<?php

[0] Fix | Delete

declare( strict_types = 1);

[1] Fix | Delete

namespace Automattic\WooCommerce\StoreApi\Utilities;

[2] Fix | Delete

[3] Fix | Delete

use Automattic\Jetpack\Constants;

[4] Fix | Delete

use Automattic\WooCommerce\StoreApi\Exceptions\RouteException;

[5] Fix | Delete

use Automattic\WooCommerce\StoreApi\Payments\PaymentContext;

[6] Fix | Delete

use Automattic\WooCommerce\StoreApi\Payments\PaymentResult;

[7] Fix | Delete

use Automattic\WooCommerce\Blocks\Domain\Services\CheckoutFieldsSchema\DocumentObject;

[8] Fix | Delete

use Automattic\WooCommerce\Admin\Features\Features;

[9] Fix | Delete

use WC_Customer;

[10] Fix | Delete

[11] Fix | Delete

/**

[12] Fix | Delete

* CheckoutTrait

[13] Fix | Delete

*

[14] Fix | Delete

* Shared functionality for checkout route.

[15] Fix | Delete

*/

[16] Fix | Delete

trait CheckoutTrait {

[17] Fix | Delete

/**

[18] Fix | Delete

* Prepare a single item for response. Handles setting the status based on the payment result.

[19] Fix | Delete

*

[20] Fix | Delete

* @param mixed $item Item to format to schema.

[21] Fix | Delete

* @param \WP_REST_Request $request Request object.

[22] Fix | Delete

* @return \WP_REST_Response $response Response data.

[23] Fix | Delete

*/

[24] Fix | Delete

public function prepare_item_for_response( $item, \WP_REST_Request $request ) {

[25] Fix | Delete

$response = parent::prepare_item_for_response( $item, $request );

[26] Fix | Delete

$status_codes = [

[27] Fix | Delete

'success' => 200,

[28] Fix | Delete

'pending' => 202,

[29] Fix | Delete

'failure' => 400,

[30] Fix | Delete

'error' => 500,

[31] Fix | Delete

];

[32] Fix | Delete

[33] Fix | Delete

if ( isset( $item->payment_result ) && $item->payment_result instanceof PaymentResult ) {

[34] Fix | Delete

$response->set_status( $status_codes[ $item->payment_result->status ] ?? 200 );

[35] Fix | Delete

}

[36] Fix | Delete

[37] Fix | Delete

return $response;

[38] Fix | Delete

}

[39] Fix | Delete

[40] Fix | Delete

/**

[41] Fix | Delete

* For orders which do not require payment, just update status.

[42] Fix | Delete

*

[43] Fix | Delete

* @param \WP_REST_Request $request Request object.

[44] Fix | Delete

* @param PaymentResult $payment_result Payment result object.

[45] Fix | Delete

*/

[46] Fix | Delete

private function process_without_payment( \WP_REST_Request $request, PaymentResult $payment_result ) {

[47] Fix | Delete

$this->order->payment_complete();

[48] Fix | Delete

[49] Fix | Delete

// Mark the payment as successful.

[50] Fix | Delete

$payment_result->set_status( 'success' );

[51] Fix | Delete

$payment_result->set_redirect_url( $this->order->get_checkout_order_received_url() );

[52] Fix | Delete

}

[53] Fix | Delete

[54] Fix | Delete

/**

[55] Fix | Delete

* Fires an action hook instructing active payment gateways to process the payment for an order and provide a result.

[56] Fix | Delete

*

[57] Fix | Delete

* @throws RouteException On error.

[58] Fix | Delete

*

[59] Fix | Delete

* @param \WP_REST_Request $request Request object.

[60] Fix | Delete

* @param PaymentResult $payment_result Payment result object.

[61] Fix | Delete

*/

[62] Fix | Delete

private function process_payment( \WP_REST_Request $request, PaymentResult $payment_result ) {

[63] Fix | Delete

try {

[64] Fix | Delete

// Prepare the payment context object to pass through payment hooks.

[65] Fix | Delete

$context = new PaymentContext();

[66] Fix | Delete

$context->set_payment_method( $this->get_request_payment_method_id( $request ) );

[67] Fix | Delete

$context->set_payment_data( $this->get_request_payment_data( $request ) );

[68] Fix | Delete

$context->set_order( $this->order );

[69] Fix | Delete

[70] Fix | Delete

/**

[71] Fix | Delete

* Process payment with context.

[72] Fix | Delete

*

[73] Fix | Delete

* @hook woocommerce_rest_checkout_process_payment_with_context

[74] Fix | Delete

*

[75] Fix | Delete

* @throws \Exception If there is an error taking payment, an \Exception object can be thrown with an error message.

