Purchase api updates

Author: miroc

app/Http/Controllers/Api/PurchaseController.php

@@ -10,6 +10,7 @@
 use Phonex\Jobs\IssueProductLicense;
 use Phonex\Model\OrderInapp;
 use Phonex\Model\OrderInappState;
+use Phonex\Model\OrderPlayInapp;
 use Phonex\Model\Product;
 use Phonex\Purchase\PlayPurchase;
 use Phonex\User;
@@ -27,9 +28,10 @@ class PurchaseController extends Controller {
     const RESULT_ERR_INVALID_PRODUCT = 4;
     const RESULT_ERR_TEST = 5;
     const RESULT_ERR_INVALID_SIGNATURE = 6;
+    const RESULT_ERR_EXISTING_ORDER_ID = 7;
+    const RESULT_MULTIPLE_PURCHASES = 8; // when saving multiple purchases
 
-
-    /*These codes are coming from apple itunes store*/
+    /* These codes are coming from apple itunes store */
     // The App Store could not read the JSON object you provided.
     const RESULT_APPSTORE_CANNOT_READ = 21000;
     // The data in the receipt-data property was malformed or missing.
@@ -54,6 +56,11 @@ class PurchaseController extends Controller {
 	public function __construct(){
 	}
 
+    /**
+     * Main processing method for Google Play store transactions
+     * @param Request $request
+     * @return string
+     */
     public function postAndroidPaymentVerification(Request $request)
     {
         $user = $request->attributes->get(MiddlewareAttributes::CLIENT_CERT_AUTH_USER);
@@ -63,31 +70,79 @@ public function postAndroidPaymentVerification(Request $request)
 
         // Parse json
         $jsonReq = $request->get('request');
-        $playPurchase = PlayPurchase::fromJson($jsonReq);
+        $jsonObject = json_decode($jsonReq, true);
+        $playPurchase = PlayPurchase::fromJsonObject($jsonObject);
+
+        // Process Ticket
+        $returnCode = $this->processPlayPurchase($playPurchase, $user);
+        if ($returnCode == self::RESULT_OK){
+            Log::info("received google payment verification", [$returnCode, $jsonReq]);
+        } else {
+            Log::error("received google payment verification", [$returnCode, $jsonReq]);
+        }
 
-        if ($playPurchase === null){
-            Log::error("json_decode failed", [$jsonReq]);
+        return $this->getResponse($returnCode);
+    }
+
+    /**
+     * Processes array of payments
+     * @param Request $request
+     * @return string
+     */
+    public function postAndroidPaymentsVerification(Request $request)
+    {
+        $user = $request->attributes->get(MiddlewareAttributes::CLIENT_CERT_AUTH_USER);
+        if (!$user){
+            return $this->getResponse(self::RESULT_ERR_INVALID_USER);
+        }
+
+
+        $jsonReq = $request->get('request');
+        $jsonObjects = json_decode($jsonReq, true);
+        if ($jsonObjects == null || !is_array($jsonObjects)){
             return $this->getResponse(self::RESULT_ERR_JSON_PARSING);
         }
+
+        $responseArray = [];
+        // Process purchases one by one
+        foreach($jsonObjects as $jsonObject){
+            $playPurchase = PlayPurchase::fromJsonObject($jsonObject);
+            $errCode = $this->processPlayPurchase($playPurchase, $user);
+            $responseArray[] = $errCode;
+        }
+        Log::info("received google payment verifications", [$responseArray, $jsonReq]);
+        return $this->getResponseForMultiplePurchases($responseArray);
+    }
+
+
+    private function processPlayPurchase(PlayPurchase $playPurchase, User $user)
+    {
+        if ($playPurchase === null){
+            return self::RESULT_ERR_JSON_PARSING;
+        }
         if (!$playPurchase->verifySignature()){
-            return $this->getResponse(self::RESULT_ERR_INVALID_SIGNATURE);
+            return self::RESULT_ERR_INVALID_SIGNATURE;
+        }
+        // order id should be unique, otherwise the transaction is replayed
+        if (OrderPlayInapp::orderIdExists($playPurchase->orderId, $user)){
+            return self::RESULT_ERR_EXISTING_ORDER_ID;
         }
 
         // First save the order
         $orderPlayInapp = $playPurchase->createDatabaseModel($user);
         $orderPlayInapp->save();
 
-        Log::info("received google payment verification", [$jsonReq, $playPurchase, $orderPlayInapp]);
+        Log::info("received google payment verification");
 
