chore: 2022-08-23 release (#423)

* feat(firestore-stripe-payments): upgraded to the new emulator suite (#400)

tests(firestore-stripe-payments): upgraded to the new emulator suite

* fix(firestore-stripe-payments): added env stripe key check on test setup

* fix(firestore-stripe-payments): added env stripe key check on test setup

* formatted code

* Remove link to old repo

* feat(firestore-stripe-payments): Allow configuring min instances for createCheckoutSession (#375)

* feat: Allow configuring min instances for createCheckoutSession

* Update firestore-stripe-payments/extension.yaml

* Update firestore-stripe-payments/extension.yaml

Co-authored-by: Jonathan Steele <[email protected]>

* chore(firestore-stripe-payments): updated scripts for CI and local testing (#415)

* chore(firestore-stripe-payments): updated scripts for ci and local testing

* chore(firestore-stripe-payments): added testing typescript configuration, fixes jest warnings in files

* fix(firestore-stripe-web-sdk): locked sinon types to 10.0.6

* chore(firestore-stripe-payments): removed obsolete comments

* fix(firestore-stripe-payments): `minInstances` parameter expects number

* docs(firestore-stripe-payments): Update APIs for restricted key (#411)

Prices API replaces the Plans API, per https://stripe.com/docs/api/plans

* docs(firestore-stripe-payments): Add extra context to `CREATE_CHECKOUT_SESSION_MIN_INSTANCES` config parameter

* fix(firestore-stripe-payments): added subscription payments prices, test and refactor included (#393)

* fix(firestore-stripe-payments): added subscription payments prices, tests and refactor included

* chore: locked firebase tools workflow to 10.9.2

* added setup emulator for collection helper functions

* chore: commiting empty env files

* chore: updated ci firebase tools to latest

* pinned sinon types at 10.0.6

* feat(firestore-stripe-payments): createPortalLink auth tweaks (#420)

Throw 'unauthenticated' code instead of 'failed-precondition' and use optional chaining (supported in Node 14) to avoid redundant check for 'context.auth.uid'.

* docs(firestore-stripe-payments): Fix GitHub link to `firestore-stripe-web-sdk` README

Fixes #409

* chore: 2022-08-23 release (#422)

* [skip ci] Open PR

* chore(firestore-stripe-payments): 0.3.0 release

Co-authored-by: Darren Ackers <[email protected]>
Co-authored-by: CJ Avilla <[email protected]>
Co-authored-by: Allen <[email protected]>
Co-authored-by: Will Battel <[email protected]>

Author: 5 people

.github/workflows/test.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node: ["12", "14"]
+        node: ["14", "16"]
     name: node.js_${{ matrix.node }}_test
     steps:
       - uses: actions/checkout@v2

codelab-steps/index.lab.md

@@ -526,7 +526,6 @@ Check out some of these other extensions:
 
 - [Check out the Cloud Functions for Firebase codelab](https://codelabs.developers.google.com/codelabs/firebase-cloud-functions/#0)
 - [Create Stripe customers and charge them on Firestore write](https://github.com/firebase/functions-samples/tree/master/stripe)
-- [Firebase mobile payments: Android & iOS with Cloud Functions for Firebase](https://github.com/stripe-samples/firebase-mobile-payments)
 
 ### Learn more about Stripe
 

firestore-stripe-payments/CHANGELOG.md

@@ -1,3 +1,10 @@
+## Version 0.3.0 - 2022-08-23
+[feat] Allow configurable minimum instances for `createCheckoutSession` function. [#375]
+
+[feat] Throw an `unauthenticated` Firebase error from `creatPortalLink` function. [#420]
+
+[feat] Add Price object IDs from invoice line items for subscription payments to payments Firestore collection. [#393]
+
 ## Version 0.2.7 - 2022-05-10
 [chore] Updated package-lock.json that was causing install errors.
 
