From 558b34a567409b33d761dfbd2eed64de40fa42f4 Mon Sep 17 00:00:00 2001 From: rgaudin Date: Fri, 15 Nov 2024 11:58:40 +0000 Subject: [PATCH] More configs - optionnaly serving merchantid_domain_association: this is required to be served to validate the domain with apple/stripe and should be done on infra but given the simplicity we're using just this app and the proxy. The proxy cannot serve this via a conf snippet as the string is too long. - matching min/max amounts and currencies with the app and making those configurable --- donation-api/src/donation_api/constants.py | 12 ++++++++++-- donation-api/src/donation_api/entrypoint.py | 13 ++++++++++++- donation-api/src/donation_api/stripe.py | 8 ++++++++ 3 files changed, 30 insertions(+), 3 deletions(-) diff --git a/donation-api/src/donation_api/constants.py b/donation-api/src/donation_api/constants.py index 20fc6f17..48b2cc80 100644 --- a/donation-api/src/donation_api/constants.py +++ b/donation-api/src/donation_api/constants.py @@ -12,11 +12,19 @@ class Constants: stripe_webhook_secret: str = os.getenv("STRIPE_WEBHOOK_SECRET") or "" stripe_webhook_sender_ips: list[str] = field(default_factory=list) stripe_webhook_testing_ips: list[str] = field(default_factory=list) + alllowed_currencies: list[str] = field(default_factory=list) + merchantid_domain_association: str = ( + os.getenv("MERCHANTID_DOMAIN_ASSOCIATION") or "" + ) - stripe_minimal_amount: float = 1.0 - stripe_maximum_amount: float = 1000000 + stripe_minimal_amount: int = int(os.getenv("STRIPE_MINIMAL_AMOUNT") or "5") + stripe_maximum_amount: int = int(os.getenv("STRIPE_MAXIMUM_AMOUNT") or "999999") def __post_init__(self): + self.alllowed_currencies = ( + os.getenv("ALLOWED_CURRENCIES") or "USD|EUR|CHF" + ).split("|") + self.stripe_webhook_testing_ips = os.getenv( "STRIPE_WEBHOOK_TESTING_IPS", "" ).split("|") diff --git a/donation-api/src/donation_api/entrypoint.py b/donation-api/src/donation_api/entrypoint.py index 846fee8c..073eac3d 100644 --- a/donation-api/src/donation_api/entrypoint.py +++ b/donation-api/src/donation_api/entrypoint.py @@ -2,10 +2,11 @@ from fastapi import FastAPI from fastapi.middleware.cors import CORSMiddleware -from fastapi.responses import RedirectResponse +from fastapi.responses import PlainTextResponse, RedirectResponse from donation_api import stripe from donation_api.__about__ import __description__, __title__, __version__ +from donation_api.constants import conf PREFIX = "/v1" @@ -22,6 +23,16 @@ async def _(): """Redirect to root of latest version of the API""" return RedirectResponse(f"{PREFIX}/", status_code=HTTPStatus.PERMANENT_REDIRECT) + # could be done on infra ; this is a handy shortcut + if conf.merchantid_domain_association: + + @app.get("/.well-known/apple-developer-merchantid-domain-association") + async def _(): + """Used to validate domain ownership with apple/stripe""" + return PlainTextResponse( + conf.merchantid_domain_association, status_code=HTTPStatus.OK + ) + api = FastAPI( title=__title__, description=__description__, diff --git a/donation-api/src/donation_api/stripe.py b/donation-api/src/donation_api/stripe.py index 44b09e18..d8a34f98 100644 --- a/donation-api/src/donation_api/stripe.py +++ b/donation-api/src/donation_api/stripe.py @@ -96,6 +96,9 @@ async def check_config(): if not conf.stripe_webhook_sender_ips: errors.append("Missing Stripe IPs") + if not conf.alllowed_currencies: + errors.append("Missing currencies list") + if errors: raise HTTPException( status_code=HTTPStatus.INTERNAL_SERVER_ERROR, detail="\n".join(errors) @@ -124,6 +127,11 @@ async def create_payment_intent(pi_payload: PaymentIntentRequest): status_code=HTTPStatus.BAD_REQUEST, detail="Currency doesnt look like a currency", ) + if pi_payload.currency not in conf.alllowed_currencies: + raise HTTPException( + status_code=HTTPStatus.BAD_REQUEST, + detail="Currency not supported", + ) if ( pi_payload.amount < conf.stripe_minimal_amount