-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.py
More file actions
340 lines (290 loc) · 12.6 KB
/
app.py
File metadata and controls
340 lines (290 loc) · 12.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
import logging
import os
import socket
from datetime import datetime
from zoneinfo import ZoneInfo
import stripe
import yaml
from flask import Flask, jsonify, request
from s3_storage import save_binary_file_to_s3, save_file_to_s3
def validate_payment_intent_data(payment_intent: dict) -> None:
"""
Validate Stripe payment_intent webhook data (payment_intent.succeeded).
Args:
payment_intent: Stripe payment_intent object from webhook
Raises:
ValueError: If validation fails
"""
# Validate payment_id
payment_id = payment_intent.get("id")
if not payment_id or not isinstance(payment_id, str) or len(payment_id) > 200:
raise ValueError("Invalid payment ID")
# Validate payment_amount (must be positive integer in cents)
amount = payment_intent.get("amount")
if not isinstance(amount, int) or amount <= 0 or amount > 999999900: # Max ~$10M
raise ValueError("Invalid payment amount")
# Validate currency (must be 3-letter code)
currency = payment_intent.get("currency")
if not currency or not isinstance(currency, str) or len(currency) != 3 or not currency.isalpha():
raise ValueError("Invalid currency code")
# Validate timestamp
created = payment_intent.get("created")
if not isinstance(created, int) or created <= 0:
raise ValueError("Invalid payment timestamp")
# Validate status (must be "succeeded")
status = payment_intent.get("status")
if status != "succeeded":
raise ValueError("Payment status is not 'succeeded'")
# Validate metadata if present (optional field)
metadata = payment_intent.get("metadata")
if metadata is not None and not isinstance(metadata, dict):
raise ValueError("Invalid metadata format")
logging.basicConfig(level=logging.INFO, format="%(asctime)s - %(name)s - %(levelname)s - %(message)s")
logger = logging.getLogger(__name__)
app = Flask(__name__)
def get_db_connection():
import psycopg2
return psycopg2.connect(
host=os.environ["PG_HOST"],
port=os.environ["PG_PORT"],
dbname=os.environ["PG_DB"],
user=os.environ["PG_USER"],
password=os.environ["PG_PASSWORD"],
)
def process_payment_intent_webhook():
"""
Process Stripe payment_intent.succeeded webhook.
Returns:
Tuple of (response_dict, status_code)
"""
stripe_webhook_secret = os.environ["STRIPE_WEBHOOK_SECRET"]
fina_timezone = ZoneInfo(os.environ["FINA_TIMEZONE"])
payload = request.get_data()
sig_header = request.headers.get("Stripe-Signature")
# Verify webhook signature
try:
event = stripe.Webhook.construct_event(payload, sig_header, stripe_webhook_secret)
logger.info(f"Webhook signature verified for event: {event.get('id', 'unknown')}")
except Exception as e:
logger.error(f"Webhook signature verification failed: {e}")
return jsonify({"status": "error", "message": "Invalid webhook signature"}), 400
# Check event type
if event["type"] != "payment_intent.succeeded":
logger.info(f"Ignoring event type: {event['type']}")
return jsonify({"status": "ignored", "event_type": event["type"]}), 200
payment_intent = event["data"]["object"]
# Validate webhook data for security
try:
validate_payment_intent_data(payment_intent)
except ValueError as e:
logger.error(f"Webhook data validation failed: {e}")
return jsonify({"status": "error", "message": "Invalid webhook data"}), 400
# Extract payment data from payment_intent
payment_id = payment_intent.get("id")
payment_time = payment_intent.get("created")
payment_time_utc = datetime.fromtimestamp(payment_time, tz=ZoneInfo("UTC"))
payment_time_local = payment_time_utc.astimezone(fina_timezone)
payment_amount = payment_intent.get("amount", 0) / 100
payment_currency = payment_intent.get("currency")
# Extract invoice_id from metadata or description
metadata = payment_intent.get("metadata", {})
invoice_id = metadata.get("invoice_id") or metadata.get("order_id") or payment_intent.get("description")
# Check for idempotency - prevent duplicate processing
try:
with get_db_connection() as conn:
with conn.cursor() as cur:
cur.execute(
"SELECT id, status, zki, jir, receipt_number FROM fina_receipt WHERE stripe_id = %s", [payment_id]
)
existing_record = cur.fetchone()
if existing_record:
existing_id, existing_status, existing_zki, existing_jir, existing_receipt_number = existing_record
logger.info(f"Payment {payment_id} already processed with status: {existing_status}")
# Return appropriate response based on existing status
if existing_status == "completed":
return (
jsonify(
{
"status": "success",
"message": "Payment already processed successfully",
"payment_amount": payment_amount,
"ZKI": existing_zki,
"JIR": existing_jir,
"receipt_number": existing_receipt_number,
"idempotent": True,
}
),
200,
)
elif existing_status == "processing":
return (
jsonify(
{
"status": "processing",
"message": "Payment is currently being processed",
"receipt_number": existing_receipt_number,
"idempotent": True,
}
),
202,
