soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Add PayPal support for add-on and gift voucher checkout

Browse Source
This commit is contained in:
Codex Agent
2026-02-04 14:54:40 +01:00
parent 7025418d9e
commit 17025df47b
24 changed files with 1599 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
app/Http/Controllers/Api/Marketing/GiftVoucherCheckoutController.php
View File

@@ -36,7 +36,7 @@ class GiftVoucherCheckoutController extends Controller
if (! $checkout['checkout_url']) {
throw ValidationException::withMessages([
'tier_key' => __('Unable to create Lemon Squeezy checkout.'),
'tier_key' => __('Unable to create checkout.'),
]);
}
@@ -51,19 +51,38 @@ class GiftVoucherCheckoutController extends Controller
'code' => ['nullable', 'string', 'required_without_all:checkout_id,order_id'],
]);
$voucherQuery = GiftVoucher::query();
$voucherQuery = GiftVoucher::query()
->where('status', '!=', GiftVoucher::STATUS_PENDING)
->where(function ($query) use ($data) {
$hasCondition = false;
if (! empty($data['checkout_id'])) {
$voucherQuery->where('lemonsqueezy_checkout_id', $data['checkout_id']);
}
if (! empty($data['checkout_id'])) {
$query->where(function ($inner) use ($data) {
$inner->where('lemonsqueezy_checkout_id', $data['checkout_id'])
->orWhere('paypal_order_id', $data['checkout_id']);
});
if (! empty($data['order_id'])) {
$voucherQuery->orWhere('lemonsqueezy_order_id', $data['order_id']);
}
$hasCondition = true;
}
if (! empty($data['code'])) {
$voucherQuery->orWhere('code', strtoupper($data['code']));
}
if (! empty($data['order_id'])) {
$method = $hasCondition ? 'orWhere' : 'where';
$query->{$method}(function ($inner) use ($data) {
$inner->where('lemonsqueezy_order_id', $data['order_id'])
->orWhere('paypal_capture_id', $data['order_id'])
->orWhere('paypal_order_id', $data['order_id']);
});
$hasCondition = true;
}
if (! empty($data['code'])) {
$method = $hasCondition ? 'orWhere' : 'where';
$query->{$method}('code', strtoupper($data['code']));
}
});
$voucher = $voucherQuery->latest()->firstOrFail();

21
app/Http/Controllers/Api/Tenant/EventAddonCatalogController.php
View File

@@ -3,6 +3,7 @@
namespace App\Http\Controllers\Api\Tenant;
use App\Http\Controllers\Controller;
use App\Models\CheckoutSession;
use App\Services\Addons\EventAddonCatalog;
use Illuminate\Http\JsonResponse;
@@ -12,9 +13,25 @@ class EventAddonCatalogController extends Controller
public function index(): JsonResponse
{
$provider = config('package-addons.provider')
?? config('checkout.default_provider', CheckoutSession::PROVIDER_PAYPAL);
$addons = collect($this->catalog->all())
->filter(fn (array $addon) => ! empty($addon['variant_id']))
->map(fn (array $addon, string $key) => array_merge($addon, ['key' => $key]))
->map(function (array $addon, string $key) use ($provider): array {
$priceId = $provider === CheckoutSession::PROVIDER_PAYPAL
? ($addon['price'] ?? null ? 'paypal' : null)
: ($addon['variant_id'] ?? null);
return [
'key' => $key,
'label' => $addon['label'] ?? null,
'price_id' => $priceId,
'increments' => $addon['increments'] ?? [],
'price' => $addon['price'] ?? null,
'currency' => $addon['currency'] ?? 'EUR',
];
})
->filter(fn (array $addon) => ! empty($addon['price_id']))
->values()
->all();

