BC Support (#135)

Co-authored-by: Andrew Hebert <[email protected]>
system76 · Dec 4, 2023 · 7d4d3e0 · 7d4d3e0
1 parent 483b663
commit 7d4d3e0
Show file tree

Hide file tree

Showing 22 changed files with 442 additions and 58 deletions.
diff --git a/.gitignore b/.gitignore
@@ -39,3 +39,6 @@ npm-debug.log
 
 /.elixir_ls/
 /log/
+
+# local environment
+.env*
diff --git a/config/dev.exs b/config/dev.exs
@@ -52,3 +52,12 @@ config :hammer,
        pool_size: 4,
        pool_max_overflow: 2
      ]}
+
+config :recognizer, Recognizer.BigCommerce,
+  client_id: "bc_id",
+  client_secret: "bc_secret",
+  access_token: "bc_access_token",
+  store_hash: "bc_store_hash",
+  login_uri: "http://localhost/",
+  http_client: HTTPoison,
+  enabled?: true
diff --git a/config/releases.exs b/config/releases.exs
@@ -67,3 +67,12 @@ config :hammer,
        pool_size: 4,
        pool_max_overflow: 2
      ]}
+
+config :recognizer, Recognizer.BigCommerce,
+  client_id: recognizer_config["BIGCOMMERCE_CLIENT_ID"],
+  client_secret: recognizer_config["BIGCOMMERCE_CLIENT_SECRET"],
+  access_token: recognizer_config["BIGCOMMERCE_ACCESS_TOKEN"],
+  store_hash: recognizer_config["BIGCOMMERCE_STORE_HASH"],
+  login_uri: recognizer_config["BIGCOMMERCE_LOGIN_URI"],
+  http_client: HTTPoison,
+  enabled?: false
diff --git a/config/test.exs b/config/test.exs
@@ -30,3 +30,12 @@ config :hammer,
        pool_size: 4,
        pool_max_overflow: 2
      ]}
+
+config :recognizer, Recognizer.BigCommerce,
+  client_id: "bc_id",
+  client_secret: "bc_secret",
+  access_token: "bc_access_token",
+  store_hash: "bc_store_hash",
+  login_uri: "http://localhost/",
+  http_client: HTTPoisonMock,
+  enabled?: true
diff --git a/lib/recognizer/accounts.ex b/lib/recognizer/accounts.ex
@@ -11,6 +11,7 @@ defmodule Recognizer.Accounts do
   alias Recognizer.Accounts.RecoveryCode
   alias Recognizer.Accounts.User
   alias Recognizer.Accounts.VerificationCode
+  alias Recognizer.BigCommerce
   alias Recognizer.Notifications.Account, as: Notification
   alias Recognizer.Guardian
   alias Recognizer.Repo
@@ -166,20 +167,29 @@ defmodule Recognizer.Accounts do
       {:error, %Ecto.Changeset{}}
 
   """
-  def register_user(attrs, opts \\ [])
+  def register_user(attrs, opts \\ []) do
+    Repo.transaction(fn ->
+      case do_register_user(attrs, opts) do
+        {:ok, user} -> user
+        {:error, e} -> Repo.rollback(e)
+      end
+    end)
+  end
 
-  def register_user(attrs, verify_account_url_fun: verify_account_url_fun) do
+  defp do_register_user(attrs, verify_account_url_fun: verify_account_url_fun) do
     %User{}
     |> User.registration_changeset(attrs)
     |> insert_user_and_notification_preferences()
+    |> maybe_create_big_commerce_customer()
     |> maybe_generate_verification_code(verify_account_url_fun)
     |> maybe_send_newsletter(attrs)
   end
 
-  def register_user(attrs, opts) do
+  defp do_register_user(attrs, opts) do
     %User{}
     |> User.registration_changeset(attrs, opts)
     |> insert_user_and_notification_preferences()
+    |> maybe_create_big_commerce_customer()
     |> maybe_mark_user_verified()
     |> maybe_notify_new_user()
     |> maybe_send_newsletter(attrs)
@@ -203,6 +213,7 @@ defmodule Recognizer.Accounts do
     %User{}
     |> User.oauth_registration_changeset(attrs)
     |> insert_user_and_notification_preferences()
+    |> maybe_create_big_commerce_customer()
     |> maybe_notify_new_user()
   end
 
