Add live Stripe card charges (PaymentIntent + Elements + webhook)
CI / No Debug Code (pull_request) Successful in 40s
CI / Tests (PHP 8.2) (pull_request) Successful in 48s
CI / Coding Standards (pull_request) Successful in 1m0s
CI / PHPStan (pull_request) Successful in 1m13s
CI / Tests (PHP 8.1) (pull_request) Successful in 2m9s
CI / Tests (PHP 8.3) (pull_request) Successful in 2m8s
CI / Build Plugin Zip (pull_request) Has been skipped
CI / No Debug Code (pull_request) Successful in 40s
CI / Tests (PHP 8.2) (pull_request) Successful in 48s
CI / Coding Standards (pull_request) Successful in 1m0s
CI / PHPStan (pull_request) Successful in 1m13s
CI / Tests (PHP 8.1) (pull_request) Successful in 2m9s
CI / Tests (PHP 8.3) (pull_request) Successful in 2m8s
CI / Build Plugin Zip (pull_request) Has been skipped
Completes the deferred half of payments: real credit-card processing on top of the existing ledger/e-transfer/comp foundation. - StripeGateway wraps stripe/stripe-php: creates idempotent PaymentIntents (amount in cents, registration ids in metadata) and verifies webhook signatures. Stripe calls sit behind protected seams for unit testing. - PaymentService::createIntent resolves the client-side step for a new registration (card → client secret; e-transfer → display data; comp → none) with caller-ownership enforcement. - PaymentService::handleWebhook finalises a payment exactly once on payment_intent.succeeded (mark paid → confirm → receipt) and marks it failed on payment_intent.payment_failed. - PaymentEndpoint: POST /payments/intent (book_lesson) and public, signature-verified POST /payments/webhook. - PaymentRepository: setStripeIntentId / findByStripeIntentId. - StudioSettings: us_stripe_webhook_secret option, with the webhook URL and required events surfaced on the settings page. - Front end: shared payment.js mounts Stripe Payment Elements and confirms the card (or shows e-transfer instructions); Stripe.js enqueued only when configured. Wired into booking and group-class flows. Tests: new StripeGatewayTest; PaymentService card-intent + webhook cases; repository coverage. composer test/lint/cs all green. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -13,6 +13,7 @@ use Unsupervised\Schedular\Payment\Payment;
|
||||
use Unsupervised\Schedular\Payment\PaymentRepository;
|
||||
use Unsupervised\Schedular\Payment\PaymentService;
|
||||
use Unsupervised\Schedular\Payment\ReceiptMailer;
|
||||
use Unsupervised\Schedular\Payment\StripeGateway;
|
||||
use Unsupervised\Schedular\Payment\StudioSettings;
|
||||
use Unsupervised\Schedular\Tests\Unit\TestCase;
|
||||
|
||||
@@ -24,6 +25,7 @@ class PaymentServiceTest extends TestCase
|
||||
private BookingRepository $bookings;
|
||||
private EnrollmentRepository $enrollments;
|
||||
private StudioSettings $settings;
|
||||
private StripeGateway $stripe;
|
||||
private PaymentService $service;
|
||||
|
||||
protected function setUp(): void
|
||||
@@ -36,6 +38,7 @@ class PaymentServiceTest extends TestCase
|
||||
$this->bookings = Mockery::mock(BookingRepository::class);
|
||||
$this->enrollments = Mockery::mock(EnrollmentRepository::class);
|
||||
$this->settings = Mockery::mock(StudioSettings::class);
|
||||
$this->stripe = Mockery::mock(StripeGateway::class);
|
||||
$this->settings->shouldReceive('etransferEmail')->andReturn('');
|
||||
$this->settings->shouldReceive('hstRate')->andReturn(0.0)->byDefault();
|
||||
|
||||
@@ -45,7 +48,8 @@ class PaymentServiceTest extends TestCase
|
||||
$this->mailer,
|
||||
$this->bookings,
|
||||
$this->enrollments,
|
||||
$this->settings
|
||||
$this->settings,
|
||||
$this->stripe
|
||||
);
|
||||
|
||||
Functions\when('get_userdata')->justReturn(false);
|
||||
@@ -166,4 +170,125 @@ class PaymentServiceTest extends TestCase
|
||||
// Already paid → no markPaid/confirm calls.