150
app/Http/Controllers/PayPalAddonReturnController.php Normal file
View File

@@ -0,0 +1,150 @@
<?php
namespace App\Http\Controllers;
use App\Models\EventPackageAddon;
use App\Services\Addons\EventAddonPurchaseService;
use App\Services\PayPal\Exceptions\PayPalException;
use App\Services\PayPal\PayPalOrderService;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;
use Illuminate\Support\Str;
class PayPalAddonReturnController extends Controller
{
public function __construct(
private readonly PayPalOrderService $orders,
private readonly EventAddonPurchaseService $addons,
) {}
public function __invoke(Request $request): RedirectResponse
{
$orderId = $this->resolveOrderId($request);
$fallback = $this->resolveFallbackUrl();
if (! $orderId) {
return redirect()->to($fallback);
}
$addon = EventPackageAddon::query()
->where('checkout_id', $orderId)
->first();
if (! $addon) {
return redirect()->to($fallback);
}
$successUrl = Arr::get($addon->metadata ?? [], 'paypal_success_url')
?? Arr::get($addon->metadata ?? [], 'success_url');
$cancelUrl = Arr::get($addon->metadata ?? [], 'paypal_cancel_url')
?? Arr::get($addon->metadata ?? [], 'cancel_url');
if ($addon->status === 'completed') {
return redirect()->to($this->resolveSafeRedirect($successUrl, $fallback));
}
try {
$capture = $this->orders->captureOrder($orderId, [
'request_id' => 'addon-'.$addon->id,
]);
} catch (PayPalException $exception) {
$this->addons->fail($addon, 'paypal_capture_failed', [
'message' => $exception->getMessage(),
'status' => $exception->status(),
]);
return redirect()->to($this->resolveSafeRedirect($cancelUrl, $fallback));
}
$captureId = $this->resolveCaptureId($capture);
$totals = $this->resolveTotals($capture);
$this->addons->complete(
$addon,
$capture,
$captureId,
$orderId,
$totals['total'] ?? null,
$totals['currency'] ?? null,
[
'paypal_order_id' => $orderId,
'paypal_capture_id' => $captureId,
'paypal_status' => $capture['status'] ?? null,
'paypal_totals' => $totals ?: null,
'paypal_captured_at' => now()->toIso8601String(),
],
);
return redirect()->to($this->resolveSafeRedirect($successUrl, $fallback));
}
protected function resolveOrderId(Request $request): ?string
{
$candidate = $request->query('token') ?? $request->query('order_id');
if (! is_string($candidate) || $candidate === '') {
return null;
}
return $candidate;
}
protected function resolveFallbackUrl(): string
{
return rtrim((string) config('app.url', url('/')), '/') ?: url('/');
}
protected function resolveSafeRedirect(?string $target, string $fallback): string
{
if (! $target) {
return $fallback;
}
if (Str::startsWith($target, ['/'])) {
return $target;
}
$appHost = parse_url($fallback, PHP_URL_HOST);
$targetHost = parse_url($target, PHP_URL_HOST);
if ($appHost && $targetHost && Str::lower($appHost) === Str::lower($targetHost)) {
return $target;
}
return $fallback;
}
/**
* @param array<string, mixed> $capture
*/
protected function resolveCaptureId(array $capture): ?string
{
$captureId = Arr::get($capture, 'purchase_units.0.payments.captures.0.id')
?? Arr::get($capture, 'id');
return is_string($captureId) && $captureId !== '' ? $captureId : null;
}
/**
* @param array<string, mixed> $capture
* @return array{currency?: string, total?: float}
*/
protected function resolveTotals(array $capture): array
{
$amount = Arr::get($capture, 'purchase_units.0.payments.captures.0.amount')
?? Arr::get($capture, 'purchase_units.0.amount');
if (! is_array($amount)) {
return [];
}
$currency = Arr::get($amount, 'currency_code');
$total = Arr::get($amount, 'value');
return array_filter([
'currency' => is_string($currency) ? strtoupper($currency) : null,
'total' => is_numeric($total) ? (float) $total : null,
], static fn ($value) => $value !== null);
}
}

129
app/Http/Controllers/PayPalGiftVoucherReturnController.php Normal file
View File

@@ -0,0 +1,129 @@
<?php
namespace App\Http\Controllers;
use App\Models\GiftVoucher;
use App\Services\GiftVouchers\GiftVoucherService;
use App\Services\PayPal\Exceptions\PayPalException;
use App\Services\PayPal\PayPalOrderService;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;
use Illuminate\Support\Str;
class PayPalGiftVoucherReturnController extends Controller
{
public function __construct(
private readonly PayPalOrderService $orders,
private readonly GiftVoucherService $vouchers,
) {}
public function __invoke(Request $request): RedirectResponse
{
$orderId = $this->resolveOrderId($request);
$fallback = $this->resolveFallbackUrl();
if (! $orderId) {
return redirect()->to($fallback);
}
$voucher = GiftVoucher::query()
->where('paypal_order_id', $orderId)
->first();
if (! $voucher) {
return redirect()->to($fallback);
}
$successUrl = Arr::get($voucher->metadata ?? [], 'paypal_success_url')
?? Arr::get($voucher->metadata ?? [], 'success_url');
$cancelUrl = Arr::get($voucher->metadata ?? [], 'paypal_cancel_url')
?? Arr::get($voucher->metadata ?? [], 'return_url');
if (in_array($voucher->status, [GiftVoucher::STATUS_ISSUED, GiftVoucher::STATUS_REDEEMED], true)) {
return redirect()->to($this->resolveSafeRedirect($this->appendOrderId($successUrl, $orderId), $fallback));
}
try {
$capture = $this->orders->captureOrder($orderId, [
'request_id' => 'gift-voucher-'.$voucher->id,
]);
} catch (PayPalException $exception) {
return redirect()->to($this->resolveSafeRedirect($cancelUrl, $fallback));
}
$this->vouchers->issueFromPayPal($voucher, $capture, $orderId);
return redirect()->to($this->resolveSafeRedirect($this->appendOrderId($successUrl, $orderId), $fallback));
}
protected function resolveOrderId(Request $request): ?string
{
$candidate = $request->query('token') ?? $request->query('order_id');
if (! is_string($candidate) || $candidate === '') {
return null;
}
return $candidate;
}
protected function resolveFallbackUrl(): string
{
return rtrim((string) config('app.url', url('/')), '/') ?: url('/');
}
protected function resolveSafeRedirect(?string $target, string $fallback): string
{
if (! $target) {
return $fallback;
}
if (Str::startsWith($target, ['/'])) {
return $target;
}
$appHost = parse_url($fallback, PHP_URL_HOST);
$targetHost = parse_url($target, PHP_URL_HOST);
if ($appHost && $targetHost && Str::lower($appHost) === Str::lower($targetHost)) {
return $target;
}
return $fallback;
}
protected function appendOrderId(?string $url, string $orderId): ?string
{
if (! $url) {
return null;
}
$parts = parse_url($url);
if (! $parts) {
return $url;
}
$query = [];
if (! empty($parts['query'])) {
parse_str($parts['query'], $query);
}
if (! isset($query['order_id'])) {
$query['order_id'] = $orderId;
}
$scheme = $parts['scheme'] ?? null;
$host = $parts['host'] ?? null;
$port = isset($parts['port']) ? ':'.$parts['port'] : '';
$path = $parts['path'] ?? '';
$fragment = isset($parts['fragment']) ? '#'.$parts['fragment'] : '';
$queryString = $query ? '?'.http_build_query($query) : '';
if ($scheme && $host) {
return $scheme.'://'.$host.$port.$path.$queryString.$fragment;
}
return $path.$queryString.$fragment;
}
}