         // Find the product
         // TODO temporary for testing retrieve product name from developer payload, later switch to productId
         $dp = json_decode($playPurchase->developerPayload);
         $productName = $dp->sku;
-
         $product = Product::where(["name" => $productName])->first();
+
 //        $product = Product::where(["name" => $playPurchase->productId])->first();
         if (!$product){
-            return $this->getResponse(self::RESULT_ERR_INVALID_PRODUCT);
+            return self::RESULT_ERR_INVALID_PRODUCT;
         }
 
         // Issue product
@@ -97,7 +152,7 @@ public function postAndroidPaymentVerification(Request $request)
         // Update order
         $orderPlayInapp->update(['license_id' => $license->id]);
 
-        return $this->getResponse(self::RESULT_OK);
+        return self::RESULT_OK;
     }
 
 
@@ -108,6 +163,23 @@ private function getResponse($code)
         return json_encode($response);
     }
 
+    private function getResponseForMultiplePurchases(array $allResponseCodes)
+    {
+        $response = new \stdClass();
+        $response->responseCode = self::RESULT_MULTIPLE_PURCHASES;
+        $response->purchasesResponseCodes = $allResponseCodes;
+        return json_encode($response);
+    }
+
+    /***************************************/
+    /*************  APPLE  *****************/
+    /***************************************/
+
+    /**
+     * Main processing method of Apple AppStore transactions
+     * @param Request $request
+     * @return string
+     */
     public function postApplePaymentVerification(Request $request)
     {
         $response = new \stdClass();

app/Http/Controllers/QaController.php

@@ -7,6 +7,7 @@
 use Phonex\Jobs\CreateUserWithSubscriber;
 use Phonex\Jobs\IssueProductLicense;
 use Phonex\Jobs\RefreshSubscribers;
+use Phonex\Model\OrderPlayInapp;
 use Phonex\Model\Product;
 use Phonex\Subscriber;
 use Phonex\User;
@@ -18,8 +19,9 @@ public function QaController(){
 
     public function getInfo()
     {
-        $user = User::findByUsername("cburner2015");
-        RefreshSubscribers::refreshSingleUser($user);
+        dd(OrderPlayInapp::orderIdExists('transactionId.android.test.purchased2', User::findByUsername('test318')));
+//        $user = User::findByUsername("cburner2015");
+//        RefreshSubscribers::refreshSingleUser($user);
     }
 
     private function rec($a){

app/Http/routes.php

@@ -49,6 +49,7 @@
     Route::get('products/list-from-licenses', 'Api\ProductController@getLicensesProducts'); // List arbitrary user's products by providing license ids
     Route::any('purchase/appstore/payment-verif', 'Api\PurchaseController@postApplePaymentVerification');
     Route::any('purchase/play/payment-verif', 'Api\PurchaseController@postAndroidPaymentVerification');
+    Route::any('purchase/play/payments-verif', 'Api\PurchaseController@postAndroidPaymentsVerification');
 });
 
 // Authenticated pages using client credentials

app/Model/OrderPlayInapp.php

@@ -1,6 +1,7 @@
 <?php namespace Phonex\Model;
 
 use Illuminate\Database\Eloquent\Model;
+use Phonex\User;
 
 class OrderPlayInapp extends Model{
 	protected $table = 'orders_play_inapp';
@@ -10,4 +11,14 @@ class OrderPlayInapp extends Model{
 	protected $fillable = ['license_id'];
 
 	public $timestamps = false;
+
+	/* Helper functions*/
+	public static function orderIdExists($playOrderId)
+	{
+		return OrderPlayInapp::where('play_order_id', $playOrderId)
+//			->where('user_id', $user->id)
+//			->whereNotNull('license_id')
+			->count() > 0;
+	}
+
 }

app/Purchase/PlayPurchase.php

@@ -30,10 +30,16 @@ class PlayPurchase
     public $appVersion;
     public $itemType;
 
-    public static function fromJson($json)
+
+    /**
+     * Takes jsonObject input (after json_decode($json, true) has been passed)
+     * @param $jsonObject
+     * @return null|PlayPurchase
+     */
+    public static function fromJsonObject(array $jsonObject)
     {
-        $jsonObject = json_decode($json, true);
-        if ($jsonObject ===null){
+//        $jsonObject = json_decode($json, true);
+        if ($jsonObject === null){
             return null;
         }
         $purchaseJson = $jsonObject['INAPP_PURCHASE_DATA'];

gulpfile.js

@@ -12,12 +12,5 @@ var elixir = require('laravel-elixir');
  */
 
 elixir(function(mix) {
-
-
-    mix.less([
-        // a directory in resources/less/assets/
-        'less/AdminLTE.less',
-        "less/skins/skin-blue.less",
-        "less/skins/skin-yellow-light.less"
-    ]);
+    mix.less('app.less');
 });