mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-10-27 19:22:55 +01:00
6d34319455
* upgrade stripe module * switch stripe api to latest version * fix api version in tests * start upgrading client and server * client: switch to redirect * implement checkout session creation for gems, start implementing webhooks * stripe: start refactoring one time payments * working gems and gift payments * start adding support for subscriptions * stripe: migrate subscriptions and fix cancelling sub * allow upgrading group plans * remove console.log statements * group plans: upgrade from static page / create new one * fix #11885, correct group plan modal title * silence more stripe webhooks * fix group plans redirects * implement editing payment method * start cleaning up code * fix(stripe): update in-code docs, fix eslint issues * subscriptions tests * remove and skip old tests * skip integration tests * fix client build * stripe webhooks: throw error if request fails * subscriptions: correctly pass groupId * remove console.log * stripe: add unit tests for one time payments * wip: stripe checkout tests * stripe createCheckoutSession unit tests * stripe createCheckoutSession unit tests * stripe createCheckoutSession unit tests (editing card) * fix existing webhooks tests * add new webhooks tests * add more webhooks tests * fix lint * stripe integration tests * better error handling when retrieving customer from stripe * client: remove unused strings and improve error handling * payments: limit gift message length (server) * payments: limit gift message length (client) * fix redirects when payment is cancelled * add back "subUpdateCard" string * fix redirects when editing a sub card, use proper names for products, check subs when gifting
442 lines
15 KiB
JavaScript
442 lines
15 KiB
JavaScript
/* eslint-disable camelcase */
|
|
import moment from 'moment';
|
|
import payments from '../../../../../website/server/libs/payments/payments';
|
|
import applePayments from '../../../../../website/server/libs/payments/apple';
|
|
import iap from '../../../../../website/server/libs/inAppPurchases';
|
|
import { model as User } from '../../../../../website/server/models/user';
|
|
import common from '../../../../../website/common';
|
|
import * as gems from '../../../../../website/server/libs/payments/gems';
|
|
|
|
const { i18n } = common;
|
|
|
|
describe('Apple Payments', () => {
|
|
const subKey = 'basic_3mo';
|
|
|
|
describe('verifyGemPurchase', () => {
|
|
let sku; let user; let token; let receipt; let
|
|
headers;
|
|
let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let paymentBuyGemsStub; let
|
|
iapGetPurchaseDataStub; let validateGiftMessageStub;
|
|
|
|
beforeEach(() => {
|
|
token = 'testToken';
|
|
sku = 'com.habitrpg.ios.habitica.iap.21gems';
|
|
user = new User();
|
|
receipt = `{"token": "${token}", "productId": "${sku}"}`;
|
|
headers = {};
|
|
|
|
iapSetupStub = sinon.stub(iap, 'setup')
|
|
.resolves();
|
|
iapValidateStub = sinon.stub(iap, 'validate')
|
|
.resolves({});
|
|
iapIsValidatedStub = sinon.stub(iap, 'isValidated')
|
|
.returns(true);
|
|
iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
|
|
.returns([{
|
|
productId: 'com.habitrpg.ios.Habitica.21gems',
