Merge payment methods

build.gradle

@@ -167,7 +167,7 @@ dependencies {
 
     annotationProcessor "org.projectlombok:lombok:1.18.2"
 
-    testCompile "ru.yandex.qatools.embed:postgresql-embedded:2.8"
+    testCompile "ru.yandex.qatools.embed:postgresql-embedded:2.9"
 
     compileOnly "javax.servlet:javax.servlet-api:3.1.0"
     testCompile "javax.servlet:javax.servlet-api:3.1.0"

src/main/java/alfio/config/MvcConfiguration.java

@@ -228,14 +228,14 @@ public void postHandle(HttpServletRequest request, HttpServletResponse response,
                 // http://www.html5rocks.com/en/tutorials/security/content-security-policy/
                 // lockdown policy
                 response.addHeader("Content-Security-Policy", "default-src 'none'; "//block all by default
-                        + " script-src 'self' https://js.stripe.com/ https://api.stripe.com/ https://ssl.google-analytics.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/api2/ https://maps.googleapis.com/;"//
+                        + " script-src 'self' https://checkout.stripe.com/ https://api.stripe.com/ https://ssl.google-analytics.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/api2/ https://maps.googleapis.com/;"//
                         + " style-src 'self' 'unsafe-inline';" // unsafe-inline for style is acceptable...
                         + " img-src 'self' https: data:;"//
                         + " child-src 'self';"//webworker
-                        + " frame-src 'self' https://js.stripe.com https://www.google.com;"
+                        + " frame-src 'self' https://checkout.stripe.com https://www.google.com;"
                         + " font-src 'self';"//
                         + " media-src blob: 'self';"//for loading camera api
-                        + " connect-src 'self' https://api.stripe.com https://maps.googleapis.com/ https://geocoder.cit.api.here.com;" //<- currently stripe.js use jsonp but if they switch to xmlhttprequest+cors we will be ready
+                        + " connect-src 'self' https://checkout.stripe.com https://maps.googleapis.com/ https://geocoder.cit.api.here.com;" //<- currently stripe.js use jsonp but if they switch to xmlhttprequest+cors we will be ready
                         + (environment.acceptsProfiles(Initializer.PROFILE_DEBUG_CSP) ? " report-uri /report-csp-violation" : ""));
             }
         };

src/main/java/alfio/controller/AdminConfigurationController.java

@@ -16,7 +16,7 @@
  */
 package alfio.controller;
 
-import alfio.manager.StripeManager;
+import alfio.manager.StripeCreditCardManager;
 import alfio.manager.user.UserManager;
 import alfio.model.system.Configuration;
 import lombok.AllArgsConstructor;
@@ -33,7 +33,7 @@
 import java.util.Objects;
 import java.util.Optional;
 
-import static alfio.manager.StripeManager.CONNECT_REDIRECT_PATH;
+import static alfio.manager.StripeCreditCardManager.CONNECT_REDIRECT_PATH;
 
 @Controller
 @AllArgsConstructor
@@ -42,15 +42,15 @@ public class AdminConfigurationController {
 
     private static final String STRIPE_CONNECT_ORG = "stripe.connect.org";
     private static final String STRIPE_CONNECT_STATE_PREFIX = "stripe.connect.state.";
-    private final StripeManager stripeManager;
+    private final StripeCreditCardManager stripeCreditCardManager;
     private final UserManager userManager;
 
     @RequestMapping("/admin/configuration/payment/stripe/connect/{orgId}")
     public String redirectToStripeConnect(Principal principal,
                                           @PathVariable("orgId") Integer orgId,
                                           HttpSession session) {
         if(userManager.isOwnerOfOrganization(userManager.findUserByUsername(principal.getName()), orgId)) {
-            StripeManager.ConnectURL connectURL = stripeManager.getConnectURL(Configuration.from(orgId));
+            StripeCreditCardManager.ConnectURL connectURL = stripeCreditCardManager.getConnectURL(Configuration.from(orgId));
             session.setAttribute(STRIPE_CONNECT_STATE_PREFIX +orgId, connectURL.getState());
             session.setAttribute(STRIPE_CONNECT_ORG, orgId);
             return "redirect:" + connectURL.getAuthorizationURL();
@@ -77,7 +77,7 @@ public String authorize(Principal principal,
                 session.removeAttribute(STRIPE_CONNECT_STATE_PREFIX + orgId);
                 boolean stateVerified = Objects.equals(persistedState, state);
                 if(stateVerified && code != null) {
-                    StripeManager.ConnectResult connectResult = stripeManager.storeConnectedAccountId(code, Configuration.from(orgId));
+                    StripeCreditCardManager.ConnectResult connectResult = stripeCreditCardManager.storeConnectedAccountId(code, Configuration.from(orgId));
                     if(connectResult.isSuccess()) {
                         return "redirect:/admin/#/configuration/organization/"+orgId;
                     }

