[JB][OPS-13493] working solution (ish). + loads of tests/test data re… (#27)

* [JB][OPS-13493] working solution (ish). + loads of tests/test data refactor

* fix test

* fix test

Author: barnesjake

app/uk/gov/hmrc/cardpaymentfrontend/connectors/CardPaymentConnector.scala

@@ -32,22 +32,24 @@ class CardPaymentConnector @Inject() (appConfig: AppConfig, httpClientV2: HttpCl
 
   private val cardPaymentBaseUrl: URL = url"""${appConfig.cardPaymentBaseUrl}"""
   private val initiatePaymentUrl: URL = url"$cardPaymentBaseUrl/card-payment/initiate-payment"
-  private val checkPaymentStatusUrl: String => URL = (transactionNumber: String) => url"$cardPaymentBaseUrl/card-payment/payment-status/$transactionNumber"
-  private val authAndSettleUrl: String => URL = (transactionNumber: String) => url"$cardPaymentBaseUrl/card-payment/auth-and-settle/$transactionNumber"
+  private val checkPaymentStatusUrl: String => URL = (transactionReference: String) => url"$cardPaymentBaseUrl/card-payment/payment-status/$transactionReference"
+  private val authAndSettleUrl: String => URL = (transactionReference: String) => url"$cardPaymentBaseUrl/card-payment/auth-and-settle/$transactionReference"
 
   def initiatePayment(cardPaymentInitiatePaymentRequest: CardPaymentInitiatePaymentRequest)(implicit headerCarrier: HeaderCarrier): Future[CardPaymentInitiatePaymentResponse] =
     httpClientV2
       .post(initiatePaymentUrl)
       .withBody(Json.toJson(cardPaymentInitiatePaymentRequest))
       .execute[CardPaymentInitiatePaymentResponse]
 
-  def checkPaymentStatus(transactionNumber: String)(implicit headerCarrier: HeaderCarrier): Future[JsBoolean] =
+  //todo probably delete?
+  def checkPaymentStatus(transactionReference: String)(implicit headerCarrier: HeaderCarrier): Future[JsBoolean] =
     httpClientV2
-      .get(checkPaymentStatusUrl(transactionNumber))
+      .get(checkPaymentStatusUrl(transactionReference))
       .execute[JsBoolean]
 
-  def authAndSettle(transactionNumber: String)(implicit headerCarrier: HeaderCarrier): Future[HttpResponse] =
+  //todo should we make this strongly typed and return a CardPaymentResult or Option[CardPaymentResult]?
+  def authAndSettle(transactionReference: String)(implicit headerCarrier: HeaderCarrier): Future[HttpResponse] =
     httpClientV2
-      .post(authAndSettleUrl(transactionNumber))
+      .post(authAndSettleUrl(transactionReference))
       .execute[HttpResponse]
 }

app/uk/gov/hmrc/cardpaymentfrontend/controllers/PaymentStatusController.scala

@@ -19,17 +19,18 @@ package uk.gov.hmrc.cardpaymentfrontend.controllers
 import play.api.mvc.{Action, AnyContent, MessagesControllerComponents, Result}
 import uk.gov.hmrc.cardpaymentfrontend.actions.Actions
 import uk.gov.hmrc.cardpaymentfrontend.config.AppConfig
+import uk.gov.hmrc.cardpaymentfrontend.models.cardpayment.CardPaymentFinishPaymentResponses
 import uk.gov.hmrc.cardpaymentfrontend.requests.RequestSupport
 import uk.gov.hmrc.cardpaymentfrontend.services.CardPaymentService
 import uk.gov.hmrc.cardpaymentfrontend.views.html.iframe.{IframeContainerPage, RedirectToParentPage}
-import uk.gov.hmrc.http.{HeaderCarrier, HttpResponse}
+import uk.gov.hmrc.http.HeaderCarrier
 import uk.gov.hmrc.play.bootstrap.binders.RedirectUrl.idFunctor
 import uk.gov.hmrc.play.bootstrap.binders.RedirectUrlPolicy.Id
 import uk.gov.hmrc.play.bootstrap.binders.{AbsoluteWithHostnameFromAllowlist, RedirectUrl, RedirectUrlPolicy}
 import uk.gov.hmrc.play.bootstrap.frontend.controller.FrontendController
 
 import javax.inject.{Inject, Singleton}
-import scala.concurrent.{ExecutionContext, Future}
+import scala.concurrent.ExecutionContext
 
