jwplayer · kiremitrov123 · Sep 23, 2024 · Jul 18, 2024 · Jul 18, 2024 · Jul 18, 2024
@@ -22,9 +22,10 @@ jobs:
         env:
           CI: true
           # Dummy environment variables for testing the access-bridge service
+          APP_SITE_ID: test1234
           APP_API_SECRET: dummy_secret
           APP_STRIPE_SECRET: dummy_stripe_secret
           APP_BIND_ADDR: localhost
-          APP_BIND_PORT: 3000
+          APP_BIND_PORT: 8080
           APP_ACCESS_CONTROL_API_HOST: https://test-cdn.jwplayer.com
           APP_SIMS_API_HOST: https://test-sims.jwplayer.com
@@ -0,0 +1,40 @@
+type Recurring = {
+  // The frequency at which a subscription is billed. One of `month` or `year`.
+  interval: 'month' | 'year';
+  // Default number of trial days when subscribing a customer.
+  trial_period_days: number | null;
+};
+
+export type Price = {
+  // Unique identifier for the object.
+  id: string;
+  // Three-letter [ISO currency code](https://www.iso.org/iso-4217-currency-codes.html), in lowercase.
+  currency: string;
+  // The ID of the product this price is associated with.
+  product: string;
+  // The recurring components of a price such as `interval` and `trial`.
+  recurring: Recurring | null;
+  // The unit amount in cents (or local equivalent) to be charged, represented as a whole integer if possible.
+  unit_amount: number | null;
+};
+
+export type Product = {
+  // Unique identifier for the object.
+  id: string;
+  // The product's name, meant to be displayable to the customer.
+  name: string;
+  // The product's description, meant to be displayable to the customer.
+  // Use this field to optionally store a long form explanation of the product being sold for your own rendering purposes.
+  description: string;
+  // The ID of the default price this product is associated with.
+  default_price: string;
+  // Array of price objects as defined above
+  prices: Price[];
+};
+
+// General checkout parameters type. Can be extended by specific payment providers, e.g. Stripe
+export type CheckoutParams = {
+  price_id: string;
+  success_url: string;
+  cancel_url: string;
+};
diff --git a/packages/common/types/stripe.ts b/packages/common/types/stripe.ts
@@ -1,10 +1,6 @@
-export type StripeCheckoutParams = {
-  price_id: string;
-  mode: 'payment' | 'setup' | 'subscription';
-  success_url: string;
-  cancel_url: string;
-};
+import type { CheckoutParams } from './payment';
 
-export type StripeCheckoutResponse = {
-  url: string;
+// Extend the CheckoutParams type with Stripe-specific fields
+export type StripeCheckoutParams = CheckoutParams & {
+  mode: 'payment' | 'subscription';
 };
@@ -9,6 +9,8 @@ APP_VERSION=$npm_package_version
 # Make sure the secrets are V1 and that they refer to the desired property.
 # For production env, use this reference on how to store them: https://cloud.google.com/run/docs/configuring/services/secrets
 APP_API_SECRET=customer_v1_secret
+# site_id or property_id represents the key that corresponds to the APP_API_SECRET defined earlier.
+APP_SITE_ID=customer_site_id
 # Stripe secret responsible for authenticating Stripe API calls
 APP_STRIPE_SECRET=stripe_secret
 

@@ -1,6 +1,6 @@
 node_modules
 build
 *.local
-
+.env
 # Sentry Config File
 .env.sentry-build-plugin
@@ -67,7 +67,7 @@ You can also copy and paste the contents of `.env.example` into `.env.local` and
 - **Method:** GET
 - **Authorization:** None
 - **Summary:** Lists all the corresponding stripe products with prices that are connected to the SIMS plans.
-- **Response:** Stripe.Product type
+- **Response:** [Product payment type](../../../ott-web-app/packages/common/types/payment.ts)
   ```json
   [
     {
@@ -89,6 +89,27 @@ You can also copy and paste the contents of `.env.example` into `.env.local` and
   ]
   ```
 
+#### URL: `/v2/sites/{site_id}/checkout`
+
+- **Method:** POST
+- **Authorization:** Valid SIMS token
+- **Summary:** Creates Payment Checkout Session URL where the viewer will be redirected to complete the payment.
+- **Request:**
+  ```json
+  {
+    "price_id": "string", // id of the price that is about to be paid
+    "mode": "string", // subscription (recurring) | payment (one time purchases)
+    "success_url": "string", // redirect after successful payment
+    "cancel_url": "string" // redirect after cancel / invalid payment
+  }
+  ```
+- **Response:**
+  ```json
+  {
+    "url": "string" // url where the viewer will be redirected to complete the payment.
+  }
+  ```
+
 ## Developer guidelines
 
 - Read the workspace guidelines here [../../docs/developer-guidelines.md](../../docs/developer-guidelines.md).

