mini-starter/packages/mini-payment-mt/tests/integration/payment-callback.integration.test.ts

import { describe, it, expect, beforeEach, vi, afterEach } from 'vitest';
import { testClient } from 'hono/testing';
import {
  IntegrationTestDatabase,
  setupIntegrationDatabaseHooksWithEntities
} from '@d8d/shared-test-util';
import { PaymentMtRoutes } from '../../src/routes/payment.mt.routes.js';
import { PaymentMtEntity } from '../../src/entities/payment.mt.entity.js';
import { PaymentStatus } from '../../src/entities/payment.types.js';
import { UserEntityMt } from '@d8d/user-module-mt';
import { RoleMt } from '@d8d/user-module-mt';
import { FileMt } from '@d8d/file-module-mt';
import { OrderMt } from '@d8d/orders-module-mt';
import { MerchantMt } from '@d8d/merchant-module-mt';
import { SupplierMt } from '@d8d/supplier-module-mt';
import { DeliveryAddressMt } from '@d8d/delivery-address-module-mt';
import { config } from 'dotenv';
import { resolve } from 'path';
// 导入微信支付SDK用于模拟
import WxPay from 'wechatpay-node-v3';

// 在测试环境中加载环境变量
config({ path: resolve(process.cwd(), '.env.test') });

vi.mock('wechatpay-node-v3')

// 设置集成测试钩子
setupIntegrationDatabaseHooksWithEntities([PaymentMtEntity, UserEntityMt, FileMt, RoleMt, OrderMt, MerchantMt, SupplierMt, DeliveryAddressMt])

describe('支付回调API集成测试 - 多租户版本', () => {
  let client: ReturnType<typeof testClient<typeof PaymentMtRoutes>>;
  let testUser: UserEntityMt;
  let testPayment: PaymentMtEntity;
  let testOrder: OrderMt;

  // 使用真实的微信支付回调数据 - 直接使用原始请求体字符串
  const rawBody = '{"id":"495e231b-9fd8-54a1-8a30-2a38a807744c","create_time":"2025-10-25T12:48:11+08:00","resource_type":"encrypt-resource","event_type":"TRANSACTION.SUCCESS","summary":"支付成功","resource":{"original_type":"transaction","algorithm":"AEAD_AES_256_GCM","ciphertext":"tl1/8FRRn6g0gRq8IoVR8+95VuIADYBDOt6N9PKiHVhiD6l++W5g/wg6VlsCRIZJ+KWMYTaf5FzQHMjCs8o9otIkLLuJA2aZC+kCQtGxNfyVBwxool/tLT9mHd0dFGThqbj8vb/lm+jjNcmmiWHz+J1ZRvGl7mH4I714vudok7JRt5Q0u0tYaLWr76TTXuQErlA7T4KbeVeGAj8iMpu2ErCpR9QRif36Anc5ARjNYrIWfraXlmUXVbXermDyJ8r4o/4QCFfGk8L1u1WqNYASrRTQvQ8OPqj/J21OkDxbPPrOiEmAX1jOvONvIVEe9Lbkm6rdhW4aLRoZYtiusAk/Vm7MI/UYPwRZbyuc4wwdA1T1D4RdJd/m2I4KSvZHQgs0DM0tLqlb0z3880XYNr8iPFnyu2r8Z8LGcXD+COm06vc7bvNWh3ODwmMrmZQkym/Y/T3X/h/4MZj7+1h2vYHqnnrsgtNPHc/2IwWC/fQlPwtSrLh6iUxSd0betFpKLSq08CaJZvnenpDf1ORRMvd8EhTtIJJ4mV4v+VzCOYNhIcBhKp9XwsuhxIdkpGGmNPpow2c2BXY=","associated_data":"transaction","nonce":"sTnWce32BTQP"}}';
  const callbackHeader = {
    'wechatpay-timestamp': '1761367693',
    'wechatpay-nonce': 'PVDFxrQiJclkR28HpAYPDiIlS2VaGp9U',
    'wechatpay-signature': 'hwR1KKN1bIPAhatIHTen7fwNDyvONS/picpcqSHtUCGkbvhYLVUqC87ksBJs6bovNI0cKNvrLr6gqp/HR4TK/ijgrD6w9W/oYc6bKyO9lNarggsQKHBv5x5yX8OjBOzqtgiHOVj44RCPrglJ5bFDlxIhnhs9jnGUine0qlvrVwBZAylt5X4oFmPammHoV4lLHtGt0L4zr5y6LoZL80LpctDCOCtwC4JdUUY5AumkMYo8lNs+xK0NAN7EVNKCWUzoQ1pVdBTGZWDP+b8+6gswP6JDsL3a4H4Fw3WGh4DZPskDQAe0sn85UGXO3m03OkDq3WkiCkOut4YZMuKBeCBpWA==',
    'wechatpay-serial': '6C2C991E621267BFA5BFD5F32476427343A0B2AD'
  };

  beforeEach(async () => {
    // 创建测试客户端
    client = testClient(PaymentMtRoutes);