 @Singleton()
 class PaymentStatusController @Inject() (
@@ -52,36 +53,34 @@ class PaymentStatusController @Inject() (
       .getEither[Id](redirectUrlPolicy)
       .fold[Result](
         _ => BadRequest("Bad url provided that doesn't match the redirect policy. Check allow list if this is not expected."),
-        safeUrl => Ok(iframeContainer(safeUrl.url))
+        safeRedirectUrlOnAllowList => Ok(iframeContainer(safeRedirectUrlOnAllowList.url))
       )
   }
 
-  def returnToHmrc(transactionReference: String): Action[AnyContent] = actions.default { implicit request =>
-    Ok(redirectToParent(transactionReference))
+  def returnToHmrc(): Action[AnyContent] = actions.default { implicit request =>
+    Ok(redirectToParent())
   }
 
   //todo append something to the return url so we can extract/work out the session/journey - are we allowed to do this or do we use session?
-  def paymentStatus(traceId: String): Action[AnyContent] = actions.journeyAction.async { implicit journeyRequest =>
+  def paymentStatus(): Action[AnyContent] = actions.journeyAction.async { implicit journeyRequest =>
+
     implicit val hc: HeaderCarrier = requestSupport.hc
     val transactionRefFromJourney: Option[String] = journeyRequest.journey.order.map(_.transactionReference.value)
-    for {
-      paymentStatus <- cardPaymentService.checkPaymentStatus(transactionRefFromJourney.getOrElse(throw new RuntimeException("Could not find transaction ref, pay-api probably didn't update.")))
-      authAndCaptureResult <- maybeAuthAndSettleResult(transactionRefFromJourney, paymentStatus.value)
-    } yield Ok(
-      s"""We're back from the iframe!\n""" +
-        s"""traceId: $traceId\n""" +
-        s"""we now need to update the journey in pay-api with the completed payment info\n""" +
-        s"""CheckPaymentStatus response:\n${paymentStatus.value.toString}\n\n""" +
-        s"""authAndSettle response:\n${authAndCaptureResult.body}\n\n"""
-    )
-  }
 
-  //todo in future, lets check the result json and redirect accordingly. (i.e. if it's failed etc)
-  private def maybeAuthAndSettleResult(transactionRefFromJourney: Option[String], shouldAuthAndSettle: Boolean)(implicit headerCarrier: HeaderCarrier): Future[HttpResponse] = {
-    if (shouldAuthAndSettle) {
-      cardPaymentService.authAndSettle(transactionRefFromJourney.getOrElse(throw new RuntimeException("Could not find transaction ref, therefore we can't auth and settle.")))
-    } else {
-      Future.successful(HttpResponse.apply(500, "Cannot auth and capture when status is not acceptable. We should redirect accordingly."))
+    val maybeCardPaymentResultF = for {
+      authAndCaptureResult <- cardPaymentService.finishPayment(
+        transactionRefFromJourney.getOrElse(throw new RuntimeException("Could not find transaction ref, therefore we can't auth and settle.")),
+        journeyRequest.journeyId.value
+      )
+    } yield authAndCaptureResult
+
+    maybeCardPaymentResultF.map {
+      case Some(cardPaymentResult) => cardPaymentResult.cardPaymentResult match {
+        case CardPaymentFinishPaymentResponses.Successful => Redirect(routes.PaymentCompleteController.renderPage)
+        case CardPaymentFinishPaymentResponses.Failed     => Redirect(routes.PaymentFailedController.renderPage0) //todo we haven't built this page preoprly yet
+        case CardPaymentFinishPaymentResponses.Cancelled  => Redirect(routes.PaymentCancelledController.renderPage)
+      }
+      case None => InternalServerError
     }
   }
 

app/uk/gov/hmrc/cardpaymentfrontend/models/cardpayment/CardPaymentFinishPaymentResponses.scala

