jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

user upgrades: upgrade to new Stripe checkout system.

Browse Source 
This upgrades from the legacy version of Stripe's checkout system to the
new version:

> The legacy version of Checkout presented customers with a modal dialog
> that collected card information, and returned a token or a source to
> your website. In contrast, the new version of Checkout is a smart
> payment page hosted by Stripe that creates payments or subscriptions. It
> supports Apple Pay, Dynamic 3D Secure, and many other features.

Basic overview of the new system:

* We send the user to a checkout page on Stripe.
* Stripe collects payment and sends us a webhook notification when the
  order is complete.
* We receive the webhook notification and upgrade the user.

Docs:

* https://stripe.com/docs/payments/checkout
* https://stripe.com/docs/payments/checkout/migration#client-products
* https://stripe.com/docs/payments/handling-payment-events
* https://stripe.com/docs/payments/checkout/fulfill-orders
This commit is contained in:
evazion
2020-12-23 05:15:08 -06:00
parent c17678d509
commit 7762489d7d
18 changed files with 536 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
test/fixtures/stripe-webhooks/checkout.session.completed.json vendored Normal file
View File

@@ -0,0 +1,55 @@
{
"id": "evt_000",
"object": "event",
"api_version": "2020-08-27",
"created": 1608705740,
"data": {
"object": {
"id": "cs_test_000",
"object": "checkout.session",
"allow_promotion_codes": null,
"amount_subtotal": 2000,
"amount_total": 2000,
"billing_address_collection": null,
"cancel_url": "http://localhost/user_upgrade/new",
"client_reference_id": "user_12345",
"currency": "usd",
"customer": "cus_000",
"customer_email": null,
"livemode": false,
"locale": null,
"metadata": {
"purchaser_id": "12345",
"recipient_id": "12345",
"purchaser_name": "user_12345",
"recipient_name": "user_12345",
"upgrade_type": "gold_upgrade",
"is_gift": "false",
"level": "30"
},
"mode": "payment",
"payment_intent": "pi_000",
"payment_method_types": [
"card"
],
"payment_status": "paid",
"setup_intent": null,
"shipping": null,
"shipping_address_collection": null,
"submit_type": null,
"subscription": null,
"success_url": "http://localhost/user_upgrade?user_id=12345",
"total_details": {
"amount_discount": 0,
"amount_tax": 0
}
}
},
"livemode": false,
"pending_webhooks": 3,
"request": {
"id": null,
"idempotency_key": null
},
"type": "checkout.session.completed"
}

67
test/fixtures/stripe-webhooks/payment_intent.created.json vendored Normal file
View File

@@ -0,0 +1,67 @@
{
"id": "evt_000",
"object": "event",
"api_version": "2020-08-27",
"created": 1608705945,
"data": {
"object": {
"id": "pi_000",
"object": "payment_intent",
"amount": 2000,
"amount_capturable": 0,
"amount_received": 0,
"application": null,
"application_fee_amount": null,
"canceled_at": null,
"cancellation_reason": null,
"capture_method": "automatic",
"charges": {
"object": "list",
"data": [],
"has_more": false,
"total_count": 0,
"url": "/v1/charges?payment_intent=pi_000"
},
"client_secret": "pi_000",
"confirmation_method": "automatic",
"created": 1608705945,
"currency": "usd",
"customer": null,
"description": null,
"invoice": null,
"last_payment_error": null,
"livemode": false,
"metadata": {},
"next_action": null,
"on_behalf_of": null,
"payment_method": null,
"payment_method_options": {
"card": {
"installments": null,
"network": null,
"request_three_d_secure": "automatic"
}
},
"payment_method_types": [
"card"
],
"receipt_email": null,
"review": null,
"setup_future_usage": null,
"shipping": null,
"source": null,
"statement_descriptor": null,
"statement_descriptor_suffix": null,
"status": "requires_payment_method",
"transfer_data": null,
"transfer_group": null
}
},
"livemode": false,
"pending_webhooks": 3,
"request": {
"id": "req_000",
"idempotency_key": null
},
"type": "payment_intent.created"
}

