daveadmin/dobetternorge-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7df3b7f8d3e77510196fef02f6130ac918287a63
dobetternorge-tools/includes/StripeClient.php
T
daveadmin b21bfb2f1d Add NOK pricing catalog, credit ledger, success-based charging, and tier-gated model routing 
- PricingCatalog.php: single source of truth for plans (free/plus/pro), top-ups,
  Stripe price env keys, tool costs (0–6 credits), STT variable billing, feature limits
- FreeTier.php: monthly-first credit deduction, ledger (user_tool_credit_ledger),
  STT reservation/settle/release, monthly reset, trial logic
- StripeClient.php: canonical SKUs (plus/pro/topup_100/300/1000), legacy aliases kept
- stripe-checkout.php: subscription vs payment mode, trial gating, catalog metadata
- stripe-webhook.php: idempotent via stripe_events, handles subscription lifecycle +
  invoice.paid renewal + one-time topup credit grants
- All API tools: success-based credit deduction (check before, charge after)
- transcribe.php: file-size heuristic reservation, settle from actual provider duration
- ask.php + LegalTools.php: ToolModels engine resolution — Pro gets gpt-4o
- KorrespondAgent.php + korrespond.php: tier-gated draft deployment —
  Free/Plus gets gpt-4o-mini, Pro gets gpt-4o
- pricing.php: NOK-only, plan cards, top-up packs, Organisation contact card,
  tool cost table, separate monthly/prepaid balance display
- 003_pricing_credit_catalog.sql: ledger and STT reservation tables

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-24 13:42:27 +02:00

250 lines
8.0 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
require_once __DIR__ . '/PricingCatalog.php';
/**
* Thin Stripe API wrapper: no SDK, pure curl.
*
* Configuration is loaded from /etc/bnl/stripe.php (production) or env vars (local).
* Required keys:
* STRIPE_SECRET_KEY
* STRIPE_PUBLISHABLE_KEY
* STRIPE_WEBHOOK_SECRET
* STRIPE_PRICE_PLUS_NOK
* STRIPE_PRICE_PRO_NOK
* STRIPE_PRICE_TOPUP_100_NOK
* STRIPE_PRICE_TOPUP_300_NOK
* STRIPE_PRICE_TOPUP_1000_NOK
*
* Legacy STRIPE_PRICE_TOPUP_S/M/L are accepted temporarily for old config files.
*/
final class StripeClient
{
private const API_BASE = 'https://api.stripe.com/v1';
private const TIMEOUT = 30;
private string $secretKey;
public function __construct(?string $secretKey = null)
{
$this->secretKey = $secretKey ?? self::config('STRIPE_SECRET_KEY');
if ($this->secretKey === '') {
throw new RuntimeException('StripeClient: STRIPE_SECRET_KEY not configured.');
}
}
public static function config(string $key): string
{
static $fileConfig = null;
if ($fileConfig === null) {
$path = '/etc/bnl/stripe.php';
$fileConfig = is_readable($path) ? (require $path) : [];
if (!is_array($fileConfig)) {
$fileConfig = [];
}
}
$envValue = getenv($key);
if ($envValue !== false && $envValue !== '') {
return $envValue;
}
return (string)($fileConfig[$key] ?? '');
}
public static function canonicalSku(string $sku): string
{
return PricingCatalog::canonicalSku($sku);
}
public static function isSubscriptionSku(string $sku): bool
{
return PricingCatalog::isSubscriptionSku($sku);
}
public static function isTopupSku(string $sku): bool
{
return PricingCatalog::isTopupSku($sku);
}
/** @return list<string> */
public static function subscriptionSkus(): array
{
return PricingCatalog::subscriptionSkus();
}
/** @return list<string> */
public static function topupSkus(): array
{
return PricingCatalog::topupSkus();
}
public static function priceId(string $sku): string
{
$canonical = PricingCatalog::canonicalSku($sku);
$key = PricingCatalog::stripePriceKey($canonical);
$id = $key ? self::config($key) : '';
if ($id === '') {
$legacy = [
'topup_100' => 'STRIPE_PRICE_TOPUP_S',
'topup_300' => 'STRIPE_PRICE_TOPUP_M',
'topup_1000' => 'STRIPE_PRICE_TOPUP_L',
];
$legacyKey = $legacy[$canonical] ?? null;
$id = $legacyKey ? self::config($legacyKey) : '';
}
if ($id === '') {
throw new InvalidArgumentException("Unknown Stripe SKU or missing price ID: {$sku}");
}
return $id;
}
public static function topupCredits(string $sku): int
