import { BookingStatus, Prisma } from "@prisma/client"; import { buffer } from "micro"; import type { NextApiRequest, NextApiResponse } from "next"; import Stripe from "stripe"; import EventManager from "@calcom/core/EventManager"; import { sendScheduledEmails } from "@calcom/emails"; import { isPrismaObjOrUndefined } from "@calcom/lib"; import { getErrorFromUnknown } from "@calcom/lib/errors"; import prisma, { bookingMinimalSelect } from "@calcom/prisma"; import stripe from "@calcom/stripe/server"; import { CalendarEvent, RecurringEvent } from "@calcom/types/Calendar"; import { IS_PRODUCTION } from "@lib/config/constants"; import { HttpError as HttpCode } from "@lib/core/http/error"; import { getTranslation } from "@server/lib/i18n"; export const config = { api: { bodyParser: false, }, }; async function handlePaymentSuccess(event: Stripe.Event) { const paymentIntent = event.data.object as Stripe.PaymentIntent; const payment = await prisma.payment.findFirst({ where: { externalId: paymentIntent.id, }, select: { id: true, bookingId: true, }, }); if (!payment?.bookingId) { console.log(JSON.stringify(paymentIntent), JSON.stringify(payment)); } if (!payment?.bookingId) throw new Error("Payment not found"); const booking = await prisma.booking.findUnique({ where: { id: payment.bookingId, }, select: { ...bookingMinimalSelect, location: true, eventTypeId: true, userId: true, uid: true, paid: true, destinationCalendar: true, status: true, user: { select: { id: true, credentials: true, timeZone: true, email: true, name: true, locale: true, destinationCalendar: true, }, }, }, }); if (!booking) throw new Error("No booking found"); const eventTypeSelect = Prisma.validator()({ recurringEvent: true }); const eventTypeData = Prisma.validator()({ select: eventTypeSelect }); type EventTypeRaw = Prisma.EventTypeGetPayload; let eventTypeRaw: EventTypeRaw | null = null; if (booking.eventTypeId) { eventTypeRaw = await prisma.eventType.findUnique({ where: { id: booking.eventTypeId, }, select: eventTypeSelect, }); } const eventType = { recurringEvent: (eventTypeRaw?.recurringEvent || {}) as RecurringEvent, }; const { user } = booking; if (!user) throw new Error("No user found"); const t = await getTranslation(user.locale ?? "en", "common"); const attendeesListPromises = booking.attendees.map(async (attendee) => { return { name: attendee.name, email: attendee.email, timeZone: attendee.timeZone, language: { translate: await getTranslation(attendee.locale ?? "en", "common"), locale: attendee.locale ?? "en", }, }; }); const attendeesList = await Promise.all(attendeesListPromises); const evt: CalendarEvent = { type: booking.title, title: booking.title, description: booking.description || undefined, startTime: booking.startTime.toISOString(), endTime: booking.endTime.toISOString(), customInputs: isPrismaObjOrUndefined(booking.customInputs), organizer: { email: user.email, name: user.name!, timeZone: user.timeZone, language: { translate: t, locale: user.locale ?? "en" }, }, attendees: attendeesList, uid: booking.uid, destinationCalendar: booking.destinationCalendar || user.destinationCalendar, }; if (booking.location) evt.location = booking.location; const bookingData: Prisma.BookingUpdateInput = { paid: true, status: BookingStatus.ACCEPTED, }; const isConfirmed = booking.status === BookingStatus.ACCEPTED; if (isConfirmed) { const eventManager = new EventManager(user); const scheduleResult = await eventManager.create(evt); bookingData.references = { create: scheduleResult.referencesToCreate }; } const paymentUpdate = prisma.payment.update({ where: { id: payment.id, }, data: { success: true, }, }); const bookingUpdate = prisma.booking.update({ where: { id: booking.id, }, data: bookingData, }); await prisma.$transaction([paymentUpdate, bookingUpdate]); await sendScheduledEmails({ ...evt }, eventType.recurringEvent); throw new HttpCode({ statusCode: 200, message: `Booking with id '${booking.id}' was paid and confirmed.`, }); } type WebhookHandler = (event: Stripe.Event) => Promise; const webhookHandlers: Record = { "payment_intent.succeeded": handlePaymentSuccess, }; /** * @deprecated * We need to create a PaymentManager in `@calcom/core` * to prevent circular dependencies on App Store migration */ export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { if (req.method !== "POST") { throw new HttpCode({ statusCode: 405, message: "Method Not Allowed" }); } const sig = req.headers["stripe-signature"]; if (!sig) { throw new HttpCode({ statusCode: 400, message: "Missing stripe-signature" }); } if (!process.env.STRIPE_WEBHOOK_SECRET) { throw new HttpCode({ statusCode: 500, message: "Missing process.env.STRIPE_WEBHOOK_SECRET" }); } const requestBuffer = await buffer(req); const payload = requestBuffer.toString(); const event = stripe.webhooks.constructEvent(payload, sig, process.env.STRIPE_WEBHOOK_SECRET); if (event.account) { throw new HttpCode({ statusCode: 202, message: "Incoming connected account" }); } const handler = webhookHandlers[event.type]; if (handler) { await handler(event); } else { /** Not really an error, just letting Stripe know that the webhook was received but unhandled */ throw new HttpCode({ statusCode: 202, message: `Unhandled Stripe Webhook event type ${event.type}`, }); } } catch (_err) { const err = getErrorFromUnknown(_err); console.error(`Webhook Error: ${err.message}`); res.status(err.statusCode ?? 500).send({ message: err.message, stack: IS_PRODUCTION ? undefined : err.stack, }); return; } // Return a response to acknowledge receipt of the event res.json({ received: true }); }