DevLoversTeam
diff --git a/‎frontend/app/[locale]/shop/cart/CartPageClient.tsx‎
Lines changed: 78 additions & 26 deletions b/‎frontend/app/[locale]/shop/cart/CartPageClient.tsx‎
Lines changed: 78 additions & 26 deletions
diff --git a/‎frontend/app/api/shop/checkout/route.ts‎
Lines changed: 9 additions & 0 deletions b/‎frontend/app/api/shop/checkout/route.ts‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎frontend/app/api/shop/shipping/methods/route.ts‎
Lines changed: 42 additions & 2 deletions b/‎frontend/app/api/shop/shipping/methods/route.ts‎
Lines changed: 42 additions & 2 deletions
@@ -63,6 +63,8 @@ type ShippingMethod = {
   provider: 'nova_poshta';
   methodCode: CheckoutDeliveryMethodCode;
   title: string;
+  amountMinor: number;
+  quoteFingerprint: string;
 };
 
 type ShippingCity = {
@@ -161,6 +163,57 @@ function normalizeShippingCity(raw: unknown): ShippingCity | null {
     nameUa,
   };
 }
+
+function readTrimmedNonEmptyString(value: unknown): string | null {
+  if (typeof value !== 'string') return null;
+  const trimmed = value.trim();
+  return trimmed.length > 0 ? trimmed : null;
+}
+
+function normalizeShippingMethod(raw: unknown): ShippingMethod | null {
+  if (!raw || typeof raw !== 'object' || Array.isArray(raw)) {
+    return null;
+  }
+
+  const item = raw as Record<string, unknown>;
+  if (item.provider !== 'nova_poshta') {
+    return null;
+  }
+
+  const methodCode = readTrimmedNonEmptyString(item.methodCode);
+  const title = readTrimmedNonEmptyString(item.title);
+  const quoteFingerprint = readTrimmedNonEmptyString(item.quoteFingerprint);
+  const amountMinor = item.amountMinor;
+
+  if (!methodCode || !isValidDeliveryMethodCode(methodCode)) {
+    return null;
+  }
+
+  if (!title) {
+    return null;
+  }
+
+  if (
+    typeof amountMinor !== 'number' ||
+    !Number.isInteger(amountMinor) ||
+    amountMinor < 0
+  ) {
+    return null;
+  }
+
+  if (!quoteFingerprint || !/^[a-f0-9]{64}$/.test(quoteFingerprint)) {
+    return null;
+  }
+
+  return {
+    provider: 'nova_poshta',
+    methodCode,
+    title,
+    amountMinor,
+    quoteFingerprint,
+  };
+}
+
 function normalizeShippingWarehouse(raw: unknown): ShippingWarehouse | null {
   if (!raw || typeof raw !== 'object' || Array.isArray(raw)) {
     return null;
@@ -454,6 +507,13 @@ export default function CartPage({
     shippingReasonCode === 'COUNTRY_NOT_SUPPORTED' ||
     shippingReasonCode === 'CURRENCY_NOT_SUPPORTED' ||
     shippingReasonCode === 'INTERNAL_ERROR';
+  const selectedShippingQuote =
+    shippingMethods.find(
+      method => method.methodCode === selectedShippingMethod
+    ) ?? null;
+  const checkoutSummaryShippingMinor = selectedShippingQuote?.amountMinor ?? 0;
+  const checkoutSummaryTotalMinor =
+    cart.summary.totalAmountMinor + checkoutSummaryShippingMinor;
 
   const isWarehouseSelectionMethod = isWarehouseMethod(selectedShippingMethod);
 
@@ -636,30 +696,14 @@ export default function CartPage({
         const methods: ShippingMethod[] = [];
 
         for (const item of methodsRaw) {
-          if (!item || typeof item !== 'object' || Array.isArray(item)) {
-            hardBlock();
-            return;
-          }
+          const method = normalizeShippingMethod(item);
 
-          const m = item as Record<string, unknown>;
-
-          const providerOk = m.provider === 'nova_poshta';
-          const methodCode =
-            typeof m.methodCode === 'string' ? m.methodCode.trim() : '';
-          const methodCodeOk = isValidDeliveryMethodCode(methodCode);
-          const titleOk =
-            typeof m.title === 'string' && m.title.trim().length > 0;
-
-          if (!providerOk || !methodCodeOk || !titleOk) {
+          if (!method) {
             hardBlock();
             return;
           }
 
