Add PayU settings and dynamic QR generation

2026-01-30 05:27:04 +05:30
parent 3a2afa264f
commit 38c0a0ec9a
9 changed files with 531 additions and 0 deletions
--- a/src/main/kotlin/com/android/trisolarisserver/controller/PayuQrPayments.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/controller/PayuQrPayments.kt
@@ -0,0 +1,201 @@
+package com.android.trisolarisserver.controller
+
+import com.android.trisolarisserver.component.PropertyAccess
+import com.android.trisolarisserver.controller.dto.PayuQrGenerateRequest
+import com.android.trisolarisserver.controller.dto.PayuQrGenerateResponse
+import com.android.trisolarisserver.models.booking.BookingStatus
+import com.android.trisolarisserver.models.payment.PayuQrRequest
+import com.android.trisolarisserver.models.payment.PayuQrStatus
+import com.android.trisolarisserver.models.property.Role
+import com.android.trisolarisserver.repo.BookingRepo
+import com.android.trisolarisserver.repo.PaymentRepo
+import com.android.trisolarisserver.repo.PayuQrRequestRepo
+import com.android.trisolarisserver.repo.PayuSettingsRepo
+import com.android.trisolarisserver.repo.RoomStayRepo
+import com.android.trisolarisserver.security.MyPrincipal
+import org.springframework.http.HttpStatus
+import org.springframework.http.MediaType
+import org.springframework.security.core.annotation.AuthenticationPrincipal
+import org.springframework.transaction.annotation.Transactional
+import org.springframework.util.LinkedMultiValueMap
+import org.springframework.web.bind.annotation.PathVariable
+import org.springframework.web.bind.annotation.PostMapping
+import org.springframework.web.bind.annotation.RequestBody
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RestController
+import org.springframework.web.client.RestTemplate
+import org.springframework.web.server.ResponseStatusException
+import java.security.MessageDigest
+import java.time.OffsetDateTime
+import java.util.UUID
+
+@RestController
+@RequestMapping("/properties/{propertyId}/bookings/{bookingId}/payments/payu")
+class PayuQrPayments(
+    private val propertyAccess: PropertyAccess,
+    private val bookingRepo: BookingRepo,
+    private val roomStayRepo: RoomStayRepo,
+    private val paymentRepo: PaymentRepo,
+    private val payuSettingsRepo: PayuSettingsRepo,
+    private val payuQrRequestRepo: PayuQrRequestRepo,
+    private val restTemplate: RestTemplate
+) {
+
+    @PostMapping("/qr")
+    @Transactional
+    fun generateQr(
+        @PathVariable propertyId: UUID,
+        @PathVariable bookingId: UUID,
+        @AuthenticationPrincipal principal: MyPrincipal?,
+        @RequestBody request: PayuQrGenerateRequest
+    ): PayuQrGenerateResponse {
+        requireRole(propertyAccess, propertyId, principal, Role.ADMIN, Role.MANAGER, Role.FINANCE)
+
+        val booking = bookingRepo.findById(bookingId).orElseThrow {
+            ResponseStatusException(HttpStatus.NOT_FOUND, "Booking not found")
+        }
+        if (booking.property.id != propertyId) {
+            throw ResponseStatusException(HttpStatus.NOT_FOUND, "Booking not found for property")
+        }
+        if (booking.status == BookingStatus.CANCELLED || booking.status == BookingStatus.NO_SHOW || booking.status == BookingStatus.CHECKED_OUT) {
+            throw ResponseStatusException(HttpStatus.CONFLICT, "Booking closed")
+        }
+
+        val settings = payuSettingsRepo.findByPropertyId(propertyId)
+            ?: throw ResponseStatusException(HttpStatus.BAD_REQUEST, "PayU settings not configured")
+        val salt = pickSalt(settings)
+
+        val stays = roomStayRepo.findByBookingId(bookingId)
+        val expectedPay = computeExpectedPay(stays, booking.property.timezone)
+        val collected = paymentRepo.sumAmountByBookingId(bookingId)
+        val pending = expectedPay - collected
+        if (pending <= 0) {
+            throw ResponseStatusException(HttpStatus.CONFLICT, "No pending amount")
+        }
+
+        val txnid = "QR${bookingId.toString().substring(0, 8)}${System.currentTimeMillis()}"
+        val productInfo = "Booking $bookingId"
+        val firstname = request.customerName?.trim()?.ifBlank { null } ?: "Guest"
+        val email = request.customerEmail?.trim()?.ifBlank { null } ?: "guest@example.com"
+        val phone = request.customerPhone?.trim()?.ifBlank { null } ?: ""
+        val amount = String.format("%.2f", pending.toDouble())
+
+        val udf1 = bookingId.toString()
+        val udf2 = propertyId.toString()
+        val udf3 = ""
+        val udf4 = ""
+        val udf5 = ""
+        val hash = sha512(
+            listOf(
+                settings.merchantKey,
+                txnid,
+                amount,
+                productInfo,
+                firstname,
+                email,
+                udf1,
+                udf2,
+                udf3,
+                udf4,
+                udf5,
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                salt
+            ).joinToString("|")
+        )
+
+        val form = LinkedMultiValueMap<String, String>().apply {
+            add("key", settings.merchantKey)
+            add("txnid", txnid)
