feat(subscription-info): use custom data to verify api client

Author: stfsy

lib/subscription-info.js

@@ -33,6 +33,14 @@ class SubscriptionInfo {
         return 'pi-hydration/subscription_cancelled'
     }
 
+    static get HYDRATION_UNAUTHORIZED() {
+        return 'pi-hydration/unauthorized'
+    }
+
+    static get HYDRATION_BAD_REQUEST() {
+        return 'pi-hydration/bad_request'
+    }
+
     /**
      * @typedef SubscriptionInfos
      * @property {SubscriptionInfo} [any] subscription info per subscription plan id
@@ -439,9 +447,90 @@ class SubscriptionInfo {
      * @param {Object} subscription the current local subscription status instance
      * @param {String} checkoutId checkout id of paddle.com
      * @throws Error if hydration failed unexepectedly
+     * @throws SubscriptionInfo.HYDRATION_BAD_REQUEST if the subscription going to be hydrated contains no client information in custom_data
+     * @throws SubscriptionInfo.HYDRATION_UNAUTHORIZED if ids do not match the ids found in the subscription
      * @returns 
      */
     async hydrateSubscriptionCreated(ids, { subscription_id }, checkoutId) {
+        {
+            const { subscription } = await this._storage.get(ids)
+            if (subscription?.status?.length > 1) {
+                return
+            }
+        }
+
+        const subscriptions = await this._api.getSubscription({ subscription_id })
+        if (!Array.isArray(subscriptions) || subscriptions.length < 1) {
+            return
+        }
+
+        // more sanity checks here
+        const subscription = subscriptions.at(0)
+        if (!subscription.custom_data?._pi?.ids) {
+            throw new Error(SubscriptionInfo.HYDRATION_BAD_REQUEST)
+        }
+
+        const idsFromCustomData = subscription.custom_data._pi.ids
+        if (!Array.isArray(idsFromCustomData)) {
+            throw new Error(SubscriptionInfo.HYDRATION_UNAUTHORIZED)
+        }
+
+        const isForTargetId = ids.length === idsFromCustomData.length && idsFromCustomData.every((id, index) => id === ids[index])
+        if (!isForTargetId) {
+            throw new Error(SubscriptionInfo.HYDRATION_UNAUTHORIZED)
+        }
+
+        const hookPayload = {
+            alert_id: SubscriptionInfo.HYDRATION_SUBSCRIPTION_CREATED,
+            alert_name: SubscriptionInfo.HYDRATION_SUBSCRIPTION_CREATED,
+            currency: subscription.last_payment.currency,
+            status: subscription.state,
+            next_bill_date: subscription.next_payment?.date || '',
+            quantity: subscription.quantity,
+            event_time: subscription.signup_date,
+            source: 'pi-hydration',
+            update_url: subscription.update_url,
+            subscription_id: subscription.subscription_id,
+            subscription_plan_id: subscription.plan_id,
+            cancel_url: subscription.cancel_url,
+            checkout_id: checkoutId,
+            user_id: subscription.user_id,
+            // use the ids from paddle api here
+            // these were initially passed during checkout and cannot be updated
+            // thus we ensure that user do not hydrate other subscriptions too
+            passthrough: JSON.stringify({ ids: idsFromCustomData })
+        }
+
+        if (subscription.state === 'active') {
+            await this._hookStorage.addSubscriptionCreatedStatus(hookPayload)
+        }
+    }
+
+    /**
+     * Fetches the latest subscription status from paddle API and updates the local status accordingly.
+     * 
+     * This implementation is cautious in that it only updates the status if
+     * - current status returned by API is active
+     * - local status' contain only the pre-checkout placeholder
+     * 
+     * If update of the local subscription status is not necessary - e.g. because
+     * the webhook was also already received - the method will just silently return.
+     * 
+     * This method allows us to decouple ourselves from the timely arrival of paddle webhooks. Because
+     * webhooks are necessary to store a subscription created event in our database. If the webhook
+     * does not arrive in time, our users need to wait for a finite amount of time which
+     * is not a convincing user experience.
+     * 
+     * This method can be called after the first checkout and after the order was processsed
+     * to already store subscription-related data and let the user already enjoy some goodies.
+     * 
+     * @param {Array} ids ids pointing to the target subscription object
+     * @param {Object} subscription the current local subscription status instance
+     * @param {String} checkoutId checkout id of paddle.com
+     * @throws Error if hydration failed unexepectedly
+     * @returns 
+     */
+    async hydrateSubscriptionCreated2(ids, { orderId, email }) {
         {
             const { subscription } = await this._storage.get(ids)
 

test-e2e/spec/hydration.spec.js

@@ -7,6 +7,7 @@ const index = require('../../lib/index')
 const subscriptions = new index.SubscriptionsHooks('api_client')
 
 const storageResource = require('../../lib/firestore/nested-firestore-resource')
+const SubscriptionInfo = require('../../lib/subscription-info')
 const storage = storageResource({ documentPath: 'api_client', resourceName: 'api_clients' })
 
 let subscriptionInfo
@@ -94,6 +95,43 @@ test('hydrate an active subscription', async ({ page }) => {
     expect(sub['33590']).toBeTruthy()
 })
 
+test('throws if subscription was created for another client', async ({ page }) => {
+    // create new subscription and ...
+    await createNewSubscription(page, apiClientId)
+
+    let { subscription } = await storage.get([apiClientId])
+    const subscriptionId = subscription.status[1].subscription_id
+
+    // .. and check subscription is active to make sure setup was correct
+    let sub = await subscriptionInfo.getAllSubscriptionsStatus(subscription)
+    expect(sub['33590']).toBeTruthy()
+
+    // remove status and payments to verify hydration process
+    await storage.update([apiClientId], {
+        'subscription.status': [],
+        'subscription.payments': []
+    });
+
+    ({ subscription } = await storage.get([apiClientId]))
+    // .. expect sub to be not active anymore after we reset all status and payments
+    sub = await subscriptionInfo.getAllSubscriptionsStatus(subscription)
+    expect(sub['33590']).toBeFalsy()
+
+    try {
+        // add dummy client here
+        await storage.put(['123'], {
+            subscription: {
+                status: []
+            }
+        })
+        await subscriptionInfo.hydrateSubscriptionCreated(['123'], { subscription_id: subscriptionId }, 'checkoutId')
+        throw new Error('Must throw')
+    } catch (e) {
+        const message = e.message
+        expect(message).toEqual(SubscriptionInfo.HYDRATION_UNAUTHORIZED)
+    }
+})
+
 test('does not hydrate if status created was already received', async ({ page }) => {
     // create new subscription and ...
     await createNewSubscription(page, apiClientId)

test-e2e/test-page/fragments/checkout/checkout-page.html

@@ -160,6 +160,11 @@ <h2 class="text-3xl text-center">
             email: 'a@b.com',
             title: 'This is the title',
             message: 'This is a message',
+            customData: {
+                _pi: {
+                    ids: [clientId]
+                }
+            },
             allowQuantity: false,
             disableLogout: false,
             passthrough: `{"ids": ["${clientId}"]}`,