|
|
transactionId: token,
|
|
}]);
|
|
paymentBuyGemsStub = sinon.stub(payments, 'buyGems').resolves({});
|
|
validateGiftMessageStub = sinon.stub(gems, 'validateGiftMessage');
|
|
});
|
|
|
|
afterEach(() => {
|
|
iap.setup.restore();
|
|
iap.validate.restore();
|
|
iap.isValidated.restore();
|
|
iap.getPurchaseData.restore();
|
|
payments.buyGems.restore();
|
|
gems.validateGiftMessage.restore();
|
|
});
|
|
|
|
it('should throw an error if receipt is invalid', async () => {
|
|
iap.isValidated.restore();
|
|
iapIsValidatedStub = sinon.stub(iap, 'isValidated')
|
|
.returns(false);
|
|
|
|
await expect(applePayments.verifyGemPurchase({ user, receipt, headers }))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 401,
|
|
name: 'NotAuthorized',
|
|
message: applePayments.constants.RESPONSE_INVALID_RECEIPT,
|
|
});
|
|
});
|
|
|
|
it('should throw an error if getPurchaseData is invalid', async () => {
|
|
iapGetPurchaseDataStub.restore();
|
|
iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData').returns([]);
|
|
|
|
await expect(applePayments.verifyGemPurchase({ user, receipt, headers }))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 401,
|
|
name: 'NotAuthorized',
|
|
message: applePayments.constants.RESPONSE_NO_ITEM_PURCHASED,
|
|
});
|
|
});
|
|
|
|
it('errors if the user cannot purchase gems', async () => {
|
|
sinon.stub(user, 'canGetGems').resolves(false);
|
|
await expect(applePayments.verifyGemPurchase({ user, receipt, headers }))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 401,
|
|
name: 'NotAuthorized',
|
|
message: i18n.t('groupPolicyCannotGetGems'),
|
|
});
|
|
|
|
user.canGetGems.restore();
|
|
});
|
|
|
|
it('errors if gemsBlock does not exist', async () => {
|
|
sinon.stub(user, 'canGetGems').resolves(true);
|
|
iapGetPurchaseDataStub.restore();
|
|
iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
|
|
.returns([{
|
|
productId: 'badProduct',
|
|
transactionId: token,
|
|
}]);
|
|
|
|
await expect(applePayments.verifyGemPurchase({ user, receipt, headers }))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 401,
|
|
name: 'NotAuthorized',
|
|
message: applePayments.constants.RESPONSE_INVALID_ITEM,
|
|
});
|
|
|
|
user.canGetGems.restore();
|
|
});
|
|
|
|
const gemsCanPurchase = [
|
|
{
|
|
productId: 'com.habitrpg.ios.Habitica.4gems',
|
|
gemsBlock: '4gems',
|
|
},
|
|
{
|
|
productId: 'com.habitrpg.ios.Habitica.20gems',
|
|
gemsBlock: '21gems',
|
|
},
|
|
{
|
|
productId: 'com.habitrpg.ios.Habitica.21gems',
|
|
gemsBlock: '21gems',
|
|
},
|
|
{
|
|
productId: 'com.habitrpg.ios.Habitica.42gems',
|
|
gemsBlock: '42gems',
|
|
},
|
|
{
|
|
productId: 'com.habitrpg.ios.Habitica.84gems',
|
|
gemsBlock: '84gems',
|
|
},
|
|
];
|
|
|
|
gemsCanPurchase.forEach(gemTest => {
|
|
it(`purchases ${gemTest.productId} gems`, async () => {
|
|
iapGetPurchaseDataStub.restore();
|
|
iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
|
|
.returns([{
|
|
productId: gemTest.productId,
|
|
transactionId: token,
|
|
}]);
|
|
|
|
sinon.stub(user, 'canGetGems').resolves(true);
|
|
await applePayments.verifyGemPurchase({ user, receipt, headers });
|
|
|
|
expect(iapSetupStub).to.be.calledOnce;
|
|
expect(iapValidateStub).to.be.calledOnce;
