Merge remote-tracking branch 'origin/main' into issue/NEST-608

Author: sarahelsaig

4.0.0.md

@@ -15,3 +15,7 @@ Please check the GitHub release entry [here](https://github.com/OrchardCMS/Orcha
 ### SKU Generators
 
 Now it's possible to automatically generate the product SKU. Manual entry remains the default for backwards compatibility, but if the SKU doesn't have to be a specific value you can enable the "Orchard Core Commerce - SKU Generator - GUID" feature. This makes the SKU field read-only even during product creation. Instead, when you publish the product a new GUID string is automatically generated and filled as the SKU. You can also implement your own SKU generator by implementing the `ISkuGenerator` service.
+
+### Stripe
+
+The client script in _stripe-payment-form.js_ has changed. Now `stripePaymentForm` accepts an object instead of a lot of individual positional parameters. Additionally, some parameters that are no longer used have been removed. If you have overridden the `CheckoutStripe` shape on your site, make sure to update it based on the one in OCC.

Directory.Packages.props

@@ -6,28 +6,28 @@
     <!-- The Orchard Core version should always be x.y.0 of the latest minor version for maximum compatibility when
          distributed as NuGet packages. On the other hand, the consuming projects (including OrchardCore.Commerce.Web)
          should use Orchard Core references for the latest patch version to pull all versions up in the final app. -->
-    <OrchardCoreVersion>3.0.0-preview-18991</OrchardCoreVersion>
+    <OrchardCoreVersion>3.0.0-preview-19009</OrchardCoreVersion>
   </PropertyGroup>
 
   <ItemGroup>
     <PackageVersion Include="GraphQL.MicrosoftDI" Version="8.8.4" />
     <PackageVersion Include="GraphQL.SystemTextJson" Version="8.8.4" />
-    <PackageVersion Include="HtmlSanitizer" Version="9.1.893-beta" />
-    <PackageVersion Include="Lombiq.Analyzers.OrchardCore" Version="5.2.1-alpha.3.osoe-925" />
+    <PackageVersion Include="HtmlSanitizer" Version="9.1.923-beta" />
+    <PackageVersion Include="Lombiq.Analyzers.OrchardCore" Version="5.2.1-alpha.4.osoe-925" />
     <PackageVersion Include="Lombiq.HelpfulLibraries.OrchardCore" Version="12.6.1-alpha.7.osoe-925" />
     <PackageVersion Include="Lombiq.HelpfulLibraries.AspNetCore" Version="12.6.1-alpha.7.osoe-925" />
     <PackageVersion Include="Lombiq.HelpfulLibraries.Common" Version="12.6.1-alpha.7.osoe-925" />
     <PackageVersion Include="Lombiq.HelpfulLibraries.Refit" Version="12.6.1-alpha.7.osoe-925" />
     <PackageVersion Include="Lombiq.Tests" Version="5.0.1-alpha.1.osoe-925" />
-    <PackageVersion Include="Lombiq.Tests.UI" Version="14.2.2-alpha.7.osoe-925" />
-    <PackageVersion Include="Lombiq.Tests.UI.AppExtensions" Version="14.2.2-alpha.7.osoe-925" />
-    <PackageVersion Include="Lombiq.Tests.UI.Shortcuts" Version="14.2.2-alpha.7.osoe-925" />
-    <PackageVersion Include="Microsoft.Identity.Web" Version="4.6.0" />
-    <PackageVersion Include="Microsoft.NET.Test.Sdk" Version="18.3.0" />
+    <PackageVersion Include="Lombiq.Tests.UI" Version="14.2.2-alpha.14.osoe-925" />
+    <PackageVersion Include="Lombiq.Tests.UI.AppExtensions" Version="14.2.2-alpha.14.osoe-925" />
+    <PackageVersion Include="Lombiq.Tests.UI.Shortcuts" Version="14.2.2-alpha.14.osoe-925" />
+    <PackageVersion Include="Microsoft.Identity.Web" Version="4.9.0" />
+    <PackageVersion Include="Microsoft.NET.Test.Sdk" Version="18.5.1" />
     <PackageVersion Include="Newtonsoft.Json" Version="13.0.4" />
     <PackageVersion Include="OrchardCore.Application.Cms.Targets" Version="$(OrchardCoreVersion)" />
     <PackageVersion Include="OrchardCore.ContentFields" Version="$(OrchardCoreVersion)" />
-    <PackageVersion Include="OrchardCore.Commerce.Translations" Version="1.0.0-preview.4.occ-121" />
+    <PackageVersion Include="OrchardCore.Commerce.Translations" Version="1.0.0-preview.5.occ-221" />
     <PackageVersion Include="OrchardCore.ContentManagement" Version="$(OrchardCoreVersion)" />
     <PackageVersion Include="OrchardCore.ContentManagement.Abstractions" Version="$(OrchardCoreVersion)" />
     <PackageVersion Include="OrchardCore.ContentTypes" Version="$(OrchardCoreVersion)" />
@@ -46,7 +46,7 @@
     <PackageVersion Include="OrchardCore.Workflows.Abstractions" Version="$(OrchardCoreVersion)" />
     <PackageVersion Include="Shouldly" Version="4.3.0" />
     <PackageVersion Include="SixLabors.ImageSharp" Version="3.1.12" />
-    <PackageVersion Include="Stripe.net" Version="50.4.1" />
+    <PackageVersion Include="Stripe.net" Version="51.1.0" />
     <PackageVersion Include="xunit.v3" Version="3.2.2" />
     <PackageVersion Include="xunit.runner.visualstudio" Version="3.1.5" />
   </ItemGroup>

