jakevan/jvb.git

<?php
namespace JVBase\rest\routes;
 
use JVBase\rest\Rest;
use JVBase\rest\Route;
use WP_REST_Request;
use WP_REST_Response;
use Exception;
 
if (!defined('ABSPATH')) {
    exit;
}
 
class IntegrationsHelcimRoutes extends Rest
{
    public function registerRoutes(): void
    {
        Route::for('helcim/initialize-checkout')
            ->post([$this, 'handleInitializeCheckout'])
            ->auth('user')
            ->rateLimit(5)
            ->register();
 
        Route::for('helcim/invoices')
            ->get([$this, 'getInvoices'])
            ->auth('user')
            ->rateLimit(10)
            ->register();
 
        Route::for(Route::pattern('helcim/invoices/{invoice_id}'))
            ->get([$this, 'getInvoice'])
            ->auth('user')
            ->rateLimit(10)
            ->register();
 
        Route::for('helcim/saved-cards')
            ->get([$this, 'getSavedCards'])
            ->auth('user')
            ->rateLimit(5)
            ->register();
 
        Route::for('helcim/validate-transaction')
            ->post([$this, 'validateTransaction'])
            ->auth('user')
            ->rateLimit(10)
            ->register();
    }
 
    /**
     * Initialize a HelcimPay.js checkout session.
     *
     * Returns checkoutToken for the frontend to call
     * appendHelcimPayIframe(checkoutToken).
     */
    public function handleInitializeCheckout(WP_REST_Request $request): WP_REST_Response
    {
        $data    = $request->get_json_params();
        $user_id = absint($data['user'] ?? get_current_user_id());
 
        if (empty($data['amount'])) {
            return $this->validationError(['message' => 'Amount is required']);
        }
 
        try {
            $helcim = JVB()->connect('helcim');
 
            // Auto-resolve customer ID from logged-in user
            if (empty($data['customerId']) && $user_id) {
                $data['customerId'] = $helcim->resolveCustomerId($user_id);
            }
 
            $result = $helcim->initializeCheckout($data);
 
            if (!$result['success']) {
                return $this->error($result['message'] ?? 'Checkout initialization failed');
            }
 
            return $this->success($result);
 
        } catch (Exception $e) {
            $this->logError('Helcim checkout init failed', ['error' => $e->getMessage()]);
            return $this->error($e->getMessage());
        }
    }
 
    /**
     * Get invoices for the current user.
     */
    public function getInvoices(WP_REST_Request $request): WP_REST_Response
    {
        $user_id = absint($request->get_param('user') ?? get_current_user_id());
 
        if (!$user_id) {
            return $this->validationError(['message' => 'Not logged in']);
        }
 
        try {
            $helcim    = JVB()->connect('helcim');
            $user      = get_userdata($user_id);
            $result    = $helcim->handleGetInvoices([
                'email' => $user->user_email,
            ]);
 
            return $this->success($result);
 
        } catch (Exception $e) {
            return $this->error($e->getMessage());
        }
    }
 
    /**
     * Get a single invoice by Helcim invoice ID.
     */
    public function getInvoice(WP_REST_Request $request): WP_REST_Response
    {
        $invoiceId = $request->get_param('invoice_id');
 
        if (!$invoiceId) {
            return $this->validationError(['message' => 'Invoice ID required']);
        }
 
        try {
            $helcim = JVB()->connect('helcim');
            $result = $helcim->handleGetInvoice(['invoiceId' => $invoiceId]);
 
            return $this->success($result);
 
        } catch (Exception $e) {
            return $this->error($e->getMessage());
        }
    }
 
    /**
     * Get saved cards for the current user.
     */
    public function getSavedCards(WP_REST_Request $request): WP_REST_Response
    {
        $user_id = absint($request->get_param('user') ?? get_current_user_id());
 
        if (!$user_id) {
            return $this->validationError(['message' => 'Not logged in']);
        }
 
        try {
            $helcim = JVB()->connect('helcim');
            $result = $helcim->handleGetCustomerCards([
                'email' => get_userdata($user_id)->user_email,
            ]);
 
            return $this->success($result);
 
        } catch (Exception $e) {
            return $this->error($e->getMessage());
        }
    }
 
    /**
     * Validate a HelcimPay.js transaction server-side.
     *
     * Called after the frontend receives a SUCCESS message event.
     * Verifies the transaction hash using the secretToken stored
     * in the user's session/transient.
     */
    public function validateTransaction(WP_REST_Request $request): WP_REST_Response
    {
        $data = $request->get_json_params();
 
        if (empty($data['secretToken']) || empty($data['transactionData'])) {
            return $this->validationError(['message' => 'Missing secretToken or transactionData']);
        }
 
        try {
            $helcim = JVB()->connect('helcim');
            $valid  = $helcim->validateTransaction(
                $data['secretToken'],
                $data['transactionData']
            );
 
            return $this->success([
                'valid' => $valid,
            ]);
 
        } catch (Exception $e) {
            return $this->error($e->getMessage());
        }
    }
}