12
app/Http/Controllers/PayPalWebhookController.php
View File

@@ -3,6 +3,8 @@
namespace App\Http\Controllers;
use App\Services\Integrations\IntegrationWebhookRecorder;
use App\Services\PayPal\PayPalAddonWebhookService;
use App\Services\PayPal\PayPalGiftVoucherWebhookService;
use App\Services\PayPal\PayPalWebhookService;
use App\Services\PayPal\PayPalWebhookVerifier;
use Illuminate\Http\JsonResponse;
@@ -15,6 +17,8 @@ class PayPalWebhookController extends Controller
public function __construct(
private readonly PayPalWebhookVerifier $verifier,
private readonly PayPalWebhookService $webhooks,
private readonly PayPalAddonWebhookService $addonWebhooks,
private readonly PayPalGiftVoucherWebhookService $giftVoucherWebhooks,
private readonly IntegrationWebhookRecorder $recorder,
) {}
@@ -42,7 +46,13 @@ class PayPalWebhookController extends Controller
is_string($eventType) ? $eventType : null,
);
$handled = is_string($eventType) ? $this->webhooks->handle($payload) : false;
$handled = false;
if (is_string($eventType)) {
$handled = $this->webhooks->handle($payload) || $handled;
$handled = $this->addonWebhooks->handle($payload) || $handled;
$handled = $this->giftVoucherWebhooks->handle($payload) || $handled;
}
Log::info('PayPal webhook processed', [
'event_type' => $eventType,

8
app/Models/GiftVoucher.php
View File

@@ -15,6 +15,8 @@ class GiftVoucher extends Model
use SoftDeletes;
public const STATUS_PENDING = 'pending';
public const STATUS_ISSUED = 'issued';
public const STATUS_REDEEMED = 'redeemed';
@@ -35,6 +37,8 @@ class GiftVoucher extends Model
'lemonsqueezy_order_id',
'lemonsqueezy_checkout_id',
'lemonsqueezy_variant_id',
'paypal_order_id',
'paypal_capture_id',
'coupon_id',
'expires_at',
'redeemed_at',
@@ -89,6 +93,10 @@ class GiftVoucher extends Model
public function canBeRedeemed(): bool
{
if ($this->status !== self::STATUS_ISSUED) {
return false;
}
return ! $this->isRedeemed() && ! $this->isRefunded() && ! $this->isExpired();
}

22
app/Services/Addons/EventAddonCatalog.php
View File

@@ -21,6 +21,8 @@ class EventAddonCatalog
'label' => $addon->label,
'variant_id' => $addon->variant_id,
'increments' => $addon->increments,
'price' => $this->resolveMetadataPrice($addon->metadata ?? []),
'currency' => 'EUR',
]];
})
->all();
@@ -46,6 +48,26 @@ class EventAddonCatalog
return $addon['variant_id'] ?? null;
}
public function resolvePrice(string $key): ?float
{
$addon = $this->find($key);
if (! $addon) {
return null;
}
$price = $addon['price'] ?? $addon['price_eur'] ?? null;
return is_numeric($price) ? (float) $price : null;
}
protected function resolveMetadataPrice(array $metadata): ?float
{
$price = $metadata['price_eur'] ?? null;
return is_numeric($price) ? (float) $price : null;
}
/**
* @return array<string, int>
*/

