Merge pull request #5 from Foxy/feat/shiptheory

Feat/shiptheory

Author: brettflorio

config.js

@@ -0,0 +1,60 @@
+/**
+ * @file Manages the configuration settings
+ */
+
+/**
+ * @param {string} envVar the environment variable to get
+ * @returns {string} the environment variable value
+ */
+function env(envVar) {
+  return process.env[envVar];
+}
+const config = {
+  datastore: {
+    credentials: env('FOXY_DATASTORE_CREDENTIALS'),
+    error: {
+      insufficientInventory: env('FOXY_ERROR_INSUFFICIENT_INVENTORY') || env('FX_ERROR_INSUFFICIENT_INVENTORY'),
+      priceMismatch: env('FOXY_ERROR_PRICE_MISMATCH') || env('FX_ERROR_PRICE_MISMATCH')
+    },
+    field: {
+      code: env('FOXY_FIELD_CODE') || env('FX_FIELD_CODE'),
+      inventory: env('FOXY_FIELD_INVENTORY') || env('FX_FIELD_INVENTORY'),
+      price: env('FOXY_FIELD_PRICE') || env('FX_FIELD_PRICE')
+    },
+    provider: {
+      orderDesk: {
+        apiKey: env("FOXY_ORDERDESK_API_KEY"),
+        storeId: env("FOXY_ORDERDESK_STORE_ID"),
+      },
+      webflow: {
+        token: env('FOXY_WEBFLOW_TOKEN') || env('WEBFLOW_TOKEN'),
+      }
+    },
+    skipUpdate: {
+      inventory: env('FOXY_SKIP_INVENTORY_UPDATE_CODES')
+    },
+    skipValidation: {
+      inventory: env('FOXY_SKIP_INVENTORY_CODES') || env('FX_SKIP_INVENTORY_CODES'),
+      price: env('FOXY_SKIP_PRICE_CODES') || env('FX_SKIP_PRICE_CODES')
+    },
+  },
+  default: {
+    autoshipFrequency: env('FOXY_DEFAULT_AUTOSHIP_FREQUENCY') || env('DEFAULT_AUTOSHIP_FREQUENCY')
+  },
+  foxy: {
+    api: {
+      clientId: env('FOXY_API_CLIENT_ID'),
+      clientSecret: env('FOXY_API_CLIENT_SECRET'),
+      refreshToken: env('FOXY_API_REFRESH_TOKEN')
+    },
+    webhook: {
+      encryptionKey: env('FOXY_WEBHOOK_ENCRYPTION_KEY'),
+    }
+  },
+  idevAffiliate: {
+    apiUrl: env('FOXY_IDEV_API_URL') || env('IDEV_API_URL'),
+    secretKey: env('FOXY_IDEV_SECRET_KEY') || env('IDEV_SECRET_KEY'),
+  },
+}
+
+module.exports = config;

package.json

@@ -4,7 +4,7 @@
   "description": "Run serverless functions on Netlify to work with the Foxy.io hypermedia API.",
   "private": false,
   "scripts": {
-    "test": "nyc mocha \"src/**/*.test.js\"",
+    "test": "nyc mocha \"test/**/*.test.js\"",
     "start": "netlify dev",
     "start-http": "http-server ./src/functions --port 9000 -c-1"
   },

src/foxy/DataStoreBase.js

@@ -0,0 +1,75 @@
+const config = require("../../config.js");
+
+class DataStoreBase {
+
+  skipUpdate = {
+    inventory: []
+  }
+
+  constructor() {
+    const abstractMethods = [
+      'fetchItems',
+      'getCredentials',
+      'setCredentials'
+    ];
+    const unimplemented = abstractMethods.filter(
+      m => typeof this[m] !== "function"
+    );
+    if (unimplemented.length) {
+      throw new TypeError(unimplemented.join(',') + " must be overriden");
+    }
+    this.skipFromEnv();
+  }
+
+  /**
+   * Autoconfigures the instance to skip the validation of prices and inventory
+   * of items with codes listed in the configured environment variables.
+   */
+  skipFromEnv() {
+    if (config.datastore.skipUpdate.inventory === '__ALL__') {
+      this.skipUpdate.inventory.all = true;
+    }
+    this.skipUpdate.inventory.concat(
+      (config.datastore.skipUpdate.inventory || '').split(',')
+    );
+  }
+
+  /**
+   * Retrieves items from the DataStore
+   *
+   * @abstract
+   * @returns {Promise<Array<Object>>} a promise to the items.
+   */
+  fetchItems() {
+    throw new Error();
+  }
+
+  /**
+   * Retrieves the credentials needed for the DataStore to work.
+   *
+   * This method is needed to ensure testability, removing the
+   * datastore credentials from the methods to be tested.
+   *
+   * @abstract
+   * @returns {Object|string} credentials needed for the integration;
+   */
+  getCredentials() {
+    throw new Error();
+  }
+
+  /**
+   * Sets the credentials needed for the DataStore to work.
+   *
+   * This method is needed to ensure testability, removing the
+   * datastore credentials from the methods to be tested.
+   *
+   * @param {Object|string} credentials needed for the integration;
+   * @abstract
+   */
+  setCredentials(credentials) {
+    throw new Error();
+  }
+
+}
+
+module.exports = DataStoreBase;

