updated to update customer info and also send metadata for payment succeeded webhook

Author: AdityaK2905

src/api/functions/stripe.ts

@@ -346,6 +346,13 @@ export type checkCustomerParams = {
   stripeApiKey: string;
 };
 
+export type CheckOrCreateResult = {
+  customerId: string;
+  needsConfirmation?: boolean;
+  current?: { name?: string | null; email?: string | null };
+  incoming?: { name: string; email: string };
+};
+
 export const checkOrCreateCustomer = async ({
   acmOrg,
   emailDomain,
@@ -354,7 +361,7 @@ export const checkOrCreateCustomer = async ({
   customerEmail,
   customerName,
   stripeApiKey,
-}: checkCustomerParams): Promise<string> => {
+}: checkCustomerParams): Promise<CheckOrCreateResult> => {
   const lock = createLock({
     adapter: new IoredisAdapter(redisClient),
     key: `stripe:${acmOrg}:${emailDomain}`,
@@ -363,6 +370,7 @@ export const checkOrCreateCustomer = async ({
   }) as SimpleLock;
 
   const pk = `${acmOrg}#${emailDomain}`;
+  const normalizedEmail = customerEmail.trim().toLowerCase();
 
   return await lock.using(async () => {
     const checkCustomer = new QueryCommand({
@@ -379,10 +387,11 @@ export const checkOrCreateCustomer = async ({
 
     if (customerResponse.Count === 0) {
       const customer = await createStripeCustomer({
-        email: customerEmail,
+        email: normalizedEmail,
         name: customerName,
         stripeApiKey,
       });
+
       const createCustomer = new TransactWriteItemsCommand({
         TransactItems: [
           {
@@ -398,15 +407,84 @@ export const checkOrCreateCustomer = async ({
                 },
                 { removeUndefinedValues: true },
               ),
+              ConditionExpression:
+                "attribute_not_exists(primaryKey) AND attribute_not_exists(sortKey)",
+            },
+          },
+          {
+            Put: {
+              TableName: genericConfig.StripePaymentsDynamoTableName,
+              Item: marshall(
+                {
+                  primaryKey: pk,
+                  sortKey: `EMAIL#${normalizedEmail}`,
+                  stripeCustomerId: customer,
+                  createdAt: new Date().toISOString(),
+                },
+                { removeUndefinedValues: true },
+              ),
+              ConditionExpression:
+                "attribute_not_exists(primaryKey) AND attribute_not_exists(sortKey)",
             },
           },
         ],
       });
       await dynamoClient.send(createCustomer);
-      return customer;
+      return { customerId: customer };
     }
 
-    return customerResponse.Items![0].stripeCustomerId.S!;
+    const existingCustomerId = (customerResponse.Items![0] as any)
+      .stripeCustomerId.S as string;
+
+    const stripeClient = new Stripe(stripeApiKey);
+    const stripeCustomer =
+      await stripeClient.customers.retrieve(existingCustomerId);
+
+    const liveName =
+      "name" in stripeCustomer ? (stripeCustomer as any).name : null;
+    const liveEmail =
+      "email" in stripeCustomer ? (stripeCustomer as any).email : null;
+
+    const needsConfirmation =
+      (!!liveName && liveName !== customerName) ||
+      (!!liveEmail && liveEmail.toLowerCase() !== normalizedEmail);
+
+    const ensureEmailMap = new TransactWriteItemsCommand({
+      TransactItems: [
+        {
+          Put: {
+            TableName: genericConfig.StripePaymentsDynamoTableName,
+            Item: marshall(
+              {
+                primaryKey: pk,
+                sortKey: `EMAIL#${normalizedEmail}`,
+                stripeCustomerId: existingCustomerId,
+                createdAt: new Date().toISOString(),
+              },
+              { removeUndefinedValues: true },
+            ),
+            ConditionExpression:
+              "attribute_not_exists(primaryKey) AND attribute_not_exists(sortKey)",
+          },
+        },
+      ],
+    });
+    try {
+      await dynamoClient.send(ensureEmailMap);
+    } catch (e) {
+      // ignore
+    }
+
+    if (needsConfirmation) {
+      return {
+        customerId: existingCustomerId,
+        needsConfirmation: true,
+        current: { name: liveName ?? null, email: liveEmail ?? null },
+        incoming: { name: customerName, email: normalizedEmail },
+      };
+    }
+
+    return { customerId: existingCustomerId };
   });
 };
 
