<?php
/**
 * PayPal Commerce Checkout Actions
 *
 * @package    easy-digital-downloads
 * @subpackage Gateways\PayPal
 * @copyright  Copyright (c) 2021, Sandhills Development, LLC
 * @license    GPL2+
 * @since      2.11
 */

namespace EDD\Gateways\PayPal;

use EDD\Gateways\PayPal\Exceptions\API_Exception;
use EDD\Gateways\PayPal\Exceptions\Authentication_Exception;
use EDD\Gateways\PayPal\Exceptions\Gateway_Exception;

/**
 * Removes the credit card form for PayPal Commerce
 *
 * @access private
 * @since  2.11
 */
add_action( 'edd_paypal_commerce_cc_form', '__return_false' );

/**
 * Replaces the "Submit" button with a PayPal smart button.
 *
 * @param string $button
 *
 * @since 2.11
 * @return string
 */
function override_purchase_button( $button ) {
	if ( 'paypal_commerce' === edd_get_chosen_gateway() && edd_get_cart_total() ) {
		ob_start();
		if ( ready_to_accept_payments() ) {
			wp_nonce_field( 'edd_process_paypal', 'edd_process_paypal_nonce' );
			$timestamp = time();
			?>
			<input type="hidden" name="edd-process-paypal-token" data-timestamp="<?php echo esc_attr( $timestamp ); ?>" data-token="<?php echo esc_attr( \EDD\Utils\Tokenizer::tokenize( $timestamp ) ); ?>" />
			<div id="edd-paypal-errors-wrap"></div>
			<div id="edd-paypal-container"></div>
			<div id="edd-paypal-spinner" style="display: none;">
				<span class="edd-loading-ajax edd-loading"></span>
			</div>
			<?php
			/**
			 * Triggers right below the button container.
			 *
			 * @since 2.11
			 */
			do_action( 'edd_paypal_after_button_container' );
		} else {
			$error_message = current_user_can( 'manage_options' )
				? __( 'Please connect your PayPal account in the gateway settings.', 'easy-digital-downloads' )
				: __( 'Unexpected authentication error. Please contact a site administrator.', 'easy-digital-downloads' );
			?>
			<div class="edd_errors edd-alert edd-alert-error">
				<p class="edd_error">
					<?php echo esc_html( $error_message ); ?>
				</p>
			</div>
			<?php
		}

		return ob_get_clean();
	}

	return $button;
}

add_filter( 'edd_checkout_button_purchase', __NAMESPACE__ . '\override_purchase_button', 10000 );

/**
 * Sends checkout error messages via AJAX.
 *
 * This overrides the normal error behaviour in `edd_process_purchase_form()` because we *always*
 * want to send errors back via JSON.
 *
 * @param array $user       User data.
 * @param array $valid_data Validated form data.
 * @param array $posted     Raw $_POST data.
 *
 * @since 2.11
 * @return void
 */
function send_ajax_errors( $user, $valid_data, $posted ) {
	if ( empty( $valid_data['gateway'] ) || 'paypal_commerce' !== $valid_data['gateway'] ) {
		return;
	}

	$errors = edd_get_errors();
	if ( $errors ) {
		edd_clear_errors();

		wp_send_json_error( edd_build_errors_html( $errors ) );
	}
}

add_action( 'edd_checkout_user_error_checks', __NAMESPACE__ . '\send_ajax_errors', 99999, 3 );

/**
 * Creates a new order in PayPal and EDD.
 *
 * @param array $purchase_data
 *
 * @since 2.11
 * @return void
 */
function create_order( $purchase_data ) {

	if ( ! wp_verify_nonce( $purchase_data['gateway_nonce'], 'edd-gateway' ) ) {
		wp_die( __( 'Nonce verification has failed', 'easy-digital-downloads' ), __( 'Error', 'easy-digital-downloads' ), array( 'response' => 403 ) );
	}

	edd_debug_log( 'PayPal - create_order()' );

	if ( ! ready_to_accept_payments() ) {
		edd_record_gateway_error(
			__( 'PayPal Gateway Error', 'easy-digital-downloads' ),
			__( 'Account not ready to accept payments.', 'easy-digital-downloads' )
		);