[76] Fix | Delete

*

[77] Fix | Delete

* @param PaymentContext $context Holds context for the payment, including order ID and payment method.

[78] Fix | Delete

* @param PaymentResult $payment_result Result object for the transaction.

[79] Fix | Delete

*/

[80] Fix | Delete

do_action_ref_array( 'woocommerce_rest_checkout_process_payment_with_context', [ $context, &$payment_result ] );

[81] Fix | Delete

[82] Fix | Delete

if ( ! $payment_result instanceof PaymentResult ) {

[83] Fix | Delete

throw new RouteException( 'woocommerce_rest_checkout_invalid_payment_result', __( 'Invalid payment result received from payment method.', 'woocommerce' ), 500 );

[84] Fix | Delete

}

[85] Fix | Delete

} catch ( \Exception $e ) {

[86] Fix | Delete

$additional_data = [];

[87] Fix | Delete

[88] Fix | Delete

// phpcs:disable WooCommerce.Commenting.CommentHooks.MissingSinceComment

[89] Fix | Delete

/**

[90] Fix | Delete

* Allows to check if WP_DEBUG mode is enabled before returning previous Exception.

[91] Fix | Delete

*

[92] Fix | Delete

* @param bool The WP_DEBUG mode.

[93] Fix | Delete

*/

[94] Fix | Delete

if ( apply_filters( 'woocommerce_return_previous_exceptions', Constants::is_true( 'WP_DEBUG' ) ) && $e->getPrevious() ) {

[95] Fix | Delete

$additional_data = [

[96] Fix | Delete

'previous' => get_class( $e->getPrevious() ),

[97] Fix | Delete

];

[98] Fix | Delete

}

[99] Fix | Delete

[100] Fix | Delete

throw new RouteException( 'woocommerce_rest_checkout_process_payment_error', esc_html( $e->getMessage() ), 400, array_map( 'esc_attr', $additional_data ) );

[101] Fix | Delete

}

[102] Fix | Delete

}

[103] Fix | Delete

[104] Fix | Delete

/**

[105] Fix | Delete

* Gets the chosen payment method ID from the request.

[106] Fix | Delete

*

[107] Fix | Delete

* @throws RouteException On error.

[108] Fix | Delete

* @param \WP_REST_Request $request Request object.

[109] Fix | Delete

* @return string

[110] Fix | Delete

*/

[111] Fix | Delete

private function get_request_payment_method_id( \WP_REST_Request $request ) {

[112] Fix | Delete

$payment_method = $this->get_request_payment_method( $request );

[113] Fix | Delete

return is_null( $payment_method ) ? '' : $payment_method->id;

[114] Fix | Delete

}

[115] Fix | Delete

[116] Fix | Delete

/**

[117] Fix | Delete

* Gets and formats payment request data.

[118] Fix | Delete

*

[119] Fix | Delete

* @param \WP_REST_Request $request Request object.

[120] Fix | Delete

* @return array

[121] Fix | Delete

*/

[122] Fix | Delete

private function get_request_payment_data( \WP_REST_Request $request ) {

[123] Fix | Delete

static $payment_data = [];

[124] Fix | Delete

if ( ! empty( $payment_data ) ) {

[125] Fix | Delete

return $payment_data;

[126] Fix | Delete

}

[127] Fix | Delete

if ( ! empty( $request['payment_data'] ) ) {

[128] Fix | Delete

foreach ( $request['payment_data'] as $data ) {

[129] Fix | Delete

$payment_data[ sanitize_key( $data['key'] ) ] = wc_clean( $data['value'] );

[130] Fix | Delete

}

[131] Fix | Delete

}

[132] Fix | Delete

[133] Fix | Delete

return $payment_data;

[134] Fix | Delete

}

[135] Fix | Delete

[136] Fix | Delete

/**

[137] Fix | Delete

* Update the current order using the posted values from the request.

[138] Fix | Delete

*

[139] Fix | Delete

* @param \WP_REST_Request $request Full details about the request.