{
return PricingCatalog::topupCredits($sku);
}
public static function tierForPrice(string $priceId): ?string
{
foreach (PricingCatalog::subscriptionSkus() as $tier) {
$configuredPriceId = '';
$key = PricingCatalog::stripePriceKey($tier);
if ($key !== null) {
$configuredPriceId = self::config($key);
}
if ($configuredPriceId !== '' && hash_equals($configuredPriceId, $priceId)) {
return $tier;
}
}
return null;
}
public function createCheckoutSession(array $params): array
{
return $this->request('POST', '/checkout/sessions', $params);
}
public function createPortalSession(string $customerId, string $returnUrl): array
{
return $this->request('POST', '/billing_portal/sessions', [
'customer' => $customerId,
'return_url' => $returnUrl,
]);
}
public function getSubscription(string $subscriptionId): array
{
return $this->request('GET', '/subscriptions/' . urlencode($subscriptionId));
}
public function ensureCustomer(string $email, ?int $userId = null): string
{
$found = $this->request('GET', '/customers', ['email' => $email, 'limit' => 1]);
if (!empty($found['data'][0]['id'])) {
return (string)$found['data'][0]['id'];
}
$params = ['email' => $email];
if ($userId !== null) {
$params['metadata'] = ['user_id' => (string)$userId];
}
$created = $this->request('POST', '/customers', $params);
return (string)($created['id'] ?? '');
}
public static function verifyWebhookSignature(string $payload, string $sigHeader, string $secret, int $toleranceSeconds = 300): bool
{
if ($secret === '' || $sigHeader === '') {
return false;
}
$parts = [];
foreach (explode(',', $sigHeader) as $pair) {
$kv = explode('=', $pair, 2);
if (count($kv) === 2) {
$parts[trim($kv[0])][] = trim($kv[1]);
}
}
$timestamp = isset($parts['t'][0]) ? (int)$parts['t'][0] : 0;
$sigs = $parts['v1'] ?? [];
if ($timestamp === 0 || empty($sigs)) {
return false;
}
if (abs(time() - $timestamp) > $toleranceSeconds) {
return false;
}
$signedPayload = $timestamp . '.' . $payload;
$expected = hash_hmac('sha256', $signedPayload, $secret);
foreach ($sigs as $sig) {
if (hash_equals($expected, $sig)) {
return true;
}
}
return false;
}
public function request(string $method, string $path, array $params = []): array
{
$url = self::API_BASE . $path;
$method = strtoupper($method);
$headers = [
'Authorization: Bearer ' . $this->secretKey,
'Stripe-Version: 2026-02-25.clover',
];
$ch = curl_init();
$body = '';
if ($method === 'GET' && !empty($params)) {
$url .= '?' . self::flattenFormParams($params);
} elseif (!empty($params)) {
$body = self::flattenFormParams($params);
$headers[] = 'Content-Type: application/x-www-form-urlencoded';
}
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, self::TIMEOUT);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
if ($body !== '') {
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
}
$raw = curl_exec($ch);
$errno = curl_errno($ch);
$status = (int)curl_getinfo($ch, CURLINFO_RESPONSE_CODE);
curl_close($ch);
if ($errno !== 0 || $raw === false) {
throw new RuntimeException('Stripe curl error: ' . curl_strerror($errno));
}
$decoded = json_decode((string)$raw, true);
if (!is_array($decoded)) {
throw new RuntimeException('Stripe response was not JSON: ' . substr((string)$raw, 0, 200));
}
if ($status >= 400) {
$msg = $decoded['error']['message'] ?? 'Unknown Stripe error';
$code = $decoded['error']['code'] ?? 'unknown';
throw new RuntimeException("Stripe API error ({$status}/{$code}): {$msg}");
}
return $decoded;
}
private static function flattenFormParams(array $params, string $prefix = ''): string
{
$pairs = [];
foreach ($params as $key => $value) {
$name = $prefix === '' ? (string)$key : $prefix . '[' . $key . ']';
if (is_array($value)) {
$pairs[] = self::flattenFormParams($value, $name);
} elseif (is_bool($value)) {
$pairs[] = rawurlencode($name) . '=' . ($value ? 'true' : 'false');
} elseif ($value !== null) {
$pairs[] = rawurlencode($name) . '=' . rawurlencode((string)$value);
}
}
return implode('&', $pairs);
}
}
Reference in New Issue View Git Blame Copy Permalink