[PAYSHIP-3662] Added authorization capture logic (#1420)

* Added authorization capture logic

---------

Co-authored-by: L3RAZ <[email protected]>

Author: L3RAZ

api/src/Http/Exception/PayPalError.php

@@ -42,7 +42,7 @@ public function __construct($message)
      *
      * @throws PayPalException
      */
-    public function throwException(HttpException $previous = null)
+    public function throwException(?HttpException $previous)
     {
         switch ($this->message) {
             case 'ACTION_DOES_NOT_MATCH_INTENT':

api/src/Http/OrderHttpClient.php

@@ -57,7 +57,7 @@ public function sendRequest(RequestInterface $request): ResponseInterface
     /**
      * {@inheritdoc}
      */
-    public function createOrder(array $payload, string $requestId = null, string $clientMetadataId = null): ResponseInterface
+    public function createOrder(array $payload, ?string $requestId, ?string $clientMetadataId): ResponseInterface
     {
         $headers = [];
 
@@ -83,7 +83,7 @@ public function fetchOrder(string $orderId): ResponseInterface
     /**
      * {@inheritdoc}
      */
-    public function captureOrder(string $orderId, array $payload, string $requestId = null, string $clientMetadataId = null): ResponseInterface
+    public function captureOrder(string $orderId, array $payload, ?string $requestId = null, ?string $clientMetadataId = null): ResponseInterface
     {
         $headers = [];
 

api/src/Http/OrderHttpClientInterface.php

@@ -38,7 +38,7 @@ interface OrderHttpClientInterface
      *
      * @throws NetworkException|HttpException|RequestException|TransferException|PayPalException
      */
-    public function createOrder(array $payload, string $requestId = null, string $clientMetadataId = null): ResponseInterface;
+    public function createOrder(array $payload, ?string $requestId, ?string $clientMetadataId): ResponseInterface;
 
     /**
      * @param string $orderId
@@ -60,7 +60,7 @@ public function fetchOrder(string $orderId): ResponseInterface;
      *
      * @throws NetworkException|HttpException|RequestException|TransferException|PayPalException
      */
-    public function captureOrder(string $orderId, array $payload, string $requestId = null, string $clientMetadataId = null): ResponseInterface;
+    public function captureOrder(string $orderId, array $payload, ?string $requestId = null, ?string $clientMetadataId = null): ResponseInterface;
 
     /**
      * @param array $payload

api/src/Http/PaymentHttpClient.php

@@ -77,6 +77,16 @@ public function refundOrder(string $captureId, array $payload): ResponseInterfac
         return $this->sendRequest(new Request('POST', "captures/$captureId/refund", [], json_encode($payload)));
     }
 
+    /**
+     * {@inheritdoc}
+     */
+    public function captureAuthorization(string $authorizationId, array $payload = []): ResponseInterface
+    {
+        $payloadString = !empty($payload) && json_encode($payload) ? json_encode($payload) : '{}';
+
+        return $this->sendRequest(new Request('POST', "authorizations/$authorizationId/capture", [], $payloadString));
+    }
+
     /**
      * @inheritDoc
      */

api/src/Http/PaymentHttpClientInterface.php

@@ -41,6 +41,16 @@ interface PaymentHttpClientInterface
      */
     public function refundOrder(string $captureId, array $payload): ResponseInterface;
 
+    /**
+     * @param string $authorizationId
+     * @param array<mixed> $payload
+     *
+     * @return ResponseInterface
+     *
+     * @throws NetworkException|HttpException|RequestException|TransferException|PayPalException
+     */
+    public function captureAuthorization(string $authorizationId, array $payload = []): ResponseInterface;
+
     /**
      * @param string $authorizationId
      *

api/src/ValueObject/PayPalOrderResponse.php

@@ -309,15 +309,39 @@ public function getOrderAmountValue()
      */
     public function getVault()
     {
-        return $this->getPaymentSource()[key($this->getPaymentSource())]['attributes']['vault'] ?? null;
+        $paymentSourceArray = $this->getPaymentSource();
+
+        if (!is_array($paymentSourceArray)) {
+            return null;
+        }
+
+        $paymentSource = key($paymentSourceArray);
+
+        if ($paymentSource) {
+            return $paymentSourceArray[$paymentSource]['attributes']['vault'] ?? null;
+        }
+
+        return null;
     }
 
