Add customer payment methods and PPCP chargeback reporting

src/inc/payment-gateways/ppcp-gateway.php

@@ -4,6 +4,7 @@
 
 use WooCommerce\PayPalCommerce\PPCP;
 use WooCommerce\PayPalCommerce\WcGateway\Gateway\PayPalGateway;
+use Sift_For_WooCommerce\Sift_Events\Events;
 
 add_filter( 'sift_for_woocommerce_ppcp-gateway_payment_gateway_string', fn() => '$paypal' );
 
@@ -44,13 +45,71 @@ function get_from_order( $value, \WC_Order $order ) {
 add_filter( 'sift_for_woocommerce_ppcp-gateway_payment_type_string', fn( $value, $ppcp_gateway_payment_type ) => 'ppcp' === $ppcp_gateway_payment_type ? '$third_party_processor' : $value );
 
 add_filter( 'sift_for_woocommerce_ppcp-gateway_card_last4', fn( $value, $ppcp_data ) => $ppcp_data['wc_order']?->get_meta_data( PayPalGateway::FRAUD_RESULT_META_KEY )['card_last_digits'] ?? $value, 10, 2 );
-add_filter( 'sift_for_woocommerce_ppcp-gateway_avs_result_code', fn( $value, $ppcp_data ) => $ppcp_data['purchase-unit']?->payments()?->authorizations()[0]?->fraud_processor_response()->avs_code() ?? $value, 10, 2 );
-add_filter( 'sift_for_woocommerce_ppcp-gateway_cvv_result_code', fn( $value, $ppcp_data ) => $ppcp_data['purchase-unit']?->payments()?->authorizations()[0]?->fraud_processor_response()->cvv_code() ?? $value, 10, 2 );
-add_filter( 'sift_for_woocommerce_ppcp-gateway_verification_status', fn( $value, $ppcp_data ) => $ppcp_data['purchase-unit']?->payments()?->authorizations()[0]?->status() ?? $value, 10, 2 );
-add_filter( 'sift_for_woocommerce_ppcp-gateway_decline_reason_code', fn( $value, $ppcp_data ) => $ppcp_data['purchase-unit']?->payments()?->authorizations()[0]?->to_array()['reason_code'] ?? $value, 10, 2 );
+add_filter( 'sift_for_woocommerce_ppcp-gateway_avs_result_code', fn( $value, $ppcp_data ) => $ppcp_data['order']?->purchase_units()[0]?->payments()?->authorizations()[0]?->fraud_processor_response()->avs_code() ?? $value, 10, 2 );
+add_filter( 'sift_for_woocommerce_ppcp-gateway_cvv_result_code', fn( $value, $ppcp_data ) => $ppcp_data['order']?->purchase_units()[0]?->payments()?->authorizations()[0]?->fraud_processor_response()->cvv_code() ?? $value, 10, 2 );
+add_filter( 'sift_for_woocommerce_ppcp-gateway_verification_status', fn( $value, $ppcp_data ) => $ppcp_data['order']?->purchase_units()[0]?->payments()?->authorizations()[0]?->status()->name() ?? $value, 10, 2 );
+add_filter( 'sift_for_woocommerce_ppcp-gateway_decline_reason_code', fn( $value, $ppcp_data ) => $ppcp_data['order']?->purchase_units()[0]?->payments()?->authorizations()[0]?->to_array()['reason_code'] ?? $value, 10, 2 );
 
 add_filter( 'sift_for_woocommerce_ppcp-gateway_paypal_payer_id', fn( $value, $ppcp_data ) => $ppcp_data['order']?->payer()?->payer_id() ?? $value, 10, 2 );
 add_filter( 'sift_for_woocommerce_ppcp-gateway_paypal_payer_email', fn( $value, $ppcp_data ) => $ppcp_data['order']?->payer()?->email_address() ?? $value, 10, 2 );
 