) # 202 Accepted - processing
else: # failed status
return (
jsonify(
{
"status": "failed",
"message": "Payment processing previously failed",
"receipt_number": existing_receipt_number,
"idempotent": True,
}
),
422,
) # 422 Unprocessable Entity
except Exception as e:
logger.error(f"Error checking for existing payment {payment_id}: {e}")
# Continue with processing if we can't check - better than failing
# Prepare data for S3 storage
payment_time_local_yaml = payment_time_local.strftime("%Y-%m-%d %H:%M:%S")
parsed = {
"payment_id": payment_id,
"payment_time": payment_time_local_yaml,
"payment_amount": payment_amount,
"payment_currency": payment_currency,
"invoice_id": invoice_id,
}
# Create folder structure: YYYY-MM-DD-HH-MM-SS-stripe-payment-intent-event_id-hostname-pid (UTC time)
# Include hostname and PID to avoid conflicts between dev and production environments
event_id = event.get("id", "unknown")
hostname = socket.gethostname()
pid = os.getpid()
payment_time_folder_utc = payment_time_utc.strftime("%Y-%m-%d-%H-%M-%S")
folder_path = f"{payment_time_folder_utc}-stripe-payment-intent-{event_id}-{hostname}-{pid}"
# Save webhook data to S3
logger.info(f"Saving webhook data to S3: {folder_path}")
save_binary_file_to_s3(payload, f"{folder_path}/stripe-webhook.json")
yaml_content = yaml.dump(parsed, allow_unicode=True)
save_file_to_s3(yaml_content, f"{folder_path}/stripe-webhook.yaml")
# Flow configuration: stripe_payment_intent -> fina (currently hardcoded)
fiscal_system = "fina" # TODO: make this configurable
logger.info(f"Processing payment with fiscal system: {fiscal_system}")
if fiscal_system == "fina":
# FINA requires EUR currency only
if payment_currency.upper() != "EUR":
logger.error(f"FINA fiscalization requires EUR currency, got: {payment_currency}")
result = {
"status": "error",
"message": f"FINA fiscalization only supports EUR currency, received: {payment_currency}",
"payment_id": payment_id,
"payment_currency": payment_currency,
}
return jsonify(result), 422 # 422 Unprocessable Entity
from fina import process_fina_fiscalization
result = process_fina_fiscalization(
payment_id,
payment_time_local,
payment_amount,
payment_currency,
invoice_id,
folder_path, # Pass the shared folder path
)
if result.get("JIR"):
logger.info(f"Fiscalization successful - JIR: {result.get('JIR')}, ZKI: {result.get('ZKI')}")
else:
logger.warning(f"Fiscalization failed - no JIR received: {result}")
else:
logger.error(f"Unsupported fiscal system: {fiscal_system}")
result = {
"status": "error",
"message": f"Unsupported fiscal system: {fiscal_system}",
}
return jsonify(result), 200
@app.route("/health", methods=["GET"])
def health_check():
logger.info("Health check requested")
# Required environment variables
required_env_vars = [
"S3_ACCESS_KEY",
"S3_SECRET_KEY",
"S3_ENDPOINT_URL",
"S3_BUCKET_NAME",
"STRIPE_WEBHOOK_SECRET",
"P12_PATH",
"P12_PASSWORD",
"FINA_CA_DIR_PATH",
"FINA_TIMEZONE",
"FINA_ENDPOINT",
"OIB_COMPANY",
"OIB_OPERATOR",
"LOCATION_ID",
"REGISTER_ID",
"PG_HOST",
"PG_PORT",
"PG_USER",
"PG_PASSWORD",
"PG_DB",
]
# Check for missing environment variables
missing_vars = [var for var in required_env_vars if not os.environ.get(var)]
if missing_vars:
logger.error(f"Health check failed: Missing environment variables: {', '.join(missing_vars)}")
return (
jsonify(
{
"status": "unhealthy",
"environment": "incomplete",
"missing_vars": missing_vars,
"error": "Required environment variables not set",
"timestamp": datetime.now(ZoneInfo("UTC")).isoformat(),
}
),
503,
)
try:
with get_db_connection() as conn:
with conn.cursor() as cur:
cur.execute("SELECT 1")
cur.fetchone()
# Cleanup stale processing records during health checks
# This runs periodically when health checks are called by monitoring systems
try:
from fina import cleanup_stale_processing_records
cleaned_count = cleanup_stale_processing_records(max_age_minutes=30)
logger.info(f"Health check cleanup: {cleaned_count} stale records processed")
except Exception as cleanup_error:
logger.warning(f"Cleanup during health check failed: {cleanup_error}")
# Don't fail health check if cleanup fails
logger.info("Health check passed")
return (
jsonify(
{
"status": "healthy",
"database": "connected",
"environment": "complete",
"timestamp": datetime.now(ZoneInfo("UTC")).isoformat(),
}
),
200,
)
except Exception as e:
logger.error(f"Health check failed: {e}")
return (
jsonify(
{
"status": "unhealthy",
"database": "disconnected",
"environment": "complete",
"error": "Database connection failed",
"timestamp": datetime.now(ZoneInfo("UTC")).isoformat(),
}
),
503,
)
@app.route("/stripe/payment-intent", methods=["POST"])
def stripe_payment_intent_webhook():
"""Handle Stripe payment_intent.succeeded webhook events."""
logger.info("Stripe payment_intent webhook received")
return process_payment_intent_webhook()
if __name__ == "__main__":
# Only enable debug mode in development environment
debug_mode = os.environ.get("APP_ENV", "production").lower() in ["dev", "development"]
app.run(debug=debug_mode)