feat: add stripe webhooks (#4)

### Explanation _No response_ ### Issue _No response_ ### Attestations - [x] I have read and agree to the [Code of Conduct](https://docs.nhcarrigan.com/community/coc/) - [x] I have read and agree to the [Community Guidelines](https://docs.nhcarrigan.com/community/guide/). - [x] My contribution complies with the [Contributor Covenant](https://docs.nhcarrigan.com/dev/covenant/). ### Dependencies - [x] I have pinned the dependencies to a specific patch version. ### Style - [x] I have run the linter and resolved any errors. - [x] My pull request uses an appropriate title, matching the conventional commit standards. - [x] My scope of feat/fix/chore/etc. correctly matches the nature of changes in my pull request. ### Tests - [ ] My contribution adds new code, and I have added tests to cover it. - [ ] My contribution modifies existing code, and I have updated the tests to reflect these changes. - [ ] All new and existing tests pass locally with my changes. - [ ] Code coverage remains at or above the configured threshold. ### Documentation _No response_ ### Versioning _No response_ Reviewed-on: #4 Co-authored-by: Naomi Carrigan <commits@nhcarrigan.com> Co-committed-by: Naomi Carrigan <commits@nhcarrigan.com>
2025-07-06 15:11:59 -07:00
parent 06b77e93f5
commit c5bd74de4a
6 changed files with 319 additions and 66 deletions
--- a/src/index.ts
+++ b/src/index.ts
@ -6,4 +6,4 @@

 import { instantiateServer } from "./server/serve.js";

-instantiateServer();
+await instantiateServer();
--- a/src/server/serve.ts
+++ b/src/server/serve.ts
@ -5,6 +5,9 @@
 */

 import fastify from "fastify";
+import rawBody from "fastify-raw-body";
+// eslint-disable-next-line @typescript-eslint/naming-convention -- We are importing a class.
+import StripeApp from "stripe";
 import { applicationData } from "../config/applicationData.js";
 import { auth } from "../modules/auth.js";
 import { sendDiscord } from "../modules/discord.js";
@ -13,11 +16,14 @@ import { validateWebhook } from "../modules/validateWebhook.js";
 import { errorSchema } from "../schemas/errorSchema.js";
 import { logSchema } from "../schemas/logSchema.js";
 import { uptimeSchema } from "../schemas/uptimeSchema.js";
+import { errorHandler } from "../utils/errorHandler.js";
 import type { Entitlement } from "../interfaces/entitlement.js";
 import type { Error } from "../interfaces/error.js";
 import type { Log } from "../interfaces/log.js";
 import type { Uptime } from "../interfaces/uptime.js";

+const stripe = new StripeApp(process.env.STRIPE_SECRET_KEY ?? "");
+
 const html = `<!DOCTYPE html>
 <html>
  <head>
@ -60,7 +66,7 @@ const html = `<!DOCTYPE html>
 * Starts up the server to receive events.
 */
 // eslint-disable-next-line max-lines-per-function -- This function is long because it is setting up a server.
-export const instantiateServer = (): void => {
+export const instantiateServer = async(): Promise<void> => {
  try {
    const server = fastify({
      logger: false,
@ -73,14 +79,19 @@ export const instantiateServer = (): void => {

    // eslint-disable-next-line @typescript-eslint/naming-convention -- Body must be capitalised for Fastify.
    server.post<{ Body: Log }>("/log", logSchema, async(request, response) => {
-      if (!auth(request)) {
-        await response.status(401).send({ success: false });
-        return;
+      try {
+        if (!auth(request)) {
+          await response.status(401).send({ success: false });
+          return;
+        }
+        const { application, level, message } = request.body;
+        await sendMail(`[${level}]: ${application}`, message);
+        await sendDiscord(`[${level}]: ${application}`, message);
+        await response.status(200).send({ success: true });
+      } catch (error) {
+        await errorHandler(error, "Log Webhook");
+        await response.status(500).send({ success: false });
      }
-      const { application, level, message } = request.body;
-      await sendMail(`[${level}]: ${application}`, message);
-      await sendDiscord(`[${level}]: ${application}`, message);
-      await response.status(200).send({ success: true });
    });

    // eslint-disable-next-line @typescript-eslint/naming-convention -- Body must be capitalised for Fastify.
@ -88,20 +99,25 @@ export const instantiateServer = (): void => {
      "/error",
      errorSchema,
      async(request, response) => {
-        if (!auth(request)) {
-          await response.status(401).send({ success: false });
-          return;
+        try {
+          if (!auth(request)) {
+            await response.status(401).send({ success: false });
+            return;
+          }
+          const { application, context, stack, message } = request.body;
+          await sendMail(
+            `[ERROR]: ${context} - ${application}`,
+            `${message}\n\n${stack}`,
+          );
+          await sendDiscord(
+            `[ERROR]: ${context} - ${application}`,
+            `${message}\n\n\`\`\`\n${stack}\n\`\`\``,
+          );
+          await response.status(200).send({ success: true });
+        } catch (error) {
+          await errorHandler(error, "Error Webhook");
+          await response.status(500).send({ success: false });
        }
-        const { application, context, stack, message } = request.body;
-        await sendMail(
-          `[ERROR]: ${context} - ${application}`,
-          `${message}\n\n${stack}`,
-        );
-        await sendDiscord(
-          `[ERROR]: ${context} - ${application}`,
-          `${message}\n\n\`\`\`\n${stack}\n\`\`\``,
-        );
-        await response.status(200).send({ success: true });
      },
    );