@@ -0,0 +1,79 @@
+/*
+ * Copyright 2025 HM Revenue & Customs
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package uk.gov.hmrc.cardpaymentfrontend.models.cardpayment
+
+import play.api.libs.json._
+import uk.gov.hmrc.cardpaymentfrontend.models.cardpayment.CardPaymentFinishPaymentResponses.CardPaymentFinishPaymentResponse
+import uk.gov.hmrc.cardpaymentfrontend.models.payapi.{FailWebPaymentRequest, FinishedWebPaymentRequest, SucceedWebPaymentRequest}
+import uk.gov.hmrc.cardpaymentfrontend.util.SafeEquals.EqualsOps
+
+import java.time.LocalDateTime
+
+object CardPaymentFinishPaymentResponses {
+
+  implicit val format: Format[CardPaymentFinishPaymentResponse] = {
+    val reads: Reads[CardPaymentFinishPaymentResponse] = Reads {
+      case JsString(s) if s === "Successful" => JsSuccess(Successful)
+      case JsString(s) if s === "Failed"     => JsSuccess(Failed)
+      case JsString(s) if s === "Cancelled"  => JsSuccess(Cancelled)
+      case _                                 => JsError("couldn't parse status as CardPaymentFinishPaymentResponse")
+    }
+    val writes: Writes[CardPaymentFinishPaymentResponse] = Writes(status => JsString(status.toString))
+
+    Format(reads, writes)
+  }
+
+  sealed trait CardPaymentFinishPaymentResponse
+
+  case object Successful extends CardPaymentFinishPaymentResponse
+
+  case object Failed extends CardPaymentFinishPaymentResponse
+
+  case object Cancelled extends CardPaymentFinishPaymentResponse
+
+}
+
+final case class AdditionalPaymentInfo(cardCategory: Option[String], commissionInPence: Option[Long], transactionTime: Option[LocalDateTime])
+
+object AdditionalPaymentInfo {
+  @SuppressWarnings(Array("org.wartremover.warts.Any"))
+  implicit val format: Format[AdditionalPaymentInfo] = Json.format[AdditionalPaymentInfo]
+}
+
+final case class CardPaymentResult(cardPaymentResult: CardPaymentFinishPaymentResponse, additionalPaymentInfo: AdditionalPaymentInfo) {
+
+  //todo this should probably live somewhere else? also we need to write test for it
+  def intoUpdateWebPaymentRequest: Option[FinishedWebPaymentRequest] = this.cardPaymentResult match {
+    case CardPaymentFinishPaymentResponses.Successful =>
+      Some(SucceedWebPaymentRequest(
+        additionalPaymentInfo.cardCategory.getOrElse("debit"),
+        additionalPaymentInfo.commissionInPence,
+        additionalPaymentInfo.transactionTime.getOrElse(LocalDateTime.now()),
+      ))
+    case CardPaymentFinishPaymentResponses.Failed =>
+      Some(FailWebPaymentRequest(
+        additionalPaymentInfo.transactionTime.getOrElse(LocalDateTime.now()),
+        additionalPaymentInfo.cardCategory.getOrElse("debit") //todo check if can this be anything?
+      ))
+    case CardPaymentFinishPaymentResponses.Cancelled => None
+  }
+}
+
+object CardPaymentResult {
+  @SuppressWarnings(Array("org.wartremover.warts.Any"))
+  implicit val format: Format[CardPaymentResult] = Json.format[CardPaymentResult]
+}

app/uk/gov/hmrc/cardpaymentfrontend/models/payapi/FailWebPaymentRequest.scala

@@ -20,11 +20,23 @@ import play.api.libs.json.{Json, OFormat}
 
 import java.time.LocalDateTime
 
+sealed trait FinishedWebPaymentRequest
+
+final case class FailWebPaymentRequest(
+    transactionTime: LocalDateTime,
+    cardCategory:    String
+) extends FinishedWebPaymentRequest
+
+object FailWebPaymentRequest {
+  @SuppressWarnings(Array("org.wartremover.warts.Any"))
+  implicit val format: OFormat[FailWebPaymentRequest] = Json.format
+}
+
 final case class SucceedWebPaymentRequest(
     cardCategory:      String,
     commissionInPence: Option[Long],
     transactionTime:   LocalDateTime
-)
+) extends FinishedWebPaymentRequest
 
 object SucceedWebPaymentRequest {
   @SuppressWarnings(Array("org.wartremover.warts.Any"))

app/uk/gov/hmrc/cardpaymentfrontend/models/payapi/SucceedWebPaymentRequest.scala renamed to app/uk/gov/hmrc/cardpaymentfrontend/models/payapi/FinishedWebPaymentRequest.scala

@@ -21,10 +21,10 @@ import play.api.Logging
 import play.api.libs.json.JsBoolean
 import play.api.mvc.RequestHeader
 import uk.gov.hmrc.cardpaymentfrontend.connectors.{CardPaymentConnector, PayApiConnector}
+import uk.gov.hmrc.cardpaymentfrontend.models.cardpayment.{CardPaymentInitiatePaymentRequest, CardPaymentInitiatePaymentResponse, CardPaymentResult}
+import uk.gov.hmrc.cardpaymentfrontend.models.payapi.{BeginWebPaymentRequest, FailWebPaymentRequest, FinishedWebPaymentRequest, SucceedWebPaymentRequest}
 import uk.gov.hmrc.cardpaymentfrontend.models.{Address, EmailAddress}
-import uk.gov.hmrc.cardpaymentfrontend.models.cardpayment.{CardPaymentInitiatePaymentRequest, CardPaymentInitiatePaymentResponse}
-import uk.gov.hmrc.cardpaymentfrontend.models.payapi.BeginWebPaymentRequest
-import uk.gov.hmrc.http.{HeaderCarrier, HttpResponse}
+import uk.gov.hmrc.http.HeaderCarrier
 