[140] Fix | Delete

*/

[141] Fix | Delete

private function update_order_from_request( \WP_REST_Request $request ) {

[142] Fix | Delete

$this->order->set_customer_note( wc_sanitize_textarea( $request['customer_note'] ) ?? '' );

[143] Fix | Delete

$payment_method = $this->get_request_payment_method( $request );

[144] Fix | Delete

if ( null !== $payment_method ) {

[145] Fix | Delete

WC()->session->set( 'chosen_payment_method', $payment_method->id );

[146] Fix | Delete

$this->order->set_payment_method( $payment_method->id );

[147] Fix | Delete

$this->order->set_payment_method_title( $payment_method->title );

[148] Fix | Delete

} elseif ( ! $this->order->needs_payment() ) {

[149] Fix | Delete

$this->order->set_payment_method( '' );

[150] Fix | Delete

}

[151] Fix | Delete

wc_log_order_step(

[152] Fix | Delete

'[Store API #5::update_order_from_request] Set customer note and payment method',

[153] Fix | Delete

array(

[154] Fix | Delete

'order_id' => $this->order->get_id(),

[155] Fix | Delete

'payment' => $this->order->get_payment_method_title(),

[156] Fix | Delete

)

[157] Fix | Delete

);

[158] Fix | Delete

$this->persist_additional_fields_for_order( $request );

[159] Fix | Delete

wc_log_order_step(

[160] Fix | Delete

'[Store API #5::update_order_from_request] Persisted additional fields',

[161] Fix | Delete

array(

[162] Fix | Delete

'order_id' => $this->order->get_id(),

[163] Fix | Delete

'payment' => $this->order->get_payment_method_title(),

[164] Fix | Delete

)

[165] Fix | Delete

);

[166] Fix | Delete

[167] Fix | Delete

wc_do_deprecated_action(

[168] Fix | Delete

'__experimental_woocommerce_blocks_checkout_update_order_from_request',

[169] Fix | Delete

array(

[170] Fix | Delete

$this->order,

[171] Fix | Delete

$request,

[172] Fix | Delete

),

[173] Fix | Delete

'6.3.0',

[174] Fix | Delete

'woocommerce_store_api_checkout_update_order_from_request',

[175] Fix | Delete

'This action was deprecated in WooCommerce Blocks version 6.3.0. Please use woocommerce_store_api_checkout_update_order_from_request instead.'

[176] Fix | Delete

);

[177] Fix | Delete

[178] Fix | Delete

wc_do_deprecated_action(

[179] Fix | Delete

'woocommerce_blocks_checkout_update_order_from_request',

[180] Fix | Delete

array(

[181] Fix | Delete

$this->order,

[182] Fix | Delete

$request,

[183] Fix | Delete

),

[184] Fix | Delete

'7.2.0',

[185] Fix | Delete

'woocommerce_store_api_checkout_update_order_from_request',

[186] Fix | Delete

'This action was deprecated in WooCommerce Blocks version 7.2.0. Please use woocommerce_store_api_checkout_update_order_from_request instead.'

[187] Fix | Delete

);

[188] Fix | Delete

[189] Fix | Delete

/**

[190] Fix | Delete

* Fires when the Checkout Block/Store API updates an order's from the API request data.

[191] Fix | Delete

*

[192] Fix | Delete

* This hook gives extensions the chance to update orders based on the data in the request. This can be used in

[193] Fix | Delete

* conjunction with the ExtendSchema class to post custom data and then process it.

[194] Fix | Delete

*

[195] Fix | Delete

* @since 7.2.0

[196] Fix | Delete

*

[197] Fix | Delete

* @param \WC_Order $order Order object.

[198] Fix | Delete

* @param \WP_REST_Request $request Full details about the request.

[199] Fix | Delete

*/

[200] Fix | Delete

do_action( 'woocommerce_store_api_checkout_update_order_from_request', $this->order, $request );

[201] Fix | Delete

[202] Fix | Delete

$this->order->save();

[203] Fix | Delete

}

[204] Fix | Delete

[205] Fix | Delete

/**

[206] Fix | Delete

* Gets the chosen payment method title from the request.

[207] Fix | Delete

*

[208] Fix | Delete

* @throws RouteException On error.

[209] Fix | Delete

* @param \WP_REST_Request $request Request object.

[210] Fix | Delete

* @return string

[211] Fix | Delete

*/

[212] Fix | Delete

private function get_request_payment_method_title( \WP_REST_Request $request ) {

[213] Fix | Delete

$payment_method = $this->get_request_payment_method( $request );

[214] Fix | Delete

return is_null( $payment_method ) ? '' : $payment_method->get_title();

[215] Fix | Delete

}

[216] Fix | Delete

[217] Fix | Delete

/**

[218] Fix | Delete

* Persist additional fields for the order after validating them.

[219] Fix | Delete

*

[220] Fix | Delete

* @param \WP_REST_Request $request Full details about the request.

