Use new HelloAsso SDK (#706)

### Description

Replace the previous handmade api wrapper by the new official sdk

---------

Co-authored-by: Armand Didierjean <[email protected]>

Author: Rotheem

app/core/payment/endpoints_payment.py

@@ -3,15 +3,17 @@
 from typing import cast
 
 from fastapi import APIRouter, Depends, HTTPException, Request
-from helloasso_api_wrapper.models.api_notifications import (
-    ApiNotificationType,
-    NotificationResultContent,
+from helloasso_python.models.hello_asso_api_v5_models_api_notifications_api_notification_type import (
+    HelloAssoApiV5ModelsApiNotificationsApiNotificationType,
 )
 from pydantic import TypeAdapter, ValidationError
 from sqlalchemy.ext.asyncio import AsyncSession
 
 from app.core.core_module_list import core_module_list
 from app.core.payment import cruds_payment, models_payment, schemas_payment
+from app.core.payment.types_payment import (
+    NotificationResultContent,
+)
 from app.dependencies import get_db
 from app.modules.module_list import module_list
 from app.types.module import CoreModule
@@ -43,7 +45,7 @@ async def webhook(
         validated_content = type_adapter.validate_python(
             await request.json(),
         )
-        content = cast(NotificationResultContent, validated_content)
+        content = cast("NotificationResultContent", validated_content)
         if content.metadata:
             checkout_metadata = (
                 schemas_payment.HelloAssoCheckoutMetadata.model_validate(
@@ -60,9 +62,15 @@ async def webhook(
             status_code=400,
             detail="Could not validate the webhook body",
         )
-    if content.eventType == ApiNotificationType.Order:
+    if (
+        content.eventType
+        == HelloAssoApiV5ModelsApiNotificationsApiNotificationType.ORDER
+    ):
         pass
-    if content.eventType == ApiNotificationType.Payment:
+    if (
+        content.eventType
+        == HelloAssoApiV5ModelsApiNotificationsApiNotificationType.PAYMENT
+    ):
         # We may receive the webhook multiple times, we only want to save a CheckoutPayment
         # in the database the first time
         existing_checkout_payment_model = (

app/core/payment/payment_tool.py

@@ -1,44 +1,113 @@
 import logging
 import uuid
+from datetime import UTC, datetime
+from typing import TYPE_CHECKING
 
-from helloasso_api_wrapper import HelloAssoAPIWrapper
-from helloasso_api_wrapper.exceptions import ApiV5BadRequest
-from helloasso_api_wrapper.models.carts import (
-    CheckoutPayer,
-    InitCheckoutBody,
-    InitCheckoutResponse,
+from authlib.integrations.requests_client import OAuth2Session
+from helloasso_python.api.checkout_api import CheckoutApi
+from helloasso_python.api.paiements_api import PaiementsApi
+from helloasso_python.api_client import ApiClient
+from helloasso_python.configuration import Configuration
+from helloasso_python.models.hello_asso_api_v5_models_carts_checkout_payer import (
+    HelloAssoApiV5ModelsCartsCheckoutPayer,
+)
+from helloasso_python.models.hello_asso_api_v5_models_carts_init_checkout_body import (
+    HelloAssoApiV5ModelsCartsInitCheckoutBody,
 )
 from sqlalchemy.ext.asyncio import AsyncSession
 
 from app.core.payment import cruds_payment, models_payment, schemas_payment
 from app.core.users import schemas_users
 from app.core.utils import security
 from app.core.utils.config import Settings
-from app.types.exceptions import PaymentToolCredentialsNotSetException
+from app.types.exceptions import (
+    MissingHelloAssoCheckoutIdError,
+    PaymentToolCredentialsNotSetException,
+)
+
+if TYPE_CHECKING:
+    from helloasso_python.models.hello_asso_api_v5_models_carts_init_checkout_response import (
+        HelloAssoApiV5ModelsCartsInitCheckoutResponse,
+    )
 
 hyperion_error_logger = logging.getLogger("hyperion.error")
 
 
 class PaymentTool:
-    hello_asso: HelloAssoAPIWrapper | None
+    _access_token: str | None = None
+    _refresh_token: str | None = None
+    _access_token_expiry: int | None = None
+
+    _auth_client: OAuth2Session | None = None
+
+    _hello_asso_api_base: str | None = None
 