     /**
      * @return string|null
      */
     public function getCustomerId()
     {
-        return $this->getPaymentSource()[key($this->getPaymentSource())]['attributes']['vault']['customer']['id'] ?? null;
+        $paymentSourceArray = $this->getPaymentSource();
+
+        if (!is_array($paymentSourceArray)) {
+            return null;
+        }
+
+        $paymentSource = key($paymentSourceArray);
+
+        if ($paymentSource) {
+            return $paymentSourceArray[$paymentSource]['attributes']['vault']['customer']['id'] ?? null;
+        }
+
+        return null;
     }
 
     /**

core/src/Exception/PsCheckoutException.php

@@ -146,15 +146,21 @@ class PsCheckoutException extends \Exception
 
     const PAYPAL_ORDER_INTENT_INVALID = 66;
 
-    const PAYPAL_ORDER_AUTHORIZATIONS_INVALID = 67;
+    const PAYPAL_AUTHORIZATION_NOT_FOUND = 67;
 
-    const PAYPAL_ORDER_AUTHORIZATIONS_EMPTY = 68;
+    const PAYPAL_AUTHORIZATION_STATUS_INVALID = 68;
 
-    const PAYPAL_ORDER_AUTHORIZATIONS_NOT_UNIQUE = 69;
+    const PAYPAL_AUTHORIZATION_VOIDED = 69;
 
-    const PAYPAL_AUTHORIZATION_STATUS_INVALID = 70;
+    const PAYPAL_AUTHORIZATION_EXPIRED = 70;
+  
+    const PAYPAL_ORDER_AUTHORIZATIONS_INVALID = 71;
 
-    const PAYPAL_AUTHORIZATION_REAUTHORIZATION_FAILURE = 71;
+    const PAYPAL_ORDER_AUTHORIZATIONS_EMPTY = 72;
 
-    const PAYPAL_AUTHORIZATION_DATABASE_FAILURE = 72;
+    const PAYPAL_ORDER_AUTHORIZATIONS_NOT_UNIQUE = 73;
+
+    const PAYPAL_AUTHORIZATION_REAUTHORIZATION_FAILURE = 74;
+
+    const PAYPAL_AUTHORIZATION_DATABASE_FAILURE = 75;
 }

core/src/PayPal/Order/Action/AuthorizePayPalOrderAction.php

@@ -30,6 +30,7 @@
 use PsCheckout\Core\PayPal\Order\Handler\EventHandlerInterface;
 use PsCheckout\Core\PayPal\Order\Provider\PayPalOrderProviderInterface;
 use PsCheckout\Core\PayPal\Order\Repository\PayPalOrderAuthorizationRepositoryInterface;
+use Psr\Log\LoggerInterface;
 
 class AuthorizePayPalOrderAction implements AuthorizePayPalOrderActionInterface
 {
@@ -63,20 +64,27 @@ class AuthorizePayPalOrderAction implements AuthorizePayPalOrderActionInterface
      */
     private $payPalOrderAuthorizationRepository;
 
+    /**
+     * @var LoggerInterface
+     */
+    private $logger;
+
     public function __construct(
         OrderHttpClientInterface $orderHttpClient,
         PayPalOrderCacheInterface $payPalOrderCache,
         EventHandlerInterface $paymentPendingEventHandler,
         EventHandlerInterface $paymentDeniedEventHandler,
         PayPalOrderProviderInterface $payPalOrderProvider,
-        PayPalOrderAuthorizationRepositoryInterface $payPalOrderAuthorizationRepository
+        PayPalOrderAuthorizationRepositoryInterface $payPalOrderAuthorizationRepository,
+        LoggerInterface $logger
     ) {
         $this->orderHttpClient = $orderHttpClient;
         $this->payPalOrderCache = $payPalOrderCache;
         $this->paymentPendingEventHandler = $paymentPendingEventHandler;
         $this->paymentDeniedEventHandler = $paymentDeniedEventHandler;
         $this->payPalOrderProvider = $payPalOrderProvider;
         $this->payPalOrderAuthorizationRepository = $payPalOrderAuthorizationRepository;
+        $this->logger = $logger;
     }
 
