forked from zeekhoo/okta-vue-serverless-stripe
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsubscribe.js
111 lines (98 loc) · 3.46 KB
/
subscribe.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
"use strict"
const axios = require('axios');
const basicAuth = require('basic-auth-token');
const udpBaseUrl = process.env.UDP_BASE_URL;
const issuer = process.env.ISSUER;
const clientId = process.env.CLIENT_ID;
const clientSecret = process.env.CLIENT_SECRET;
exports.handler = async function(event, context, callback) {
let subdomain = event.headers.origin;
subdomain = subdomain.replace('https://', '').replace('http://', '').split('.')[0];
const eventBody = JSON.parse(event.body);
if (eventBody.mocksubdomain) subdomain = eventBody.mocksubdomain;
const response = {
statusCode: 200,
body: "ok",
isBase64Encoded: false,
headers: {
"Access-Control-Allow-Origin": "*"
}
}
try {
const ccRes = await axios.post(issuer + '/v1/token', 'grant_type=client_credentials&scope=secrets:read', {
headers: {
Authorization: 'Basic ' + basicAuth(clientId, clientSecret)
}
})
const subRes = await axios.get(udpBaseUrl + '/api/subdomains/' + subdomain, {
headers: {
'Authorization': 'Bearer ' + ccRes.data.access_token
}
})
const ssws = subRes.data.okta_api_token;
const baseUrl = subRes.data.okta_org_name;
const requestHeaders = {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Authorization': 'SSWS ' + ssws
}
const userId = event.pathParameters.userId;
const configRes = await axios.get(udpBaseUrl + '/api/configs/' + subdomain + '/bod');
const groupid = configRes.data.settings.customer_group_id || '';
const stripeKey = configRes.data.settings.stripeKey;
const priceId = configRes.data.settings.stripePriceId;
let user = {
profile: {
login: eventBody.username,
email: eventBody.username,
firstName: eventBody.firstName,
lastName: eventBody.lastName,
goals: eventBody.goals
}
};
if (eventBody.password) {
user.credentials = {
password: { value: eventBody.password }
}
}
// update the user profile (and credentials, if present in the request)
await axios({
method: 'POST',
headers: requestHeaders,
url: baseUrl + '/api/v1/users/' + userId,
data: user
});
// then add the user to the "customer" group
await axios({
method: 'PUT',
headers: requestHeaders,
url: baseUrl + '/api/v1/groups/' + groupid + '/users/' + userId
});
// Start the Stripe Checkout Session
if (stripeKey && stripeKey.length > 0) {
const stripe = require('stripe')(stripeKey);
const session = await stripe.checkout.sessions.create({
mode: "subscription",
payment_method_types: ["card"],
line_items: [
{
price: priceId,
quantity: 1,
},
],
success_url: event.headers.origin + '/payment-success',
cancel_url: event.headers.origin + '/payment-canceled',
// ⚠️: Include a reference to the Okta UserId so that the webhook knows which user to Update
client_reference_id: userId
});
response.body = JSON.stringify({
stripeSessionId: session.id
});
}
}
catch(err) {
response.statusCode = 400;
response.body = JSON.stringify(err.response.data);
}
callback(null, response)
}