@@ -705,4 +716,16 @@ defmodule Recognizer.Accounts do
 
     Repo.delete_all(user_codes)
   end
+
+  def maybe_create_big_commerce_customer({:ok, user}) do
+    if BigCommerce.enabled?() do
+      BigCommerce.create_customer(user)
+    else
+      {:ok, user}
+    end
+  end
+
+  def maybe_create_big_commerce_customer(error) do
+    error
+  end
 end
diff --git a/lib/recognizer/accounts/bc_customer_user.ex b/lib/recognizer/accounts/bc_customer_user.ex
@@ -0,0 +1,15 @@
+defmodule Recognizer.Accounts.BCCustomerUser do
+  @moduledoc false
+
+  use Ecto.Schema
+
+  alias Recognizer.Accounts.User
+
+  @primary_key false
+  schema "bigcommerce_customer_users" do
+    field :bc_id, :integer
+    belongs_to :user, User, primary_key: true
+
+    timestamps()
+  end
+end
diff --git a/lib/recognizer/accounts/user.ex b/lib/recognizer/accounts/user.ex
@@ -8,7 +8,12 @@ defmodule Recognizer.Accounts.User do
 
   import Ecto.Changeset
 
-  alias Recognizer.Accounts.{NotificationPreference, OAuth, Organization, RecoveryCode, Role}
+  alias Recognizer.Accounts.BCCustomerUser, as: BcUser
+  alias Recognizer.Accounts.NotificationPreference
+  alias Recognizer.Accounts.OAuth
+  alias Recognizer.Accounts.Organization
+  alias Recognizer.Accounts.RecoveryCode
+  alias Recognizer.Accounts.Role
   alias Recognizer.Repo
   alias __MODULE__
 
@@ -41,6 +46,7 @@ defmodule Recognizer.Accounts.User do
     field :verified_at, :utc_datetime
 
     has_one :notification_preference, NotificationPreference, on_replace: :update
+    has_one :bigcommerce_user, BcUser
 
     belongs_to :organization, Organization
 

diff --git a/lib/recognizer/bigcommerce.ex b/lib/recognizer/bigcommerce.ex
@@ -0,0 +1,61 @@
+defmodule Recognizer.BigCommerce do
+  @moduledoc """
+  BigCommerce context.
+  """
+
+  require Logger
+
+  alias Recognizer.Accounts.BCCustomerUser, as: Customer
+  alias Recognizer.BigCommerce.Client
+  alias Recognizer.BigCommerce.Token
+  alias Recognizer.Repo
+
+  def enabled?() do
+    config(:enabled?)
+  end
+
+  def create_customer(user) do
+    case Client.create_customer(user) do
+      {:ok, bc_id} ->
+        Repo.insert(%Customer{user_id: user.id, bc_id: bc_id})
+        {:ok, user}
+
+      {:error, e} ->
+        Logger.error("error creating bigcommerce customer: #{inspect(e)}")
+        {:error, e}
+    end
+  end
+
+  def generate_login_jwt(user) do
+    {:ok, token, _claims} =
+      user
+      |> Recognizer.Repo.preload(:bigcommerce_user)
+      |> jwt_claims()
+      |> Token.generate_and_sign(jwt_signer())
+
+    token
+  end
+
+  def login_redirect_uri(jwt) do
+    config(:login_uri) <> jwt
+  end
+
+  defp jwt_claims(user) do
+    %{
+      "aud" => "BigCommerce",
+      "iss" => config(:client_id),
+      "jti" => Ecto.UUID.generate(),
+      "operation" => "customer_login",
+      "store_hash" => config(:store_hash),
+      "customer_id" => user.bigcommerce_user.bc_id
+    }
+  end
+
+  defp jwt_signer() do
+    Joken.Signer.create("HS256", config(:client_secret))
+  end
+
+  defp config(key) do
+    Application.get_env(:recognizer, __MODULE__)[key]
+  end
+end
diff --git a/lib/recognizer/bigcommerce/client.ex b/lib/recognizer/bigcommerce/client.ex
@@ -0,0 +1,98 @@
+defmodule Recognizer.BigCommerce.Client do
+  @moduledoc """
+  BigCommerce v3
+  """
+
+  require Logger
+
+  alias Recognizer.Accounts.User
+
+  alias HTTPoison.Response
+
+  @default_retry_ms 5000
+
+  def create_customer(user) do
+    with {:ok, customer_params} <- user_as_customer_params(user),
+         {:ok, customer_json} <- Jason.encode(customer_params),
+         {:ok, response} <- post_customer(customer_json) do
+      get_id(response)
+    else
+      {:error, e} ->
+        Logger.error("cannot create customer with error: #{inspect(e)}")
+        {:error, e}
+
+      e ->
+        Logger.error("cannot create customer with error: #{inspect(e)}")
+        {:error, e}
+    end
+  end
+
+  defp user_as_customer_params(%User{email: email, first_name: first_name, last_name: last_name}) do
+    {:ok, [%{"email" => email, "first_name" => first_name, "last_name" => last_name}]}
+  end
+
+  defp user_as_customer_params(_user) do
+    {:error, :invalid_user}
+  end
+
+  defp post_customer(customer_json) do
+    case http_client().post(customers_uri(), customer_json, default_headers()) do
+      {:ok, %Response{body: response, status_code: 200}} ->
+        {:ok, response}
+
+      {:ok, %Response{status_code: 429, headers: headers}} ->
+        sleep_for_rate_limit(headers)
+        post_customer(customer_json)
+
+      {:error, e} ->
+        {:error, e}
+
+      e ->
+        {:error, e}
+    end
+  end
+
+  defp get_id(response) do
+    case Jason.decode(response) do
+      {:ok, %{"data" => [%{"id" => id}]}} -> {:ok, id}
+      {:error, e} -> {:error, e}
+      e -> {:error, e}
+    end
+  end
+
+  defp default_headers() do
+    [
+      {"Content-Type", "application/json"},
+      {"Accept", "application/json"},
+      {"Authorization", "Bearer #{config(:access_token)}"},
+      {"x-Auth-Token", config(:access_token)}
+    ]
+  end
+
+  defp customers_uri() do
+    uri("/v3/customers")
+  end
+
+  defp uri(path) do
+    "https://api.bigcommerce.com/stores/#{config(:store_hash)}#{path}"
+  end
+
+  defp http_client() do
+    config(:http_client)
+  end
+
+  defp config(key) do
+    Application.get_env(:recognizer, Recognizer.BigCommerce)[key]
+  end
+
+  defp sleep_for_rate_limit(headers) do
+    retry_ms =
+      case List.keyfind(headers, "x-rate-limit-time-reset-ms", 0) do
+        nil -> @default_retry_ms
+        {_, retry_value} -> String.to_integer(retry_value)
+      end
+
+    Logger.warn("Rate limited, sleeping for ms: #{inspect(retry_ms)}")
+    Process.sleep(retry_ms)
+  end
+end
diff --git a/lib/recognizer/bigcommerce/token.ex b/lib/recognizer/bigcommerce/token.ex
@@ -0,0 +1,5 @@
+defmodule Recognizer.BigCommerce.Token do
+  @moduledoc false
+
+  use Joken.Config
+end
diff --git a/lib/recognizer_web/authentication.ex b/lib/recognizer_web/authentication.ex
@@ -7,8 +7,9 @@ defmodule RecognizerWeb.Authentication do
   import Phoenix.Controller
 