109
test/functional/user_upgrades_controller_test.rb
View File

@@ -1,14 +1,6 @@
require 'test_helper'
class UserUpgradesControllerTest < ActionDispatch::IntegrationTest
setup do
StripeMock.start
end
teardown do
StripeMock.stop
end
context "The user upgrades controller" do
context "new action" do
should "render" do
@@ -25,103 +17,24 @@ class UserUpgradesControllerTest < ActionDispatch::IntegrationTest
end
context "create action" do
setup do
@user = create(:user)
@token = StripeMock.generate_card_token
end
mock_stripe!
context "a self upgrade" do
should "upgrade a Member to Gold" do
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_gold?)
end
should "upgrade a Member to Platinum" do
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Platinum" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_platinum?)
end
should "upgrade a Gold user to Platinum" do
@user.update!(level: User::Levels::GOLD)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade Gold to Platinum" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_platinum?)
end
should "log an account upgrade modaction" do
assert_difference("ModAction.user_account_upgrade.count") do
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
end
end
should "send the user a dmail" do
assert_difference("@user.dmails.received.count") do
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
end
end
end
context "a gifted upgrade" do
should "upgrade the user to Gold" do
@other_user = create(:user)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold", user_id: @other_user.id }
assert_redirected_to user_upgrade_path(user_id: @other_user.id)
assert_equal(true, @other_user.reload.is_gold?)
assert_equal(false, @user.reload.is_gold?)
end
end
context "an upgrade for a user above Platinum level" do
should "not demote the user" do
@builder = create(:builder_user)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold", user_id: @builder.id }
assert_response 403
assert_equal(true, @builder.reload.is_builder?)
end
end
context "an upgrade with a missing Stripe token" do
should "not upgrade the user" do
post_auth user_upgrade_path, @user, params: { desc: "Upgrade to Gold" }
context "for a self upgrade to Gold" do
should "redirect the user to the Stripe checkout page" do
user = create(:member_user)
post_auth user_upgrade_path(user_id: user.id), user, params: { level: User::Levels::GOLD }, xhr: true
assert_response :success
assert_equal(true, @user.reload.is_member?)
end
end
context "an upgrade with an invalid Stripe token" do
should "not upgrade the user" do
post_auth user_upgrade_path, @user, params: { stripeToken: "garbage", desc: "Upgrade to Gold" }
context "for a gifted upgrade to Gold" do
should "redirect the user to the Stripe checkout page" do
recipient = create(:member_user)
purchaser = create(:member_user)
post_auth user_upgrade_path(user_id: recipient.id), purchaser, params: { level: User::Levels::GOLD }, xhr: true
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_member?)
end
end
context "an upgrade with an credit card that is declined" do
should "not upgrade the user" do
StripeMock.prepare_card_error(:card_declined)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_member?)
end
end
context "an upgrade with an credit card that is expired" do
should "not upgrade the user" do
StripeMock.prepare_card_error(:expired_card)
post_auth user_upgrade_path, @user, params: { stripeToken: @token, desc: "Upgrade to Gold" }
assert_redirected_to user_upgrade_path
assert_equal(true, @user.reload.is_member?)
assert_response :success
end
end
end