197
app/Services/Addons/EventAddonCheckoutService.php
View File

@@ -2,10 +2,13 @@
namespace App\Services\Addons;
use App\Models\CheckoutSession;
use App\Models\Event;
use App\Models\EventPackageAddon;
use App\Models\Tenant;
use App\Services\LemonSqueezy\LemonSqueezyCheckoutService;
use App\Services\PayPal\Exceptions\PayPalException;
use App\Services\PayPal\PayPalOrderService;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
@@ -15,6 +18,7 @@ class EventAddonCheckoutService
public function __construct(
private readonly EventAddonCatalog $catalog,
private readonly LemonSqueezyCheckoutService $checkout,
private readonly PayPalOrderService $paypalOrders,
) {}
/**
@@ -34,24 +38,45 @@ class EventAddonCheckoutService
]);
}
$variantId = $this->catalog->resolveVariantId($addonKey);
if (! $variantId) {
throw ValidationException::withMessages([
'addon_key' => __('Für dieses Add-on ist kein Lemon Squeezy Variant hinterlegt.'),
]);
}
$event->loadMissing('eventPackage');
if (! $event->eventPackage) {
throw ValidationException::withMessages([
'event' => __('Kein Paket für dieses Event hinterlegt.'),
'event' => __('Kein Paket für dieses Event hinterlegt.'),
]);
}
$provider = $this->resolveProvider();
if ($provider === CheckoutSession::PROVIDER_PAYPAL) {
return $this->createPayPalCheckout($tenant, $event, $addonKey, $quantity, $acceptedTerms, $acceptedWaiver, $payload);
}
return $this->createLemonSqueezyCheckout($tenant, $event, $addonKey, $quantity, $acceptedTerms, $acceptedWaiver, $payload);
}
/**
* @param array{addon_key: string, quantity?: int, success_url?: string|null, cancel_url?: string|null} $payload
* @return array{checkout_url: string|null, id: string|null, expires_at: string|null}
*/
protected function createLemonSqueezyCheckout(
Tenant $tenant,
Event $event,
string $addonKey,
int $quantity,
bool $acceptedTerms,
bool $acceptedWaiver,
array $payload,
): array {
$variantId = $this->catalog->resolveVariantId($addonKey);
if (! $variantId) {
throw ValidationException::withMessages([
'addon_key' => __('Für dieses Add-on ist kein Lemon Squeezy Variant hinterlegt.'),
]);
}
$addonIntent = (string) Str::uuid();
$increments = $this->catalog->resolveIncrements($addonKey);
$metadata = array_filter([
@@ -77,7 +102,6 @@ class EventAddonCheckoutService
$checkoutUrl = $response['checkout_url'] ?? null;
$checkoutId = $response['id'] ?? null;
$transactionId = null;
if (! $checkoutUrl) {
Log::warning('Lemon Squeezy addon checkout response missing url', ['response' => $response]);
@@ -91,7 +115,7 @@ class EventAddonCheckoutService
'quantity' => $quantity,
'variant_id' => $variantId,
'checkout_id' => $checkoutId,
'transaction_id' => $transactionId,
'transaction_id' => null,
'status' => 'pending',
'metadata' => array_merge($metadata, [
'increments' => $increments,
@@ -114,6 +138,155 @@ class EventAddonCheckoutService
];
}
/**
* @param array{addon_key: string, quantity?: int, success_url?: string|null, cancel_url?: string|null} $payload
* @return array{checkout_url: string|null, id: string|null, expires_at: string|null}
*/
protected function createPayPalCheckout(
Tenant $tenant,
Event $event,
string $addonKey,
int $quantity,
bool $acceptedTerms,
bool $acceptedWaiver,
array $payload,
): array {
$price = $this->catalog->resolvePrice($addonKey);
$addonLabel = $this->catalog->find($addonKey)['label'] ?? $addonKey;
if (! $price) {
throw ValidationException::withMessages([
'addon_key' => __('Dieses Add-on ist aktuell nicht verfügbar.'),
]);
}
$addonIntent = (string) Str::uuid();
$increments = $this->catalog->resolveIncrements($addonKey);
$amount = round($price * $quantity, 2);
$currency = strtoupper((string) config('checkout.currency', 'EUR'));
$metadata = array_filter([
'tenant_id' => (string) $tenant->id,
'event_id' => (string) $event->id,
'event_package_id' => (string) $event->eventPackage->id,
'addon_key' => $addonKey,
'addon_intent' => $addonIntent,
'quantity' => $quantity,
'price' => $price,
'currency' => $currency,
'legal_version' => $this->resolveLegalVersion(),
'accepted_terms' => $acceptedTerms ? '1' : '0',
'accepted_waiver' => $acceptedWaiver ? '1' : '0',
'success_url' => $payload['success_url'] ?? null,
'cancel_url' => $payload['cancel_url'] ?? null,
], static fn ($value) => $value !== null && $value !== '');
$addon = EventPackageAddon::create([
'event_package_id' => $event->eventPackage->id,
'event_id' => $event->id,
'tenant_id' => $tenant->id,
'addon_key' => $addonKey,
'quantity' => $quantity,
'variant_id' => null,
'checkout_id' => null,
'transaction_id' => null,
'status' => 'pending',
'amount' => $amount,
'currency' => $currency,
'metadata' => array_merge($metadata, [
'increments' => $increments,
'consents' => [
'legal_version' => $metadata['legal_version'],
'accepted_terms_at' => $acceptedTerms ? now()->toIso8601String() : null,
'digital_content_waiver_at' => $acceptedWaiver ? now()->toIso8601String() : null,
],
]),
'extra_photos' => ($increments['extra_photos'] ?? 0) * $quantity,
'extra_guests' => ($increments['extra_guests'] ?? 0) * $quantity,
'extra_gallery_days' => ($increments['extra_gallery_days'] ?? 0) * $quantity,
]);
$successUrl = $payload['success_url'] ?? null;
$cancelUrl = $payload['cancel_url'] ?? $successUrl;
$paypalReturnUrl = route('paypal.addon.return', absolute: true);
try {
$order = $this->paypalOrders->createSimpleOrder(
referenceId: 'addon-'.$addon->id,
description: $addonLabel,
amount: $amount,
currency: $currency,
options: [
'custom_id' => 'addon_'.$addon->id,
'return_url' => $paypalReturnUrl,
'cancel_url' => $paypalReturnUrl,
'locale' => $tenant->user?->preferred_locale ?? app()->getLocale(),
'request_id' => 'addon-'.$addon->id,
],
);
} catch (PayPalException $exception) {
Log::warning('PayPal addon checkout creation failed', [
'addon_id' => $addon->id,
'message' => $exception->getMessage(),
'status' => $exception->status(),
]);
$addon->forceFill([
'status' => 'failed',
'error' => $exception->getMessage(),
])->save();
throw ValidationException::withMessages([
'addon_key' => __('Add-on checkout failed.'),
]);
}
$orderId = $order['id'] ?? null;
if (! is_string($orderId) || $orderId === '') {
$addon->forceFill([
'status' => 'failed',
'error' => 'PayPal order ID missing.',
])->save();
throw ValidationException::withMessages([
'addon_key' => __('Add-on checkout failed.'),
]);
}
$approveUrl = $this->paypalOrders->resolveApproveUrl($order);
$addon->forceFill([
'checkout_id' => $orderId,
'metadata' => array_merge($addon->metadata ?? [], array_filter([
'paypal_order_id' => $orderId,
'paypal_approve_url' => $approveUrl,
'paypal_success_url' => $successUrl,
'paypal_cancel_url' => $cancelUrl,
'paypal_created_at' => now()->toIso8601String(),
])),
])->save();
return [
'checkout_url' => $approveUrl,
'expires_at' => null,
'id' => $orderId,
];
}
protected function resolveProvider(): ?string
{
$provider = config('package-addons.provider');
if (is_string($provider) && $provider !== '') {
return $provider;
}
$default = config('checkout.default_provider');
return is_string($default) && $default !== '' ? $default : null;
}
protected function resolveLegalVersion(): string
{
return config('app.legal_version', now()->toDateString());

