Add NOK pricing catalog, credit ledger, success-based charging, and tier-gated model routing

- PricingCatalog.php: single source of truth for plans (free/plus/pro), top-ups, Stripe price env keys, tool costs (0–6 credits), STT variable billing, feature limits - FreeTier.php: monthly-first credit deduction, ledger (user_tool_credit_ledger), STT reservation/settle/release, monthly reset, trial logic - StripeClient.php: canonical SKUs (plus/pro/topup_100/300/1000), legacy aliases kept - stripe-checkout.php: subscription vs payment mode, trial gating, catalog metadata - stripe-webhook.php: idempotent via stripe_events, handles subscription lifecycle + invoice.paid renewal + one-time topup credit grants - All API tools: success-based credit deduction (check before, charge after) - transcribe.php: file-size heuristic reservation, settle from actual provider duration - ask.php + LegalTools.php: ToolModels engine resolution — Pro gets gpt-4o - KorrespondAgent.php + korrespond.php: tier-gated draft deployment — Free/Plus gets gpt-4o-mini, Pro gets gpt-4o - pricing.php: NOK-only, plan cards, top-up packs, Organisation contact card, tool cost table, separate monthly/prepaid balance display - 003_pricing_credit_catalog.sql: ledger and STT reservation tables Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-24 13:42:27 +02:00
parent bffc714541
commit b21bfb2f1d
30 changed files with 1171 additions and 586 deletions
@@ -1,16 +1,23 @@
 <?php
 declare(strict_types=1);

+require_once __DIR__ . '/PricingCatalog.php';
+
 /**
- * Thin Stripe API wrapper — no SDK, pure curl + HMAC.
+ * Thin Stripe API wrapper: no SDK, pure curl.
 *
 * Configuration is loaded from /etc/bnl/stripe.php (production) or env vars (local).
 * Required keys:
- *   STRIPE_SECRET_KEY        sk_live_... or sk_test_...
- *   STRIPE_PUBLISHABLE_KEY   pk_live_... or pk_test_...
- *   STRIPE_WEBHOOK_SECRET    whsec_...
- *   STRIPE_PRICE_TOPUP_S / _M / _L
- *   STRIPE_PRICE_PLUS_NOK / STRIPE_PRICE_PRO_NOK
+ *   STRIPE_SECRET_KEY
+ *   STRIPE_PUBLISHABLE_KEY
+ *   STRIPE_WEBHOOK_SECRET
+ *   STRIPE_PRICE_PLUS_NOK
+ *   STRIPE_PRICE_PRO_NOK
+ *   STRIPE_PRICE_TOPUP_100_NOK
+ *   STRIPE_PRICE_TOPUP_300_NOK
+ *   STRIPE_PRICE_TOPUP_1000_NOK
+ *
+ * Legacy STRIPE_PRICE_TOPUP_S/M/L are accepted temporarily for old config files.
 */
 final class StripeClient
 {
@@ -27,7 +34,6 @@ final class StripeClient
        }
    }

-    /** Load a Stripe config value from /etc/bnl/stripe.php OR env. */
    public static function config(string $key): string
    {
        static $fileConfig = null;
@@ -46,63 +52,80 @@ final class StripeClient
        return (string)($fileConfig[$key] ?? '');
    }

-    /** Map an internal SKU to a Stripe price ID. */
+    public static function canonicalSku(string $sku): string
+    {
+        return PricingCatalog::canonicalSku($sku);
+    }
+
+    public static function isSubscriptionSku(string $sku): bool
+    {
+        return PricingCatalog::isSubscriptionSku($sku);
+    }
+
+    public static function isTopupSku(string $sku): bool
+    {
+        return PricingCatalog::isTopupSku($sku);
+    }
+
+    /** @return list<string> */
+    public static function subscriptionSkus(): array
+    {
+        return PricingCatalog::subscriptionSkus();
+    }
+
+    /** @return list<string> */
+    public static function topupSkus(): array
+    {
+        return PricingCatalog::topupSkus();
+    }
+
    public static function priceId(string $sku): string
    {
-        static $map = null;
-        if ($map === null) {
-            $map = [
-                'topup_s'  => self::config('STRIPE_PRICE_TOPUP_S'),
-                'topup_m'  => self::config('STRIPE_PRICE_TOPUP_M'),
-                'topup_l'  => self::config('STRIPE_PRICE_TOPUP_L'),
-                'plus'     => self::config('STRIPE_PRICE_PLUS_NOK'),
-                'pro'      => self::config('STRIPE_PRICE_PRO_NOK'),
-            ];
-        }
-        $id = $map[$sku] ?? '';
+        $canonical = PricingCatalog::canonicalSku($sku);
+        $key = PricingCatalog::stripePriceKey($canonical);
+        $id = $key ? self::config($key) : '';
+
        if ($id === '') {
-            throw new InvalidArgumentException("Unknown Stripe SKU: {$sku}");
+            $legacy = [
+                'topup_100' => 'STRIPE_PRICE_TOPUP_S',
+                'topup_300' => 'STRIPE_PRICE_TOPUP_M',
+                'topup_1000' => 'STRIPE_PRICE_TOPUP_L',
+            ];
+            $legacyKey = $legacy[$canonical] ?? null;
+            $id = $legacyKey ? self::config($legacyKey) : '';
+        }
+
+        if ($id === '') {
+            throw new InvalidArgumentException("Unknown Stripe SKU or missing price ID: {$sku}");
        }
        return $id;
    }