167
test/functional/webhooks_controller_test.rb Normal file
View File

@@ -0,0 +1,167 @@
require 'test_helper'
class WebhooksControllerTest < ActionDispatch::IntegrationTest
mock_stripe!
def post_webhook(*args, **metadata)
event = StripeMock.mock_webhook_event(*args, metadata: metadata)
signature = generate_stripe_signature(event)
headers = { "Stripe-Signature": signature }
post receive_webhooks_path(source: "stripe"), headers: headers, params: event, as: :json
end
# https://github.com/stripe-ruby-mock/stripe-ruby-mock/issues/467#issuecomment-634674913
# https://stripe.com/docs/webhooks/signatures
def generate_stripe_signature(event)
time = Time.now
secret = UserUpgrade.stripe_webhook_secret
signature = Stripe::Webhook::Signature.compute_signature(time, event.to_json, secret)
Stripe::Webhook::Signature.generate_header(time, signature, scheme: Stripe::Webhook::Signature::EXPECTED_SCHEME)
end
context "The webhooks controller" do
context "receive action" do
context "for a request from an unrecognized source" do
should "fail" do
post receive_webhooks_path(source: "blah")
assert_response 400
end
end
context "for a Stripe webhook" do
context "with a missing signature" do
should "fail" do
event = StripeMock.mock_webhook_event("payment_intent.created")
post receive_webhooks_path(source: "stripe"), params: event, as: :json
assert_response 400
end
end
context "with an invalid signature" do
should "fail" do
event = StripeMock.mock_webhook_event("payment_intent.created")
headers = { "Stripe-Signature": "blah" }
post receive_webhooks_path(source: "stripe"), headers: headers, params: event, as: :json
assert_response 400
end
end
context "for a payment_intent.created event" do
should "work" do
post_webhook("payment_intent.created")
assert_response 200
end
end
context "for a checkout.session.completed event" do
context "for a self upgrade" do
context "of a Member to Gold" do
should "upgrade the user" do
@user = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @user.id,
purchaser_id: @user.id,
upgrade_type: "gold_upgrade",
level: User::Levels::GOLD,
})
assert_response 200
assert_equal(User::Levels::GOLD, @user.reload.level)
end
end
context "of a Member to Platinum" do
should "upgrade the user" do
@user = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @user.id,
purchaser_id: @user.id,
upgrade_type: "platinum_upgrade",
level: User::Levels::PLATINUM,
})
assert_response 200
assert_equal(User::Levels::PLATINUM, @user.reload.level)
end
end
context "of a Gold user to Platinum" do
should "upgrade the user" do
@user = create(:gold_user)
post_webhook("checkout.session.completed", {
recipient_id: @user.id,
purchaser_id: @user.id,
upgrade_type: "gold_to_platinum_upgrade",
level: User::Levels::PLATINUM,
})
assert_response 200
assert_equal(User::Levels::PLATINUM, @user.reload.level)
end
end
end
context "for a gifted upgrade" do
context "of a Member to Gold" do
should "upgrade the user" do
@recipient = create(:member_user)
@purchaser = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @recipient.id,
purchaser_id: @purchaser.id,
upgrade_type: "gold_upgrade",
level: User::Levels::GOLD,
})
assert_response 200
assert_equal(User::Levels::GOLD, @recipient.reload.level)
end
end
context "of a Member to Platinum" do
should "upgrade the user" do
@recipient = create(:member_user)
@purchaser = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @recipient.id,
purchaser_id: @purchaser.id,
upgrade_type: "platinum_upgrade",
level: User::Levels::PLATINUM,
})
assert_response 200
assert_equal(User::Levels::PLATINUM, @recipient.reload.level)
end
end
context "of a Gold user to Platinum" do
should "upgrade the user" do
@recipient = create(:gold_user)
@purchaser = create(:member_user)
post_webhook("checkout.session.completed", {
recipient_id: @recipient.id,
purchaser_id: @purchaser.id,
upgrade_type: "gold_to_platinum_upgrade",
level: User::Levels::PLATINUM,
})
assert_response 200
assert_equal(User::Levels::PLATINUM, @recipient.reload.level)
end
end
end
end
end
end
end
end

1
test/test_helper.rb
View File

@@ -26,6 +26,7 @@ class ActiveSupport::TestCase
include DownloadTestHelper
include IqdbTestHelper
include UploadTestHelper
extend StripeTestHelper
mock_post_version_service!
mock_pool_version_service!

13
test/test_helpers/stripe_test_helper.rb Normal file
View File

@@ -0,0 +1,13 @@
StripeMock.webhook_fixture_path = "test/fixtures/stripe-webhooks"
module StripeTestHelper
def mock_stripe!
setup do
StripeMock.start
end
teardown do
StripeMock.stop
end
end
end

41
test/unit/user_upgrade_test.rb Normal file
View File

@@ -0,0 +1,41 @@
require 'test_helper'
class UserUpgradeTest < ActiveSupport::TestCase
context "UserUpgrade:" do
context "the #process_upgrade! method" do
setup do
@user = create(:user)
@user_upgrade = UserUpgrade.new(recipient: @user, purchaser: @user, level: User::Levels::GOLD)
end
should "update the user's level" do
@user_upgrade.process_upgrade!
assert_equal(User::Levels::GOLD, @user.reload.level)
end
should "log an account upgrade modaction" do
assert_difference("ModAction.user_account_upgrade.count") do
@user_upgrade.process_upgrade!
end
end
should "send the user a dmail" do
assert_difference("@user.dmails.received.count") do
@user_upgrade.process_upgrade!
end
end
context "for an upgrade for a user above Platinum level" do
should "not demote the user" do
@user.update!(level: User::Levels::BUILDER)
assert_raise(User::PrivilegeError) do
@user_upgrade.process_upgrade!
end
assert_equal(true, @user.reload.is_builder?)
end
end
end
end
end