117
app/Services/Addons/EventAddonPurchaseService.php Normal file
View File

@@ -0,0 +1,117 @@
<?php
namespace App\Services\Addons;
use App\Models\EventPackage;
use App\Models\EventPackageAddon;
use App\Notifications\Addons\AddonPurchaseReceipt;
use App\Notifications\Ops\AddonPurchased;
use Illuminate\Support\Arr;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Notification;
class EventAddonPurchaseService
{
public function __construct(private readonly EventAddonCatalog $catalog) {}
/**
* @param array<string, mixed> $payload
*/
public function complete(
EventPackageAddon $addon,
array $payload,
?string $transactionId,
?string $checkoutId,
?float $amount,
?string $currency,
array $metadata = [],
): void {
if ($addon->status === 'completed') {
return;
}
$increments = $this->resolveAddonIncrements($addon, $addon->addon_key);
DB::transaction(function () use ($addon, $payload, $transactionId, $checkoutId, $amount, $currency, $metadata, $increments) {
$addon->forceFill([
'transaction_id' => $transactionId ?? $addon->transaction_id,
'checkout_id' => $addon->checkout_id ?: $checkoutId,
'status' => 'completed',
'amount' => $amount ?? $addon->amount,
'currency' => $currency ?? $addon->currency,
'metadata' => array_merge($addon->metadata ?? [], array_filter([
'payment_payload' => $payload,
]), $metadata),
'purchased_at' => now(),
])->save();
/** @var EventPackage $eventPackage */
$eventPackage = EventPackage::query()
->lockForUpdate()
->find($addon->event_package_id);
if (! $eventPackage) {
return;
}
$eventPackage->forceFill([
'extra_photos' => ($eventPackage->extra_photos ?? 0) + (int) ($increments['extra_photos'] ?? 0) * $addon->quantity,
'extra_guests' => ($eventPackage->extra_guests ?? 0) + (int) ($increments['extra_guests'] ?? 0) * $addon->quantity,
'extra_gallery_days' => ($eventPackage->extra_gallery_days ?? 0) + (int) ($increments['extra_gallery_days'] ?? 0) * $addon->quantity,
]);
if (($increments['extra_gallery_days'] ?? 0) > 0) {
$base = $eventPackage->gallery_expires_at ?? now();
$eventPackage->gallery_expires_at = $base->copy()->addDays((int) ($increments['extra_gallery_days'] ?? 0) * $addon->quantity);
}
$eventPackage->save();
$tenant = $addon->tenant;
if ($tenant) {
Notification::route('mail', [$tenant->contact_email ?? $tenant->user?->email])
->notify(new AddonPurchaseReceipt($addon));
$opsEmail = config('mail.ops_address');
if ($opsEmail) {
Notification::route('mail', $opsEmail)->notify(new AddonPurchased($addon));
}
}
});
}
/**
* @param array<string, mixed> $payload
*/
public function fail(EventPackageAddon $addon, string $reason, array $payload = []): void
{
$addon->forceFill([
'status' => 'failed',
'error' => $reason,
'metadata' => array_merge($addon->metadata ?? [], array_filter([
'payment_payload' => $payload,
])),
])->save();
}
/**
* @return array<string, int>
*/
private function resolveAddonIncrements(EventPackageAddon $addon, string $addonKey): array
{
$stored = Arr::get($addon->metadata ?? [], 'increments', []);
if (is_array($stored) && $stored !== []) {
$filtered = collect($stored)
->map(fn ($value) => is_numeric($value) ? (int) $value : 0)
->filter(fn ($value) => $value > 0)
->all();
if ($filtered !== []) {
return $filtered;
}
}
return $this->catalog->resolveIncrements($addonKey);
}
}