|
|
expect(iapValidateStub).to.be.calledWith(iap.APPLE, receipt);
|
|
expect(iapIsValidatedStub).to.be.calledOnce;
|
|
expect(iapIsValidatedStub).to.be.calledWith({});
|
|
expect(iapGetPurchaseDataStub).to.be.calledOnce;
|
|
expect(validateGiftMessageStub).to.not.be.called;
|
|
|
|
expect(paymentBuyGemsStub).to.be.calledOnce;
|
|
expect(paymentBuyGemsStub).to.be.calledWith({
|
|
user,
|
|
paymentMethod: applePayments.constants.PAYMENT_METHOD_APPLE,
|
|
gemsBlock: common.content.gems[gemTest.gemsBlock],
|
|
headers,
|
|
gift: undefined,
|
|
});
|
|
expect(user.canGetGems).to.be.calledOnce;
|
|
user.canGetGems.restore();
|
|
});
|
|
});
|
|
|
|
it('gifts gems', async () => {
|
|
const receivingUser = new User();
|
|
await receivingUser.save();
|
|
|
|
iapGetPurchaseDataStub.restore();
|
|
iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
|
|
.returns([{
|
|
productId: gemsCanPurchase[0].productId,
|
|
transactionId: token,
|
|
}]);
|
|
|
|
const gift = { uuid: receivingUser._id };
|
|
await applePayments.verifyGemPurchase({
|
|
user, gift, receipt, headers,
|
|
});
|
|
|
|
expect(iapSetupStub).to.be.calledOnce;
|
|
expect(iapValidateStub).to.be.calledOnce;
|
|
expect(iapValidateStub).to.be.calledWith(iap.APPLE, receipt);
|
|
expect(iapIsValidatedStub).to.be.calledOnce;
|
|
expect(iapIsValidatedStub).to.be.calledWith({});
|
|
expect(iapGetPurchaseDataStub).to.be.calledOnce;
|
|
|
|
expect(validateGiftMessageStub).to.be.calledOnce;
|
|
expect(validateGiftMessageStub).to.be.calledWith(gift, user);
|
|
|
|
expect(paymentBuyGemsStub).to.be.calledOnce;
|
|
expect(paymentBuyGemsStub).to.be.calledWith({
|
|
user,
|
|
paymentMethod: applePayments.constants.PAYMENT_METHOD_APPLE,
|
|
headers,
|
|
gift: {
|
|
type: 'gems',
|
|
gems: { amount: 4 },
|
|
member: sinon.match({ _id: receivingUser._id }),
|
|
uuid: receivingUser._id,
|
|
},
|
|
gemsBlock: common.content.gems['4gems'],
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('subscribe', () => {
|
|
let sub; let sku; let user; let token; let receipt; let headers; let
|
|
nextPaymentProcessing;
|
|
let iapSetupStub; let iapValidateStub; let iapIsValidatedStub;
|
|
let paymentsCreateSubscritionStub; let
|
|
iapGetPurchaseDataStub;
|
|
|
|
beforeEach(() => {
|
|
sub = common.content.subscriptionBlocks[subKey];
|
|
sku = 'com.habitrpg.ios.habitica.subscription.3month';
|
|
|
|
token = 'test-token';
|
|
headers = {};
|
|
receipt = `{"token": "${token}"}`;
|
|
nextPaymentProcessing = moment.utc().add({ days: 2 });
|
|
|
|
iapSetupStub = sinon.stub(iap, 'setup')
|
|
.resolves();
|
|
iapValidateStub = sinon.stub(iap, 'validate')
|
|
.resolves({});
|
|
iapIsValidatedStub = sinon.stub(iap, 'isValidated')
|
|
.returns(true);
|
|
iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
|
|
.returns([{
|
|
expirationDate: moment.utc().subtract({ day: 1 }).toDate(),
|
|
productId: sku,
|
|
transactionId: token,
|
|
}, {
|
|
expirationDate: moment.utc().add({ day: 1 }).toDate(),
|
|
productId: 'wrongsku',
|
|
transactionId: token,
|
|
}, {
|
|
expirationDate: moment.utc().add({ day: 1 }).toDate(),
|
|
productId: sku,
|
|
transactionId: token,
|
|
}]);
|
|
paymentsCreateSubscritionStub = sinon.stub(payments, 'createSubscription').resolves({});