@@ -15,16 +15,21 @@
 /src                    - Source code for the application
   /controllers          - Controller modules containing the core logic for handling requests and responses
   /services             - Services which connect external data sources to the application
-  /app-config.ts        - Configuration settings for the application
-  /endpoints.ts         - Definitions for the exposed endpoints
+  /pipeline             - Middleware and routing logic
+    /middleware.ts      - Middleware functions and error handling
+    /routes.ts          - Route definitions and route registration
   /errors.ts            - Custom error classes and error handling logic
   /http.ts              - HTTP utility functions and setup
+  /app-config.ts        - Configuration settings for the application
   /main.ts              - Main entry point of the application
   /server.ts            - Server initialization and configuration
 /test                   - Data and scripts for testing
 /.env<.mode>            - Environment variables for different modes (e.g., development, production)
 /package.json           - Yarn file for dependencies and scripts
 
+
+
+
 * = Generated directories, not in source control
 
 Note: Some system and util files are not shown above for brevity.

diff --git a/platforms/access-bridge/instrument.mjs b/platforms/access-bridge/instrument.mjs
@@ -11,7 +11,7 @@
   "scripts": {
     "build": "vite build --mode ${MODE:=prod}",
     "build-test": "vite build --mode test",
-    "start": "node --import ./build/instrument.js build/main.js",
+    "start": "node build/main.js",
     "prestart": "yarn build",
     "pretest": "yarn build-test",
     "test": "TZ=UTC LC_ALL=en_US.UTF-8 vitest run",
@@ -25,6 +25,7 @@
     "eslint-config-jwp": "*",
     "typescript": "^5.5.3",
     "vite": "^5.3.1",
+    "vite-plugin-node": "^3.1.0",
     "vitest": "^1.6.0"
   },
   "dependencies": {
@@ -33,6 +34,7 @@
     "@sentry/profiling-node": "^8.26.0",
     "@sentry/vite-plugin": "^2.22.2",
     "cors": "^2.8.5",
+    "dotenv": "^16.4.5",
     "express": "^4.19.2",
     "jsonwebtoken": "^9.0.2",
     "stripe": "^16.8.0"

@@ -1,3 +1,7 @@
+import dotenv from 'dotenv';
+// Inject environment variables at runtime
+dotenv.config();
+
 // Function to assert an environment variable is defined
 function requireEnvVar(env: string | undefined, name: string): string {
   if (!env) {
@@ -10,13 +14,22 @@ function requireEnvVar(env: string | undefined, name: string): string {
 export const API_SECRET = requireEnvVar(process.env.APP_API_SECRET, 'APP_API_SECRET');
 export const STRIPE_SECRET = requireEnvVar(process.env.APP_STRIPE_SECRET, 'APP_STRIPE_SECRET');
 
+// SITE_ID specifies the property that the customer is using
+export const SITE_ID = requireEnvVar(process.env.APP_SITE_ID, 'APP_SITE_ID');
+
 // BIND_ADDR specifies the network address or IP address on which the server listens for incoming connections.
 // This could be an IP address (e.g., '127.0.0.1' for localhost) or a hostname.
 export const BIND_ADDR = requireEnvVar(process.env.APP_BIND_ADDR, 'APP_BIND_ADDR');
 
 // BIND_PORT specifies the port number on which the server listens for incoming connections.
 // Ensure this port is available and not in use by another application.
-export const BIND_PORT = parseInt(requireEnvVar(process.env.APP_BIND_PORT, 'APP_BIND_PORT'), 10);
+export const BIND_PORT = (() => {
+  const port = parseInt(requireEnvVar(process.env.APP_BIND_PORT, 'APP_BIND_PORT'), 10);
+  if (isNaN(port)) {
+    throw new Error(`Environment variable "APP_BIND_PORT" must be a valid number.`);
+  }
+  return port;
+})();
 
 // Client host URLs
 export const ACCESS_CONTROL_API_HOST = requireEnvVar(

@@ -3,18 +3,16 @@ import { Request, Response, NextFunction } from 'express';
 import { ErrorDefinitions, sendErrors } from '../errors.js';
 import { PassportService } from '../services/passport-service.js';
 import { PlansService } from '../services/plans-service.js';
-import { isValidSiteId } from '../utils.js';
 import { IdentityService, Viewer } from '../services/identity-service.js';
-import logger from '../logger.js';
 