140
app/Services/GiftVouchers/GiftVoucherCheckoutService.php
View File

@@ -2,24 +2,37 @@
namespace App\Services\GiftVouchers;
use App\Models\CheckoutSession;
use App\Models\GiftVoucher;
use App\Services\LemonSqueezy\LemonSqueezyCheckoutService;
use App\Services\PayPal\Exceptions\PayPalException;
use App\Services\PayPal\PayPalOrderService;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
class GiftVoucherCheckoutService
{
public function __construct(private readonly LemonSqueezyCheckoutService $checkout) {}
public function __construct(
private readonly LemonSqueezyCheckoutService $checkout,
private readonly PayPalOrderService $paypalOrders,
) {}
/**
* @return array<int, array{key:string,label:string,amount:float,currency:string,lemonsqueezy_variant_id?:string|null,can_checkout:bool}>
*/
public function tiers(): array
{
$provider = $this->resolveProvider();
$checkoutCurrency = Str::upper((string) config('checkout.currency', 'EUR'));
return collect(config('gift-vouchers.tiers', []))
->map(function (array $tier): array {
->map(function (array $tier) use ($provider, $checkoutCurrency): array {
$currency = Str::upper($tier['currency'] ?? 'EUR');
$variantId = $tier['lemonsqueezy_variant_id'] ?? null;
$canCheckout = $provider === CheckoutSession::PROVIDER_PAYPAL
? $currency === $checkoutCurrency
: ! empty($variantId);
return [
'key' => $tier['key'],
@@ -27,7 +40,7 @@ class GiftVoucherCheckoutService
'amount' => (float) $tier['amount'],
'currency' => $currency,
'lemonsqueezy_variant_id' => $variantId,
'can_checkout' => ! empty($variantId),
'can_checkout' => $canCheckout,
];
})
->values()
@@ -40,6 +53,12 @@ class GiftVoucherCheckoutService
*/
public function create(array $data): array
{
$provider = $this->resolveProvider();
if ($provider === CheckoutSession::PROVIDER_PAYPAL) {
return $this->createPayPalCheckout($data);
}
$tier = $this->findTier($data['tier_key']);
if (! $tier || empty($tier['lemonsqueezy_variant_id'])) {
@@ -90,4 +109,119 @@ class GiftVoucherCheckoutService
return $tier;
}
/**
* @param array{tier_key:string,purchaser_email:string,recipient_email?:string|null,recipient_name?:string|null,message?:string|null,success_url?:string|null,return_url?:string|null} $data
* @return array{checkout_url:?string,expires_at:?string,id:?string}
*/
protected function createPayPalCheckout(array $data): array
{
$tier = $this->findTier($data['tier_key']);
if (! $tier) {
throw ValidationException::withMessages([
'tier_key' => __('Gift voucher is not available right now.'),
]);
}
$currency = Str::upper($tier['currency'] ?? 'EUR');
$checkoutCurrency = Str::upper((string) config('checkout.currency', 'EUR'));
if ($currency !== $checkoutCurrency) {
throw ValidationException::withMessages([
'tier_key' => __('Gift voucher currency is not supported.'),
]);
}
$voucher = GiftVoucher::create([
'code' => $this->generateCode(),
'amount' => (float) $tier['amount'],
'currency' => $currency,
'status' => GiftVoucher::STATUS_PENDING,
'purchaser_email' => $data['purchaser_email'],
'recipient_email' => $data['recipient_email'] ?? null,
'recipient_name' => $data['recipient_name'] ?? null,
'message' => $data['message'] ?? null,
'metadata' => array_filter([
'tier_key' => $tier['key'],
'app_locale' => App::getLocale(),
'success_url' => $data['success_url'] ?? null,
'return_url' => $data['return_url'] ?? null,
], static fn ($value) => $value !== null && $value !== ''),
'expires_at' => now()->addYears((int) config('gift-vouchers.default_valid_years', 5)),
]);
$successUrl = $data['success_url'] ?? null;
$returnUrl = $data['return_url'] ?? $successUrl;
$paypalReturnUrl = route('paypal.gift-voucher.return', absolute: true);
try {
$order = $this->paypalOrders->createSimpleOrder(
referenceId: 'gift-voucher-'.$voucher->id,
description: $tier['label'] ?? 'Gift Voucher',
amount: (float) $tier['amount'],
currency: $currency,
options: [
'custom_id' => 'gift_voucher_'.$voucher->id,
'return_url' => $paypalReturnUrl,
'cancel_url' => $paypalReturnUrl,
'locale' => App::getLocale(),
'request_id' => 'gift-voucher-'.$voucher->id,
],
);
} catch (PayPalException) {
$voucher->delete();
throw ValidationException::withMessages([
'tier_key' => __('Unable to create PayPal checkout.'),
]);
}
$orderId = $order['id'] ?? null;
if (! is_string($orderId) || $orderId === '') {
$voucher->delete();
throw ValidationException::withMessages([
'tier_key' => __('PayPal order ID missing.'),
]);
}
$approveUrl = $this->paypalOrders->resolveApproveUrl($order);
$voucher->forceFill([
'paypal_order_id' => $orderId,
'metadata' => array_merge($voucher->metadata ?? [], array_filter([
'paypal_order_id' => $orderId,
'paypal_approve_url' => $approveUrl,
'paypal_success_url' => $successUrl,
'paypal_cancel_url' => $returnUrl,
'paypal_created_at' => now()->toIso8601String(),
])),
])->save();
return [
'checkout_url' => $approveUrl,
'expires_at' => null,
'id' => $orderId,
];
}
protected function resolveProvider(): ?string
{
$provider = config('gift-vouchers.provider');
if (is_string($provider) && $provider !== '') {
return $provider;
}
$default = config('checkout.default_provider');
return is_string($default) && $default !== '' ? $default : null;
}
protected function generateCode(): string
{
return 'GIFT-'.Str::upper(Str::random(8));
}
}