 import javax.inject.{Inject, Singleton}
 import scala.concurrent.{ExecutionContext, Future}
@@ -38,7 +38,8 @@ class CardPaymentService @Inject() (cardPaymentConnector: CardPaymentConnector,
       maybeEmailFromSession: Option[EmailAddress]
   )(implicit headerCarrier: HeaderCarrier, requestHeader: RequestHeader): Future[CardPaymentInitiatePaymentResponse] = {
 
-    val urlToComeBackFromAfterIframe: String = uk.gov.hmrc.cardpaymentfrontend.controllers.routes.PaymentStatusController.returnToHmrc(journey.traceId.value).absoluteURL()(requestHeader)
+    //todo move this to a val outside the function, then we can test it too
+    val urlToComeBackFromAfterIframe: String = uk.gov.hmrc.cardpaymentfrontend.controllers.routes.PaymentStatusController.returnToHmrc().absoluteURL()(requestHeader)
 
     val cardPaymentInitiatePaymentRequest: CardPaymentInitiatePaymentRequest = CardPaymentInitiatePaymentRequest(
       redirectUrl         = urlToComeBackFromAfterIframe,
@@ -60,9 +61,17 @@ class CardPaymentService @Inject() (cardPaymentConnector: CardPaymentConnector,
     cardPaymentConnector.checkPaymentStatus(transactionReference)
   }
 
-  def authAndSettle(transactionReference: String)(implicit headerCarrier: HeaderCarrier): Future[HttpResponse] = {
+  def finishPayment(transactionReference: String, journeyId: String)(implicit headerCarrier: HeaderCarrier): Future[Option[CardPaymentResult]] = {
     logger.info("TransactionReference: " + transactionReference) //todo take me out before go live
-    cardPaymentConnector.authAndSettle(transactionReference)
+    for {
+      result <- cardPaymentConnector.authAndSettle(transactionReference)
+      cardPaymentResult = result.json.asOpt[CardPaymentResult]
+      maybeWebPaymentRequest: Option[FinishedWebPaymentRequest] = cardPaymentResult.flatMap(_.intoUpdateWebPaymentRequest)
+      _ <- maybeWebPaymentRequest.fold(payApiConnector.JourneyUpdates.updateCancelWebPayment(journeyId)) {
+        case r: FailWebPaymentRequest    => payApiConnector.JourneyUpdates.updateFailWebPayment(journeyId, r)
+        case r: SucceedWebPaymentRequest => payApiConnector.JourneyUpdates.updateSucceedWebPayment(journeyId, r)
+      }
+    } yield cardPaymentResult
   }
 
 }

app/uk/gov/hmrc/cardpaymentfrontend/services/CardPaymentService.scala

@@ -30,6 +30,7 @@
         pageTitle: Option[String] = None,
         showBackLink: Boolean = true,
         backLinkOverride: Option[BackLink] = None,
+        welshSupported: Boolean = true,
         additionalScripts: Option[Html] = None
 )(contentBlock: Html)(implicit request: RequestHeader, messages: Messages)
 
@@ -49,7 +50,7 @@
           additionalScriptsBlock = Some(scripts)
       ),
       pageTitle = pageTitle,
-      isWelshTranslationAvailable = true,
+      isWelshTranslationAvailable = welshSupported,
       backLink = {
           if (showBackLink) {
               if (backLinkOverride.isDefined) backLinkOverride else Some(BackLink.mimicsBrowserBackButtonViaJavaScript)

app/uk/gov/hmrc/cardpaymentfrontend/views/Layout.scala.html

@@ -21,7 +21,7 @@
 
 @(iframeUrl: String)(implicit request: RequestHeader, messages: Messages)
 @* TODO: Jake, update the title *@
-@layout(pageTitle = Some("IFrame holder page")) {
+@layout(pageTitle = Some("IFrame holder page"), welshSupported = false) {
     @Html(s"""<link rel="stylesheet" media="all" type="text/css" href="${controllers.routes.Assets.versioned("stylesheets/barclaycard-iframe.css").toString}">""")
     <h1 class="govuk-heading-xl">IFrame holder page</h1>
 

app/uk/gov/hmrc/cardpaymentfrontend/views/iframe/IframeContainerPage.scala.html

@@ -19,7 +19,7 @@
 
 @this(layout: Layout)
 