src/Modules/OrchardCore.Commerce.Payment.Stripe/Abstractions/IPaymentIntentPersistence.cs

@@ -1,3 +1,5 @@
+#nullable enable
+using OrchardCore.Commerce.Payment.Stripe.Models;
 using System.Threading.Tasks;
 
 namespace OrchardCore.Commerce.Payment.Stripe.Abstractions;
@@ -8,17 +10,17 @@ namespace OrchardCore.Commerce.Payment.Stripe.Abstractions;
 public interface IPaymentIntentPersistence
 {
     /// <summary>
-    /// Returns the payment intent Id stored in the current session.
+    /// Returns the payment intent information stored in the current session.
     /// </summary>
-    Task<string> RetrieveAsync(string shoppingCartId = null);
+    Task<PaymentIntentPersistenceInfo?> RetrieveAsync(string? shoppingCartId);
 
     /// <summary>
-    /// Saves a payment intent Id to the session.
+    /// Saves a payment intent information to the session.
     /// </summary>
-    Task StoreAsync(string paymentIntentId, string shoppingCartId = null);
+    Task StoreAsync(string? shoppingCartId, PaymentIntentPersistenceInfo info);
 
     /// <summary>
-    /// Removes the payment intent Id stored in the current session.
+    /// Removes the payment intent information stored in the current session.
     /// </summary>
-    Task RemoveAsync(string shoppingCartId = null);
+    Task RemoveAsync(string? shoppingCartId);
 }

src/Modules/OrchardCore.Commerce.Payment.Stripe/Controllers/StripeController.cs

@@ -13,25 +13,14 @@ namespace OrchardCore.Commerce.Payment.Stripe.Controllers;
 
 public class StripeController : PaymentBaseController
 {
-    private readonly IPaymentIntentPersistence _paymentIntentPersistence;
     private readonly IStripePaymentService _stripePaymentService;
 
     public StripeController(
         IOrchardServices<StripeController> services,
         INotifier notifier,
-        IPaymentIntentPersistence paymentIntentPersistence,
         IStripePaymentService stripePaymentService)
-        : base(notifier, services.Logger.Value)
-    {
-        _paymentIntentPersistence = paymentIntentPersistence;
+        : base(notifier, services.Logger.Value) =>
         _stripePaymentService = stripePaymentService;
-    }
-
-    public async Task<IActionResult> UpdatePaymentIntent(string paymentIntent)
-    {
-        await _paymentIntentPersistence.StoreAsync(paymentIntent);
-        return Ok();
-    }
 
     [AllowAnonymous]
     [HttpGet("stripe/middleware")]

src/Modules/OrchardCore.Commerce.Payment.Stripe/Models/PaymentIntentPersistenceInfo.cs