+            add("amount", amount)
+            add("productinfo", productInfo)
+            add("firstname", firstname)
+            add("email", email)
+            add("phone", phone)
+            add("pg", "DBQR")
+            add("bankcode", "UPIDBQR")
+            add("hash", hash)
+            add("udf1", udf1)
+            add("udf2", udf2)
+            add("txn_s2s_flow", "4")
+            add("s2s_client_ip", "127.0.0.1")
+            add("s2s_device_info", "TrisolarisServer")
+            request.expiryMinutes?.let { add("expiry_time", it.toString()) }
+        }
+
+        val requestPayload = form.entries.joinToString("&") { entry ->
+            entry.value.joinToString("&") { value -> "${entry.key}=$value" }
+        }
+
+        val record = payuQrRequestRepo.save(
+            PayuQrRequest(
+                property = booking.property,
+                booking = booking,
+                txnid = txnid,
+                amount = pending,
+                currency = booking.property.currency,
+                status = PayuQrStatus.CREATED,
+                requestPayload = requestPayload,
+                createdAt = OffsetDateTime.now()
+            )
+        )
+
+        val headers = org.springframework.http.HttpHeaders().apply {
+            contentType = MediaType.APPLICATION_FORM_URLENCODED
+        }
+        val entity = org.springframework.http.HttpEntity(form, headers)
+        val response = restTemplate.postForEntity(settings.baseUrl, entity, String::class.java)
+        val responseBody = response.body ?: ""
+
+        record.responsePayload = responseBody
+        record.status = if (response.statusCode.is2xxSuccessful) PayuQrStatus.SENT else PayuQrStatus.FAILED
+        payuQrRequestRepo.save(record)
+
+        if (!response.statusCode.is2xxSuccessful) {
+            throw ResponseStatusException(HttpStatus.BAD_GATEWAY, "PayU request failed")
+        }
+
+        return PayuQrGenerateResponse(
+            txnid = txnid,
+            amount = pending,
+            currency = booking.property.currency,
+            payuResponse = responseBody
+        )
+    }
+
+    private fun pickSalt(settings: com.android.trisolarisserver.models.payment.PayuSettings): String {
+        val salt = if (settings.useSalt256) settings.salt256 else settings.salt32
+        return salt?.trim()?.ifBlank { null }
+            ?: throw ResponseStatusException(HttpStatus.BAD_REQUEST, "PayU salt missing")
+    }
+
+    private fun sha512(input: String): String {
+        val bytes = MessageDigest.getInstance("SHA-512").digest(input.toByteArray())
+        return bytes.joinToString("") { "%02x".format(it) }
+    }
+
+    private fun computeExpectedPay(stays: List<com.android.trisolarisserver.models.room.RoomStay>, timezone: String?): Long {
+        if (stays.isEmpty()) return 0
+        val now = nowForProperty(timezone)
+        var total = 0L
+        stays.forEach { stay ->
+            val rate = stay.nightlyRate ?: 0L
+            if (rate == 0L) return@forEach
+            val start = stay.fromAt.toLocalDate()
+            val endAt = stay.toAt ?: now
+            val end = endAt.toLocalDate()
+            val nights = daysBetweenInclusive(start, end)
+            total += rate * nights
+        }
+        return total
+    }
+
+    private fun daysBetweenInclusive(start: java.time.LocalDate, end: java.time.LocalDate): Long {
+        val diff = end.toEpochDay() - start.toEpochDay()
+        return if (diff <= 0) 1L else diff
+    }
+}
--- a/src/main/kotlin/com/android/trisolarisserver/controller/PayuSettingsController.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/controller/PayuSettingsController.kt
@@ -0,0 +1,90 @@
+package com.android.trisolarisserver.controller
+
+import com.android.trisolarisserver.component.PropertyAccess
+import com.android.trisolarisserver.controller.dto.PayuSettingsUpsertRequest
+import com.android.trisolarisserver.controller.dto.PayuSettingsResponse
+import com.android.trisolarisserver.models.payment.PayuSettings
+import com.android.trisolarisserver.models.property.Role
+import com.android.trisolarisserver.repo.PayuSettingsRepo
+import com.android.trisolarisserver.repo.PropertyRepo
+import com.android.trisolarisserver.security.MyPrincipal
+import org.springframework.http.HttpStatus
+import org.springframework.security.core.annotation.AuthenticationPrincipal
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.PathVariable
+import org.springframework.web.bind.annotation.PutMapping
+import org.springframework.web.bind.annotation.RequestBody
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RestController
+import org.springframework.web.server.ResponseStatusException
+import java.time.OffsetDateTime
+import java.util.UUID
+
+@RestController
+@RequestMapping("/properties/{propertyId}/payu-settings")
+class PayuSettingsController(
+    private val propertyAccess: PropertyAccess,
+    private val propertyRepo: PropertyRepo,
+    private val payuSettingsRepo: PayuSettingsRepo
+) {
+
+    @GetMapping
+    fun getSettings(
+        @PathVariable propertyId: UUID,
+        @AuthenticationPrincipal principal: MyPrincipal?
