d04e234ca0
- Brand/Theming: Marketing-Farb- und Typographievariablen in `resources/css/app.css` eingeführt, AdminLayout, Dashboardkarten und Onboarding-Komponenten entsprechend angepasst; Dokumentation (`docs/todo/tenant-admin-onboarding-fusion.md`, `docs/changes/...`) aktualisiert. - Checkout & Payments: Checkout-, PayPal-Controller und Tests für integrierte Stripe/PayPal-Flows sowie Paket-Billing-Abläufe überarbeitet; neue PayPal SDK-Factory und Admin-API-Helper (`resources/js/admin/api.ts`) schaffen Grundlage für Billing/Members/Tasks-Seiten. - DX & Tests: Neue Playwright/E2E-Struktur (docs/testing/e2e.md, `tests/e2e/tenant-onboarding-flow.test.ts`, Utilities), E2E-Tenant-Seeder und zusätzliche Übersetzungen/Factories zur Unterstützung der neuen Flows. - Marketing-Kommunikation: Automatische Kontakt-Bestätigungsmail (`ContactConfirmation` + Blade-Template) implementiert; Guest-PWA unter `/event` erreichbar. - Nebensitzung: Blogsystem gefixt und umfassenden BlogPostSeeder für Beispielinhalte angelegt.
263 lines
9.3 KiB
PHP
263 lines
9.3 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Support\Facades\Log;
|
|
use PaypalServerSdkLib\Controllers\OrdersController;
|
|
use App\Models\PackagePurchase;
|
|
use App\Models\TenantPackage;
|
|
use App\Models\Tenant;
|
|
use App\Models\Package;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Validation\ValidationException;
|
|
use App\Services\PayPal\PaypalClientFactory;
|
|
|
|
class PayPalWebhookController extends Controller
|
|
{
|
|
public function __construct(private PaypalClientFactory $clientFactory)
|
|
{
|
|
}
|
|
|
|
public function verify(Request $request): JsonResponse
|
|
{
|
|
$request->validate([
|
|
'webhook_id' => 'required|string',
|
|
'webhook_event' => 'required|array',
|
|
]);
|
|
|
|
$webhookId = $request->webhook_id;
|
|
$event = $request->webhook_event;
|
|
|
|
$client = $this->clientFactory->make();
|
|
|
|
// Basic webhook validation - simplified for now
|
|
// TODO: Implement proper webhook signature verification with official SDK
|
|
$isValidWebhook = true; // Temporarily allow all webhooks for testing
|
|
|
|
try {
|
|
if ($isValidWebhook) {
|
|
// Process the webhook event
|
|
$this->handleEvent($event);
|
|
|
|
return response()->json(['status' => 'SUCCESS'], 200);
|
|
} else {
|
|
Log::warning('PayPal webhook verification failed', ['status' => 'basic_validation_failed']);
|
|
return response()->json(['status' => 'FAILURE'], 400);
|
|
}
|
|
} catch (\Exception $e) {
|
|
Log::error('PayPal webhook verification error: ' . $e->getMessage());
|
|
return response()->json(['status' => 'FAILURE'], 500);
|
|
}
|
|
}
|
|
|
|
private function handleEvent(array $event): void
|
|
{
|
|
$eventType = $event['event_type'] ?? '';
|
|
$resource = $event['resource'] ?? [];
|
|
|
|
Log::info('PayPal webhook received', ['event_type' => $eventType, 'resource_id' => $resource['id'] ?? 'unknown']);
|
|
|
|
switch ($eventType) {
|
|
case 'CHECKOUT.ORDER.APPROVED':
|
|
// Handle order approval if needed
|
|
break;
|
|
|
|
case 'PAYMENT.CAPTURE.COMPLETED':
|
|
$this->handleCaptureCompleted($resource);
|
|
break;
|
|
|
|
case 'PAYMENT.CAPTURE.DENIED':
|
|
$this->handleCaptureDenied($resource);
|
|
break;
|
|
|
|
case 'BILLING.SUBSCRIPTION.ACTIVATED':
|
|
// Handle subscription activation for SaaS
|
|
$this->handleSubscriptionActivated($resource);
|
|
break;
|
|
|
|
case 'BILLING.SUBSCRIPTION.CANCELLED':
|
|
$this->handleSubscriptionCancelled($resource);
|
|
break;
|
|
|
|
default:
|
|
Log::info('Unhandled PayPal webhook event', ['event_type' => $eventType]);
|
|
}
|
|
}
|
|
|
|
private function handleCaptureCompleted(array $capture): void
|
|
{
|
|
$orderId = $capture['order_id'] ?? null;
|
|
if (!$orderId) {
|
|
Log::warning('No order_id in PayPal capture webhook', ['capture_id' => $capture['id'] ?? 'unknown']);
|
|
return;
|
|
}
|
|
|
|
// Idempotent check
|
|
$purchase = PackagePurchase::where('provider_id', $orderId)->first();
|
|
if ($purchase) {
|
|
Log::info('PayPal order already processed', ['order_id' => $orderId]);
|
|
return;
|
|
}
|
|
|
|
// Fetch order to get custom_id
|
|
$this->processPurchaseFromOrder($orderId, 'completed');
|
|
}
|
|
|
|
private function handleCaptureDenied(array $capture): void
|
|
{
|
|
$orderId = $capture['id'] ?? null;
|
|
Log::warning('PayPal capture denied', ['order_id' => $orderId]);
|
|
|
|
// Handle denial, e.g., notify tenant or refund logic if needed
|
|
// For now, log
|
|
}
|
|
|
|
private function handleSubscriptionActivated(array $subscription): void