-@(transactionReference: String)(implicit request: RequestHeader, messages: Messages)
+@()(implicit request: RequestHeader, messages: Messages)
 
 @scripts = {<script src="@{controllers.routes.Assets.versioned("javascripts/escape-iframe.js")}" @{CSPNonce.attr}></script>}
 
@@ -28,5 +28,5 @@
     <a rel="noreferrer"
     id="returnControlLink"
     target="_parent"
-    href="@{uk.gov.hmrc.cardpaymentfrontend.controllers.routes.PaymentStatusController.paymentStatus(transactionReference)}"></a>
+    href="@{uk.gov.hmrc.cardpaymentfrontend.controllers.routes.PaymentStatusController.paymentStatus()}"></a>
 }

app/uk/gov/hmrc/cardpaymentfrontend/views/iframe/RedirectToParentPage.scala.html

@@ -22,8 +22,8 @@ POST       /check-your-details                   uk.gov.hmrc.cardpaymentfrontend
 GET        /show-iframe                          uk.gov.hmrc.cardpaymentfrontend.controllers.PaymentStatusController.showIframe(iframeUrl: RedirectUrl)
 #this is the one that they come back to from iframe, for some reason it's an empty bodied post. It essentially renders some html which clicks a link that routes to /return
 +nocsrf
-POST       /return-to-hmrc/:traceId              uk.gov.hmrc.cardpaymentfrontend.controllers.PaymentStatusController.returnToHmrc(traceId: String)
-GET        /payment-status/:traceId              uk.gov.hmrc.cardpaymentfrontend.controllers.PaymentStatusController.paymentStatus(traceId: String)
+POST       /return-to-hmrc              uk.gov.hmrc.cardpaymentfrontend.controllers.PaymentStatusController.returnToHmrc()
+GET        /payment-status              uk.gov.hmrc.cardpaymentfrontend.controllers.PaymentStatusController.paymentStatus()
 
 GET        /payment-complete                     uk.gov.hmrc.cardpaymentfrontend.controllers.PaymentCompleteController.renderPage
 

conf/app.routes

@@ -93,4 +93,4 @@ urls {
 }
 
 # used to stop malicious urls being inserted
-iframeHostNameAllowList = [ "localhost", "pp.eshapay.net" ] #todo: we need to add the prod url to this array.
+iframeHostNameAllowList = [ "localhost", "pp.eshapay.net" ] #todo: we need to add the prod url to this array. (do qa too)

conf/application.conf

@@ -37,10 +37,10 @@ class ActionRefinerSpec extends ItSpec {
     }
 
     "should return a right with JourneyRequest when pay-api returns a journey" in {
-      PayApiStub.stubForFindBySessionId2xx(TestJourneys.PfSa.testPfSaJourneyCreated)
+      PayApiStub.stubForFindBySessionId2xx(TestJourneys.PfSa.journeyBeforeBeginWebPayment)
       val result: Either[Result, JourneyRequest[AnyContent]] = systemUnderTest.refine(fakeRequest).futureValue
       result.isRight shouldBe true
-      result.map(_.journey) shouldBe Right(TestJourneys.PfSa.testPfSaJourneyCreated)
+      result.map(_.journey) shouldBe Right(TestJourneys.PfSa.journeyBeforeBeginWebPayment)
     }
   }
 
@@ -51,15 +51,15 @@ class ActionRefinerSpec extends ItSpec {
       def fakeRequest(journey: Journey[JourneySpecificData]): JourneyRequest[AnyContent] = new JourneyRequest(journey, FakeRequest())
 
     "should return a left when journey in JourneyRequest is not in a 'terminal state' (i.e. finished)" in {
-      val request = fakeRequest(TestJourneys.PfSa.testPfSaJourneyCreated)
+      val request = fakeRequest(TestJourneys.PfSa.journeyBeforeBeginWebPayment)
       systemUnderTest.refine(request).futureValue shouldBe Left(Results.NotFound("Journey not in valid state"))
     }
 
     "should return a right when journey in JourneyRequest is in a 'terminal state' (i.e. finished)" in {
-      val request = fakeRequest(TestJourneys.PfSa.testPfSaJourneySuccessDebit)
+      val request = fakeRequest(TestJourneys.PfSa.journeyAfterSucceedDebitWebPayment)
       val result: Either[Result, JourneyRequest[AnyContent]] = systemUnderTest.refine(request).futureValue
       result.isRight shouldBe true
-      result.map(_.journey) shouldBe Right(TestJourneys.PfSa.testPfSaJourneySuccessDebit)
+      result.map(_.journey) shouldBe Right(TestJourneys.PfSa.journeyAfterSucceedDebitWebPayment)
     }
   }