     def __init__(self, settings: Settings):
         if (
             settings.HELLOASSO_API_BASE
             and settings.HELLOASSO_CLIENT_ID
             and settings.HELLOASSO_CLIENT_SECRET
         ):
-            self.hello_asso = HelloAssoAPIWrapper(
-                api_base=settings.HELLOASSO_API_BASE,
-                client_id=settings.HELLOASSO_CLIENT_ID,
-                client_secret=settings.HELLOASSO_CLIENT_SECRET,
-                timeout=60,
+            self._hello_asso_api_base = settings.HELLOASSO_API_BASE
+            self._auth_client = OAuth2Session(
+                settings.HELLOASSO_CLIENT_ID,
+                settings.HELLOASSO_CLIENT_SECRET,
+                token_endpoint="https://"
+                + settings.HELLOASSO_API_BASE
+                + "/oauth2/token",
             )
         else:
             hyperion_error_logger.warning(
                 "HelloAsso API credentials are not set, payment won't be available",
             )
-            self.hello_asso = None
+
+    def get_access_token(self) -> str:
+        if not self._auth_client:
+            raise PaymentToolCredentialsNotSetException
+        # If the access token is not set, we get one
+        if self._access_token is None:
+            try:
+                tokens = self._auth_client.fetch_token(grant_type="client_credentials")
+            except Exception:
+                hyperion_error_logger.exception(
+                    "Payment: failed to get HelloAsso access token",
+                )
+                raise
+            self._access_token = tokens["access_token"]
+            self._refresh_token = tokens["refresh_token"]
+            self._access_token_expiry = tokens["expires_at"]
+        # If we have a token but it's expired, we need to refresh it
+        elif self._access_token_expiry is None or self._access_token_expiry < int(
+            datetime.now(UTC).timestamp(),
+        ):
+            # Token is expired, we need to refresh it
+            try:
+                tokens = self._auth_client.refresh_token(
+                    refresh_token=self._refresh_token,
+                )
+            except Exception:
+                hyperion_error_logger.exception(
+                    "Payment: failed to refresh HelloAsso access token, getting a new one",
+                )
+                self._access_token = None
+                self._refresh_token = None
+                self._access_token_expiry = None
+                return self.get_access_token()
+
+        return self._access_token
+
+    def get_hello_asso_configuration(self) -> Configuration:
+        """
+        Get a valid access token and construct an HelloAsso API configuration object
+        """
+        access_token = self.get_access_token()
+        if self._hello_asso_api_base is None:
+            raise PaymentToolCredentialsNotSetException
+        return Configuration(
+            host="https://" + self._hello_asso_api_base + "/v5",
+            access_token=access_token,
+            retries=3,
+        )
 
     def is_payment_available(self) -> bool:
         """
@@ -47,7 +116,13 @@ def is_payment_available(self) -> bool:
         You should always call this method before trying to init a checkout
         If payment is not available, you usually should raise an HTTP Exception explaining that payment is disabled because the API credentials are not configured in settings.
         """
-        return self.hello_asso is not None
+        return (
+            self._auth_client is not None
+            and self._hello_asso_api_base is not None
+            and self._access_token is not None
+            and self._access_token_expiry is not None
+            and self._refresh_token is not None
+        )
 
     async def init_checkout(
         self,
@@ -76,17 +151,16 @@ async def init_checkout(
             payment_url: you need to redirect the user to this payment page
 
         This method use HelloAsso API. It may raise exceptions if HA checkout initialization fails.
-        Exceptions can be imported from `helloasso_api_wrapper.exceptions`
+        Exceptions can be imported from `helloasso_python` package.
         """
-        if not self.hello_asso:
-            raise PaymentToolCredentialsNotSetException
+        configuration = self.get_hello_asso_configuration()
 
         # We want to ensure that any error is logged, even if modules tries to try/except this method
         # Thus we catch any exception and log it, then reraise it
         try:
-            payer: CheckoutPayer | None = None
+            payer: HelloAssoApiV5ModelsCartsCheckoutPayer | None = None
             if payer_user:
-                payer = CheckoutPayer(
+                payer = HelloAssoApiV5ModelsCartsCheckoutPayer(
                     firstName=payer_user.firstname,
                     lastName=payer_user.name,
                     email=payer_user.email,
@@ -96,14 +170,14 @@ async def init_checkout(
             checkout_model_id = uuid.uuid4()
             secret = security.generate_token(nbytes=12)
 
