Adding subscription elements

src/Modules/OrchardCore.Commerce.Payment.Stripe/Abstractions/IStripePaymentService.cs

@@ -4,6 +4,7 @@
 using OrchardCore.Commerce.MoneyDataType;
 using OrchardCore.Commerce.Payment.Stripe.Models;
 using OrchardCore.Commerce.Payment.Stripe.Services;
+using OrchardCore.Commerce.Payment.Stripe.ViewModels;
 using OrchardCore.Commerce.Payment.ViewModels;
 using OrchardCore.ContentManagement;
 using OrchardCore.DisplayManagement.ModelBinding;
@@ -17,6 +18,14 @@ namespace OrchardCore.Commerce.Payment.Stripe.Abstractions;
 /// </summary>
 public interface IStripePaymentService
 {
+    Task<SubscriptionCreateResponse> CreateSubscriptionAsync(StripeCreateSubscriptionViewModel stripeCreateSubscriptionViewModel);
+
+    Task<Customer> GetCustomerAsync(string customerId);
+
+    Task<Customer> CreateCustomerAsync(CustomerCreateOptions customerCreateOptions);
+
+    Task<ConfirmationToken> GetConfirmationTokenAsync(string confirmationTokenId);
+
     long GetPaymentAmount(Amount total);
 
     /// <summary>

src/Modules/OrchardCore.Commerce.Payment.Stripe/Assets/Scripts/stripe-payment-form.js

@@ -7,8 +7,8 @@ window.stripePaymentForm = function stripePaymentForm(
     errorText,
     missingText,
     updatePaymentIntentUrl,
-    validateUrl = 'checkout/validate/Stripe',
-    paramsUrl = 'checkout/params/Stripe',
+    validateUrl = 'checkout/validate/stripe',
+    paramsUrl = 'checkout/stripe/params',
     priceUrl = 'checkout/price',
     errorContainerSelector = '.message-error',
     stripeFieldErrorSelector = '.stripe-field-error',
@@ -83,7 +83,7 @@ window.stripePaymentForm = function stripePaymentForm(
         submitButton.addEventListener('click', async (event) => {
             // We don't want to let default form submission happen here, which would refresh the page.
             event.preventDefault();
-            toggleInputs(false);         
+            toggleInputs(false);
 
             let result;
             try {
@@ -110,7 +110,7 @@ window.stripePaymentForm = function stripePaymentForm(
                     throw validationJson.errors;
                 }
 
-                
+
                 result = await stripe.confirmPayment({
                     elements: stripeElements,
                     confirmParams: await fetchPost(paramsUrl),

src/Modules/OrchardCore.Commerce.Payment.Stripe/Controllers/StripeController.cs

@@ -5,6 +5,7 @@
 using OrchardCore.Commerce.Payment.Stripe.Abstractions;
 using OrchardCore.DisplayManagement.Notify;
 using OrchardCore.Mvc.Core.Utilities;
+using System;
 using System.Text.Json;
 using System.Text.Json.Serialization;
 using System.Threading.Tasks;
@@ -35,19 +36,31 @@ public IActionResult UpdatePaymentIntent(string paymentIntent)
 
     [AllowAnonymous]
     [HttpGet("checkout/middleware/Stripe")]
-    public async Task<IActionResult> PaymentConfirmationMiddleware(
+    [Obsolete("This endpoint is obsolete and will be removed in a future version. Use checkout/stripe/middleware instead.")]
+    public Task<IActionResult> PaymentConfirmationMiddleware(
+        [FromQuery(Name = "payment_intent")] string paymentIntent = null,
+        [FromQuery] string shoppingCartId = null) => PaymentConfirmation(paymentIntent, shoppingCartId);
+
+    [HttpPost("checkout/params/Stripe")]
+    [ValidateAntiForgeryToken]
+    [Obsolete("This endpoint is obsolete and will be removed in a future version. Use checkout/stripe/params instead.")]
+    public Task<IActionResult> GetConfirmPaymentParameters() => ConfirmPaymentParameters();
+
+    [AllowAnonymous]
+    [HttpGet("checkout/stripe/middleware")]
+    public async Task<IActionResult> PaymentConfirmation(
         [FromQuery(Name = "payment_intent")] string paymentIntent = null,
         [FromQuery] string shoppingCartId = null)
     {
         var result = await _stripePaymentService.PaymentConfirmationAsync(paymentIntent, shoppingCartId);
         return await ProduceActionResultAsync(result);
     }
 
