Create stripe customer IDs for users when syncing identity

devksingh4 · devksingh4 · commit 2d1fac462629 · 2025-10-26T22:11:39.000-05:00
diff --git a/src/api/functions/stripe.ts b/src/api/functions/stripe.ts
@@ -1,3 +1,4 @@
+import { isProd } from "api/utils.js";
 import { InternalServerError, ValidationError } from "common/errors/index.js";
 import { capitalizeFirstLetter } from "common/types/roomRequest.js";
 import Stripe from "stripe";
@@ -23,6 +24,18 @@ export type StripeCheckoutSessionCreateParams = {
   customFields?: Stripe.Checkout.SessionCreateParams.CustomField[];
 };
 
+export type StripeCheckoutSessionCreateWithCustomerParams = {
+  successUrl?: string;
+  returnUrl?: string;
+  customerId?: string;
+  stripeApiKey: string;
+  items: { price: string; quantity: number }[];
+  initiator: string;
+  metadata?: Record<string, string>;
+  allowPromotionCodes: boolean;
+  customFields?: Stripe.Checkout.SessionCreateParams.CustomField[];
+};
+
 /**
  * Create a Stripe payment link for an invoice. Note that invoiceAmountUsd MUST IN CENTS!!
  * @param {StripeLinkCreateParams} options
@@ -107,6 +120,44 @@ export const createCheckoutSession = async ({
   return session.url;
 };
 
+export const createCheckoutSessionWithCustomer = async ({
+  successUrl,
+  returnUrl,
+  stripeApiKey,
+  customerId,
+  items,
+  initiator,
+  allowPromotionCodes,
+  customFields,
+  metadata,
+}: StripeCheckoutSessionCreateWithCustomerParams): Promise<string> => {
+  const stripe = new Stripe(stripeApiKey);
+  const payload: Stripe.Checkout.SessionCreateParams = {
+    success_url: successUrl || "",
+    cancel_url: returnUrl || "",
+    payment_method_types: ["card"],
+    line_items: items.map((item) => ({
+      price: item.price,
+      quantity: item.quantity,
+    })),
+    mode: "payment",
+    customer: customerId,
+    metadata: {
+      ...(metadata || {}),
+      initiator,
+    },
+    allow_promotion_codes: allowPromotionCodes,
+    custom_fields: customFields,
+  };
+  const session = await stripe.checkout.sessions.create(payload);
+  if (!session.url) {
+    throw new InternalServerError({
+      message: "Could not create Stripe checkout session.",
+    });
+  }
+  return session.url;
+};
+
 export const deactivateStripeLink = async ({
   linkId,
   stripeApiKey,
@@ -244,3 +295,28 @@ export const getPaymentMethodDescriptionString = ({
       return `${friendlyName} (${cardBrandMap[cardPresentData.brand || "unknown"]} ending in ${cardPresentData.last4})`;
   }
 };
+
+export type StripeCustomerCreateParams = {
+  email: string;
+  name: string;
+  stripeApiKey: string;
+  metadata?: Record<string, string>;
+};
+
+export const createStripeCustomer = async ({
+  email,
+  name,
+  stripeApiKey,
+  metadata,
+}: StripeCustomerCreateParams): Promise<string> => {
+  const stripe = new Stripe(stripeApiKey);
+  const customer = await stripe.customers.create({
+    email,
+    name,
+    metadata: {
+      ...metadata,
+      ...(isProd ? {} : { environment: process.env.RunEnvironment }),
+    },
+  });
+  return customer.id;
+};
diff --git a/src/api/functions/sync.ts b/src/api/functions/sync.ts
@@ -2,14 +2,22 @@ import {
   UpdateItemCommand,
   type DynamoDBClient,
 } from "@aws-sdk/client-dynamodb";
+import { Redis, ValidLoggers } from "api/types.js";
 import { genericConfig } from "common/config.js";
+import { createLock, IoredisAdapter } from "redlock-universal";
+import { createStripeCustomer } from "./stripe.js";
+import { InternalServerError } from "common/errors/index.js";
+import { unmarshall } from "@aws-sdk/util-dynamodb";
 
