add order signature to meta in response after checkout

fix test

Author: repl6669

packages/api/src/Domain/Carts/Http/Controllers/CheckoutCartController.php

@@ -43,6 +43,9 @@ public function checkout(
                 'product_lines',
                 'product_lines.purchasable',
             ])
+            ->withMeta([
+                'order_signature' => $order->getSelfLinkSignature(),
+            ])
             ->didCreate();
     }
 }

packages/api/src/Domain/Orders/Concerns/InteractsWithDystoreApi.php

@@ -8,13 +8,34 @@
 use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Database\Eloquent\Relations\HasOne;
 use Illuminate\Support\Facades\Config;
+use Illuminate\Support\Facades\URL;
 use Lunar\Base\Casts\Price;
 use Lunar\Models\Transaction;
 
 trait InteractsWithDystoreApi
 {
     use HashesRouteKey;
 
+    public function getSelfLinkSignature(): ?string
+    {
+        $signedUrl = URL::signedRoute(
+            name: 'v1.orders.show',
+            parameters: ['order' => $this->getRouteKey()],
+            absolute: false,
+        );
+
+        $signature = null;
+
+        $query = (string) parse_url($signedUrl, PHP_URL_QUERY);
+        if ($query !== '') {
+            /** @var array<string, mixed> $params */
+            parse_str($query, $params);
+            $signature = is_string($params['signature'] ?? null) ? $params['signature'] : null;
+        }
+
+        return $signature;
+    }
+
     /**
      * Attribute activity log blacklist.
      *

tests/api/Feature/Domain/Cart/JsonApi/V1/CheckoutCartTest.php

@@ -430,3 +430,50 @@
             ]
         );
 });
+
+it('returns order signature in meta after checkout', function () {
+    /** @var TestCase $this */
+    Config::set('dystore.general.checkout.checkout_protection_strategy', CheckoutProtectionStrategy::SIGNATURE);
+
+    /** @var CartFactory $factory */
+    $factory = Cart::factory();
+
+    /** @var Cart $cart */
+    $cart = $factory
+        ->withAddresses()
+        ->withLines()
+        ->create();
+
+    /** @var CartSessionManager $cartSession */
+    $cartSession = App::make(CartSessionInterface::class);
+    $cartSession->use($cart);
+
+    $response = $this
+        ->jsonApi()
+        ->expects('orders')
+        ->withData([
+            'type' => 'carts',
+            'attributes' => [
+                'agree' => true,
+                'create_user' => false,
+            ],
+        ])
+        ->post(serverUrl('/carts/-actions/checkout'));
+
+    $orderId = $response->json('data.id');
+
+    ray($response->json('meta.order_signature'));
+
+    $response
+        ->assertSuccessful()
+        ->assertCreatedWithServerId(
+            serverUrl('/orders', true),
+            [
+                'type' => 'orders',
+                'id' => (string) $response->json('data.id'),
+            ]
+        )
+        ->assertMeta([
+            'order_signature' => $response->json('meta.order_signature'),
+        ]);
+});