@@ -270,7 +277,7 @@ db.collection("products")
 
 Previously, only subscriptions created via Stripe Checkout were synced to Cloud Firestore. By additionally listening to the `customer.subscription.created` event, the extension now also captures subscriptions created via the Stripe Dashboard or directly via the API. For this to work, Firebase Authentication users need to be synced with Stripe customer objects and the customers collection in Cloud Firestore (new configuration added in version `0.1.7`).
 
-[docs] - Add snippet on importing Stripe.js as an ES module when using a build toolchain for your client application (e.g. Angular, React, TypeScript, etc.) to `POSTINSTALL.md`. (#74)
+ - Add snippet on importing Stripe.js as an ES module when using a build toolchain for your client application (e.g. Angular, React, TypeScript, etc.) to `POSTINSTALL.md`. (#74)
 
 ## Version 0.1.6 - 2020-09-10
 
@@ -393,7 +400,7 @@ type: "one_time" | "recurring";
 
 [feat] - Add support for discounts, coupons, promotion codes:
 
-You can create customer-facing promotion codes in the [Stripe Dashboard](https://dashboard.stripe.com/coupons/create). Refer to the [docs](https://stripe.com/docs/billing/subscriptions/discounts/codes) for a detailed guide on how to set these up.
+You can create customer-facing promotion codes in the [Stripe Dashboard](https://dashboard.stripe.com/coupons/create). Refer to the (https://stripe.com/docs/billing/subscriptions/discounts/codes) for a detailed guide on how to set these up.
 
 To show the promotion code redemption box on the checkout page, set `allow_promotion_codes: true` when creating the `checkout_sessions` document:
 

firestore-stripe-payments/POSTINSTALL.md

@@ -1,6 +1,6 @@
 ### Client SDK
 
-You can use the [`@stripe/firestore-stripe-payments`](https://github.com/stripe/stripe-firebase-extensions/blob/web-sdk/firestore-stripe-web-sdk/README.md)
+You can use the [`@stripe/firestore-stripe-payments`](https://github.com/stripe/stripe-firebase-extensions/blob/next/firestore-stripe-web-sdk/README.md)
 JavaScript package to easily access this extension from web clients. This client SDK provides
 TypeScript type definitions and high-level convenience APIs for most common operations client
 applications would want to implement using the extension.

firestore-stripe-payments/README.md

@@ -48,7 +48,7 @@ Before installing this extension, set up the following Firebase services in your
 
 Then, in the [Stripe Dashboard](https://dashboard.stripe.com):
 
-- Create a new [restricted key](https://stripe.com/docs/keys#limit-access) with write access for the "Customers", "Checkout Sessions" and "Customer portal" resources, and read-only access for the "Subscriptions" and "Plans" resources.
+- Create a new [restricted key](https://stripe.com/docs/keys#limit-access) with write access for the "Customers", "Checkout Sessions" and "Customer portal" resources, and read-only access for the "Subscriptions" and "Prices" resources.
 
 #### Billing
 

firestore-stripe-payments/_emulator/extensions/firestore-stripe-payments.env.local

@@ -0,0 +1 @@
+STRIPE_API_KEY=

firestore-stripe-payments/_emulator/extensions/firestore-stripe-payments.secret.local

@@ -0,0 +1,29 @@
+{
+  "extensions": {
+    "firestore-stripe-payments": "../"
+  },
+  "storage": {
+    "rules": "storage.rules"
+  },
+  "emulators": {
+    "hub": {
+      "port": 4000
+    },
+    "storage": {
+      "port": 9199
+    },
+    "auth": {
+      "port": 9099
+    },
+    "ui": {
+      "enabled": true
+    },
+    "functions": {
+      "port": 5001
+    }
+  },
+  "firestore": {
+    "rules": "firestore.rules",
+    "indexes": "firestore.indexes.json"
+  }
+}