-    /** Topup credit grants — must match values shown on pricing.php. */
    public static function topupCredits(string $sku): int
    {
-        return match ($sku) {
-            'topup_s' => 30,
-            'topup_m' => 100,
-            'topup_l' => 300,
-            default => 0,
-        };
+        return PricingCatalog::topupCredits($sku);
    }

-    /** Map a Stripe price ID back to the internal subscription tier (plus/pro). */
    public static function tierForPrice(string $priceId): ?string
    {
-        $map = [
-            'plus' => self::config('STRIPE_PRICE_PLUS_NOK'),
-            'pro'  => self::config('STRIPE_PRICE_PRO_NOK'),
-        ];
-        foreach ($map as $tier => $configuredPriceId) {
+        foreach (PricingCatalog::subscriptionSkus() as $tier) {
+            $configuredPriceId = '';
+            $key = PricingCatalog::stripePriceKey($tier);
+            if ($key !== null) {
+                $configuredPriceId = self::config($key);
+            }
            if ($configuredPriceId !== '' && hash_equals($configuredPriceId, $priceId)) {
-                return (string)$tier;
+                return $tier;
            }
        }
        return null;
    }

-    /**
-     * Create a Checkout Session.
-     *
-     * @param array $params Stripe parameters (flat form-encoded — see request() docs).
-     */
    public function createCheckoutSession(array $params): array
    {
        return $this->request('POST', '/checkout/sessions', $params);
    }

-    /** Create a Customer Portal session for self-serve subscription management. */
    public function createPortalSession(string $customerId, string $returnUrl): array
    {
        return $this->request('POST', '/billing_portal/sessions', [
@@ -111,13 +134,11 @@ final class StripeClient
        ]);
    }

-    /** Retrieve a subscription. */
    public function getSubscription(string $subscriptionId): array
    {
        return $this->request('GET', '/subscriptions/' . urlencode($subscriptionId));
    }

-    /** Find-or-create a Stripe customer for a given email. */
    public function ensureCustomer(string $email, ?int $userId = null): string
    {
        $found = $this->request('GET', '/customers', ['email' => $email, 'limit' => 1]);
@@ -132,10 +153,6 @@ final class StripeClient
        return (string)($created['id'] ?? '');
    }

-    /**
-     * Verify a Stripe webhook signature.
-     * Stripe-Signature header format: t=<timestamp>,v1=<signature>[,v1=<signature>...]
-     */
    public static function verifyWebhookSignature(string $payload, string $sigHeader, string $secret, int $toleranceSeconds = 300): bool
    {
        if ($secret === '' || $sigHeader === '') {
@@ -166,10 +183,6 @@ final class StripeClient
        return false;
    }

-    /**
-     * Low-level HTTP request to Stripe API. Returns decoded JSON or throws on error.
-     * Stripe uses form-encoded bodies even for nested params (foo[bar]=baz).
-     */
    public function request(string $method, string $path, array $params = []): array
    {
        $url = self::API_BASE . $path;
@@ -218,7 +231,6 @@ final class StripeClient
        return $decoded;
    }

-    /** Flatten nested arrays into Stripe's form-encoding scheme (foo[bar]=baz). */
    private static function flattenFormParams(array $params, string $prefix = ''): string
    {
        $pairs = [];