		$error_message = current_user_can( 'manage_options' )
			? __( 'Please connect your PayPal account in the gateway settings.', 'easy-digital-downloads' )
			: __( 'Unexpected authentication error. Please contact a site administrator.', 'easy-digital-downloads' );

		wp_send_json_error( edd_build_errors_html( array(
			'paypal-error' => $error_message
		) ) );
	}

	try {
		// Create pending payment in EDD.
		$payment_args = array(
			'price'        => $purchase_data['price'],
			'date'         => $purchase_data['date'],
			'user_email'   => $purchase_data['user_email'],
			'purchase_key' => $purchase_data['purchase_key'],
			'currency'     => edd_get_currency(),
			'downloads'    => $purchase_data['downloads'],
			'cart_details' => $purchase_data['cart_details'],
			'user_info'    => $purchase_data['user_info'],
			'status'       => 'pending',
			'gateway'      => 'paypal_commerce'
		);

		$payment_id = edd_insert_payment( $payment_args );

		if ( ! $payment_id ) {
			throw new Gateway_Exception(
				__( 'An unexpected error occurred. Please try again.', 'easy-digital-downloads' ),
				500,
				sprintf(
					'Payment creation failed before sending buyer to PayPal. Payment data: %s',
					json_encode( $payment_args )
				)
			);
		}

		$order_data = array(
			'intent'               => 'CAPTURE',
			'purchase_units'       => get_order_purchase_units( $payment_id, $purchase_data, $payment_args ),
			'application_context'  => array(
				//'locale'              => get_locale(), // PayPal doesn't like this. Might be able to replace `_` with `-`
				'shipping_preference' => 'NO_SHIPPING',
				'user_action'         => 'PAY_NOW',
				'return_url'          => edd_get_checkout_uri(),
				'cancel_url'          => edd_get_failed_transaction_uri( '?payment-id=' . urlencode( $payment_id ) )
			),
			'payment_instructions' => array(
				'disbursement_mode' => 'INSTANT'
			)
		);

		// Add payer data if we have it. We won't have it when using Buy Now buttons.
		if ( ! empty( $purchase_data['user_email'] ) ) {
			$order_data['payer']['email_address'] = $purchase_data['user_email'];
		}
		if ( ! empty( $purchase_data['user_info']['first_name'] ) ) {
			$order_data['payer']['name']['given_name'] = $purchase_data['user_info']['first_name'];
		}
		if ( ! empty( $purchase_data['user_info']['last_name'] ) ) {
			$order_data['payer']['name']['surname'] = $purchase_data['user_info']['last_name'];
		}

		/**
		 * Filters the arguments sent to PayPal.
		 *
		 * @param array $order_data    API request arguments.
		 * @param array $purchase_data Purchase data.
		 * @param int   $payment_id    ID of the EDD payment.
		 *
		 * @since 2.11
		 */
		$order_data = apply_filters( 'edd_paypal_order_arguments', $order_data, $purchase_data, $payment_id );

		try {
			$api      = new API();
			$response = $api->make_request( 'v2/checkout/orders', $order_data );

			if ( ! isset( $response->id ) && _is_item_total_mismatch( $response ) ) {

				edd_record_gateway_error(
					__( 'PayPal Gateway Warning', 'easy-digital-downloads' ),
					sprintf(
						/* Translators: %s - Original order data sent to PayPal. */
						__( 'PayPal could not complete the transaction with the itemized breakdown. Original order data sent: %s', 'easy-digital-downloads' ),
						json_encode( $order_data )
					),
					$payment_id
				);

				// Try again without the item breakdown. That way if we have an error in our totals the whole API request won't fail.
				$order_data['purchase_units'] = array(
					get_order_purchase_units_without_breakdown( $payment_id, $purchase_data, $payment_args )
				);

				// Re-apply the filter.
				$order_data = apply_filters( 'edd_paypal_order_arguments', $order_data, $purchase_data, $payment_id );

				$response = $api->make_request( 'v2/checkout/orders', $order_data );
			}

			if ( ! isset( $response->id ) ) {
				throw new Gateway_Exception(
					__( 'An error occurred while communicating with PayPal. Please try again.', 'easy-digital-downloads' ),
					$api->last_response_code,
					sprintf(
						'Unexpected response when creating order: %s',
						json_encode( $response )
					)
				);
			}

			edd_debug_log( sprintf( '-- Successful PayPal response. PayPal order ID: %s; EDD order ID: %d', esc_html( $response->id ), $payment_id ) );

			edd_update_payment_meta( $payment_id, 'paypal_order_id', sanitize_text_field( $response->id ) );