|
||||
self::assertTrue($this->service->markPaid(80));
|
||||
}
|
||||
|
||||
public function testCreateIntentForCardReturnsClientSecret(): void
|
||||
{
|
||||
$this->payments->shouldReceive('findByRegistration')->with(Payment::REG_LESSON, 12)
|
||||
->andReturn($this->payment(Payment::METHOD_CARD, Payment::STATUS_PENDING, 90));
|
||||
|
||||
$intent = \Stripe\PaymentIntent::constructFrom(['id' => 'pi_abc', 'client_secret' => 'pi_abc_secret']);
|
||||
$this->stripe->shouldReceive('createIntent')->once()
|
||||
->with(Mockery::on(static fn (Payment $p): bool => $p->id === 90))
|
||||
->andReturn($intent);
|
||||
$this->payments->shouldReceive('setStripeIntentId')->once()->with(90, 'pi_abc')->andReturn(true);
|
||||
$this->settings->shouldReceive('publishableKey')->andReturn('pk_test_123');
|
||||
|
||||
$result = $this->service->createIntent(Payment::REG_LESSON, 12, 5);
|
||||
|
||||
self::assertSame('card', $result['method']);
|
||||
self::assertSame('pi_abc_secret', $result['client_secret']);
|
||||
self::assertSame('pk_test_123', $result['publishable_key']);
|
||||
}
|
||||
|
||||
public function testCreateIntentForEtransferReturnsDisplayDataWithoutStripe(): void
|
||||
{
|
||||
$payment = new Payment(5, 3, Payment::REG_LESSON, 12, 35.00, 'CAD', Payment::METHOD_ETRANSFER, Payment::STATUS_PENDING, etransferEmail: 'pay@studio.test', id: 91);
|
||||
$this->payments->shouldReceive('findByRegistration')->with(Payment::REG_LESSON, 12)->andReturn($payment);
|
||||
|
||||
$this->stripe->shouldNotReceive('createIntent');
|
||||
|
||||
$result = $this->service->createIntent(Payment::REG_LESSON, 12, 5);
|
||||
|
||||
self::assertSame('etransfer', $result['method']);
|
||||
self::assertSame('pay@studio.test', $result['etransfer_email']);
|
||||
self::assertArrayNotHasKey('client_secret', $result);
|
||||
}
|
||||
|
||||
public function testCreateIntentReturnsNullWhenNotOwner(): void
|
||||
{
|
||||
$this->payments->shouldReceive('findByRegistration')->with(Payment::REG_LESSON, 12)
|
||||
->andReturn($this->payment(Payment::METHOD_CARD, Payment::STATUS_PENDING, 90));
|
||||
|
||||
// Student 999 does not own payment whose studentId is 5.