-          methods.push({
-            provider: 'nova_poshta',
-            methodCode,
-            title: String(m.title),
-          });
+          methods.push(method);
         }
 
         if (available === false && reasonCode == null) {
@@ -1153,6 +1197,12 @@ export default function CartPage({
           ...(cart.summary.pricingFingerprint
             ? { pricingFingerprint: cart.summary.pricingFingerprint }
             : {}),
+          ...(selectedShippingQuote?.quoteFingerprint
+            ? {
+                shippingQuoteFingerprint:
+                  selectedShippingQuote.quoteFingerprint,
+              }
+            : {}),
           ...(shippingPayloadResult?.ok
             ? {
                 shipping: shippingPayloadResult.shipping,
@@ -2241,9 +2291,15 @@ export default function CartPage({
 
                       <span
                         data-testid="checkout-summary-shipping"
-                        className="text-muted-foreground text-right text-xs"
+                        className="text-foreground font-medium"
                       >
-                        {t('summary.shippingInformationalOnly')}
+                        {selectedShippingQuote
+                          ? formatMoney(
+                              checkoutSummaryShippingMinor,
+                              cart.summary.currency,
+                              locale
+                            )
+                          : t('summary.shippingCalc')}
                       </span>
                     </div>
                   </div>
@@ -2259,7 +2315,7 @@ export default function CartPage({
                         className="text-foreground text-2xl font-bold"
                       >
                         {formatMoney(
-                          cart.summary.totalAmountMinor,
+                          checkoutSummaryTotalMinor,
                           cart.summary.currency,
                           locale
                         )}
@@ -2312,10 +2368,6 @@ export default function CartPage({
                     </span>
                   </button>
 
-                  <p className="text-muted-foreground mt-4 text-center text-xs">
-                    {t('summary.shippingPayOnDeliveryNote')}
-                  </p>
-
                   {recoveryHref && !checkoutError ? (
                     <div className="mt-3 flex justify-center">
                       {recoveryIsExternal ? (
 
@@ -62,12 +62,14 @@ const EXPECTED_BUSINESS_ERROR_CODES = new Set([
   'INVALID_VARIANT',
   'INSUFFICIENT_STOCK',
   'CHECKOUT_PRICE_CHANGED',
+  'CHECKOUT_SHIPPING_CHANGED',
   'PRICE_CONFIG_ERROR',
   'PAYMENT_ATTEMPTS_EXHAUSTED',
   'MISSING_SHIPPING_ADDRESS',
   'INVALID_SHIPPING_ADDRESS',
   'SHIPPING_METHOD_UNAVAILABLE',
   'SHIPPING_CURRENCY_UNSUPPORTED',
+  'SHIPPING_AMOUNT_UNAVAILABLE',
   'TERMS_NOT_ACCEPTED',
   'PRIVACY_NOT_ACCEPTED',
 ]);
@@ -77,10 +79,12 @@ const DEFAULT_CHECKOUT_RATE_LIMIT_WINDOW_SECONDS = 300;
 
 const SHIPPING_ERROR_STATUS_MAP: Record<string, number> = {
   CHECKOUT_PRICE_CHANGED: 409,
+  CHECKOUT_SHIPPING_CHANGED: 409,
   MISSING_SHIPPING_ADDRESS: 400,
   INVALID_SHIPPING_ADDRESS: 400,
   SHIPPING_METHOD_UNAVAILABLE: 422,
   SHIPPING_CURRENCY_UNSUPPORTED: 422,
+  SHIPPING_AMOUNT_UNAVAILABLE: 422,
 };
 
 const STATUS_TOKEN_SCOPES_STATUS_ONLY: readonly StatusTokenScope[] = [
@@ -1033,6 +1037,7 @@ export async function POST(request: NextRequest) {
     country,
     legalConsent,
     pricingFingerprint,
+    shippingQuoteFingerprint,
   } = parsedPayload.data;
   const itemCount = items.reduce((total, item) => total + item.quantity, 0);
 