-add_filter( 'sift_for_woocommerce_ppcp-gateway_paypal_protection_eligibility', fn( $value, $ppcp_data ) => $ppcp_data['purchase-unit']?->payments()?->captures()[0]->seller_protection() ?? $value, 10, 2 );
-add_filter( 'sift_for_woocommerce_ppcp-gateway_paypal_payment_status', fn( $value, $ppcp_data ) => $ppcp_data['purchase-unit']?->payments()?->captures()[0]->status()->name() ?? $value, 10, 2 );
+add_filter( 'sift_for_woocommerce_ppcp-gateway_paypal_protection_eligibility', fn( $value, $ppcp_data ) => $ppcp_data['order']?->purchase_units()[0]?->payments()?->captures()[0]?->seller_protection()?->status ?? $value, 10, 2 );
+add_filter( 'sift_for_woocommerce_ppcp-gateway_paypal_payment_status', fn( $value, $ppcp_data ) => $ppcp_data['order']?->purchase_units()[0]?->payments()?->captures()[0]->status()->name() ?? $value, 10, 2 );
+
+/**
+ * Send a chargeback event to Sift.
+ *
+ * @param object $event The Stripe event object.
+ *
+ * @return void
+ */
+function send_chargeback_to_sift( $event ): void {
+	$order_id = $event['data']['object']['resource']['disputed_transactions'][0]['seller_transaction_id'] ?? null;
+	// Log the resolved order ID.
+	if ( ! $order_id ) {
+		wc_get_logger()->error( 'Order ID not found in event.' );
+		return;
+	}
+	$order = wc_get_order( $order_id );
+
+	if ( ! $order instanceof \WC_Order ) {
+		wc_get_logger()->error( 'WooCommerce order not found for Order ID: ' . esc_html( $order_id ) );
+		return;
+	}
+
+	$chargeback_reason = convert_dispute_reason_to_sift_chargeback_reason( $event['data']['object']['resource']['reason'] ?? '' );
+
+	Events::chargeback( $order_id, $order, $chargeback_reason );
+}
+
+/**
+ * Convert a dispute reason from a string that PayPal would use to a string that Sift would use.
+ *
+ * @param string $dispute_reason A dispute reason string that PayPal would use.
+ *
+ * @return string|null A dispute reason string that Sift would use.
+ */
+function convert_dispute_reason_to_sift_chargeback_reason( string $dispute_reason ): ?string {
+	switch ( $dispute_reason ) {
+		case 'MERCHANDISE_OR_SERVICE_NOT_RECEIVED':
+			return '$product_not_received';
+		case 'MERCHANDISE_OR_SERVICE_NOT_AS_DESCRIBED':
+			return '$product_unacceptable';
+		case 'UNAUTHORIZED':
+			return '$authorization';
+		case 'PROBLEM_WITH_REMITTANCE':
+			return '$processing_errors';
+		case 'DUPLICATE_TRANSACTION':
+			return '$duplicate';
+		case 'INCORRECT_AMOUNT':
+		case 'CREDIT_NOT_PROCESSED':
+		case 'PAYMENT_BY_OTHER_MEANS':
+			return '$customer_disputes';
+		case 'CANCELED_RECURRING_BILLING':
+			return '$cancel_subscription';
+		case 'OTHER':
+			return '$other';
+		default:
+			return null;
+	}
+}

src/inc/sift-events/sift-events.php

@@ -17,6 +17,7 @@
 
 use Sift_For_WooCommerce\Sift_Order;
 use Sift_For_WooCommerce\Sift\SiftEventsValidator;
+use Sift_For_WooCommerce\Sift_For_WooCommerce;
 use WC_Product;
 
 /**
@@ -332,6 +333,10 @@ public static function update_account( string $user_id, ?\WP_User $old_user_data
 			'$time'             => intval( 1000 * microtime( true ) ),
 		);
 
+		if ( empty( $properties['$payment_methods'] ) ) {
+			unset( $properties['$payment_methods'] );
+		}
+
 		try {
 			SiftEventsValidator::validate_update_account( $properties );
 		} catch ( \Exception $e ) {
@@ -555,7 +560,6 @@ public static function create_order( string $order_id, \WC_Order $order ) {
 	 * @return void
 	 */
 	public static function update_or_create_order( string $order_id, \WC_Order $order, bool $create_order = false ) {
-
 		if ( ! in_array( $order->get_status(), self::SUPPORTED_WOO_ORDER_STATUS_CHANGES, true ) ) {
 			return;
 		}
@@ -566,15 +570,13 @@ public static function update_or_create_order( string $order_id, \WC_Order $orde
 
 		// Determine user and session context.
 		$user_id   = wp_get_current_user()->ID ?? null; // Check first for logged-in user.
-		$is_system = ! $create_order && str_starts_with( sanitize_title( wp_unslash( $_SERVER['HTTP_USER_AGENT'] ?? '' ) ), 'WordPress' ); // Check if this is an order update via system action.
+		$is_admin  = 1 === $user_id;
 
 		// Figure out if it should use the session ID if no logged-in user exists.
-		if ( ! $user_id ) {
-			$user_id = $is_system ? $order->get_user_id() : null; // Use order user ID only for system actions.
+		if ( ! $user_id || $is_admin ) {
+			$user_id = $order->get_user_id() ?? null; // Use order user ID if it isn't available otherwise
 		}
 
-		$user = $user_id ? get_userdata( $user_id ) : null;
-
 		$physical_or_electronic = '$electronic';
 		$items                  = array();
 		foreach ( $order->get_items( 'line_item' ) as $item ) {
@@ -628,8 +630,8 @@ public static function update_or_create_order( string $order_id, \WC_Order $orde
 