|
||||
self::assertNull($this->service->createIntent(Payment::REG_LESSON, 12, 999));
|
||||
}
|
||||
|
||||
public function testCreateIntentReturnsNullWhenNoPayment(): void
|
||||
{
|
||||
$this->payments->shouldReceive('findByRegistration')->with(Payment::REG_LESSON, 12)->andReturn(null);
|
||||
|
||||
self::assertNull($this->service->createIntent(Payment::REG_LESSON, 12, 5));
|
||||
}
|
||||
|
||||
public function testCreateIntentReturnsNullWhenStripeFails(): void
|
||||
{
|
||||
$this->payments->shouldReceive('findByRegistration')->with(Payment::REG_LESSON, 12)
|
||||
->andReturn($this->payment(Payment::METHOD_CARD, Payment::STATUS_PENDING, 90));
|
||||
$this->stripe->shouldReceive('createIntent')->once()->andReturn(null);
|
||||
|
||||
self::assertNull($this->service->createIntent(Payment::REG_LESSON, 12, 5));
|
||||
}
|
||||
|
||||
public function testHandleWebhookInvalidSignatureReturnsFalse(): void
|
||||
{
|
||||
$this->stripe->shouldReceive('verifyWebhook')->with('{}', 'bad-sig')->andReturn(null);
|
||||
|
||||
self::assertFalse($this->service->handleWebhook('{}', 'bad-sig'));
|
||||
}
|
||||
|
||||
public function testHandleWebhookSucceededFinalizesPayment(): void
|
||||
{
|
||||
$event = $this->intentEvent('payment_intent.succeeded', 'pi_ok');
|
||||
$this->stripe->shouldReceive('verifyWebhook')->andReturn($event);
|
||||
|
||||
$this->payments->shouldReceive('findByStripeIntentId')->with('pi_ok')
|
||||
->andReturn($this->payment(Payment::METHOD_CARD, Payment::STATUS_PENDING, 90));
|
||||
|
||||
$this->payments->shouldReceive('markPaid')->once()->with(90, 'USC-90')->andReturn(true);
|
||||
$this->bookings->shouldReceive('updateStatus')->once()->with(12, Lesson::STATUS_CONFIRMED)->andReturn(true);
|
||||
$this->payments->shouldReceive('findById')->with(90)->andReturn($this->payment(Payment::METHOD_CARD, Payment::STATUS_PAID, 90));
|
||||
$this->mailer->shouldReceive('send')->andReturn(false);
|
||||
|
||||
self::assertTrue($this->service->handleWebhook('{}', 'sig'));
|
||||
}
|
||||
|
||||
public function testHandleWebhookSucceededIdempotentWhenAlreadyPaid(): void
|
||||
{
|
||||
$event = $this->intentEvent('payment_intent.succeeded', 'pi_ok');
|
||||
$this->stripe->shouldReceive('verifyWebhook')->andReturn($event);
|
||||
|
||||
$this->payments->shouldReceive('findByStripeIntentId')->with('pi_ok')
|
||||
->andReturn($this->payment(Payment::METHOD_CARD, Payment::STATUS_PAID, 90));
|
||||
|
||||
// Already paid → no markPaid/confirm.
|
||||
self::assertTrue($this->service->handleWebhook('{}', 'sig'));
|
||||
}
|
||||
|
||||
public function testHandleWebhookFailedMarksFailed(): void
|
||||
{
|
||||
$event = $this->intentEvent('payment_intent.payment_failed', 'pi_bad');
|
||||
$this->stripe->shouldReceive('verifyWebhook')->andReturn($event);
|
||||
|
||||
$this->payments->shouldReceive('findByStripeIntentId')->with('pi_bad')
|
||||
->andReturn($this->payment(Payment::METHOD_CARD, Payment::STATUS_PENDING, 90));
|
||||
$this->payments->shouldReceive('updateStatus')->once()->with(90, Payment::STATUS_FAILED)->andReturn(true);
|
||||
|
||||
self::assertTrue($this->service->handleWebhook('{}', 'sig'));
|
||||
}
|
||||
|
||||
public function testHandleWebhookAcknowledgesUnknownIntent(): void
|
||||
{
|
||||
$event = $this->intentEvent('payment_intent.succeeded', 'pi_unknown');
|
||||
$this->stripe->shouldReceive('verifyWebhook')->andReturn($event);
|
||||
$this->payments->shouldReceive('findByStripeIntentId')->with('pi_unknown')->andReturn(null);
|
||||
|
||||
self::assertTrue($this->service->handleWebhook('{}', 'sig'));
|
||||
}
|
||||
|
||||
private function intentEvent(string $type, string $intentId): \Stripe\Event
|
||||
{
|
||||
$intent = \Stripe\PaymentIntent::constructFrom(['id' => $intentId, 'object' => 'payment_intent']);
|
||||
|
||||
return \Stripe\Event::constructFrom(['type' => $type, 'data' => ['object' => $intent]]);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user