OpenCollective (#252)

* wip

* Correctly handle donations

Author: simonhamp

app/Enums/LicenseSource.php

@@ -7,4 +7,5 @@ enum LicenseSource: string
     case Stripe = 'stripe';
     case Bifrost = 'bifrost';
     case Manual = 'manual';
+    case OpenCollective = 'opencollective';
 }

app/Filament/Resources/OpenCollectiveDonationResource.php

@@ -0,0 +1,154 @@
+<?php
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\OpenCollectiveDonationResource\Pages;
+use App\Models\OpenCollectiveDonation;
+use Filament\Infolists;
+use Filament\Infolists\Infolist;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
+use Number;
+
+class OpenCollectiveDonationResource extends Resource
+{
+    protected static ?string $model = OpenCollectiveDonation::class;
+
+    protected static ?string $navigationIcon = 'heroicon-o-heart';
+
+    protected static ?string $navigationGroup = 'Billing';
+
+    protected static ?string $navigationLabel = 'OpenCollective Donations';
+
+    protected static ?string $modelLabel = 'Donation';
+
+    protected static ?string $pluralModelLabel = 'Donations';
+
+    protected static ?int $navigationSort = 4;
+
+    public static function canCreate(): bool
+    {
+        return false;
+    }
+
+    public static function infolist(Infolist $infolist): Infolist
+    {
+        return $infolist
+            ->schema([
+                Infolists\Components\Section::make('Donation Details')
+                    ->schema([
+                        Infolists\Components\TextEntry::make('order_id')
+                            ->label('Order ID')
+                            ->copyable(),
+                        Infolists\Components\TextEntry::make('order_idv2')
+                            ->label('Order ID (v2)')
+                            ->copyable(),
+                        Infolists\Components\TextEntry::make('amount')
+                            ->formatStateUsing(fn ($state, $record) => Number::currency($state / 100, $record->currency)),
+                        Infolists\Components\TextEntry::make('interval')
+                            ->default('One-time'),
+                        Infolists\Components\TextEntry::make('created_at')
+                            ->label('Received')
+                            ->dateTime(),
+                    ])->columns(2),
+                Infolists\Components\Section::make('Contributor')
+                    ->schema([
+                        Infolists\Components\TextEntry::make('from_collective_name')
+                            ->label('Name'),
+                        Infolists\Components\TextEntry::make('from_collective_slug')
+                            ->label('Slug')
+                            ->url(fn ($state) => "https://opencollective.com/{$state}")
+                            ->openUrlInNewTab(),
+                        Infolists\Components\TextEntry::make('from_collective_id')
+                            ->label('Collective ID'),
+                    ])->columns(3),
+                Infolists\Components\Section::make('Claim Status')
+                    ->schema([
+                        Infolists\Components\IconEntry::make('claimed_at')
+                            ->label('Claimed')
+                            ->boolean()
+                            ->trueIcon('heroicon-o-check-circle')
+                            ->falseIcon('heroicon-o-x-circle')
+                            ->trueColor('success')
+                            ->falseColor('danger'),
+                        Infolists\Components\TextEntry::make('claimed_at')
+                            ->label('Claimed At')
+                            ->dateTime()
+                            ->placeholder('Not claimed'),
+                        Infolists\Components\TextEntry::make('user.email')
+                            ->label('Claimed By')
+                            ->placeholder('Not claimed')
+                            ->url(fn ($record) => $record->user_id ? UserResource::getUrl('edit', ['record' => $record->user_id]) : null),
+                    ])->columns(3),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->defaultSort('created_at', 'desc')
+            ->columns([
+                Tables\Columns\TextColumn::make('order_id')
+                    ->label('Order ID')
+                    ->searchable()
+                    ->sortable()
+                    ->copyable(),
+                Tables\Columns\TextColumn::make('from_collective_name')
+                    ->label('Contributor')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('amount')
+                    ->formatStateUsing(fn ($state, $record) => Number::currency($state / 100, $record->currency))
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('interval')
+                    ->badge()
+                    ->default('One-time')
+                    ->color(fn (?string $state): string => $state ? 'success' : 'gray'),
+                Tables\Columns\IconColumn::make('claimed_at')
+                    ->label('Claimed')
+                    ->boolean()
+                    ->trueIcon('heroicon-o-check-circle')
+                    ->falseIcon('heroicon-o-clock')
+                    ->trueColor('success')
+                    ->falseColor('warning'),
+                Tables\Columns\TextColumn::make('user.email')
+                    ->label('Claimed By')
+                    ->searchable()
+                    ->placeholder('-')
+                    ->toggleable(),
+                Tables\Columns\TextColumn::make('created_at')
+                    ->label('Received')
+                    ->dateTime()
+                    ->sortable(),
+            ])
+            ->filters([
+                Tables\Filters\Filter::make('claimed')
+                    ->label('Claimed')
+                    ->query(fn (Builder $query): Builder => $query->whereNotNull('claimed_at')),
+                Tables\Filters\Filter::make('unclaimed')
+                    ->label('Unclaimed')
+                    ->query(fn (Builder $query): Builder => $query->whereNull('claimed_at')),
+                Tables\Filters\Filter::make('recurring')
+                    ->label('Recurring')
+                    ->query(fn (Builder $query): Builder => $query->whereNotNull('interval')),
+            ])
+            ->actions([
+                Tables\Actions\ViewAction::make(),
+            ]);
+    }
+
+    public static function getRelations(): array
+    {
+        return [];
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListOpenCollectiveDonations::route('/'),
+            'view' => Pages\ViewOpenCollectiveDonation::route('/{record}'),
+        ];
+    }
+}