 export interface SyncFullProfileInputs {
   uinHash: string;
   netId: string;
   firstName: string;
   lastName: string;
   dynamoClient: DynamoDBClient;
+  redisClient: Redis;
+  stripeApiKey: string;
+  logger: ValidLoggers;
 }
 
 export async function syncFullProfile({
@@ -18,29 +26,85 @@ export async function syncFullProfile({
   firstName,
   lastName,
   dynamoClient,
+  redisClient,
+  stripeApiKey,
+  logger,
 }: SyncFullProfileInputs) {
-  return dynamoClient.send(
-    new UpdateItemCommand({
-      TableName: genericConfig.UserInfoTable,
-      Key: {
-        id: { S: `${netId}@illinois.edu` },
-      },
-      UpdateExpression:
-        "SET #uinHash = :uinHash, #netId = :netId, #updatedAt = :updatedAt, #firstName = :firstName, #lastName = :lastName",
-      ExpressionAttributeNames: {
-        "#uinHash": "uinHash",
-        "#netId": "netId",
-        "#updatedAt": "updatedAt",
-        "#firstName": "firstName",
-        "#lastName": "lastName",
-      },
-      ExpressionAttributeValues: {
-        ":uinHash": { S: uinHash },
-        ":netId": { S: netId },
-        ":firstName": { S: firstName },
-        ":lastName": { S: lastName },
-        ":updatedAt": { S: new Date().toISOString() },
-      },
-    }),
-  );
+  const lock = createLock({
+    adapter: new IoredisAdapter(redisClient),
+    key: `userSync:${netId}`,
+    retryAttempts: 5,
+    retryDelay: 300,
+  });
+
+  return await lock.using(async (signal) => {
+    const userId = `${netId}@illinois.edu`;
+    const updateResult = await dynamoClient.send(
+      new UpdateItemCommand({
+        TableName: genericConfig.UserInfoTable,
+        Key: {
+          id: { S: userId },
+        },
+        UpdateExpression:
+          "SET #uinHash = :uinHash, #netId = :netId, #updatedAt = :updatedAt, #firstName = :firstName, #lastName = :lastName",
+        ExpressionAttributeNames: {
+          "#uinHash": "uinHash",
+          "#netId": "netId",
+          "#updatedAt": "updatedAt",
+          "#firstName": "firstName",
+          "#lastName": "lastName",
+        },
+        ExpressionAttributeValues: {
+          ":uinHash": { S: uinHash },
+          ":netId": { S: netId },
+          ":firstName": { S: firstName },
+          ":lastName": { S: lastName },
+          ":updatedAt": { S: new Date().toISOString() },
+        },
+        ReturnValues: "ALL_NEW",
+      }),
+    );
+
+    const stripeCustomerId = updateResult.Attributes?.stripeCustomerId?.S;
+
+    if (!stripeCustomerId) {
+      if (signal.aborted) {
+        throw new InternalServerError({
+          message:
+            "Checked on lock before creating Stripe customer, we've lost the lock!",
+        });
+      }
+      const newStripeCustomerId = await createStripeCustomer({
+        email: userId,
+        name: `${firstName} ${lastName}`,
+        stripeApiKey,
+      });
+      logger.info(`Created new Stripe customer for ${userId}.`);
+      const newInfo = await dynamoClient.send(
+        new UpdateItemCommand({
+          TableName: genericConfig.UserInfoTable,
+          Key: {
+            id: { S: userId },
+          },
+          UpdateExpression: "SET #stripeCustomerId = :stripeCustomerId",
+          ExpressionAttributeNames: {
+            "#stripeCustomerId": "stripeCustomerId",
+          },
+          ExpressionAttributeValues: {
+            ":stripeCustomerId": { S: newStripeCustomerId },
+          },
+          ReturnValues: "ALL_NEW",
+        }),
+      );
+      return newInfo && newInfo.Attributes
+        ? unmarshall(newInfo.Attributes)
+        : updateResult && updateResult.Attributes
+          ? unmarshall(updateResult.Attributes)
+          : undefined;
+    }
+
+    return updateResult && updateResult.Attributes
+      ? unmarshall(updateResult.Attributes)
+      : undefined;
+  });
 }
diff --git a/src/api/routes/syncIdentity.ts b/src/api/routes/syncIdentity.ts