@ -110,14 +126,19 @@ export const instantiateServer = (): void => {
      "/uptime",
      uptimeSchema,
      async(request, response) => {
-        if (!auth(request)) {
-          await response.status(401).send({ success: false });
-          return;
+        try {
+          if (!auth(request)) {
+            await response.status(401).send({ success: false });
+            return;
+          }
+          const { application, message } = request.body;
+          await sendMail(`[UPTIME]: ${application}`, message);
+          await sendDiscord(`[UPTIME]: ${application}`, message);
+          await response.status(200).send({ success: true });
+        } catch (error) {
+          await errorHandler(error, "Uptime Webhook");
+          await response.status(500).send({ success: false });
        }
-        const { application, message } = request.body;
-        await sendMail(`[UPTIME]: ${application}`, message);
-        await sendDiscord(`[UPTIME]: ${application}`, message);
-        await response.status(200).send({ success: true });
      },
    );

@ -131,49 +152,120 @@ export const instantiateServer = (): void => {
      "/entitlement",
      // eslint-disable-next-line complexity -- Fuck off.
      async(request, response) => {
-        const { type, application_id: applicationId, event } = request.body;
-        const appInfo = applicationData[applicationId];
-        const isValid = await validateWebhook(request);
-        if (!isValid) {
-          await response.status(401).send({ success: false });
-          void sendDiscord(
+        try {
+          const { type, application_id: applicationId, event } = request.body;
+          const appInfo = applicationData[applicationId];
+          const isValid = await validateWebhook(request);
+          if (!isValid) {
+            await response.status(401).send({ success: false });
+            void sendDiscord(
+              `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
+              "An invalid webhook signature was received.",
+            );
+            void sendMail(
+              `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
+              "An invalid webhook signature was received.",
+            );
+            return;
+          }
+          await response.status(204).send();
+          if (type === 0) {
+            void sendDiscord(
+              `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
+              "Received a ping from Discord.",
+            );
+            void sendMail(
+              `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
+              "Received a ping from Discord.",
+            );
+            return;
+          }
+          const {
+            user_id: userId,
+            guild_id: guildId,
+            ends_at: endsAt,
+          } = event.data;
+          await sendDiscord(
            `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
-            "An invalid webhook signature was received.",
+            `Entitlement purchased!\n- **User ID**: ${userId}\n- **Guild ID**: ${guildId}\n- **Ends At**: ${endsAt}`,
          );
-          void sendMail(
+          await sendMail(
            `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
-            "An invalid webhook signature was received.",
+            `Entitlement purchased!\n- **User ID**: ${userId}\n- **Guild ID**: ${guildId}\n- **Ends At**: ${endsAt}`,
          );
-          return;
+        } catch (error) {
+          await errorHandler(error, "Entitlement Webhook");
+          await response.status(500).send({ success: false });
        }
-        await response.status(204).send();
-        if (type === 0) {
-          void sendDiscord(
-            `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
-            "Received a ping from Discord.",
-          );
-          void sendMail(
-            `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
-            "Received a ping from Discord.",
-          );
-          return;
-        }
-        const {
-          user_id: userId,
-          guild_id: guildId,
-          ends_at: endsAt,
-        } = event.data;
-        await sendDiscord(
-          `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
-          `Entitlement purchased!\n- **User ID**: ${userId}\n- **Guild ID**: ${guildId}\n- **Ends At**: ${endsAt}`,
-        );
-        await sendMail(
-          `[ENTITLEMENT]: ${appInfo?.name ?? applicationId}`,
-          `Entitlement purchased!\n- **User ID**: ${userId}\n- **Guild ID**: ${guildId}\n- **Ends At**: ${endsAt}`,
-        );
      },
    );