firestore-stripe-payments/_emulator/firebase.json

@@ -0,0 +1,4 @@
+{
+  "indexes": [],
+  "fieldOverrides": []
+}

firestore-stripe-payments/_emulator/firestore.indexes.json

@@ -0,0 +1,16 @@
+service cloud.firestore {
+  match /databases/{database}/documents {
+    match /{document=**} {
+      // This rule allows anyone with your database reference to view, edit,
+      // and delete all data in your database. It is useful for getting
+      // started, but it is configured to expire after 30 days because it
+      // leaves your app open to attackers. At that time, all client
+      // requests to your database will be denied.
+      //
+      // Make sure to write security rules for your app before that time, or
+      // else all client requests to your database will be denied until you
+      // update your rules.
+      allow read, write: if request.time < timestamp.date(2022, 7, 2);
+    }
+  }
+}

firestore-stripe-payments/_emulator/firestore.rules

@@ -0,0 +1,8 @@
+rules_version = '2';
+service firebase.storage {
+  match /b/{bucket}/o {
+    match /{allPaths=**} {
+      allow read, write: if true;
+    }
+  }
+}

firestore-stripe-payments/_emulator/storage.rules

@@ -13,7 +13,7 @@
 # limitations under the License.
 
 name: firestore-stripe-payments
-version: 0.2.7
+version: 0.3.0
 specVersion: v1beta
 
 displayName: Run Payments with Stripe
@@ -212,8 +212,8 @@ params:
   - param: DELETE_STRIPE_CUSTOMERS
     label: Automatically delete Stripe customer objects
     description: >-
-      Do you want to automatically delete customer objects in Stripe? 
-      When a user is deleted in Firebase Authentication or in Cloud Firestore and set to 'Auto delete' 
+      Do you want to automatically delete customer objects in Stripe?
+      When a user is deleted in Firebase Authentication or in Cloud Firestore and set to 'Auto delete'
       the extension will delete their customer object in Stripe which will immediately cancel all subscriptions for the user.
     type: select
     options:
@@ -228,7 +228,7 @@ params:
     label: Stripe API key with restricted access
     type: secret
     description: >-
-      What is your Stripe API key? 
+      What is your Stripe API key?
       We recommend creating a new [restricted key](https://stripe.com/docs/keys#limit-access)
       with write access only for the "Customers", "Checkout Sessions" and "Customer portal" resources.
       And read-only access for the "Subscriptions" and "Plans" resources.
@@ -239,13 +239,24 @@ params:
     label: Stripe webhook secret
     type: secret
     description: >-
-      This is your signing secret for a Stripe-registered webhook. 
+      This is your signing secret for a Stripe-registered webhook.
       This webhook can only be registered after installation.
-      Leave this value untouched during installation, then follow the 
+      Leave this value untouched during installation, then follow the
       postinstall instructions for registering your webhook
       and configuring this value.
     example: whsec_1234567890
     required: false
+
+  - param: CREATE_CHECKOUT_SESSION_MIN_INSTANCES
+    label: Minimum instances for createCheckoutSession function
+    type: secret
+    description: >-
+      Set the minimum number of function instances that should be always be available to create Checkout Sessions.
+      This number can be adjusted to reduce cold starts and increase the responsiveness
+      of Checkout Session creation requests. Suggested values are 0 or 1. Please note this setting will likely incur billing costss, see the [Firebase documentation](https://firebase.google.com/docs/functions/manage-functions#reduce_the_number_of_cold_starts) for more information.
+    default: 0
+    required: true
+
 events:
   - type: com.stripe.v1.product.created
     description: Occurs whenever a product is created.