-            init_checkout_body = InitCheckoutBody(
-                totalAmount=checkout_amount,
-                initialAmount=checkout_amount,
-                itemName=checkout_name,
-                backUrl=redirection_uri,
-                errorUrl=redirection_uri,
-                returnUrl=redirection_uri,
-                containsDonation=False,
+            init_checkout_body = HelloAssoApiV5ModelsCartsInitCheckoutBody(
+                total_amount=checkout_amount,
+                initial_amount=checkout_amount,
+                item_name=checkout_name,
+                back_url=redirection_uri,
+                error_url=redirection_uri,
+                return_url=redirection_uri,
+                contains_donation=False,
                 payer=payer,
                 metadata=schemas_payment.HelloAssoCheckoutMetadata(
                     secret=secret,
@@ -113,25 +187,33 @@ async def init_checkout(
 
             # TODO: if payment fail, we can retry
             # then try without the payer infos
-            response: InitCheckoutResponse
-            try:
-                response = self.hello_asso.checkout_intents_management.init_a_checkout(
-                    helloasso_slug,
-                    init_checkout_body,
-                )
-            except ApiV5BadRequest:
-                # We know that HelloAsso may refuse some payer infos, like using the firstname "test"
-                # Even when prefilling the payer infos,the user will be able to edit them on the payment page,
-                # so we can safely retry without the payer infos
-                hyperion_error_logger.exception(
-                    f"Payment: failed to init a checkout with HA for module {module} and name {checkout_name}. Retrying without payer infos",
-                )
+            response: HelloAssoApiV5ModelsCartsInitCheckoutResponse
+            with ApiClient(configuration) as api_client:
+                checkout_api = CheckoutApi(api_client)
+                try:
+                    response = checkout_api.organizations_organization_slug_checkout_intents_post(
+                        helloasso_slug,
+                        init_checkout_body,
+                    )
+                except Exception:
+                    # We know that HelloAsso may refuse some payer infos, like using the firstname "test"
+                    # Even when prefilling the payer infos,the user will be able to edit them on the payment page,
+                    # so we can safely retry without the payer infos
+                    hyperion_error_logger.exception(
+                        f"Payment: failed to init a checkout with HA for module {module} and name {checkout_name}. Retrying without payer infos",
+                    )
 
-                init_checkout_body.payer = None
-                response = self.hello_asso.checkout_intents_management.init_a_checkout(
-                    helloasso_slug,
-                    init_checkout_body,
+                    init_checkout_body.payer = None
+                    response = checkout_api.organizations_organization_slug_checkout_intents_post(
+                        helloasso_slug,
+                        init_checkout_body,
+                    )
+
+            if response.id is None:
+                hyperion_error_logger.error(
+                    f"Payment: failed to init a checkout with HA for module {module} and name {checkout_name}. No checkout id returned",
                 )
+                raise MissingHelloAssoCheckoutIdError()  # noqa: TRY301
 
             checkout_model = models_payment.Checkout(
                 id=checkout_model_id,
@@ -146,7 +228,7 @@ async def init_checkout(
 
             return schemas_payment.Checkout(
                 id=checkout_model_id,
-                payment_url=response.redirectUrl,
+                payment_url=response.redirect_url,
             )
         except Exception:
             hyperion_error_logger.exception(
@@ -172,3 +254,28 @@ async def get_checkout(
             for payment in checkout_dict["payments"]
         ]
         return schemas_payment.CheckoutComplete(**checkout_dict)
+
+    async def refund_payment(
+        self,
+        checkout_id: uuid.UUID,
+        hello_asso_payment_id: int,
+        amount: int,
+    ) -> None:
+        """
+        Refund a payment
+        """
+        configuration = self.get_hello_asso_configuration()
+
+        with ApiClient(configuration) as api_client:
+            paiements_api = PaiementsApi(api_client)
+            try:
+                paiements_api.payments_payment_id_refund_post(
+                    payment_id=hello_asso_payment_id,
+                    send_refund_mail=True,
+                    amount=amount,
+                )
+            except Exception:
+                hyperion_error_logger.exception(
+                    f"Payment: failed to refund payment {hello_asso_payment_id} for checkout {checkout_id}",
+                )
+                raise