src/foxy/FoxyWebhook.js

@@ -0,0 +1,202 @@
+const FoxySdk = require('@foxy.io/sdk');
+const config = require('../../config.js');
+
+
+/**
+ * @typedef {Object} PrepaymentPayload
+ * @property {Object} _links 
+ * @property {PrepaymentEmbedded} _embedded 
+ * @property {string} customer_uri
+ * @property {string} template_set_uri
+ * @property {string} language
+ * @property {string} locale_code
+ * @property {string} customer_ip
+ * @property {string} ip_country
+ * @property {string} session_name
+ * @property {string} session_id
+ * @property {string} total_item_price
+ * @property {string} total_tax
+ * @property {string} total_shipping
+ * @property {string} total_future_shipping
+ * @property {string} total_order
+ * @property {string} date_created
+ * @property {string} date_modified
+ */
+
+/**
+ * @typedef {Object} PrepaymentEmbedded
+ * @property {Array<PrepaymentItem>} fx:items
+ * @property {Array} fx:discounts
+ * @property {Array} fx:custom_fields
+ * @property {Array} fx:shipmet
+ * @property {Array} fx:customer
+ */
+
+/**
+ * @typedef {Object} PrepaymentItem
+ * @property {string} item_category_uri
+ * @property {string} name
+ * @property {string} price
+ * @property {string} quantity
+ * @property {string} quantity_min
+ * @property {string} quantity_max
+ * @property {string} weight
+ * @property {string} code
+ * @property {string} parent_code
+ * @property {string} discount_name
+ * @property {string} discount_type
+ * @property {string} discount_details
+ * @property {string} subscription_frequency
+ * @property {string} subscription_start_date
+ * @property {string} subscription_next_transaction_date
+ * @property {string} subscription_end_date
+ * @property {string} is_future_line_item
+ * @property {string} shipto
+ * @property {string} url
+ * @property {string} image
+ * @property {string} length
+ * @property {string} width
+ * @property {string} height
+ * @property {string} expires
+ * @property {string} date_created
+ * @property {string} date_modified
+ */
+
+/**
+ * Retrieves the items from the payload
+ *
+ * @param {PrepaymentPayload} payload to provide the items.
+ * @returns {Array<PrepaymentItem>} an array of items from this payload
+ */
+function getItems(payload) {
+  try {
+    return payload._embedded['fx:items'] || [];
+  } catch (e) {
+    return [];
+  }
+}
+
+/**
+ * Builds a response as expected by the prepayment webhook.
+ *
+ * @param {string} details about the error, if it happened.
+ * @param {number} code the HTTP status code
+ * @returns {{body: string, statusCode: number}} a string to be used as the body of the response.
+ */
+function response(details="", code=200) {
+  if (code !== 200 && (!details || details.match(/^\s*$/))) {
+    throw new Error("An error response needs to specify details.");
+  }
+  return {
+    body: JSON.stringify({
+      details: details || "",
+      ok: details === ""
+    }),
+    statusCode: code
+  }
+}
+
+/**
+ * Creates a details message about insufficient inventory.
+ *
+ * @param {Array} pairs with insufficient inventory.
+ * @returns {string} a configurable message.
+ */
+function messageInsufficientInventory(pairs) {
+  if (!pairs.length) return '';
+  const message = config.datastore.error.insufficientInventory ||
+    'Insufficient inventory for these items';
+  return message + ' ' + pairs
+    .map(p => `${p[1].name}: only ${p[1].inventory} available`).join(';')
+}
+
+/**
+ * Creates a details message about invalid price.
+ *
+ * @param {Array} pairs with invalid price.
+ * @returns {string} a configurable message.
+ */
+function messagePriceMismatch(pairs) {
+  if (!pairs.length) return '';
+  const message = config.datastore.error.priceMismatch ||
+    'Prices do not match:';
+  return message + ' ' + pairs
+    .map(p => p[0].name)
+    .join(', ');
+}
+
+/**
+ * Verifies a Foxy Signature in a Webhook.
+ *
+ * @param {string} payload received in the Foxy Webhook request.
+ * @param {string} signature received in the Foxy Webhook request.
+ * @param {string} key to be used to verify the signature.
+ * @returns {boolean} the signature is valid
+ */
+function validSignature(payload, signature, key) {
+  try {
+    return FoxySdk.Backend.verifyWebhookSignature({ key, payload, signature });
+  } catch (e) {
+    console.error(e);
+    return false;
+  }
+}
+
+/**
+ * Verifies the signature of a Foxy Webhook Request.
+ *
+ * @param {Object} req the request with the signature to be verified
+ * @returns {boolean} the signature is valid
+ */
+function verifyWebhookSignature(req) {
+  const foxyEvent = req.headers['foxy-webhook-event'];
+  const signature = req.headers['foxy-webhook-signature'];
+  if (foxyEvent === 'validation/payment') {
+    if (!signature) {
+      return true;
+    }
+  }
+  const key = config.foxy.webhook.encryptionKey;
+  const payload = req.body;
+  return validSignature(payload, signature, key);
+}
+
+/**
+ * Validates a Foxy request.
+ *
+ * It must be a Signed POST request with content-type application/json.
+ *
+ * @param {Request} requestEvent to be evaluated as valid.
+ * @returns {string|boolean} the error with this request.
+ */
+function validFoxyRequest(requestEvent) {
+  let err = false;
+  if (!requestEvent) {
+    err = 'Request Event does not Exist';
+  } else if (!requestEvent.body) {
+    err = 'Empty request.';
+  } else if (!requestEvent.httpMethod || requestEvent.httpMethod !== 'POST') {
+    err = 'Method not allowed';
+  } else if (requestEvent.headers['content-type'] !== 'application/json') {
+    err = 'Content type should be application/json';
+  } else if (!verifyWebhookSignature(requestEvent)) {
+    err = 'Forbidden';
+  }
+  try {
+    JSON.parse(requestEvent.body);
+  } catch (e) {
+    err = 'Payload is not valid JSON.';
+  }
+  return err;
+}
+
+module.exports = {
+  getItems,
+  messageInsufficientInventory,
+  messagePriceMismatch,
+  response,
+  validFoxyRequest,
+  validSignature,
+  verifyWebhookSignature,
+}
+