|
|
{
|
|
$subscriptionId = $subscription['id'] ?? null;
|
|
if (!$subscriptionId) {
|
|
return;
|
|
}
|
|
|
|
// Update tenant subscription status
|
|
// Assume metadata has tenant_id
|
|
$customId = $subscription['custom_id'] ?? null;
|
|
if ($customId) {
|
|
$metadata = json_decode($customId, true);
|
|
$tenantId = $metadata['tenant_id'] ?? null;
|
|
|
|
if ($tenantId) {
|
|
$tenant = Tenant::find($tenantId);
|
|
if ($tenant) {
|
|
$tenant->update(['subscription_status' => 'active']);
|
|
Log::info('PayPal subscription activated', ['subscription_id' => $subscriptionId, 'tenant_id' => $tenantId]);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
private function handleSubscriptionCancelled(array $subscription): void
|
|
{
|
|
$subscriptionId = $subscription['id'] ?? null;
|
|
if (!$subscriptionId) {
|
|
return;
|
|
}
|
|
|
|
// Update tenant to cancelled
|
|
$customId = $subscription['custom_id'] ?? null;
|
|
if ($customId) {
|
|
$metadata = json_decode($customId, true);
|
|
$tenantId = $metadata['tenant_id'] ?? null;
|
|
|
|
if ($tenantId) {
|
|
$tenant = Tenant::find($tenantId);
|
|
if ($tenant) {
|
|
$tenant->update(['subscription_status' => 'cancelled']);
|
|
// Deactivate TenantPackage
|
|
TenantPackage::where('tenant_id', $tenantId)->update(['active' => false]);
|
|
Log::info('PayPal subscription cancelled', ['subscription_id' => $subscriptionId, 'tenant_id' => $tenantId]);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
private function processPurchaseFromOrder(string $orderId, string $status): void
|
|
{
|
|
// Fetch order details
|
|
$client = $this->clientFactory->make();
|
|
|
|
$ordersController = $client->getOrdersController();
|
|
|
|
try {
|
|
$response = $ordersController->showOrder([
|
|
'id' => $orderId,
|
|
'prefer' => 'return=representation'
|
|
]);
|
|
$order = method_exists($response, 'getResult') ? $response->getResult() : ($response->result ?? null);
|
|
|
|
if (! $order) {
|
|
Log::error('No order payload returned for PayPal order', ['order_id' => $orderId]);
|
|
return;
|
|
}
|
|
|
|
$customId = $order->purchaseUnits[0]->customId ?? null;
|
|
if (!$customId) {
|
|
Log::error('No custom_id in PayPal order', ['order_id' => $orderId]);
|
|
return;
|
|
}
|
|
|
|
$metadata = json_decode($customId, true);
|
|
$tenantId = $metadata['tenant_id'] ?? null;
|
|
$packageId = $metadata['package_id'] ?? null;
|
|
|
|
if (!$tenantId || !$packageId) {
|
|
Log::error('Missing metadata in PayPal order', ['order_id' => $orderId, 'metadata' => $metadata]);
|
|
return;
|
|
}
|
|
|
|
$tenant = Tenant::find($tenantId);
|
|
$package = Package::find($packageId);
|
|
|
|
if (!$tenant || !$package) {
|
|
Log::error('Tenant or package not found for PayPal order', ['order_id' => $orderId]);
|
|
return;
|
|
}
|
|
|
|
$operation = function () use ($tenant, $package, $orderId, $status) {
|
|
// Idempotent check
|
|
$existing = PackagePurchase::where('provider_id', $orderId)->first();
|
|
if ($existing) {
|
|
return;
|
|
}
|
|
|
|
PackagePurchase::create([
|
|
'tenant_id' => $tenant->id,
|
|
'package_id' => $package->id,
|
|
'provider_id' => $orderId,
|
|
'price' => $package->price,
|
|
'type' => $package->type === 'endcustomer' ? 'endcustomer_event' : 'reseller_subscription',
|
|
'purchased_at' => now(),
|
|
'status' => $status,
|
|
'metadata' => json_encode(['paypal_order' => $orderId, 'webhook' => true]),
|
|
]);
|
|
|
|
// For trial: if first purchase and reseller, set trial
|
|
$activePackages = TenantPackage::where('tenant_id', $tenant->id)
|
|
->where('active', true)
|
|
->count();
|
|
|
|
$expiresAt = now()->addYear();
|
|
if ($activePackages === 0 && $package->type === 'reseller_subscription') {
|
|
$expiresAt = now()->addDays(14); // Trial
|
|
}
|
|
|
|
TenantPackage::updateOrCreate(
|
|
['tenant_id' => $tenant->id, 'package_id' => $package->id],
|
|
[
|
|
'price' => $package->price,
|
|
'purchased_at' => now(),
|
|
'active' => true,
|
|
'expires_at' => $expiresAt,
|
|
]
|
|
);
|
|
|
|
$tenant->update(['subscription_status' => 'active']);
|
|
};
|
|
|
|
$connection = DB::connection();
|
|
if ($connection->getDriverName() === 'sqlite' && $connection->transactionLevel() > 0) {
|
|
$operation();
|
|
} else {
|
|
$connection->transaction($operation);
|
|
}
|
|
|
|
Log::info('PayPal purchase processed via webhook', ['order_id' => $orderId, 'tenant_id' => $tenantId, 'status' => $status]);
|
|
|
|
} catch (\Exception $e) {
|
|
Log::error('Error processing PayPal order in webhook: ' . $e->getMessage(), ['order_id' => $orderId]);
|
|
}
|
|
}
|
|
}
|