-    [HttpPost("checkout/params/Stripe")]
+    [HttpPost("checkout/stripe/params")]
     [ValidateAntiForgeryToken]
-    public async Task<IActionResult> GetConfirmPaymentParameters()
+    public async Task<IActionResult> ConfirmPaymentParameters()
     {
-        var middlewareUrl = Url.ToAbsoluteUrl("~/checkout/middleware/Stripe");
+        var middlewareUrl = Url.ToAbsoluteUrl("~/checkout/stripe/params");
         var model = await _stripePaymentService.GetStripeConfirmParametersAsync(middlewareUrl);
         return Json(model, new JsonSerializerOptions { DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull });
     }

src/Modules/OrchardCore.Commerce.Payment.Stripe/Endpoints/Api/StripeConfirmPaymentEndpoint.cs

@@ -0,0 +1,66 @@
+#nullable enable
+using Lombiq.HelpfulLibraries.AspNetCore.Extensions;
+using Lombiq.HelpfulLibraries.OrchardCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Routing;
+using OrchardCore.Commerce.Payment.Stripe.Abstractions;
+using OrchardCore.Commerce.Payment.Stripe.Endpoints.Permissions;
+using System;
+using System.Threading.Tasks;
+using static OrchardCore.Commerce.Payment.Stripe.Endpoints.Constants.Endpoints;
+
+namespace OrchardCore.Commerce.Payment.Stripe.Endpoints.Api;
+public static class StripeConfirmPaymentEndpoint
+{
+    [Obsolete("This endpoint is obsolete and will be removed in a future version. Use checkout/stripe/middleware instead.")]
+    public static IEndpointRouteBuilder AddStripeMiddlewareEndpoint(this IEndpointRouteBuilder builder)
+    {
+        builder.MapPostWithDefaultSettings($"{StripePaymentApiPath}/middleware", AddStripeMiddlewareAsync);
+        return builder;
+    }
+
+    [Obsolete("This endpoint is obsolete and will be removed in a future version. Use checkout/stripe/middleware instead.")]
+    private static async Task<IResult> AddStripeMiddlewareAsync(
+         [FromQuery] string? shoppingCartId,
+         [FromServices] IStripePaymentService stripePaymentService,
+         [FromServices] IAuthorizationService authorizationService,
+         HttpContext httpContext,
+         [FromQuery(Name = "payment_intent")] string? paymentIntentId = null)
+    {
+        var result = await StripePaymentOrderConfirmationAsync(
+            shoppingCartId,
+            stripePaymentService,
+            authorizationService,
+            httpContext,
+            paymentIntentId);
+        return TypedResults.Ok(result);
+    }
+
+    public static IEndpointRouteBuilder AddStripePaymentOrderConfirmationEndpoint(this IEndpointRouteBuilder builder)
+    {
+        builder.MapPostWithDefaultSettings($"{StripePaymentApiPath}", StripePaymentOrderConfirmationAsync);
+        return builder;
+    }
+
+    private static async Task<IResult> StripePaymentOrderConfirmationAsync(
+        [FromQuery] string? shoppingCartId,
+        [FromServices] IStripePaymentService stripePaymentService,
+        [FromServices] IAuthorizationService authorizationService,
+        HttpContext httpContext,
+        [FromQuery(Name = "payment_intent")] string? paymentIntentId = null)
+    {
+        if (!await authorizationService.AuthorizeAsync(httpContext.User, ApiPermissions.CommerceApiStripePayment))
+        {
+            return httpContext.ChallengeOrForbidApi();
+        }
+
+        var result = await stripePaymentService.PaymentConfirmationAsync(
+            paymentIntentId,
+            shoppingCartId,
+            paymentIntentId == null);
+
+        return TypedResults.Ok(result);
+    }
+}

src/Modules/OrchardCore.Commerce.Payment.Stripe/Endpoints/Api/StripeConfirmationTokenEndpoint.cs