			/*
			 * Send successfully created order ID back.
			 * We also send back a new nonce, for verification in the next step: `capture_order()`.
			 * If the user was just logged into a new account, the previously sent nonce may have
			 * become invalid.
			 */
			$timestamp = time();
			wp_send_json_success( array(
				'paypal_order_id' => $response->id,
				'edd_order_id'    => $payment_id,
				'nonce'           => wp_create_nonce( 'edd_process_paypal' ),
				'timestamp'       => $timestamp,
				'token'           =>  \EDD\Utils\Tokenizer::tokenize( $timestamp ),
			) );
		} catch ( Authentication_Exception $e ) {
			throw new Gateway_Exception( __( 'An authentication error occurred. Please try again.', 'easy-digital-downloads' ), $e->getCode(), $e->getMessage() );
		} catch ( API_Exception $e ) {
			throw new Gateway_Exception( __( 'An error occurred while communicating with PayPal. Please try again.', 'easy-digital-downloads' ), $e->getCode(), $e->getMessage() );
		}
	} catch ( Gateway_Exception $e ) {
		if ( ! isset( $payment_id ) ) {
			$payment_id = 0;
		}

		$e->record_gateway_error( $payment_id );

		wp_send_json_error( edd_build_errors_html( array(
			'paypal-error' => $e->getMessage()
		) ) );
	}
}

add_action( 'edd_gateway_paypal_commerce', __NAMESPACE__ . '\create_order', 9 );

/**
 * Captures the order in PayPal
 *
 * @since 2.11
 */
function capture_order() {
	edd_debug_log( 'PayPal - capture_order()' );
	try {

		$token     = isset( $_POST['token'] )     ? sanitize_text_field( $_POST['token'] )     : '';
		$timestamp = isset( $_POST['timestamp'] ) ? sanitize_text_field( $_POST['timestamp'] ) : '';

		if ( ! empty( $timestamp ) && ! empty( $token ) ) {
			if ( !\EDD\Utils\Tokenizer::is_token_valid( $token, $timestamp ) ) {
				throw new Gateway_Exception(
					__('A validation error occurred. Please try again.', 'easy-digital-downloads'),
					403,
					'Token validation failed.'
				);
			}
		} elseif ( empty( $token ) && ! empty( $_POST['edd_process_paypal_nonce'] ) ) {
			if ( ! wp_verify_nonce( $_POST['edd_process_paypal_nonce'], 'edd_process_paypal' ) ) {
				throw new Gateway_Exception(
					__( 'A validation error occurred. Please try again.', 'easy-digital-downloads' ),
					403,
					'Nonce validation failed.'
				);
			}
		} else {
			throw new Gateway_Exception(
				__( 'A validation error occurred. Please try again.', 'easy-digital-downloads' ),
				400,
				'Missing validation fields.'
			);
		}

		if ( empty( $_POST['paypal_order_id'] ) ) {
			throw new Gateway_Exception(
				__( 'An unexpected error occurred. Please try again.', 'easy-digital-downloads' ),
				400,
				'Missing PayPal order ID during capture.'
			);
		}

		try {
			$api      = new API();
			$response = $api->make_request( 'v2/checkout/orders/' . urlencode( $_POST['paypal_order_id'] ) . '/capture' );

			edd_debug_log( sprintf( '-- PayPal Response code: %d; order ID: %s', $api->last_response_code, esc_html( $_POST['paypal_order_id'] ) ) );

			if ( ! in_array( $api->last_response_code, array( 200, 201 ) ) ) {
				$message = ! empty( $response->message ) ? $response->message : __( 'Failed to process payment. Please try again.', 'easy-digital-downloads' );

				/*
				 * If capture failed due to funding source, we want to send a `restart` back to PayPal.
				 * @link https://developer.paypal.com/docs/checkout/integration-features/funding-failure/
				 */
				if ( ! empty( $response->details ) && is_array( $response->details ) ) {
					foreach ( $response->details as $detail ) {
						if ( isset( $detail->issue ) && 'INSTRUMENT_DECLINED' === $detail->issue ) {
							$message = __( 'Unable to complete your order with your chosen payment method. Please choose a new funding source.', 'easy-digital-downloads' );
							$retry = true;
							break;
						}
					}
				}

				throw new Gateway_Exception(
					$message,
					400,
					sprintf( 'Order capture failure. PayPal response: %s', json_encode( $response ) )
				);
			}

