-20 16:14:43 +02:00
}
return $payment;
}
2016-07-21 14:35:23 +02:00
public function removePaymentMethod($paymentMethod)
2016-06-20 16:14:43 +02:00
{
2016-06-24 14:40:10 +02:00
parent::removePaymentMethod($paymentMethod);
2016-06-20 16:14:43 +02:00
if ( ! $paymentMethod->relationLoaded('account_gateway_token')) {
$paymentMethod->load('account_gateway_token');
}
$response = $this->gateway()->deleteCard([
'customerReference' => $paymentMethod->account_gateway_token->token,
'cardReference' => $paymentMethod->source_reference
])->send();
if ($response->isSuccessful()) {
2016-06-24 14:40:10 +02:00
return true;
2016-06-20 16:14:43 +02:00
} else {
throw new Exception($response->getMessage());
}
}
private function getPlaidToken($publicToken, $accountId)
{
$clientId = $this->accountGateway->getPlaidClientId();
$secret = $this->accountGateway->getPlaidSecret();
if (!$clientId) {
throw new Exception('plaid client id not set'); // TODO use text strings
}
if (!$secret) {
throw new Exception('plaid secret not set');
}
try {
$subdomain = $this->accountGateway->getPlaidEnvironment() == 'production' ? 'api' : 'tartan';
$response = (new \GuzzleHttp\Client(['base_uri'=>"https://{$subdomain}.plaid.com"]))->request(
'POST',
'exchange_token',
[
'allow_redirects' => false,
'headers' => ['content-type' => 'application/x-www-form-urlencoded'],
'body' => http_build_query([
2016-06-20 16:14:43 +02:00
'client_id' => $clientId,
'secret' => $secret,
'public_token' => $publicToken,
'account_id' => $accountId,
])
2016-06-20 16:14:43 +02:00
]
);
return json_decode($response->getBody(), true);
} catch (\GuzzleHttp\Exception\BadResponseException $e) {
$response = $e->getResponse();
$body = json_decode($response->getBody(), true);
if ($body && !empty($body['message'])) {
throw new Exception($body['message']);
} else {
throw new Exception($e->getMessage());
}
}
}
public function verifyBankAccount($client, $publicId, $amount1, $amount2)
{
$customer = $this->customer($client->id);
$paymentMethod = PaymentMethod::clientId($client->id)
->wherePublicId($publicId)
->firstOrFail();
// Omnipay doesn't support verifying payment methods
// Also, it doesn't want to urlencode without putting numbers inside the brackets
$result = $this->makeStripeCall(
'POST',
'customers/' . $customer->token . '/sources/' . $paymentMethod->source_reference . '/verify',
'amounts[]=' . intval($amount1) . '&amounts[]=' . intval($amount2)
);
if (is_string($result)) {
return $result;
}
$paymentMethod->status = PAYMENT_METHOD_STATUS_VERIFIED;
$paymentMethod->save();
if ( ! $customer->default_payment_method_id) {
$customer->default_payment_method_id = $paymentMethod->id;
$customer->save();
}
return true;
}
public function makeStripeCall($method, $url, $body = null)
{
$apiKey = $this->accountGateway->getConfig()->apiKey;
if (!$apiKey) {
return 'No API key set';
}
try{
$options = [
'headers' => ['content-type' => 'application/x-www-form-urlencoded'],
'auth' => [$apiKey, ''],
];
if ($body) {
$options['body'] = $body;
}
$response = (new \GuzzleHttp\Client(['base_uri'=>'https://api.stripe.com/v1/']))->request(
$method,
$url,
$options
);
return json_decode($response->getBody(), true);
} catch (\GuzzleHttp\Exception\BadResponseException $e) {
$response = $e->getResponse();
$body = json_decode($response->getBody(), true);
if ($body && $body['error'] && $body['error']['type'] == 'invalid_request_error') {
return $body['error']['message'];
}
return $e->getMessage();
}
}
2016-06-23 15:15:52 +02:00
2016-06-23 15:27:54 +02:00
public function handleWebHook($input)
2016-06-23 15:15:52 +02:00
{
$eventId = array_get($input, 'id');
$eventType= array_get($input, 'type');
$accountGateway = $this->accountGateway;
$accountId = $accountGateway->account_id;
if (!$eventId) {
throw new Exception('Missing event id');
}
if (!$eventType) {
throw new Exception('Missing event type');
}
$supportedEvents = [
2016-06-23 15:15:52 +02:00
'charge.failed',
'charge.succeeded',
2016-06-24 14:40:10 +02:00
'charge.refunded',
2016-06-23 15:15:52 +02:00
'customer.source.updated',
'customer.source.deleted',
2016-06-24 14:40:10 +02:00
'customer.bank_account.deleted',
];
2016-06-23 15:15:52 +02:00
if (!in_array($eventType, $supportedEvents)) {
return ['message' => 'Ignoring event'];
2016-06-23 15:15:52 +02:00
}
// Fetch the event directly from Stripe for security
$eventDetails = $this->makeStripeCall('GET', 'events/'.$eventId);
if (is_string($eventDetails) || !$eventDetails) {
throw new Exception('Could not get event details');
}
if ($eventType != $eventDetails['type']) {
throw new Exception('Event type mismatch');
}
if (!$eventDetails['pending_webhooks']) {
throw new Exception('This is not a pending event');
}
2016-06-24 14:40:10 +02:00
if ($eventType == 'charge.failed' || $eventType == 'charge.succeeded' || $eventType == 'charge.refunded') {
2016-06-23 15:15:52 +02:00
$charge = $eventDetails['data']['object'];
$transactionRef = $charge['id'];
$payment = Payment::scope(false, $accountId)->where('transaction_reference', '=', $transactionRef)->first();
if (!$payment) {
throw new Exception('Unknown payment');
}
if ($eventType == 'charge.failed') {
if (!$payment->isFailed()) {
$payment->markFailed($charge['failure_message']);
$userMailer = app('App\Ninja\Mailers\UserMailer');
$userMailer->sendNotification($payment->user, $payment->invoice, 'payment_failed', $payment);
}
} elseif ($eventType == 'charge.succeeded') {
$payment->markComplete();
} elseif ($eventType == 'charge.refunded') {
$payment->recordRefund($charge['amount_refunded'] / 100 - $payment->refunded);
}
2016-06-24 14:40:10 +02:00
} elseif($eventType == 'customer.source.updated' || $eventType == 'customer.source.deleted' || $eventType == 'customer.bank_account.deleted') {
2016-06-23 15:15:52 +02:00
$source = $eventDetails['data']['object'];
$sourceRef = $source['id'];
$paymentMethod = PaymentMethod::scope(false, $accountId)->where('source_reference', '=', $sourceRef)->first();
if (!$paymentMethod) {
throw new Exception('Unknown payment method');
}
2016-06-24 14:40:10 +02:00
if ($eventType == 'customer.source.deleted' || $eventType == 'customer.bank_account.deleted') {
2016-06-23 15:15:52 +02:00
$paymentMethod->delete();
} elseif ($eventType == 'customer.source.updated') {
2016-06-28 20:21:54 +02:00
//$this->paymentService->convertPaymentMethodFromStripe($source, null, $paymentMethod)->save();
2016-06-23 15:15:52 +02:00
}
}
return 'Processed successfully';
}
2016-06-20 16:14:43 +02:00
}