app/Filament/Resources/OpenCollectiveDonationResource/Pages/ListOpenCollectiveDonations.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\OpenCollectiveDonationResource\Pages;
+
+use App\Filament\Resources\OpenCollectiveDonationResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ListRecords;
+
+class ListOpenCollectiveDonations extends ListRecords
+{
+    protected static string $resource = OpenCollectiveDonationResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\CreateAction::make(),
+        ];
+    }
+}

app/Filament/Resources/OpenCollectiveDonationResource/Pages/ViewOpenCollectiveDonation.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\OpenCollectiveDonationResource\Pages;
+
+use App\Filament\Resources\OpenCollectiveDonationResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewOpenCollectiveDonation extends ViewRecord
+{
+    protected static string $resource = OpenCollectiveDonationResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\EditAction::make(),
+        ];
+    }
+}

app/Http/Controllers/OpenCollectiveWebhookController.php

@@ -0,0 +1,93 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\OpenCollectiveDonation;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;
+
+class OpenCollectiveWebhookController extends Controller
+{
+    public function handle(Request $request)
+    {
+        // Verify webhook signature if secret is configured
+        if (config('services.opencollective.webhook_secret')) {
+            $this->verifySignature($request);
+        }
+
+        $payload = $request->all();
+        $type = $payload['type'] ?? null;
+
+        Log::info('OpenCollective webhook received', [
+            'type' => $type,
+            'payload' => $payload,
+        ]);
+
+        // Handle different webhook types
+        match ($type) {
+            'order.processed' => $this->handleOrderProcessed($payload),
+            default => Log::info('Unhandled OpenCollective webhook type', ['type' => $type]),
+        };
+
+        return response()->json(['status' => 'success']);
+    }
+
+    protected function verifySignature(Request $request): void
+    {
+        $secret = config('services.opencollective.webhook_secret');
+        $signature = $request->header('X-OpenCollective-Signature');
+
+        if (! $signature) {
+            abort(401, 'Missing webhook signature');
+        }
+
+        $payload = $request->getContent();
+        $expectedSignature = hash_hmac('sha256', $payload, $secret);
+
+        if (! hash_equals($expectedSignature, $signature)) {
+            abort(401, 'Invalid webhook signature');
+        }
+    }
+
+    protected function handleOrderProcessed(array $payload): void
+    {
+        $webhookId = $payload['id'] ?? null;
+        $data = $payload['data'] ?? [];
+        $order = $data['order'] ?? [];
+        $fromCollective = $data['fromCollective'] ?? [];
+
+        $orderId = $order['id'] ?? null;
+
+        if (! $orderId) {
+            Log::warning('OpenCollective order.processed missing order ID', ['payload' => $payload]);
+
+            return;
+        }
+
+        // Check if we've already processed this order
+        if (OpenCollectiveDonation::where('order_id', $orderId)->exists()) {
+            Log::info('OpenCollective order already processed', ['order_id' => $orderId]);
+
+            return;
+        }
+
+        // Store the donation for later claiming
+        OpenCollectiveDonation::create([
+            'webhook_id' => $webhookId,
+            'order_id' => $orderId,
+            'order_idv2' => $order['idV2'] ?? null,
+            'amount' => $order['totalAmount'] ?? 0,
+            'currency' => $order['currency'] ?? 'USD',
+            'interval' => $order['interval'] ?? null,
+            'from_collective_id' => $fromCollective['id'] ?? $order['FromCollectiveId'] ?? 0,
+            'from_collective_name' => $fromCollective['name'] ?? null,
+            'from_collective_slug' => $fromCollective['slug'] ?? null,
+            'raw_payload' => $payload,
+        ]);
+
+        Log::info('OpenCollective donation stored for claiming', [
+            'order_id' => $orderId,
+            'amount' => $order['totalAmount'] ?? 0,
+        ]);
+    }
+}

app/Http/Middleware/VerifyCsrfToken.php

@@ -13,5 +13,6 @@ class VerifyCsrfToken extends Middleware
      */
     protected $except = [
         'stripe/webhook',
+        'opencollective/contribution',
     ];
 }