@@ -109,6 +109,9 @@ const syncIdentityPlugin: FastifyPluginAsync = async (fastify, _options) => {
           lastName: surname,
           netId,
           dynamoClient: fastify.dynamoClient,
+          redisClient: fastify.redisClient,
+          stripeApiKey: fastify.secretConfig.stripe_secret_key,
+          logger: request.log,
         });
         let isPaidMember = await checkPaidMembershipFromRedis(
           netId,
@@ -123,7 +126,7 @@ const syncIdentityPlugin: FastifyPluginAsync = async (fastify, _options) => {
         }
         if (isPaidMember) {
           const username = `${netId}@illinois.edu`;
-          request.log.info("User is paid member, syncing profile!");
+          request.log.info("User is paid member, syncing Entra user!");
           const entraIdToken = await getEntraIdToken({
             clients: await getAuthorizedClients(),
             clientId: fastify.environmentConfig.AadValidClientId,
diff --git a/src/api/routes/v2/membership.ts b/src/api/routes/v2/membership.ts
@@ -3,7 +3,6 @@ import {
   checkPaidMembershipFromRedis,
   checkExternalMembership,
   MEMBER_CACHE_SECONDS,
-  setPaidMembershipInTable,
 } from "api/functions/membership.js";
 import { FastifyPluginAsync } from "fastify";
 import {
@@ -12,7 +11,10 @@ import {
   ValidationError,
 } from "common/errors/index.js";
 import rateLimiter from "api/plugins/rateLimiter.js";
-import { createCheckoutSession } from "api/functions/stripe.js";
+import {
+  createCheckoutSession,
+  createCheckoutSessionWithCustomer,
+} from "api/functions/stripe.js";
 import { FastifyZodOpenApiTypeProvider } from "fastify-zod-openapi";
 import * as z from "zod/v4";
 import {
@@ -125,6 +127,9 @@ const membershipV2Plugin: FastifyPluginAsync = async (fastify, _options) => {
           lastName: surname,
           netId,
           dynamoClient: fastify.dynamoClient,
+          redisClient: fastify.redisClient,
+          stripeApiKey: fastify.secretConfig.stripe_secret_key,
+          logger: request.log,
         });
         let isPaidMember = await checkPaidMembershipFromRedis(
           netId,
@@ -137,18 +142,24 @@ const membershipV2Plugin: FastifyPluginAsync = async (fastify, _options) => {
             fastify.dynamoClient,
           );
         }
-        await savePromise;
-        request.log.debug("Saved user hashed UIN!");
-        if (isPaidMember) {
-          throw new ValidationError({
-            message: `${upn} is already a paid member.`,
-          });
+        const userData = await savePromise;
+        if (!userData) {
+          request.log.error(
+            "Was expecting to get a user data save, but we didn't!",
+          );
+          throw new InternalServerError({});
         }
+        request.log.debug("Saved user hashed UIN!");
+        // if (isPaidMember) {
+        //   throw new ValidationError({
+        //     message: `${upn} is already a paid member.`,
+        //   });
+        // }
         return reply.status(200).send(
-          await createCheckoutSession({
+          await createCheckoutSessionWithCustomer({
             successUrl: "https://acm.illinois.edu/paid",
             returnUrl: "https://acm.illinois.edu/membership",
-            customerEmail: upn,
+            customerId: userData.stripeCustomerId,
             stripeApiKey: fastify.secretConfig.stripe_secret_key as string,
             items: [
               {
diff --git a/src/api/utils.ts b/src/api/utils.ts
@@ -42,3 +42,5 @@ export async function retryDynamoTransactionWithBackoff<T>(
 
   throw lastError;
 }
+
+export const isProd = process.env.RunEnvironment === "prod";

Original file line number	Diff line number	Diff line change
`@@ -42,3 +42,5 @@ export async function retryDynamoTransactionWithBackoff<T>(`
`42`	`42`
`43`	`43`	`throw lastError;`
`44`	`44`	`}`
	`45`	`+`
	`46`	`+export const isProd = process.env.RunEnvironment === "prod";`