67
app/Services/GiftVouchers/GiftVoucherService.php
View File

@@ -81,6 +81,48 @@ class GiftVoucherService
return $voucher;
}
/**
* Create or finalize a voucher from a PayPal capture payload.
*
* @param array<string, mixed> $payload
*/
public function issueFromPayPal(GiftVoucher $voucher, array $payload, ?string $orderId = null): GiftVoucher
{
if (in_array($voucher->status, [GiftVoucher::STATUS_ISSUED, GiftVoucher::STATUS_REDEEMED], true)) {
return $voucher;
}
$captureId = Arr::get($payload, 'purchase_units.0.payments.captures.0.id')
?? Arr::get($payload, 'id');
$locale = Arr::get($voucher->metadata ?? [], 'app_locale') ?? app()->getLocale();
$voucher->forceFill([
'status' => GiftVoucher::STATUS_ISSUED,
'paypal_order_id' => $orderId ?? $voucher->paypal_order_id,
'paypal_capture_id' => is_string($captureId) ? $captureId : $voucher->paypal_capture_id,
'metadata' => array_merge($voucher->metadata ?? [], array_filter([
'paypal_order_id' => $orderId,
'paypal_capture_id' => is_string($captureId) ? $captureId : null,
'paypal_status' => $payload['status'] ?? null,
'paypal_captured_at' => now()->toIso8601String(),
])),
])->save();
if (! $voucher->coupon_id) {
$coupon = $this->createCouponForVoucher($voucher);
$voucher->forceFill(['coupon_id' => $coupon->id])->save();
}
$notificationsSent = (bool) Arr::get($voucher->metadata ?? [], 'notifications_sent', false);
if (! $notificationsSent) {
$this->sendNotifications($voucher, locale: $locale);
}
return $voucher;
}
public function resend(GiftVoucher $voucher, ?string $locale = null, ?bool $recipientOnly = null): void
{
$this->sendNotifications($voucher, force: true, locale: $locale, recipientOnly: $recipientOnly);
@@ -152,6 +194,31 @@ class GiftVoucherService
return $response;
}
/**
* @param array<string, mixed> $payload
*/
public function markRefundedFromPayPal(GiftVoucher $voucher, array $payload = []): void
{
if ($voucher->isRefunded()) {
return;
}
$voucher->forceFill([
'status' => GiftVoucher::STATUS_REFUNDED,
'refunded_at' => now(),
'metadata' => array_merge($voucher->metadata ?? [], array_filter([
'paypal_refund_payload' => $payload ?: null,
])),
])->save();
if ($voucher->coupon) {
$voucher->coupon->forceFill([
'status' => CouponStatus::ARCHIVED,
'enabled_for_checkout' => false,
])->save();
}
}
protected function createCouponForVoucher(GiftVoucher $voucher): Coupon
{
$packages = $this->eligiblePackages();

166
app/Services/PayPal/PayPalAddonWebhookService.php Normal file
View File

@@ -0,0 +1,166 @@
<?php
namespace App\Services\PayPal;
use App\Models\EventPackageAddon;
use App\Services\Addons\EventAddonPurchaseService;
use Illuminate\Support\Arr;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\Log;
class PayPalAddonWebhookService
{
public function __construct(private readonly EventAddonPurchaseService $addons) {}
/**
* @param array<string, mixed> $event
*/
public function handle(array $event): bool
{
$eventType = $event['event_type'] ?? null;
$resource = $event['resource'] ?? null;
if (! is_string($eventType) || ! is_array($resource)) {
return false;
}
$normalized = strtoupper($eventType);
if (! in_array($normalized, [
'PAYMENT.CAPTURE.COMPLETED',
'PAYMENT.CAPTURE.PENDING',
'PAYMENT.CAPTURE.DENIED',
'PAYMENT.CAPTURE.REFUNDED',
'CHECKOUT.ORDER.COMPLETED',
'CHECKOUT.ORDER.VOIDED',
], true)) {
return false;
}
$orderId = $this->resolveOrderId($normalized, $resource);
if (! $orderId) {
return false;
}
$addon = EventPackageAddon::query()
->where('checkout_id', $orderId)
->first();
if (! $addon) {
return false;
}
$lock = Cache::lock('addon:webhook:paypal:'.$orderId, 30);
if (! $lock->get()) {
Log::info('[PayPalAddonWebhook] lock busy', [
'order_id' => $orderId,
'addon_id' => $addon->id,
]);
return true;
}
try {
if ($addon->status === 'completed' && $normalized === 'PAYMENT.CAPTURE.COMPLETED') {
return true;
}
if (in_array($normalized, ['PAYMENT.CAPTURE.COMPLETED', 'CHECKOUT.ORDER.COMPLETED'], true)) {
$captureId = $this->resolveCaptureId($resource, $normalized);
$totals = $this->resolveTotals($resource);
$this->addons->complete(
$addon,
$resource,
$captureId,
$orderId,
$totals['total'] ?? null,
$totals['currency'] ?? null,
[
'paypal_order_id' => $orderId,
'paypal_capture_id' => $captureId,
'paypal_status' => $resource['status'] ?? null,
'paypal_totals' => $totals ?: null,
'paypal_captured_at' => now()->toIso8601String(),
],
);
return true;
}
if (in_array($normalized, ['PAYMENT.CAPTURE.DENIED', 'PAYMENT.CAPTURE.REFUNDED', 'CHECKOUT.ORDER.VOIDED'], true)) {
$reason = match ($normalized) {
'PAYMENT.CAPTURE.DENIED' => 'paypal_capture_denied',
'PAYMENT.CAPTURE.REFUNDED' => 'paypal_refunded',
'CHECKOUT.ORDER.VOIDED' => 'paypal_voided',
default => 'paypal_failed',
};
$this->addons->fail($addon, $reason, $resource);
return true;
}
return false;
} finally {
$lock->release();
}
}
/**
* @param array<string, mixed> $resource
*/
protected function resolveOrderId(string $eventType, array $resource): ?string
{
if (str_starts_with($eventType, 'PAYMENT.CAPTURE.')) {
$relatedOrderId = Arr::get($resource, 'supplementary_data.related_ids.order_id');
return is_string($relatedOrderId) && $relatedOrderId !== '' ? $relatedOrderId : null;
}
$orderId = $resource['id'] ?? null;
return is_string($orderId) && $orderId !== '' ? $orderId : null;
}
/**
* @param array<string, mixed> $resource
*/
protected function resolveCaptureId(array $resource, string $eventType): ?string
{
if (str_starts_with($eventType, 'PAYMENT.CAPTURE.')) {
$captureId = $resource['id'] ?? null;
return is_string($captureId) && $captureId !== '' ? $captureId : null;
}
$captureId = Arr::get($resource, 'purchase_units.0.payments.captures.0.id');
return is_string($captureId) && $captureId !== '' ? $captureId : null;
}
/**
* @param array<string, mixed> $resource
* @return array{currency?: string, total?: float}
*/
protected function resolveTotals(array $resource): array
{
$amount = Arr::get($resource, 'amount')
?? Arr::get($resource, 'purchase_units.0.payments.captures.0.amount')
?? Arr::get($resource, 'purchase_units.0.amount');
if (! is_array($amount)) {
return [];
}
$currency = Arr::get($amount, 'currency_code');
$total = Arr::get($amount, 'value');
return array_filter([
'currency' => is_string($currency) ? strtoupper($currency) : null,
'total' => is_numeric($total) ? (float) $total : null,
], static fn ($value) => $value !== null);
}
}