@@ -0,0 +1,36 @@
+#nullable enable
+using Lombiq.HelpfulLibraries.AspNetCore.Extensions;
+using Lombiq.HelpfulLibraries.OrchardCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Routing;
+using OrchardCore.Commerce.Payment.Stripe.Abstractions;
+using OrchardCore.Commerce.Payment.Stripe.Endpoints.Permissions;
+using System.Threading.Tasks;
+using static OrchardCore.Commerce.Payment.Stripe.Endpoints.Constants.Endpoints;
+
+namespace OrchardCore.Commerce.Payment.Stripe.Endpoints.Api;
+public static class StripeConfirmationTokenEndpoint
+{
+    public static IEndpointRouteBuilder AddStripeConfirmationTokenEndpoint(this IEndpointRouteBuilder builder)
+    {
+        builder.MapGetWithDefaultSettings($"{StripePaymentApiPath}/confirmation-token", GetStripeConfirmationTokenAsync);
+        return builder;
+    }
+
+    private static async Task<IResult> GetStripeConfirmationTokenAsync(
+        [FromQuery] string? confirmationTokenId,
+        [FromServices] IStripePaymentService stripePaymentService,
+        [FromServices] IAuthorizationService authorizationService,
+        HttpContext httpContext)
+    {
+        if (!await authorizationService.AuthorizeAsync(httpContext.User, ApiPermissions.CommerceApiStripePayment))
+        {
+            return httpContext.ChallengeOrForbidApi();
+        }
+
+        var confirmationToken = await stripePaymentService.GetConfirmationTokenAsync(confirmationTokenId);
+        return TypedResults.Ok(confirmationToken);
+    }
+}

src/Modules/OrchardCore.Commerce.Payment.Stripe/Endpoints/Api/StripeCustomerEndpoint.cs

@@ -0,0 +1,58 @@
+#nullable enable
+using Lombiq.HelpfulLibraries.AspNetCore.Extensions;
+using Lombiq.HelpfulLibraries.OrchardCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Routing;
+using OrchardCore.Commerce.Payment.Stripe.Abstractions;
+using OrchardCore.Commerce.Payment.Stripe.Endpoints.Permissions;
+using Stripe;
+using System.Threading.Tasks;
+using static OrchardCore.Commerce.Payment.Stripe.Endpoints.Constants.Endpoints;
+
+namespace OrchardCore.Commerce.Payment.Stripe.Endpoints.Api;
+public static class StripeCustomerEndpoint
+{
+    public static IEndpointRouteBuilder AddStripeGetCustomerEndpoint(this IEndpointRouteBuilder builder)
+    {
+        builder.MapGetWithDefaultSettings($"{StripePaymentApiPath}/customer", GetStripeCustomerAsync);
+        return builder;
+    }
+
+    private static async Task<IResult> GetStripeCustomerAsync(
+        [FromQuery] string? customerId,
+        [FromServices] IStripePaymentService stripePaymentService,
+        [FromServices] IAuthorizationService authorizationService,
+        HttpContext httpContext)
+    {
+        if (!await authorizationService.AuthorizeAsync(httpContext.User, ApiPermissions.CommerceApiStripePayment))
+        {
+            return httpContext.ChallengeOrForbidApi();
+        }
+
+        var customer = await stripePaymentService.GetCustomerAsync(customerId);
+        return TypedResults.Ok(customer);
+    }
+
+    public static IEndpointRouteBuilder AddStripeCreateCustomerEndpoint(this IEndpointRouteBuilder builder)
+    {
+        builder.MapGetWithDefaultSettings($"{StripePaymentApiPath}/customer", GetStripeCreateCustomerAsync);
+        return builder;
+    }
+
+    private static async Task<IResult> GetStripeCreateCustomerAsync(
+        [FromBody] CustomerCreateOptions customerCreateOptions,
+        [FromServices] IStripePaymentService stripePaymentService,
+        [FromServices] IAuthorizationService authorizationService,
+        HttpContext httpContext)
+    {
+        if (!await authorizationService.AuthorizeAsync(httpContext.User, ApiPermissions.CommerceApiStripePayment))
+        {
+            return httpContext.ChallengeOrForbidApi();
+        }
+
+        var customer = await stripePaymentService.CreateCustomerAsync(customerCreateOptions);
+        return TypedResults.Ok(customer);
+    }
+}