@@ -0,0 +1,5 @@
+using OrchardCore.Commerce.MoneyDataType;
+
+namespace OrchardCore.Commerce.Payment.Stripe.Models;
+
+public record PaymentIntentPersistenceInfo(string PaymentIntentId, Amount Amount);

src/Modules/OrchardCore.Commerce.Payment.Stripe/Services/PaymentIntentPersistence.cs

@@ -1,52 +1,81 @@
+#nullable enable
+
 using Microsoft.AspNetCore.Http;
 using OrchardCore.Commerce.Payment.Stripe.Abstractions;
+using OrchardCore.Commerce.Payment.Stripe.Models;
+using System.Text.Json;
 using System.Threading.Tasks;
 
 namespace OrchardCore.Commerce.Payment.Stripe.Services;
 
 public class PaymentIntentPersistence : IPaymentIntentPersistence
 {
     // Using _ as a separator to avoid separator character conflicts.
-    private const string PaymentIntentKeyPrefix = "OrchardCore_Commerce_PaymentIntent";
+    private const string PaymentIntentKeyPrefix = "OrchardCore_Commerce_" + nameof(PaymentIntentPersistenceInfo);
 
     private readonly IHttpContextAccessor _httpContextAccessor;
-    private ISession Session => _httpContextAccessor.HttpContext?.Session;
+
+    private ISession? Session => _httpContextAccessor.HttpContext?.Session;
+    private HttpRequest? Request => _httpContextAccessor.HttpContext?.Request;
 
     public PaymentIntentPersistence(IHttpContextAccessor httpContextAccessor) => _httpContextAccessor = httpContextAccessor;
 
-    public Task<string> RetrieveAsync(string shoppingCartId = null)
+    public Task<PaymentIntentPersistenceInfo?> RetrieveAsync(string? shoppingCartId)
     {
         var key = GetCacheId(shoppingCartId);
-        var serialized = Session.GetString(key);
-        if (serialized == null && _httpContextAccessor.HttpContext != null)
+
+        if (Session?.GetString(key)?.Trim() is { Length: > 0 } serializedFromSession &&
+            TryParse(serializedFromSession, out var sessionResult))
         {
-            _httpContextAccessor.HttpContext.Request.Cookies.TryGetValue(key, out var serializedCart);
-            return Task.FromResult(serializedCart);
+            return Task.FromResult(sessionResult);
         }
 
-        return Task.FromResult(serialized);
+        if (Request != null &&
+            Request.Cookies.TryGetValue(key, out var serializedFromCookie) &&
+            TryParse(serializedFromCookie, out var cookieResult))
+        {
+            return Task.FromResult(cookieResult);
+        }
+
+        return Task.FromResult<PaymentIntentPersistenceInfo?>(null);
     }
 
-    public Task StoreAsync(string paymentIntentId, string shoppingCartId = null)
+    public Task StoreAsync(string? shoppingCartId, PaymentIntentPersistenceInfo info)
     {
         var key = GetCacheId(shoppingCartId);
-        if (Session.GetString(key) == paymentIntentId) return Task.CompletedTask;
+        var serialized = JsonSerializer.Serialize(info);
 
-        Session.SetString(key, paymentIntentId);
-        _httpContextAccessor.SetCookieForever(key, paymentIntentId);
+        Session?.SetString(key, serialized);
+        _httpContextAccessor.SetCookieForever(key, serialized);
 
         return Task.CompletedTask;
     }
 
-    public Task RemoveAsync(string shoppingCartId = null)
+    public Task RemoveAsync(string? shoppingCartId)
     {
         var key = GetCacheId(shoppingCartId);
-        Session.Remove(key);
+        Session?.Remove(key);
         _httpContextAccessor.HttpContext?.Response.Cookies.Delete(key);
 
         return Task.CompletedTask;
     }
 
-    protected string GetCacheId(string shoppingCartId) =>
+    protected string GetCacheId(string? shoppingCartId) =>
        string.IsNullOrEmpty(shoppingCartId) ? PaymentIntentKeyPrefix : $"{PaymentIntentKeyPrefix}_{shoppingCartId}";
+
+    private static bool TryParse(string serialized, out PaymentIntentPersistenceInfo? result)
+    {
+        result = null;
+        if (string.IsNullOrWhiteSpace(serialized)) return false;
+
+        try
+        {
+            result = JsonSerializer.Deserialize<PaymentIntentPersistenceInfo?>(serialized);
+            return !string.IsNullOrWhiteSpace(result?.PaymentIntentId);
+        }
+        catch
+        {
+            return false;
+        }
+    }
 }

src/Modules/OrchardCore.Commerce.Payment.Stripe/Services/StripePaymentIntentService.cs