@@ -1159,7 +1164,9 @@ export async function POST(request: NextRequest) {
         shipping: shipping ?? null,
         legalConsent: legalConsent ?? null,
         pricingFingerprint,
+        shippingQuoteFingerprint,
         requirePricingFingerprint: true,
+        requireShippingQuoteFingerprint: true,
         paymentProvider: 'stripe',
         paymentMethod: selectedMethod,
       });
@@ -1185,7 +1192,9 @@ export async function POST(request: NextRequest) {
         shipping: shipping ?? null,
         legalConsent: legalConsent ?? null,
         pricingFingerprint,
+        shippingQuoteFingerprint,
         requirePricingFingerprint: true,
+        requireShippingQuoteFingerprint: true,
         paymentProvider: resolvedProvider,
         paymentMethod: selectedMethod,
       }));
 
@@ -11,6 +11,10 @@ import {
   rateLimitResponse,
 } from '@/lib/security/rate-limit';
 import { resolveShippingAvailability } from '@/lib/services/shop/shipping/availability';
+import {
+  isCheckoutShippingQuoteCurrency,
+  resolveCheckoutShippingQuote,
+} from '@/lib/services/shop/shipping/checkout-quote';
 import {
   sanitizeShippingErrorForLog,
   sanitizeShippingLogMeta,
@@ -27,6 +31,8 @@ type ShippingMethod = {
   provider: 'nova_poshta';
   methodCode: 'NP_WAREHOUSE' | 'NP_LOCKER' | 'NP_COURIER';
   title: string;
+  amountMinor: number;
+  quoteFingerprint: string;
   requiredFields: Array<
     | 'cityRef'
     | 'warehouseRef'
@@ -58,12 +64,27 @@ function parseQuery(request: NextRequest) {
   return shippingMethodsQuerySchema.safeParse(raw);
 }
 
-function getMethods(): ShippingMethod[] {
+function getMethods(currency: 'UAH'): ShippingMethod[] {
+  const warehouseQuote = resolveCheckoutShippingQuote({
+    methodCode: 'NP_WAREHOUSE',
+    currency,
+  });
+  const lockerQuote = resolveCheckoutShippingQuote({
+    methodCode: 'NP_LOCKER',
+    currency,
+  });
+  const courierQuote = resolveCheckoutShippingQuote({
+    methodCode: 'NP_COURIER',
+    currency,
+  });
+
   return [
     {
       provider: 'nova_poshta',
       methodCode: 'NP_WAREHOUSE',
       title: 'Nova Poshta warehouse',
+      amountMinor: warehouseQuote.amountMinor,
+      quoteFingerprint: warehouseQuote.quoteFingerprint,
       requiredFields: [
         'cityRef',
         'warehouseRef',
@@ -75,6 +96,8 @@ function getMethods(): ShippingMethod[] {
       provider: 'nova_poshta',
       methodCode: 'NP_LOCKER',
       title: 'Nova Poshta parcel locker',
+      amountMinor: lockerQuote.amountMinor,
+      quoteFingerprint: lockerQuote.quoteFingerprint,
       requiredFields: [
         'cityRef',
         'warehouseRef',
@@ -86,6 +109,8 @@ function getMethods(): ShippingMethod[] {
       provider: 'nova_poshta',
       methodCode: 'NP_COURIER',
       title: 'Nova Poshta courier',
+      amountMinor: courierQuote.amountMinor,
+      quoteFingerprint: courierQuote.quoteFingerprint,
       requiredFields: [
         'cityRef',
         'addressLine1',
@@ -168,6 +193,21 @@ export async function GET(request: NextRequest) {
       );
     }
 
+    if (!isCheckoutShippingQuoteCurrency(availability.normalized.currency)) {
+      return cachedJson(
+        {
+          success: true,
+          available: false,
+          reasonCode: 'CURRENCY_NOT_SUPPORTED',
+          locale: availability.normalized.locale,
+          country: availability.normalized.country,
+          currency: availability.normalized.currency,
+          methods: [],
+        },
+        requestId
+      );
+    }
+
     return cachedJson(
       {
         success: true,
@@ -176,7 +216,7 @@ export async function GET(request: NextRequest) {
         locale: availability.normalized.locale,
         country: availability.normalized.country,
         currency: availability.normalized.currency,
-        methods: getMethods(),
+        methods: getMethods(availability.normalized.currency),
       },
       requestId
     );