From 6d7ddc3bebda242a5176dc1b58022a7db0a17793 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Sat, 1 Oct 2022 10:29:15 +1000
Subject: [PATCH] Minor fixes for Stripe ACH Verifications

---
 .../Requests/Payment/StorePaymentRequest.php  |  1 +
 app/PaymentDrivers/Stripe/ACH.php             | 14 ++++++
 ...235337_add_idempotency_key_to_payments.php | 33 +++++++++++++
 tests/Feature/PaymentTest.php                 | 49 +++++++++++++++++++
 4 files changed, 97 insertions(+)
 create mode 100644 database/migrations/2022_09_30_235337_add_idempotency_key_to_payments.php

diff --git a/app/Http/Requests/Payment/StorePaymentRequest.php b/app/Http/Requests/Payment/StorePaymentRequest.php
index 9a29fd955bf4..c6130cb178b1 100644
--- a/app/Http/Requests/Payment/StorePaymentRequest.php
+++ b/app/Http/Requests/Payment/StorePaymentRequest.php
@@ -109,6 +109,7 @@ class StorePaymentRequest extends Request
             'credits.*.amount' => ['bail','required', new CreditsSumRule($this->all())],
             'invoices' => new ValidPayableInvoicesRule(),
             'number' => ['nullable', 'bail', Rule::unique('payments')->where('company_id', auth()->user()->company()->id)],
+            'idempotency_key' => ['nullable', 'bail', 'string','max:64', Rule::unique('payments')->where('company_id', auth()->user()->company()->id)],
 
         ];
 
diff --git a/app/PaymentDrivers/Stripe/ACH.php b/app/PaymentDrivers/Stripe/ACH.php
index 24c1a28190e4..d602d320f0c9 100644
--- a/app/PaymentDrivers/Stripe/ACH.php
+++ b/app/PaymentDrivers/Stripe/ACH.php
@@ -125,6 +125,20 @@ class ACH
 
         $bank_account = Customer::retrieveSource($request->customer, $request->source, [], $this->stripe->stripe_connect_auth);
 
+        /* Catch externally validated bank accounts and mark them as verified */
+        if(property_exists($bank_account, 'status') && $bank_account->status == 'verified'){
+
+            $meta = $token->meta;
+            $meta->state = 'authorized';
+            $token->meta = $meta;
+            $token->save();
+
+            return redirect()
+                ->route('client.payment_methods.show', $token->hashed_id)
+                ->with('message', __('texts.payment_method_verified'));
+
+        }
+
         try {
             $bank_account->verify(['amounts' => request()->transactions]);
 
diff --git a/database/migrations/2022_09_30_235337_add_idempotency_key_to_payments.php b/database/migrations/2022_09_30_235337_add_idempotency_key_to_payments.php
new file mode 100644
index 000000000000..7f95df32434d
--- /dev/null
+++ b/database/migrations/2022_09_30_235337_add_idempotency_key_to_payments.php
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('payments', function (Blueprint $table) {
+            $table->string('idempotency_key', 64)->nullable()->index();
+
+            $table->unique(['company_id', 'idempotency_key']);
+
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+
+    }
+};
diff --git a/tests/Feature/PaymentTest.php b/tests/Feature/PaymentTest.php
index f12e892cea6e..6d79cdcdbf5b 100644
--- a/tests/Feature/PaymentTest.php
+++ b/tests/Feature/PaymentTest.php
@@ -62,6 +62,55 @@ class PaymentTest extends TestCase
         );
     }
 
+    public function testStorePaymentIdempotencyKeyIllegalLength()
+    {
+        $client = ClientFactory::create($this->company->id, $this->user->id);
+        $client->save();
+
+        $this->invoice = InvoiceFactory::create($this->company->id, $this->user->id); //stub the company and user_id
+        $this->invoice->client_id = $client->id;
+
+        $this->invoice->line_items = $this->buildLineItems();
+        $this->invoice->uses_inclusive_Taxes = false;
+
+        $this->invoice->save();
+
+        $this->invoice_calc = new InvoiceSum($this->invoice);
+        $this->invoice_calc->build();
+
+        $this->invoice = $this->invoice_calc->getInvoice();
+
+        $data = [
+            'amount' => $this->invoice->amount,
+            'client_id' => $client->hashed_id,
+            'invoices' => [
+                [
+                    'invoice_id' => $this->invoice->hashed_id,
+                    'amount' => $this->invoice->amount,
+                ],
+            ],
+            'date' => '2020/12/11',
+            'idempotency_key' => 'dsjafhajklsfhlaksjdhlkajsdjdfjdfljasdfhkjlsafhljfkfhsjlfhiuwayerfiuwaskjgbzmvnjzxnjcbgfkjhdgfoiwwrasdfasdfkashjdfkaskfjdasfda'
+
+        ];
+
+        $response = false;
+        try {
+            $response = $this->withHeaders([
+                'X-API-SECRET' => config('ninja.api_secret'),
+                'X-API-TOKEN' => $this->token,
+            ])->post('/api/v1/payments/', $data);
+        } catch (ValidationException $e) {
+            // $message = json_decode($e->validator->getMessageBag(), 1);
+
+
+        }
+
+        $this->assertFalse($response);
+        
+    }
+
+
     public function testPaymentList()
     {
         Client::factory()->create(['user_id' => $this->user->id, 'company_id' => $this->company->id])->each(function ($c) {