     /**
@@ -88,24 +96,32 @@ public function execute(PayPalOrderResponse $payPalOrder): PayPalOrderResponse
             throw new PsCheckoutException(sprintf('PayPal Order %s status must be APPROVED, current status: %s', $payPalOrder->getId(), $payPalOrder->getStatus()), PsCheckoutException::PAYPAL_ORDER_STATUS_INVALID);
         }
 
-        $response = $this->orderHttpClient->authorizeOrder($payPalOrder->getId(), []);
+        $orderId = $payPalOrder->getId();
+
+        $response = $this->orderHttpClient->authorizeOrder($orderId, []);
 
         $orderPayPal = json_decode($response->getBody(), true);
-        $cachedOrder = $this->payPalOrderCache->getValue($orderPayPal['id']);
+        $cachedOrder = $this->payPalOrderCache->getValue($orderId);
 
-        $this->payPalOrderCache->set($orderPayPal['id'], array_replace_recursive($cachedOrder, $orderPayPal));
+        $this->payPalOrderCache->set($orderId, array_replace_recursive($cachedOrder, $orderPayPal));
 
-        $payPalOrderResponse = $this->payPalOrderProvider->getById($orderPayPal['id']);
+        $payPalOrderResponse = $this->payPalOrderProvider->getById($orderId);
 
         $authorization = $payPalOrderResponse->getAuthorization();
 
+        if (!$authorization) {
+            $this->logger->warning("Authorize response doesn't contain authorization info for order: " . $orderId);
+
+            return $payPalOrderResponse;
+        }
+
         $payPalAuthorization = new PayPalOrderAuthorization(
             $authorization['id'],
-            $orderPayPal['id'],
+            $orderId,
             $authorization['status'],
-            $authorization['expiration_time'],
-            $authorization['create_time'],
-            $authorization['update_time']
+            $authorization['expiration_time'] ?? '',
+            $authorization['create_time'] ?? '',
+            $authorization['update_time'] ?? ''
         );
 
         $this->payPalOrderAuthorizationRepository->save($payPalAuthorization);