 /**
  * Controller class responsible for handling access-related services.
  * The controller interacts with services for identity management, plans management, and passport generation.
  */
 export class AccessController {
-  private identityService: IdentityService;
-  private passportService: PassportService;
-  private plansService: PlansService;
+  private readonly identityService: IdentityService;
+  private readonly passportService: PassportService;
+  private readonly plansService: PlansService;
 
   constructor() {
     this.identityService = new IdentityService();
@@ -23,86 +21,43 @@ export class AccessController {
   }
 
   /**
-   * Service handler for generating passport access tokens based on the provided site ID
-   * and authorization token. Validates the site ID, checks user authorization, retrieves
-   * access control plans, and generates access tokens. Sends appropriate error responses
-   * for invalid requests.
-   *
-   * @param req - Express request object
-   * @param res - Express response object
-   * @param next - Express next middleware function
+   * Service handler for generating passport access tokens based on the provided authorization token.
+   * Retrieves access control plans and generates access tokens.
    */
   async generatePassport(req: Request, res: Response, next: NextFunction): Promise<void> {
-    try {
-      const siteId = req.params.site_id;
-      if (!isValidSiteId(siteId)) {
-        sendErrors(res, ErrorDefinitions.ParameterInvalidError.create({ parameterName: 'site_id' }));
+    // Anonymous is default for not authenticated viewers.
+    // These viewers only have access to free plans.
+    let viewer: Viewer = { id: 'anonymous', email: '' };
+
+    const authorization = req.headers['authorization'];
+    if (authorization) {
+      viewer = await this.identityService.getAccount({ authorization });
+      if (!viewer.id || !viewer.email) {
+        sendErrors(res, ErrorDefinitions.UnauthorizedError.create());
         return;
       }
+    }
 
-      // anonymous is default for not authenticated viewers
-      // they only have access to free plans
-      let viewer: Viewer = { id: 'anonymous', email: '' };
-
-      const authorization = req.headers['authorization'];
-      if (authorization) {
-        viewer = await this.identityService.getAccount({ authorization });
-        if (!viewer.id || !viewer.email) {
-          sendErrors(res, ErrorDefinitions.UnauthorizedError.create());
-          return;
-        }
-      }
-
-      const viewerEntitledPlans = await this.plansService.getEntitledPlans({ siteId, authorization });
-      const plans = viewerEntitledPlans
-        .map((plan) => ({
-          id: plan.access_plan?.id,
-          exp: plan.access_plan?.exp,
-        }))
-        .filter((plan) => plan.id !== undefined && plan.exp !== undefined);
+    const viewerEntitledPlans = await this.plansService.getEntitledPlans({ authorization });
+    const plans = viewerEntitledPlans
+      .map((plan) => ({
+        id: plan.access_plan?.id,
+        exp: plan.access_plan?.exp,
+      }))
+      .filter((plan) => plan.id !== undefined && plan.exp !== undefined);
 
-      // Generate passport tokens for the given site, viewer and plans.
-      const passport = await this.passportService.generatePassport({
-        siteId,
-        viewerId: viewer.id,
-        plans,
-      });
+    const passport = await this.passportService.generatePassport({ viewerId: viewer.id, plans });
 
-      res.json(passport);
-    } catch (error) {
-      logger.error('AccessController: generatePassport: failed to generate passport:', error);
-      next(error);
-    }
+    res.json(passport);
   }
 
   /**
-   * Service handler for refreshing access tokens based on the provided site ID
-   * and refresh token. Sends appropriate error responses for invalid requests.
-   *
-   * @param req - Express request object
-   * @param res - Express response object
-   * @param next - Express next middleware function
+   * Service handler for refreshing access tokens based on the provided refresh token.
    */
   async refreshPassport(req: Request, res: Response, next: NextFunction): Promise<void> {
-    try {
-      const siteId = req.params.site_id;
-      if (!isValidSiteId(siteId)) {
-        sendErrors(res, ErrorDefinitions.ParameterInvalidError.create({ parameterName: 'site_id' }));
-        return;
-      }
-
-      const { refresh_token: refreshToken } = req.body;
-      if (!refreshToken) {
-        sendErrors(res, ErrorDefinitions.ParameterMissingError.create({ parameterName: 'refresh_token' }));
-        return;
-      }
-
-      const passport = await this.passportService.refreshPassport({ siteId, refreshToken });
+    const { refresh_token: refreshToken } = req.body;
+    const passport = await this.passportService.refreshPassport({ refreshToken });
 
-      res.json(passport);
-    } catch (error) {
-      logger.error('AccessController: refreshPassport: failed to refresh passport:', error);
-      next(error);
-    }
+    res.json(passport);
   }
 }