@@ -7,7 +7,9 @@
 using OrchardCore.Commerce.Payment.Stripe.Helpers;
 using OrchardCore.Settings;
 using Stripe;
+using System.Threading;
 using System.Threading.Tasks;
+using static OrchardCore.Commerce.Payment.Stripe.Constants.PaymentIntentStatuses;
 
 namespace OrchardCore.Commerce.Payment.Stripe.Services;
 
@@ -20,6 +22,8 @@ public class StripePaymentIntentService : IStripePaymentIntentService
     private readonly IPaymentIntentPersistence _paymentIntentPersistence;
     private readonly IStringLocalizer<StripePaymentIntentService> T;
 
+    private CancellationToken Aborted => _hca.HttpContext?.RequestAborted ?? default;
+
     public StripePaymentIntentService(
         PaymentIntentService paymentIntentService,
         IHttpContextAccessor httpContextAccessor,
@@ -44,11 +48,19 @@ public async Task<PaymentIntent> GetPaymentIntentAsync(string paymentIntentId)
             paymentIntentId,
             paymentIntentGetOptions,
             await _requestOptionsService.SetIdempotencyKeyAsync(),
-            _hca.HttpContext.RequestAborted);
+            Aborted);
     }
 
     public async Task<PaymentIntent> CreatePaymentIntentAsync(Amount total, string shoppingCartId = null)
     {
+        var paymentIntentInfo = await _paymentIntentPersistence.RetrieveAsync(shoppingCartId);
+        if (paymentIntentInfo?.Amount == total &&
+            await GetPaymentIntentAsync(paymentIntentInfo.PaymentIntentId) is { Status: RequiresPaymentMethod } storedPaymentIntent &&
+            storedPaymentIntent.Amount == AmountHelpers.GetPaymentAmount(total))
+        {
+            return storedPaymentIntent;
+        }
+
         var siteSettings = await _siteService.GetSiteSettingsAsync();
         var paymentIntentOptions = new PaymentIntentCreateOptions
         {
@@ -59,8 +71,7 @@ public async Task<PaymentIntent> CreatePaymentIntentAsync(Amount total, string s
         };
 
         var paymentIntent = await CreatePaymentIntentAsync(paymentIntentOptions);
-
-        await _paymentIntentPersistence.StoreAsync(paymentIntent.Id, shoppingCartId);
+        await _paymentIntentPersistence.StoreAsync(shoppingCartId, new(paymentIntent.Id, total));
 
         return paymentIntent;
     }
@@ -69,7 +80,7 @@ public async Task<PaymentIntent> CreatePaymentIntentAsync(PaymentIntentCreateOpt
         await _paymentIntentService.CreateAsync(
             options,
             await _requestOptionsService.SetIdempotencyKeyAsync(),
-            _hca.HttpContext.RequestAborted);
+            Aborted);
 
     public async Task<PaymentIntent> GetOrUpdatePaymentIntentAsync(
         string paymentIntentId,
@@ -93,6 +104,6 @@ public async Task<PaymentIntent> GetOrUpdatePaymentIntentAsync(
             paymentIntentId,
             updateOptions,
             await _requestOptionsService.SetIdempotencyKeyAsync(),
-            _hca.HttpContext.RequestAborted);
+            Aborted);
     }
 }

src/Modules/OrchardCore.Commerce.Payment.Stripe/Services/StripePaymentService.cs

@@ -81,7 +81,7 @@ public async Task<string> CreateClientSecretAsync(Amount total, ShoppingCartView
             return null;
         }
 