+    await server.register(rawBody, {
+      encoding: false,
+      field:    "rawBody",
+      global:   true,
+      runFirst: true,
+    });
+
+    // eslint-disable-next-line max-lines-per-function, complexity, max-statements -- Lot of logic here.
+    server.post("/stripe", async(request, response) => {
+      try {
+        // eslint-disable-next-line @typescript-eslint/consistent-type-assertions -- Nah fam.
+        const raw = request.rawBody as Buffer;
+        const event = await stripe.webhooks.constructEventAsync(
+          raw,
+          request.headers["stripe-signature"] ?? "",
+          process.env.STRIPE_WEBHOOK_SECRET ?? "",
+        ).catch(() => {
+          return null;
+        });
+        if (event === null) {
+          await response.status(400).send({
+            error: "Invalid Stripe webhook signature.",
+          });
+          void sendDiscord(
+            `[STRIPE]: Invalid Webhook Signature`,
+            `Received an invalid webhook signature from Stripe.\n- **Headers**: ${JSON.stringify(request.headers)}\n- **Body**: ${JSON.stringify(raw, null, 2)}`,
+          );
+          return;
+        }
+        await response.status(200).send({ received: true });
+        if (event.type === "checkout.session.completed") {
+          const checkoutSessionCompleted = event.data.object;
+          await sendDiscord(`[STRIPE]: Checkout Session Completed`, `A checkout session has been completed.\n - **ITEMS**: ${checkoutSessionCompleted.line_items?.data.map((datum) => {
+            return `${datum.description ?? "unknown"} (${String(datum.quantity)})`;
+          }).join(", ") ?? "unknown"}\n- **TOTAL**: ${String(checkoutSessionCompleted.amount_total)}`);
+          await sendMail(`[STRIPE]: Checkout Session Completed`, `A checkout session has been completed.\n - **ITEMS**: ${checkoutSessionCompleted.line_items?.data.map((datum) => {
+            return `${datum.description ?? "unknown"} (${String(datum.quantity)})`;
+          }).join(", ") ?? "unknown"}\n- **TOTAL**: ${String(checkoutSessionCompleted.amount_total)}`);
+          return;
+        }
+        if (event.type === "invoice.paid") {
+          const invoicePaid = event.data.object;
+          await sendDiscord(`[STRIPE]: Invoice Paid`, `An invoice has been paid.\n - **ITEMS**: ${invoicePaid.lines.data.map((datum) => {
+            return `${datum.description ?? "unknown"} (${String(datum.quantity)})`;
+          }).join(", ")}\n- **TOTAL**: ${String(invoicePaid.amount_paid)}`);
+          await sendMail(`[STRIPE]: Invoice Paid`, `An invoice has been paid.\n - **ITEMS**: ${invoicePaid.lines.data.map((datum) => {
+            return `${datum.description ?? "unknown"} (${String(datum.quantity)})`;
+          }).join(", ")}\n- **TOTAL**: ${String(invoicePaid.amount_paid)}`);
+        }
+        if (event.type === "payment_intent.succeeded") {
+          const paymentIntentSucceeded = event.data.object;
+          await sendDiscord(`[STRIPE]: Payment Intent Succeeded`, `A payment intent has succeeded.\n- **AMOUNT**: ${String(paymentIntentSucceeded.amount)}`);
+          await sendMail(`[STRIPE]: Payment Intent Succeeded`, `A payment intent has succeeded.\n- **AMOUNT**: ${String(paymentIntentSucceeded.amount)}`);
+        }
+        if (event.type === "subscription_schedule.completed") {
+          const subscriptionScheduleCompleted = event.data.object;
+          // Then define and call a function to handle the event subscription_schedule.completed
+          await sendDiscord(`[STRIPE]: Subscription Completed`, `A subscription has been completed.\n- **ID**: ${subscriptionScheduleCompleted.id}`);
+          await sendMail(`[STRIPE]: Subscription Completed`, `A subscription has been completed.\n- **ID**: ${subscriptionScheduleCompleted.id}`);
+        }
+      } catch (error) {
+        await errorHandler(error, "Stripe Webhook");
+        await response.status(500).send({ error: "Internal Server Error" });
+      }
+    });
+
    server.listen({ port: 5003 }, (error) => {
      const application = "Alert Server";
      if (error) {
--- a/src/utils/errorHandler.ts
+++ b/src/utils/errorHandler.ts
@ -0,0 +1,32 @@
+/**
+ * @copyright nhcarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+import { sendDiscord } from "../modules/discord.js";
+import { sendMail } from "../modules/sendMail.js";
+
+/**
+ * Forwards an error to the Discord webhook and email.
+ * @param error - The error to forward.
+ * @param context - The context in which the error occurred, for logging purposes.
+ */
+export const errorHandler = async(
+  error: unknown,
+  context: string,
+): Promise<void> => {
+  if (error instanceof Error) {
+    await sendDiscord(
+      `[ERROR] ${context}: ${error.message}`,
+      JSON.stringify(error, null, 2),
+    );
+    await sendMail(
+      `[ERROR] ${context}: ${error.message}`,
+      JSON.stringify(error, null, 2),
+    );
+    return;
+  }
+  await sendDiscord(`[ERROR] ${context}`, JSON.stringify(error, null, 2));
+  await sendMail(`[ERROR] ${context}`, JSON.stringify(error, null, 2));
+};