src/main/java/alfio/controller/PaymentCallbackController.java

@@ -0,0 +1,138 @@
+/**
+ * This file is part of alf.io.
+ *
+ * alf.io is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * alf.io is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with alf.io.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package alfio.controller;
+
+import alfio.controller.support.SessionUtil;
+import alfio.manager.PaymentManager;
+import alfio.manager.PaymentSpecification;
+import alfio.manager.TicketReservationManager;
+import alfio.manager.support.PaymentResult;
+import alfio.model.Event;
+import alfio.model.OrderSummary;
+import alfio.model.TicketReservation;
+import alfio.model.TotalPrice;
+import alfio.model.system.Configuration;
+import alfio.model.transaction.PaymentMethod;
+import alfio.model.transaction.PaymentProxy;
+import alfio.model.transaction.capabilities.ExternalProcessing;
+import alfio.repository.EventRepository;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.log4j.Log4j2;
+import org.apache.commons.lang3.tuple.Pair;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.MultiValueMap;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Locale;
+import java.util.Optional;
+
+@Controller
+@RequestMapping("/event/{eventName}/reservation/{reservationId}/payment")
+@RequiredArgsConstructor
+@Log4j2
+public class PaymentCallbackController {
+
+    private static final String REDIRECT_TO_ROOT = "redirect:/";
+    private final TicketReservationManager ticketReservationManager;
+    private final EventRepository eventRepository;
+    private final PaymentManager paymentManager;
+
+    @RequestMapping("/{paymentMethod}/confirm")
+    public String confirm(@PathVariable("eventName") String eventName,
+                          @PathVariable("reservationId") String reservationId,
+                          @PathVariable("paymentMethod") String method,
+                          @RequestParam MultiValueMap<String, String> requestParams,
+                          HttpServletRequest request,
+                          Model model,
+                          BindingResult bindingResult,
+                          RedirectAttributes redirectAttributes) {
+
+        PaymentMethod paymentMethod = PaymentMethod.safeParse(method);
+        if(paymentMethod == null) {
+            log.warn("unrecognized payment method received: {}. Redirecting to list", method);
+            return REDIRECT_TO_ROOT;
+        }
+        return getEventAndReservation(eventName, reservationId)
+            .flatMap(pair -> {
+                Event event = pair.getLeft();
+                TicketReservation reservation = pair.getRight();
+                int organizationId = event.getOrganizationId();
+                if(paymentManager.getActivePaymentMethods(organizationId).stream().anyMatch(dto -> dto.getPaymentProxy().getPaymentMethod() == paymentMethod)) {
+                    log.warn("Payment method {} is not active for organization {}", method, organizationId);
+                    return Optional.empty();
+                }
+                return paymentManager.lookupProviderByMethod(paymentMethod, Configuration.from(organizationId, event.getId()))
+                    .filter(ExternalProcessing.class::isInstance)
+                    .map(provider -> {
+                        TotalPrice reservationCost = ticketReservationManager.totalReservationCostWithVAT(reservationId);
+                        OrderSummary orderSummary = ticketReservationManager.orderSummaryForReservationId(reservationId, event, Locale.forLanguageTag(reservation.getUserLanguage()));
+                        PaymentSpecification paymentSpecification = ((ExternalProcessing)provider).getSpecificationFromRequest(event, reservation, reservationCost, orderSummary).apply(requestParams);
+
+                        PaymentResult paymentResult = ticketReservationManager.performPayment(paymentSpecification,
+                            reservationCost,
+                            SessionUtil.retrieveSpecialPriceSessionId(request),
+                            Optional.ofNullable(PaymentProxy.fromPaymentMethod(paymentMethod)));
+
+                        if(paymentResult.isRedirect()) {
+                            return "redirect:"+paymentResult.getRedirectUrl();
+                        }
+
+                        if(paymentResult.isFailed()) {
+                            bindingResult.reject(paymentResult.getErrorCode().orElse(null));
+                            SessionUtil.addToFlash(bindingResult, redirectAttributes);
+                        }
+
+                        return "redirect:" +ticketReservationManager.reservationUrl(reservationId, event);
+                    });
+            })
+            .orElse(REDIRECT_TO_ROOT);
+
+
+    }
+
+
+    @RequestMapping("/{paymentMethod}/cancel")
+    public String cancel(@PathVariable("eventName") String eventName,
+                         @PathVariable("reservationId") String reservationId,
+                         @PathVariable("paymentMethod") String paymentMethod,
+                         Model model,
+                         BindingResult bindingResult,
+                         RedirectAttributes redirectAttributes) {
+
+        return getEventAndReservation(eventName, reservationId)
+            .map(pair -> {
+                bindingResult.reject("error.STEP_2_PAYPAL_unexpected");
+                SessionUtil.addToFlash(bindingResult, redirectAttributes);
+                return "redirect:" +ticketReservationManager.reservationUrl(reservationId, pair.getLeft());
+            })
+            .orElse(REDIRECT_TO_ROOT);
+    }
+
+    private Optional<Pair<Event, TicketReservation>> getEventAndReservation(@PathVariable("eventName") String eventName, @PathVariable("reservationId") String reservationId) {
+        return eventRepository.findOptionalByShortName(eventName)
+            .map(event -> Pair.of(event, ticketReservationManager.findById(reservationId)))
+            .filter(pair -> pair.getRight().isPresent())
+            .map(pair -> Pair.of(pair.getLeft(), pair.getRight().orElseThrow(IllegalStateException::new)));
+    }
+
+}