-        var paymentIntentId = await _paymentIntentPersistence.RetrieveAsync(cart.Id);
+        var paymentIntentId = (await _paymentIntentPersistence.RetrieveAsync(cart.Id))?.PaymentIntentId;
         var totals = cart.GetTotalsOrThrowIfEmpty();
 
         // Same here as on the checkout page: Later we have to figure out what to do if there are multiple
@@ -157,7 +157,7 @@ public async Task<ContentItem> CreateOrUpdateOrderFromShoppingCartAsync(
         string paymentIntentId = null,
         OrderPart orderPart = null)
     {
-        var innerPaymentIntentId = paymentIntentId ?? await _paymentIntentPersistence.RetrieveAsync(shoppingCartId);
+        var innerPaymentIntentId = paymentIntentId ?? (await _paymentIntentPersistence.RetrieveAsync(shoppingCartId))?.PaymentIntentId;
         var paymentIntent = await _stripePaymentIntentService.GetPaymentIntentAsync(innerPaymentIntentId);
 
         // Stripe doesn't support multiple shopping cart IDs because we can't send that info to the middleware anyway.
@@ -215,7 +215,7 @@ public async Task<PaymentOperationStatusViewModel> PaymentConfirmationAsync(
         bool needToJudgeIntentStorage = true)
     {
         // If it is null it means the session was not loaded yet and a redirect is needed.
-        if (needToJudgeIntentStorage && string.IsNullOrEmpty(await _paymentIntentPersistence.RetrieveAsync(shoppingCartId)))
+        if (needToJudgeIntentStorage && string.IsNullOrEmpty((await _paymentIntentPersistence.RetrieveAsync(shoppingCartId))?.PaymentIntentId))
         {
             return new PaymentOperationStatusViewModel
             {

src/Modules/OrchardCore.Commerce.Payment.Stripe/Views/CheckoutStripe.cshtml

@@ -13,6 +13,17 @@
     string clientSecret = Model.PaymentProviderData?.ClientSecret ?? string.Empty;
     string paymentIntentId = Model.PaymentProviderData?.PaymentIntentId ?? string.Empty;
     string accountId = Model.PaymentProviderData?.AccountId?.Trim();
+    
+    var urlPrefix = Url.Content("~/").TrimEnd('/');
+    var missingText = T["A value is required for %LABEL%."].Value;
+    var stripeData = new
+    {
+        clientSecret,
+        paymentIntentId,
+        urlPrefix,
+        publishableKey,
+        missingText,
+    }; 
 }
 
 <input type="hidden" id="StripePaymentPart_PaymentIntentId_Text" name="StripePaymentPart.PaymentIntentId.Text">
@@ -45,24 +56,8 @@
     <script at="Head" asp-name="StripeJs" asp-src="https://js.stripe.com/v3/"></script>
     <script at="Head" asp-name="@ResourceNames.StripePaymentForm"></script>
     <script at="Foot" depends-on="StripeJs,StripePaymentForm">
-        stripePaymentForm(
-            @if (!string.IsNullOrEmpty(accountId))
-            {
-                <text>
-                Stripe(@publishableKey.JsonHtmlContent(), @Json.Serialize(new { StripeAccount = accountId })),
-                </text>
-            }
-            else {
-                <text>
-                Stripe(@publishableKey.JsonHtmlContent()),
-                </text>
-            }
-            @clientSecret.JsonHtmlContent(),
-            @paymentIntentId.JsonHtmlContent(),
-            document.querySelector('input[name="__RequestVerificationToken"]').value,
-            @Url.Content("~/").TrimEnd('/').JsonHtmlContent(),
-            @T["There was an error during confirming the payment, please try again."].Json(),
-            @T["A value is required for %LABEL%."].Json(),
-            @(Orchard.Action<StripeController>(controller => controller.UpdatePaymentIntent("PAYMENT_INTENT")).JsonHtmlContent()));
+        const data = @Json.Serialize(stripeData);
+        data.stripeAccountId = @(string.IsNullOrEmpty(accountId) ? Html.Raw("undefined") : Json.Serialize(new { StripeAccount = accountId }));
+        stripePaymentForm(data);
     </script>
 }