			$payment = $transaction_id = false;
			if ( isset( $response->purchase_units ) && is_array( $response->purchase_units ) ) {
				foreach ( $response->purchase_units as $purchase_unit ) {
					if ( ! empty( $purchase_unit->reference_id ) ) {
						$payment        = edd_get_payment_by( 'key', $purchase_unit->reference_id );
						$transaction_id = isset( $purchase_unit->payments->captures[0]->id ) ? $purchase_unit->payments->captures[0]->id : false;

						if ( ! empty( $payment ) && isset( $purchase_unit->payments->captures[0]->status ) ) {
							if ( 'COMPLETED' === strtoupper( $purchase_unit->payments->captures[0]->status ) ) {
								$payment->status = 'complete';
							} elseif( 'DECLINED' === strtoupper( $purchase_unit->payments->captures[0]->status ) ) {
								$payment->status = 'failed';
							}
						}
						break;
					}
				}
			}

			if ( ! empty( $payment ) ) {
				/**
				 * Buy Now Button
				 *
				 * Fill in missing data when using "Buy Now". This bypasses checkout so not all information
				 * was collected prior to payment. Instead, we pull it from the PayPal info.
				 */
				if ( empty( $payment->email ) ) {
					if ( ! empty( $response->payer->email_address ) ) {
						$payment->email = sanitize_text_field( $response->payer->email_address );
					}
					if ( empty( $payment->first_name ) && ! empty( $response->payer->name->given_name ) ) {
						$payment->first_name = sanitize_text_field( $response->payer->name->given_name );
					}
					if ( empty( $payment->last_name ) && ! empty( $response->payer->name->surname ) ) {
						$payment->last_name = sanitize_text_field( $response->payer->name->surname );
					}

					if ( empty( $payment->customer_id ) && ! empty( $payment->email ) ) {
						$customer = new \EDD_Customer( $payment->email );

						if ( $customer->id < 1 ) {
							$customer->create( array(
								'email'   => $payment->email,
								'name'    => trim( sprintf( '%s %s', $payment->first_name, $payment->last_name ) ),
								'user_id' => $payment->user_id
							) );
						}
					}
				}

				if ( ! empty( $transaction_id ) ) {
					$payment->transaction_id = sanitize_text_field( $transaction_id );

					edd_insert_payment_note( $payment->ID, sprintf(
					/* Translators: %s - transaction ID */
						__( 'PayPal Transaction ID: %s', 'easy-digital-downloads' ),
						esc_html( $transaction_id )
					) );
				}

				$payment->save();

				if ( 'failed' === $payment->status ) {
					$retry = true;
					throw new Gateway_Exception(
						__( 'Your payment was declined. Please try a new payment method.', 'easy-digital-downloads' ),
						400,
						sprintf( 'Order capture failure. PayPal response: %s', json_encode( $response ) )
					);
				}
			}

			wp_send_json_success( array( 'redirect_url' => edd_get_success_page_uri() ) );
		} catch ( Authentication_Exception $e ) {
			throw new Gateway_Exception( __( 'An authentication error occurred. Please try again.', 'easy-digital-downloads' ), $e->getCode(), $e->getMessage() );
		} catch ( API_Exception $e ) {
			throw new Gateway_Exception( __( 'An error occurred while communicating with PayPal. Please try again.', 'easy-digital-downloads' ), $e->getCode(), $e->getMessage() );
		}
	} catch ( Gateway_Exception $e ) {
		if ( ! isset( $payment_id ) ) {
			$payment_id = 0;
		}

		$e->record_gateway_error( $payment_id );

		wp_send_json_error( array(
			'message' => edd_build_errors_html( array(
				'paypal_capture_failure' => $e->getMessage()
			) ),
			'retry'   => isset( $retry ) ? $retry : false
		) );
	}
}

add_action( 'wp_ajax_nopriv_edd_capture_paypal_order', __NAMESPACE__ . '\capture_order' );
add_action( 'wp_ajax_edd_capture_paypal_order', __NAMESPACE__ . '\capture_order' );

/**
 * Gets a fresh set of gateway options when a PayPal order is cancelled.
 * @link https://github.com/awesomemotive/easy-digital-downloads/issues/8883
 *
 * @since 2.11.3
 * @return void
 */
function cancel_order() {
	$nonces   = array();
	$gateways = edd_get_enabled_payment_gateways( true );
	foreach ( $gateways as $gateway_id => $gateway ) {
		$nonces[ $gateway_id ] = wp_create_nonce( 'edd-gateway-selected-' . esc_attr( $gateway_id ) );
	}

	wp_send_json_success(
		array(
			'nonces' => $nonces,
		)
	);
}
add_action( 'wp_ajax_nopriv_edd_cancel_paypal_order', __NAMESPACE__ . '\cancel_order' );
add_action( 'wp_ajax_edd_cancel_paypal_order', __NAMESPACE__ . '\cancel_order' );