firestore-stripe-payments/extension.yaml

@@ -0,0 +1,76 @@
+import * as admin from 'firebase-admin';
+import { DocumentReference, DocumentData } from '@google-cloud/firestore';
+import {
+  waitForDocumentToExistInCollection,
+  waitForDocumentToExistWithField,
+} from './utils';
+import { UserRecord } from 'firebase-functions/v1/auth';
+import setupEmulator from './setupEmulator';
+
+if (admin.apps.length === 0) {
+  admin.initializeApp({ projectId: 'demo-project' });
+}
+
+setupEmulator();
+
+const firestore = admin.firestore();
+
+function customerCollection() {
+  return firestore.collection('customers');
+}
+
+function paymentsCollection(userId) {
+  return firestore.collection('customers').doc(userId).collection('payments');
+}
+
+export async function findCustomerInCollection(user: UserRecord) {
+  const doc = firestore.collection('customers').doc(user.uid);
+
+  const customerDoc = await waitForDocumentToExistWithField(
+    doc,
+    'stripeId',
+    60000
+  );
+
+  return Promise.resolve({ docId: user.uid, ...customerDoc.data() });
+}
+
+export async function findCustomerPaymentInCollection(
+  userId: string,
+  stripeId: string
+) {
+  const paymentDoc: DocumentData = await waitForDocumentToExistInCollection(
+    paymentsCollection(userId),
+    'customer',
+    stripeId
+  );
+
+  const paymentRef = paymentsCollection(userId).doc(paymentDoc.doc.id);
+
+  const updatedPaymentDoc = await waitForDocumentToExistWithField(
+    paymentRef,
+    'prices'
+  );
+
+  return updatedPaymentDoc.data();
+}
+
+export async function createCheckoutSession(userId, subscription) {
+  const checkoutSessionCollection = customerCollection()
+    .doc(userId)
+    .collection('checkout_sessions');
+
+  const checkoutSessionDocument: DocumentReference =
+    await checkoutSessionCollection.add({
+      success_url: 'http://test.com/success',
+      cancel_url: 'http://test.com/cancel',
+      ...subscription,
+    });
+
+  const checkoutSessionDoc = await waitForDocumentToExistWithField(
+    checkoutSessionDocument,
+    'created'
+  );
+
+  return checkoutSessionDoc.data();
+}

firestore-stripe-payments/functions/__tests__/helpers/collections.ts

@@ -0,0 +1,43 @@
+import puppeteer from 'puppeteer';
+
+export default async (url: string): Promise<void> => {
+  console.info('Running checkout form in headless mode...');
+  const browser = await puppeteer.launch();
+  try {
+    const page = await browser.newPage();
+    await page.goto(url, {
+      waitUntil: 'networkidle0',
+      timeout: 120000,
+    });
+
+    await page.focus('#cardNumber');
+    await page.keyboard.type('4242424242424242', { delay: 100 });
+    await page.keyboard.press('Enter');
+
+    await page.focus('#cardExpiry');
+    await page.keyboard.type('1224');
+
+    await page.focus('#cardCvc');
+    await page.keyboard.type('123');
+
+    await page.focus('#billingName');
+    await page.keyboard.type('testing');
+
+    await page.focus('#billingAddressLine1');
+    await page.keyboard.type('1600 Amphitheatre Parkwa');
+    await page.keyboard.press('Enter');
+
+    await page.focus('#billingLocality');
+    await page.keyboard.type('Mountain View');
+
+    await page.focus('#billingPostalCode');
+    await page.keyboard.type('CA 94043');
+    await page.keyboard.press('Enter');
+
+    await page.waitForNetworkIdle();
+    await browser.close();
+  } catch (exception) {
+  } finally {
+    await browser.close();
+  }
+};

firestore-stripe-payments/functions/__tests__/helpers/forms/runCheckout.ts

@@ -0,0 +1,21 @@
+const path = require('path');
+
+export const pathToenvFile = path.resolve(
+  __dirname,
+  '../../../_emulator/extensions/firestore-stripe-payments.env.local'
+);
+
+export const pathTosecretsFile = path.resolve(
+  __dirname,
+  '../../../_emulator/extensions/firestore-stripe-payments.secret.local'
+);
+
+export const setupEnvironment = () => {
+  require('dotenv').config({
+    path: pathToenvFile,
+  });
+
+  require('dotenv').config({
+    path: pathTosecretsFile,
+  });
+};