core/src/PayPal/Order/Action/CaptureAuthorizationAction.php

@@ -0,0 +1,148 @@
+<?php
+/**
+ * Copyright since 2007 PrestaShop SA and Contributors
+ * PrestaShop is an International Registered Trademark & Property of PrestaShop SA
+ *
+ * NOTICE OF LICENSE
+ *
+ * This source file is subject to the Academic Free License version 3.0
+ * that is bundled with this package in the file LICENSE.md.
+ * It is also available through the world-wide-web at this URL:
+ * https://opensource.org/licenses/AFL-3.0
+ * If you did not receive a copy of the license and are unable to
+ * obtain it through the world-wide-web, please send an email
+ * to [email protected] so we can send you a copy immediately.
+ *
+ * @author    PrestaShop SA and Contributors <[email protected]>
+ * @copyright Since 2007 PrestaShop SA and Contributors
+ * @license   https://opensource.org/licenses/AFL-3.0 Academic Free License version 3.0
+ */
+
+namespace PsCheckout\Core\PayPal\Order\Action;
+
+use PsCheckout\Api\Http\PaymentHttpClientInterface;
+use PsCheckout\Api\ValueObject\PayPalOrderResponse;
+use PsCheckout\Core\Exception\PsCheckoutException;
+use PsCheckout\Core\PayPal\Order\Configuration\PayPalAuthorizationStatus;
+use PsCheckout\Core\PayPal\Order\Configuration\PayPalOrderStatus;
+use PsCheckout\Core\PayPal\Order\Entity\PayPalOrderAuthorization;
+use PsCheckout\Core\PayPal\Order\Repository\PayPalOrderAuthorizationRepositoryInterface;
+
+class CaptureAuthorizationAction implements CaptureAuthorizationActionInterface
+{
+    /**
+     * @var PaymentHttpClientInterface
+     */
+    private $paymentHttpClient;
+
+    /**
+     * @var PayPalOrderAuthorizationRepositoryInterface
+     */
+    private $authorizationRepository;
+
+    public function __construct(
+        PaymentHttpClientInterface $paymentHttpClient,
+        PayPalOrderAuthorizationRepositoryInterface $authorizationRepository
+    ) {
+        $this->paymentHttpClient = $paymentHttpClient;
+        $this->authorizationRepository = $authorizationRepository;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function execute(PayPalOrderResponse $payPalOrder): PayPalOrderAuthorization
+    {
+        // Check PayPal order status must be APPROVED
+        if ($payPalOrder->getStatus() !== PayPalOrderStatus::APPROVED) {
+            throw new PsCheckoutException(
+                sprintf('PayPal Order %s status must be APPROVED, current status: %s', $payPalOrder->getId(), $payPalOrder->getStatus()),
+                PsCheckoutException::PAYPAL_ORDER_STATUS_INVALID
+            );
+        }
+
+        // Check intent must be AUTHORIZE
+        if ($payPalOrder->getIntent() !== 'AUTHORIZE') {
+            throw new PsCheckoutException(
+                sprintf('PayPal Order %s intent must be AUTHORIZE, current intent: %s', $payPalOrder->getId(), $payPalOrder->getIntent()),
+                PsCheckoutException::PAYPAL_ORDER_INTENT_INVALID
+            );
+        }
+
+        // Fetch payment authorization from order
+        $authorization = $payPalOrder->getAuthorization();
+
+        if (!$authorization) {
+            throw new PsCheckoutException(
+                sprintf('PayPal Order %s does not have a valid authorization', $payPalOrder->getId()),
+                PsCheckoutException::PAYPAL_AUTHORIZATION_NOT_FOUND
+            );
+        }
+
+        $authorizationId = $authorization['id'];
+        $authorizationStatus = $authorization['status'];
+
+        // Check if status is VOIDED
+        if ($authorizationStatus === PayPalAuthorizationStatus::VOIDED) {
+            throw new PsCheckoutException(
+                "Authorization $authorizationId is voided and cannot be captured",
+                PsCheckoutException::PAYPAL_AUTHORIZATION_VOIDED
+            );
+        }
+
+        // Validate authorization status must be CREATED or PARTIALLY_CAPTURED
+        if (!in_array($authorizationStatus, [PayPalAuthorizationStatus::CREATED, PayPalAuthorizationStatus::PARTIALLY_CAPTURED], true)) {
+            throw new PsCheckoutException(
+                "Authorization $authorizationId status must be CREATED or PARTIALLY_CAPTURED, current status: $authorizationStatus",
+                PsCheckoutException::PAYPAL_AUTHORIZATION_STATUS_INVALID
+            );
+        }
+
+        if (isset($authorization['expiration_time'])) {
+            $expirationTime = new \DateTime((string) $authorization['expiration_time']);
+        } else {
+            $expirationTime = new \DateTime((string) $authorization['create_time']);
+            $expirationTime->modify('+30 days');
+        }
+
+        $currentTime = new \DateTime('now', new \DateTimeZone('UTC'));
+
+        if ($expirationTime < $currentTime) {
+            throw new PsCheckoutException(
+                "Authorization $authorizationId has expired",
+                PsCheckoutException::PAYPAL_AUTHORIZATION_EXPIRED
+            );
+        }
+
+        $captureResponse = $this->paymentHttpClient->captureAuthorization($authorizationId);
+
+        /**
+         * @var array{
+         *     id: string,
+         *     status: string,
+         *     create_time: string,
+         *     update_time: string
+         * } $capturedAuthorization
+         */
+        $capturedAuthorization = json_decode($captureResponse->getBody(), true);
+
+        $authorizationEntity = $this->authorizationRepository->getById($authorizationId);
+
+        if ($authorizationEntity) {
+            $authorizationEntity->setStatus($capturedAuthorization['status']);
+        } else {
+            $authorizationEntity = new PayPalOrderAuthorization(
+                $authorizationId,
+                $payPalOrder->getId(),
+                $capturedAuthorization['status'],
+                '',
+                $capturedAuthorization['create_time'],
+                $capturedAuthorization['update_time'],
+            );
+        }
+
+        $this->authorizationRepository->save($authorizationEntity);
+
+        return $authorizationEntity;
+    }
+}