+    ): PayuSettingsResponse {
+        requireRole(propertyAccess, propertyId, principal, Role.ADMIN, Role.MANAGER)
+        val settings = payuSettingsRepo.findByPropertyId(propertyId)
+            ?: throw ResponseStatusException(HttpStatus.NOT_FOUND, "PayU settings not configured")
+        return settings.toResponse()
+    }
+
+    @PutMapping
+    fun upsertSettings(
+        @PathVariable propertyId: UUID,
+        @AuthenticationPrincipal principal: MyPrincipal?,
+        @RequestBody request: PayuSettingsUpsertRequest
+    ): PayuSettingsResponse {
+        requireRole(propertyAccess, propertyId, principal, Role.ADMIN, Role.MANAGER)
+        val property = propertyRepo.findById(propertyId).orElseThrow {
+            ResponseStatusException(HttpStatus.NOT_FOUND, "Property not found")
+        }
+        val key = request.merchantKey.trim().ifBlank {
+            throw ResponseStatusException(HttpStatus.BAD_REQUEST, "merchantKey required")
+        }
+        val baseUrl = request.baseUrl?.trim()?.ifBlank { null } ?: "https://secure.payu.in/_payment"
+        val existing = payuSettingsRepo.findByPropertyId(propertyId)
+        val updated = if (existing == null) {
+            PayuSettings(
+                property = property,
+                merchantKey = key,
+                salt32 = request.salt32?.trim()?.ifBlank { null },
+                salt256 = request.salt256?.trim()?.ifBlank { null },
+                baseUrl = baseUrl,
+                useSalt256 = request.useSalt256 ?: true,
+                updatedAt = OffsetDateTime.now()
+            )
+        } else {
+            existing.merchantKey = key
+            if (request.salt32 != null) existing.salt32 = request.salt32.trim().ifBlank { null }
+            if (request.salt256 != null) existing.salt256 = request.salt256.trim().ifBlank { null }
+            existing.baseUrl = baseUrl
+            if (request.useSalt256 != null) existing.useSalt256 = request.useSalt256
+            existing.updatedAt = OffsetDateTime.now()
+            existing
+        }
+        return payuSettingsRepo.save(updated).toResponse()
+    }
+}
+
+private fun PayuSettings.toResponse(): PayuSettingsResponse {
+    val propertyId = property.id ?: throw ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR, "Property id missing")
+    return PayuSettingsResponse(
+        propertyId = propertyId,
+        merchantKey = merchantKey,
+        baseUrl = baseUrl,
+        useSalt256 = useSalt256,
+        hasSalt32 = !salt32.isNullOrBlank(),
+        hasSalt256 = !salt256.isNullOrBlank()
+    )
+}
--- a/src/main/kotlin/com/android/trisolarisserver/controller/dto/PayuDtos.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/controller/dto/PayuDtos.kt
@@ -0,0 +1,34 @@
+package com.android.trisolarisserver.controller.dto
+
+import java.util.UUID
+
+data class PayuSettingsUpsertRequest(
+    val merchantKey: String,
+    val salt32: String? = null,
+    val salt256: String? = null,
+    val baseUrl: String? = null,
+    val useSalt256: Boolean? = null
+)
+
+data class PayuSettingsResponse(
+    val propertyId: UUID,
+    val merchantKey: String,
+    val baseUrl: String,
+    val useSalt256: Boolean,
+    val hasSalt32: Boolean,
+    val hasSalt256: Boolean
+)
+
+data class PayuQrGenerateRequest(
+    val customerName: String? = null,
+    val customerEmail: String? = null,
+    val customerPhone: String? = null,
+    val expiryMinutes: Int? = 30
+)
+
+data class PayuQrGenerateResponse(
+    val txnid: String,
+    val amount: Long,
+    val currency: String,
+    val payuResponse: String
+)