   alias Guardian.DB, as: GuardianDB
-  alias RecognizerWeb.Router.Helpers, as: Routes
+  alias Recognizer.BigCommerce
   alias Recognizer.Guardian
+  alias RecognizerWeb.Router.Helpers, as: Routes
 
   @doc """
   Logs the user in.
@@ -31,15 +32,27 @@ defmodule RecognizerWeb.Authentication do
         |> redirect(to: Routes.prompt_two_factor_path(conn, :new))
 
       {:ok, _user} ->
-        redirect_opts = login_redirect(conn)
-
-        conn
-        |> clear_session()
-        |> Guardian.Plug.sign_in(user, params)
-        |> redirect(redirect_opts)
+        if BigCommerce.enabled?() && get_session(conn, :bc) do
+          log_in_bc_user(conn, user)
+        else
+          redirect_opts = login_redirect(conn)
+
+          conn
+          |> clear_session()
+          |> Guardian.Plug.sign_in(user, params)
+          |> redirect(redirect_opts)
+        end
     end
   end
 
+  defp log_in_bc_user(conn, user) do
+    jwt = BigCommerce.generate_login_jwt(user)
+
+    conn
+    |> clear_session()
+    |> redirect(external: BigCommerce.login_redirect_uri(jwt))
+  end
+
   @doc """
   Logs the user in via the API.
   """

diff --git a/lib/recognizer_web/controllers/accounts/user_oauth_controller.ex b/lib/recognizer_web/controllers/accounts/user_oauth_controller.ex
@@ -33,6 +33,9 @@ defmodule RecognizerWeb.Accounts.UserOAuthController do
         conn
         |> put_flash(:error, friendly_error_message(changeset))
         |> redirect(to: Routes.user_session_path(conn, :new))
+
+      {:error, e} ->
+        {:error, e}
     end
   end
 
@@ -83,8 +86,8 @@ defmodule RecognizerWeb.Accounts.UserOAuthController do
            {:ok, _oauth} <- Accounts.create_oauth(user, provider, uid) do
         user
       else
-        {:error, changeset} ->
-          Repo.rollback(changeset)
+        {:error, e} ->
+          Repo.rollback(e)
       end
     end)
   end