 		// Add the user_id only if a user exists, otherwise, let it remain empty.
 		// Ref: https://developers.sift.com/docs/php/apis-overview/core-topics/faq/tracking-users
-		if ( $user ) {
-			$properties['$user_id'] = self::format_user_id( $user->ID );
+		if ( $user_id && ! $is_admin ) {
+			$properties['$user_id'] = self::format_user_id( $user_id );
 		}
 
 		// Add in the address information if it's available.
@@ -811,7 +813,6 @@ public static function chargeback( string $order_id, \WC_Order $order, string $c
 	 * @return void
 	 */
 	public static function add( string $event, array $properties ) {
-
 		// Give a chance for the platform to modify the data (and add potentially new custom data)
 		$properties = apply_filters( 'sift_for_woocommerce_pre_send_event_properties', $properties, $event );
 
@@ -1017,11 +1018,40 @@ private static function get_order_address( string $order_id, string $type = 'bil
 	 *
 	 * @param integer $user_id The User / Customer ID.
 	 *
-	 * @return array|null
+	 * @return array
 	 */
 	private static function get_customer_payment_methods( int $user_id ) {
 		$payment_methods = array();
 
+		/**
+		 * Allow / disallow customer payment method lookup via looping over all customer orders and extracting the payment method from each order.
+		 *
+		 * If this filter returns false, the sift_for_woocommerce_get_customer_payment_methods filter should be implemented so that some payment methods are returned.
+		 *
+		 * Otherwise, no customer payment methods will be returned.
+		 *
+		 * @param boolean $allow True if this method of payment method lookup should be used, otherwise false.
+		 * @param integer $user_id The User / Customer ID.
+		 *
+		 * @return boolean True if this method of payment method lookup should be used, otherwise false.
+		 */
+		if ( apply_filters( 'sift_for_woocommerce_get_customer_payment_methods_via_order_enumeration', true, $user_id ) ) {
+			$customer_orders = wc_get_orders(
+				array(
+					'limit'    => -1,
+					'customer' => $user_id,
+					'status'   => wc_get_is_paid_statuses(),
+				)
+			);
+
+			$payment_methods = array_map(
+				function ( $order ) {
+					return static::get_order_payment_methods( $order )[0] ?? null;
+				},
+				$customer_orders
+			);
+		}
+
 		/**
 		 * Include a filter here for unexpected payment providers to be able to add their results in as well.
 		 *
@@ -1030,7 +1060,18 @@ private static function get_customer_payment_methods( int $user_id ) {
 		 */
 		$payment_methods = apply_filters( 'sift_for_woocommerce_get_customer_payment_methods', $payment_methods, $user_id ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
 
-		return $payment_methods ?? null;
+		$payment_methods = array_reduce(
+			$payment_methods,
+			function ( $payment_methods, $payment_method ) {
+				if ( ! empty( $payment_method ) && ! in_array( $payment_method, $payment_methods, true ) ) {
+					$payment_methods[] = $payment_method;
+				}
+				return $payment_methods;
+			},
+			array()
+		);
+
+		return $payment_methods ?? array();
 	}
 
 	/**
@@ -1044,8 +1085,7 @@ private static function get_customer_payment_methods( int $user_id ) {
 	 * @return array
 	 */
 	private static function get_order_payment_methods( \WC_Order $order ) {
-		$sift_order = new Sift_Order( $order );
-		return $sift_order->get_payment_methods();
+		return Sift_For_WooCommerce::get_instance()->get_sift_order_from_wc_order( $order )->get_payment_methods();
 	}
 
 	/**

src/sift-for-woocommerce.php

@@ -20,6 +20,8 @@
  */
 class Sift_For_WooCommerce {
 
+	private static $sift_orders = array();
+
 	// region MAGIC METHODS
 
 	/**
@@ -132,5 +134,20 @@ public static function get_api_client() {
 		return $client;
 	}
 
+	/**
+	 * Get a Sift_Order object from a WC_Order object.
+	 * Allows a small speed up in performance due to caching the orders.
+	 *
+	 * @param \WC_Order $order The WC_Order object.
+	 *
+	 * @return Sift_Order The Sift_Order object.
+	 */
+	public static function get_sift_order_from_wc_order( \WC_Order $order ): Sift_Order {
+		if ( ! array_key_exists( $order->get_order_key(), static::$sift_orders ) ) {
+			static::$sift_orders[ $order->get_order_key() ] = new Sift_Order( $order );
+		}
+		return static::$sift_orders[ $order->get_order_key() ];
+	}
+
 	// endregion
 }