[221] Fix | Delete

*/

[222] Fix | Delete

private function persist_additional_fields_for_order( \WP_REST_Request $request ) {

[223] Fix | Delete

if ( Features::is_enabled( 'experimental-blocks' ) ) {

[224] Fix | Delete

$document_object = $this->get_document_object_from_rest_request( $request );

[225] Fix | Delete

$document_object->set_context( 'order' );

[226] Fix | Delete

$additional_fields_order = $this->additional_fields_controller->get_contextual_fields_for_location( 'order', $document_object );

[227] Fix | Delete

$additional_fields_contact = $this->additional_fields_controller->get_contextual_fields_for_location( 'contact', $document_object );

[228] Fix | Delete

$additional_fields = array_merge( $additional_fields_order, $additional_fields_contact );

[229] Fix | Delete

} else {

[230] Fix | Delete

$additional_fields_order = $this->additional_fields_controller->get_fields_for_location( 'order' );

[231] Fix | Delete

$additional_fields_contact = $this->additional_fields_controller->get_fields_for_location( 'contact' );

[232] Fix | Delete

$additional_fields = array_merge( $additional_fields_order, $additional_fields_contact );

[233] Fix | Delete

}

[234] Fix | Delete

[235] Fix | Delete

$field_values = (array) $request['additional_fields'] ?? [];

[236] Fix | Delete

[237] Fix | Delete

foreach ( $additional_fields as $key => $field ) {

[238] Fix | Delete

if ( isset( $field_values[ $key ] ) ) {

[239] Fix | Delete

$this->additional_fields_controller->persist_field_for_order( $key, $field_values[ $key ], $this->order, 'other', false );

[240] Fix | Delete

}

[241] Fix | Delete

}

[242] Fix | Delete

[243] Fix | Delete

// The above logic sets visible fields, but not hidden fields. Unset the hidden fields here.

[244] Fix | Delete

$other_posted_field_values = array_diff_key( $field_values, $additional_fields );

[245] Fix | Delete

[246] Fix | Delete

foreach ( $other_posted_field_values as $key => $value ) {

[247] Fix | Delete

if ( $this->additional_fields_controller->is_field( $key ) ) {

[248] Fix | Delete

$this->additional_fields_controller->persist_field_for_order( $key, '', $this->order, 'other', false );

[249] Fix | Delete

}

[250] Fix | Delete

}

[251] Fix | Delete

[252] Fix | Delete

// We need to sync the customer additional fields with the order otherwise they will be overwritten on next page load.

[253] Fix | Delete

if ( 0 !== $this->order->get_customer_id() && get_current_user_id() === $this->order->get_customer_id() ) {

[254] Fix | Delete

$this->additional_fields_controller->sync_customer_additional_fields_with_order( $this->order, wc()->customer );

[255] Fix | Delete

}

[256] Fix | Delete

}

[257] Fix | Delete

[258] Fix | Delete

/**

[259] Fix | Delete

* Returns a document object from a REST request.

[260] Fix | Delete

*

[261] Fix | Delete

* @param \WP_REST_Request $request The REST request.

[262] Fix | Delete

* @return DocumentObject The document object or null if experimental blocks are not enabled.

[263] Fix | Delete

*/

[264] Fix | Delete

public function get_document_object_from_rest_request( \WP_REST_Request $request ) {

[265] Fix | Delete

return new DocumentObject(

[266] Fix | Delete

[

[267] Fix | Delete

'customer' => [

[268] Fix | Delete

'billing_address' => $request['billing_address'],

[269] Fix | Delete

'shipping_address' => $request['shipping_address'],

[270] Fix | Delete

'additional_fields' => array_intersect_key(

[271] Fix | Delete

$request['additional_fields'] ?? [],

[272] Fix | Delete

array_flip( $this->additional_fields_controller->get_contact_fields_keys() )

[273] Fix | Delete

),

[274] Fix | Delete

],

[275] Fix | Delete

'checkout' => [

[276] Fix | Delete

'payment_method' => $request['payment_method'],

[277] Fix | Delete

'create_account' => $request['create_account'],

[278] Fix | Delete

'customer_note' => $request['customer_note'],

[279] Fix | Delete

'additional_fields' => array_intersect_key(

[280] Fix | Delete

$request['additional_fields'] ?? [],

[281] Fix | Delete

array_flip( $this->additional_fields_controller->get_order_fields_keys() )

[282] Fix | Delete

),

[283] Fix | Delete

],

[284] Fix | Delete

]

[285] Fix | Delete

);

[286] Fix | Delete

}

[287] Fix | Delete

}

[288] Fix | Delete

[289] Fix | Delete