|
|
});
|
|
|
|
afterEach(() => {
|
|
iap.setup.restore();
|
|
iap.validate.restore();
|
|
iap.isValidated.restore();
|
|
iap.getPurchaseData.restore();
|
|
if (payments.createSubscription.restore) payments.createSubscription.restore();
|
|
});
|
|
|
|
it('should throw an error if sku is empty', async () => {
|
|
await expect(applePayments.subscribe('', user, receipt, headers, nextPaymentProcessing))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 400,
|
|
name: 'BadRequest',
|
|
message: i18n.t('missingSubscriptionCode'),
|
|
});
|
|
});
|
|
|
|
it('should throw an error if receipt is invalid', async () => {
|
|
iap.isValidated.restore();
|
|
iapIsValidatedStub = sinon.stub(iap, 'isValidated')
|
|
.returns(false);
|
|
|
|
await expect(applePayments.subscribe(sku, user, receipt, headers, nextPaymentProcessing))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 401,
|
|
name: 'NotAuthorized',
|
|
message: applePayments.constants.RESPONSE_INVALID_RECEIPT,
|
|
});
|
|
});
|
|
|
|
const subOptions = [
|
|
{
|
|
sku: 'subscription1month',
|
|
subKey: 'basic_earned',
|
|
},
|
|
{
|
|
sku: 'com.habitrpg.ios.habitica.subscription.3month',
|
|
subKey: 'basic_3mo',
|
|
},
|
|
{
|
|
sku: 'com.habitrpg.ios.habitica.subscription.6month',
|
|
subKey: 'basic_6mo',
|
|
},
|
|
{
|
|
sku: 'com.habitrpg.ios.habitica.subscription.12month',
|
|
subKey: 'basic_12mo',
|
|
},
|
|
];
|
|
subOptions.forEach(option => {
|
|
it(`creates a user subscription for ${option.sku}`, async () => {
|
|
iap.getPurchaseData.restore();
|
|
iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
|
|
.returns([{
|
|
expirationDate: moment.utc().add({ day: 1 }).toDate(),
|
|
productId: option.sku,
|
|
transactionId: token,
|
|
}]);
|
|
sub = common.content.subscriptionBlocks[option.subKey];
|
|
|
|
await applePayments.subscribe(option.sku, user, receipt, headers, nextPaymentProcessing);
|
|
|
|
expect(iapSetupStub).to.be.calledOnce;
|
|
expect(iapValidateStub).to.be.calledOnce;
|
|
expect(iapValidateStub).to.be.calledWith(iap.APPLE, receipt);
|
|
expect(iapIsValidatedStub).to.be.calledOnce;
|
|
expect(iapIsValidatedStub).to.be.calledWith({});
|
|
expect(iapGetPurchaseDataStub).to.be.calledOnce;
|
|
|
|
expect(paymentsCreateSubscritionStub).to.be.calledOnce;
|
|
expect(paymentsCreateSubscritionStub).to.be.calledWith({
|
|
user,
|
|
customerId: token,
|
|
paymentMethod: applePayments.constants.PAYMENT_METHOD_APPLE,
|
|
sub,
|
|
headers,
|
|
additionalData: receipt,
|
|
nextPaymentProcessing,
|
|
});
|
|
});
|
|
});
|
|
|
|
it('errors when a user is already subscribed', async () => {
|
|
payments.createSubscription.restore();
|
|
user = new User();
|
|
|
|
await applePayments.subscribe(sku, user, receipt, headers, nextPaymentProcessing);
|
|
|
|
await expect(applePayments.subscribe(sku, user, receipt, headers, nextPaymentProcessing))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 401,
|
|
name: 'NotAuthorized',
|
|
message: applePayments.constants.RESPONSE_ALREADY_USED,
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('cancelSubscribe ', () => {
|
|
let user; let token; let receipt; let headers; let customerId; let
|
|
expirationDate;
|
|