79
app/Services/PayPal/PayPalGiftVoucherWebhookService.php Normal file
View File

@@ -0,0 +1,79 @@
<?php
namespace App\Services\PayPal;
use App\Models\GiftVoucher;
use App\Services\GiftVouchers\GiftVoucherService;
use Illuminate\Support\Arr;
class PayPalGiftVoucherWebhookService
{
public function __construct(private readonly GiftVoucherService $vouchers) {}
/**
* @param array<string, mixed> $event
*/
public function handle(array $event): bool
{
$eventType = $event['event_type'] ?? null;
$resource = $event['resource'] ?? null;
if (! is_string($eventType) || ! is_array($resource)) {
return false;
}
$normalized = strtoupper($eventType);
if (! in_array($normalized, [
'PAYMENT.CAPTURE.COMPLETED',
'PAYMENT.CAPTURE.REFUNDED',
'CHECKOUT.ORDER.COMPLETED',
], true)) {
return false;
}
$orderId = $this->resolveOrderId($normalized, $resource);
if (! $orderId) {
return false;
}
$voucher = GiftVoucher::query()
->where('paypal_order_id', $orderId)
->first();
if (! $voucher) {
return false;
}
if (in_array($normalized, ['PAYMENT.CAPTURE.COMPLETED', 'CHECKOUT.ORDER.COMPLETED'], true)) {
$this->vouchers->issueFromPayPal($voucher, $resource, $orderId);
return true;
}
if ($normalized === 'PAYMENT.CAPTURE.REFUNDED') {
$this->vouchers->markRefundedFromPayPal($voucher, $resource);
return true;
}
return false;
}
/**
* @param array<string, mixed> $resource
*/
protected function resolveOrderId(string $eventType, array $resource): ?string
{
if (str_starts_with($eventType, 'PAYMENT.CAPTURE.')) {
$relatedOrderId = Arr::get($resource, 'supplementary_data.related_ids.order_id');
return is_string($relatedOrderId) && $relatedOrderId !== '' ? $relatedOrderId : null;
}
$orderId = $resource['id'] ?? null;
return is_string($orderId) && $orderId !== '' ? $orderId : null;
}
}

55
app/Services/PayPal/PayPalOrderService.php
View File

@@ -72,6 +72,61 @@ class PayPalOrderService
return $this->client->post('/v2/checkout/orders', $payload, $headers);
}
/**
* @param array{
* custom_id?: string|null,
* return_url?: string|null,
* cancel_url?: string|null,
* locale?: string|null,
* request_id?: string|null
* } $options
* @return array<string, mixed>
*/
public function createSimpleOrder(
string $referenceId,
string $description,
float $amount,
string $currency,
array $options = [],
): array {
$formattedAmount = $this->formatAmount($amount);
$currency = strtoupper($currency);
$purchaseUnit = array_filter([
'reference_id' => Str::limit($referenceId, 127, ''),
'description' => Str::limit($description, 127, ''),
'custom_id' => $options['custom_id'] ?? null,
'amount' => [
'currency_code' => $currency,
'value' => $formattedAmount,
],
], static fn ($value) => $value !== null && $value !== '');
$applicationContext = array_filter([
'brand_name' => config('app.name', 'Fotospiel'),
'landing_page' => 'NO_PREFERENCE',
'user_action' => 'PAY_NOW',
'shipping_preference' => 'NO_SHIPPING',
'locale' => $this->resolveLocale($options['locale'] ?? null),
'return_url' => $options['return_url'] ?? null,
'cancel_url' => $options['cancel_url'] ?? null,
], static fn ($value) => $value !== null && $value !== '');
$payload = [
'intent' => 'CAPTURE',
'purchase_units' => [$purchaseUnit],
'application_context' => $applicationContext,
];
$headers = [];
$requestId = $options['request_id'] ?? null;
if (is_string($requestId) && $requestId !== '') {
$headers['PayPal-Request-Id'] = $requestId;
}
return $this->client->post('/v2/checkout/orders', $payload, $headers);
}
/**
* @param array{request_id?: string|null} $options
* @return array<string, mixed>