diff --git a/src/Controller/CustomerAppAPI/SubscriptionController.php b/src/Controller/CustomerAppAPI/SubscriptionController.php index 33ac8792..60d3cda4 100644 --- a/src/Controller/CustomerAppAPI/SubscriptionController.php +++ b/src/Controller/CustomerAppAPI/SubscriptionController.php @@ -90,13 +90,30 @@ class SubscriptionController extends ApiController // create subscription // NOTE: for now we save ourselves the extra API call and assume the plan_id is valid since this won't change often anyway $pm_sub = $pm->createSubscription($pm_cust['id'], $req->request->get('plan_id')); - if (!isset($pm_sub['response']['data']['id'])) { + $sub_pi = $pm_sub['response']['data']['attributes']['latest_invoice']['payment_intent'] ?? null; + + // not the response we expected + if (empty($sub_pi)) { return new ApiResponse(false, 'Error creating subscription. Please try again later.'); } + // the payment intent must still be in a pending state + // TODO: log this somewhere + if ($sub_pi['status'] !== 'awaiting_payment_method') { + return new ApiResponse(false, 'Error creating subscription invoice. Please try again later.'); + } + + // fetch payment intent details for client key + $pi = $pm->getPaymentIntent($sub_pi['id']); + if (empty($pi['response']['data']['id'])) { + return new ApiResponse(false, 'Error retrieving payment intent. Please try again later.'); + } + // response return new ApiResponse(true, '', [ - 'subscription_id' => $pm_sub['response']['data']['id'], + //'subscription_id' => $pm_sub['response']['data']['id'], + 'payment_intent_id' => $pi['response']['data']['id'], + 'payment_intent_client_key' => $pi['response']['data']['attributes']['client_key'], 'paymongo_public_key' => $this->getParameter('subscription_paymongo_public_key'), ]); } diff --git a/src/Service/PayMongoConnector.php b/src/Service/PayMongoConnector.php index a12c38a0..5b1ff86b 100644 --- a/src/Service/PayMongoConnector.php +++ b/src/Service/PayMongoConnector.php @@ -14,7 +14,9 @@ class PayMongoConnector protected $base_url; protected $public_key; protected $secret_key; - protected $hash; + + protected $public_hash; + protected $secret_hash; public function __construct($base_url) { @@ -25,7 +27,8 @@ class PayMongoConnector { $this->public_key = $public_key; $this->secret_key = $secret_key; - $this->hash = $this->generateHash(); + $this->public_hash = $this->generateHash($this->public_key); + $this->secret_hash = $this->generateHash($this->secret_key); } public function createCheckout(Customer $cust, $items, $ref_no = null, $description = null, $success_url = null, $cancel_url = null, $metadata = []) @@ -278,6 +281,11 @@ class PayMongoConnector return $this->doRequest('/v1/subscriptions', 'POST', $body); } + public function getPaymentIntent($pi_id) + { + return $this->doRequest('/v1/payment_intents/' . $pi_id, 'GET'); + } + public function attachPaymentIntent($pm_id, $pi_id) { $body = [ @@ -291,19 +299,26 @@ class PayMongoConnector return $this->doRequest('/v1/payment_intents/' . $pi_id . '/attach', 'POST', $body); } - protected function generateHash() + protected function generateHash($key) { - return base64_encode($this->secret_key); + return base64_encode($key); } - protected function doRequest($url, $method, $request_body = []) + protected function buildHeaders($use_public_key = false) { - $client = new Client(); - $headers = [ + $hash = $use_public_key ? $this->public_hash : $this->secret_hash; + + return [ 'Content-Type' => 'application/json', 'accept' => 'application/json', - 'authorization' => 'Basic '. $this->hash, + 'authorization' => 'Basic '. $hash, ]; + } + + protected function doRequest($url, $method, $request_body = [], $use_public_key = false) + { + $client = new Client(); + $headers = $this->buildHeaders($use_public_key); $request_params = ['headers' => $headers];