let iapSetupStub; let iapValidateStub; let iapIsValidatedStub; let iapGetPurchaseDataStub; let
|
|
paymentCancelSubscriptionSpy;
|
|
|
|
beforeEach(async () => {
|
|
token = 'test-token';
|
|
headers = {};
|
|
receipt = `{"token": "${token}"}`;
|
|
customerId = 'test-customerId';
|
|
expirationDate = moment.utc();
|
|
|
|
iapSetupStub = sinon.stub(iap, 'setup')
|
|
.resolves();
|
|
iapValidateStub = sinon.stub(iap, 'validate')
|
|
.resolves({
|
|
expirationDate,
|
|
});
|
|
iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
|
|
.returns([{ expirationDate: expirationDate.toDate() }]);
|
|
iapIsValidatedStub = sinon.stub(iap, 'isValidated')
|
|
.returns(true);
|
|
|
|
user = new User();
|
|
user.profile.name = 'sender';
|
|
user.purchased.plan.paymentMethod = applePayments.constants.PAYMENT_METHOD_APPLE;
|
|
user.purchased.plan.customerId = customerId;
|
|
user.purchased.plan.planId = subKey;
|
|
user.purchased.plan.additionalData = receipt;
|
|
|
|
paymentCancelSubscriptionSpy = sinon.stub(payments, 'cancelSubscription').resolves({});
|
|
});
|
|
|
|
afterEach(() => {
|
|
iap.setup.restore();
|
|
iap.validate.restore();
|
|
iap.isValidated.restore();
|
|
iap.getPurchaseData.restore();
|
|
payments.cancelSubscription.restore();
|
|
});
|
|
|
|
it('should throw an error if we are missing a subscription', async () => {
|
|
user.purchased.plan.paymentMethod = undefined;
|
|
|
|
await expect(applePayments.cancelSubscribe(user, headers))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 401,
|
|
name: 'NotAuthorized',
|
|
message: i18n.t('missingSubscription'),
|
|
});
|
|
});
|
|
|
|
it('should throw an error if subscription is still valid', async () => {
|
|
iap.getPurchaseData.restore();
|
|
iapGetPurchaseDataStub = sinon.stub(iap, 'getPurchaseData')
|
|
.returns([{ expirationDate: expirationDate.add({ day: 1 }).toDate() }]);
|
|
|
|
await expect(applePayments.cancelSubscribe(user, headers))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 401,
|
|
name: 'NotAuthorized',
|
|
message: applePayments.constants.RESPONSE_STILL_VALID,
|
|
});
|
|
});
|
|
|
|
it('should throw an error if receipt is invalid', async () => {
|
|
iap.isValidated.restore();
|
|
iapIsValidatedStub = sinon.stub(iap, 'isValidated')
|
|
.returns(false);
|
|
|
|
await expect(applePayments.cancelSubscribe(user, headers))
|
|
.to.eventually.be.rejected.and.to.eql({
|
|
httpCode: 401,
|
|
name: 'NotAuthorized',
|
|
message: applePayments.constants.RESPONSE_INVALID_RECEIPT,
|
|
});
|
|
});
|
|
|
|
it('should cancel a user subscription', async () => {
|
|
await applePayments.cancelSubscribe(user, headers);
|
|
|
|
expect(iapSetupStub).to.be.calledOnce;
|
|
expect(iapValidateStub).to.be.calledOnce;
|
|
expect(iapValidateStub).to.be.calledWith(iap.APPLE, receipt);
|
|
expect(iapIsValidatedStub).to.be.calledOnce;
|
|
expect(iapIsValidatedStub).to.be.calledWith({
|
|
expirationDate,
|
|
});
|
|
expect(iapGetPurchaseDataStub).to.be.calledOnce;
|
|
|
|
expect(paymentCancelSubscriptionSpy).to.be.calledOnce;
|
|
expect(paymentCancelSubscriptionSpy).to.be.calledWith({
|
|
user,
|
|
paymentMethod: applePayments.constants.PAYMENT_METHOD_APPLE,
|
|
nextBill: expirationDate.toDate(),
|
|
headers,
|
|
});
|
|
});
|
|
});
|
|
});
|