@@ -432,10 +510,10 @@ export const addInvoice = async ({
   redisClient,
   dynamoClient,
   stripeApiKey,
-}: InvoiceAddParams): Promise<string> => {
+}: InvoiceAddParams): Promise<CheckOrCreateResult> => {
   const pk = `${acmOrg}#${emailDomain}`;
 
-  const customerId = await checkOrCreateCustomer({
+  const result = await checkOrCreateCustomer({
     acmOrg,
     emailDomain,
     redisClient,
@@ -445,6 +523,10 @@ export const addInvoice = async ({
     stripeApiKey,
   });
 
+  if (result.needsConfirmation) {
+    return result;
+  }
+
   const dynamoCommand = new TransactWriteItemsCommand({
     TransactItems: [
       {
@@ -476,5 +558,5 @@ export const addInvoice = async ({
   });
 
   await dynamoClient.send(dynamoCommand);
-  return customerId;
+  return { customerId: result.customerId };
 };

src/api/routes/stripe.ts

@@ -11,6 +11,7 @@ import { buildAuditLogTransactPut } from "api/functions/auditLog.js";
 import {
   addInvoice,
   createStripeLink,
+  createCheckoutSessionWithCustomer,
   deactivateStripeLink,
   deactivateStripeProduct,
   getPaymentMethodDescriptionString,
@@ -137,9 +138,42 @@ const stripeRoutes: FastifyPluginAsync = async (fastify, _options) => {
         stripeApiKey: secretApiConfig.stripe_secret_key as string,
       };
 
-      const stripeCustomer = await addInvoice(payload);
+      const result = await addInvoice(payload);
 
-      reply.status(201).send({ link: "<dummy link here>" });
+      if (result.needsConfirmation) {
+        return reply.status(409).send({
+          needsConfirmation: true,
+          customerId: result.customerId,
+          current: result.current,
+          incoming: result.incoming,
+          message: "Customer info differs. Confirm update before proceeding.",
+        });
+      }
+
+      const checkoutUrl = await createCheckoutSessionWithCustomer({
+        customerId: result.customerId,
+        stripeApiKey: secretApiConfig.stripe_secret_key as string,
+        items: [
+          {
+            price: "<PRICE_ID_OR_DYNAMICALLY_CREATED_PRICE>",
+            quantity: 1,
+          },
+        ],
+        initiator: request.username || "system",
+        allowPromotionCodes: true,
+        successUrl: `${fastify.environmentConfig.UserFacingUrl}/success`,
+        returnUrl: `${fastify.environmentConfig.UserFacingUrl}/cancel`,
+        metadata: {
+          acm_org: request.body.acmOrg,
+          billing_email: request.body.contactEmail,
+          invoice_id: request.body.invoiceId,
+        },
+      });
+
+      reply.status(201).send({
+        id: request.body.invoiceId,
+        link: checkoutUrl,
+      });
     },
   );
   fastify.withTypeProvider<FastifyZodOpenApiTypeProvider>().post(

src/common/types/stripe.ts

@@ -24,6 +24,29 @@ export const createInvoicePostResponseSchema = z.object({
   link: z.url()
 });
 
+export const createInvoiceConflictResponseSchema = z.object({
+  needsConfirmation: z.literal(true),
+  customerId: z.string().min(1),
+  current: z.object({
+    name: z.string().nullable().optional(),
+    email: z.string().nullable().optional(),
+  }),
+  incoming: z.object({
+    name: z.string().min(1),
+    email: z.string().email(),
+  }),
+  message: z.string().min(1),
+});
+
+export const createInvoicePostResponseSchemaUnion = z.union([
+  createInvoicePostResponseSchema,     // success: 201
+  createInvoiceConflictResponseSchema, // info mismatch: 409
+]);
+
+export type PostCreateInvoiceResponseUnion = z.infer<
+  typeof createInvoicePostResponseSchemaUnion
+>;
+
 export const createInvoicePostRequestSchema = z.object({
   invoiceId: z.string().min(1),
   invoiceAmountUsd: z.number().min(50),