    // 创建测试用户
    const dataSource = await IntegrationTestDatabase.getDataSource();

    const userRepository = dataSource.getRepository(UserEntityMt);
    testUser = userRepository.create({
      username: `test_user_${Date.now()}`,
      password: 'test_password',
      nickname: '测试用户',
      openid: 'oJy1-16IIG18XZLl7G32k1hHMUFg',
      tenantId: 1
    });
    await userRepository.save(testUser);

    // 创建测试订单
    const orderRepository = dataSource.getRepository(OrderMt);
    testOrder = orderRepository.create({
      tenantId: 1,
      orderNo: `ORD${Date.now()}`,
      userId: testUser.id,
      amount: 1,
      costAmount: 0.5,
      payAmount: 1,
      orderType: 1,
      payType: 2,
      payState: 0, // 未支付
      state: 0,
      addressId: 0,
      merchantId: 0,
      supplierId: 0,
      createdBy: testUser.id,
      updatedBy: testUser.id
    });
    await orderRepository.save(testOrder);

    // 创建测试支付记录，使用与真实回调数据一致的金额
    const paymentRepository = dataSource.getRepository(PaymentMtEntity);
    testPayment = paymentRepository.create({
      externalOrderId: testOrder.id, // 使用订单ID作为外部订单ID
      userId: testUser.id,
      totalAmount: 1, // 1分钱，与真实回调数据一致
      description: '测试支付',
      paymentStatus: PaymentStatus.PROCESSING, // 设置为处理中状态，模拟已发起支付
      openid: testUser.openid!,
      outTradeNo: `ORDER_${testOrder.id}_${Date.now()}`,
      tenantId: 1
    });
    await paymentRepository.save(testPayment);

    // 设置微信支付SDK的全局mock
    const mockWxPay = {
      transactions_jsapi: vi.fn().mockResolvedValue({
        package: 'prepay_id=wx_test_prepay_id_123456',
        timeStamp: Math.floor(Date.now() / 1000).toString(),
        nonceStr: 'test_nonce_string',
        signType: 'RSA',
        paySign: 'test_pay_sign'
      }),
      verifySign: vi.fn().mockResolvedValue(true),
      decipher_gcm: vi.fn().mockReturnValue(JSON.stringify({
        out_trade_no: testPayment.outTradeNo, // 使用数据库中保存的 outTradeNo
        trade_state: 'SUCCESS',
        transaction_id: 'test_transaction_id',
        amount: {
          total: 1
        }
      })),
      getSignature: vi.fn().mockReturnValue('mock_signature')
    };

    // 模拟PaymentService的wxPay实例
    vi.mocked(WxPay).mockImplementation(() => mockWxPay as any);
  });

  afterEach(() => {
    // 清理 mock
    vi.mocked(WxPay).mockClear();
  });

  describe('POST /payment/callback - 支付回调', () => {
    it('应该成功处理支付成功回调并更新订单状态', async () => {
      const response = await client.payment.callback.$post({
        // 使用空的json参数，通过init传递原始请求体
        json: {}
      }, {
        headers: callbackHeader,
        init: {
          body: rawBody
        }
      });

      // 现在支付记录存在，回调处理应该成功
      expect(response.status).toBe(200);

      if (response.status === 200) {
        const result = await response.text();
        expect(result).toBe('SUCCESS');

        // 验证订单状态已更新为已支付 (2)
        const dataSource = await IntegrationTestDatabase.getDataSource();
        const orderRepository = dataSource.getRepository(OrderMt);
        const updatedOrder = await orderRepository.findOne({
          where: { id: testOrder.id, tenantId: 1 }
        });

        expect(updatedOrder).toBeDefined();
        expect(updatedOrder?.payState).toBe(2); // 已支付
      }
    });

    it('应该处理支付失败回调并更新订单状态', async () => {
      // 模拟支付失败的回调数据
      const mockWxPay = {
        verifySign: vi.fn().mockResolvedValue(true),
        decipher_gcm: vi.fn().mockReturnValue(JSON.stringify({
          out_trade_no: testPayment.outTradeNo,
          trade_state: 'FAIL',
          transaction_id: null,
          amount: {
            total: 1
          }
        }))
      };
      vi.mocked(WxPay).mockImplementation(() => mockWxPay as any);

      const response = await client.payment.callback.$post({
        json: {}
      }, {
        headers: callbackHeader,
        init: {
          body: rawBody
        }
      });

      expect(response.status).toBe(200);

      if (response.status === 200) {
        const result = await response.text();
        expect(result).toBe('SUCCESS');

        // 验证订单状态已更新为支付失败 (4)
        const dataSource = await IntegrationTestDatabase.getDataSource();
        const orderRepository = dataSource.getRepository(OrderMt);
        const updatedOrder = await orderRepository.findOne({
          where: { id: testOrder.id, tenantId: 1 }
        });

        expect(updatedOrder).toBeDefined();
        expect(updatedOrder?.payState).toBe(4); // 支付失败
      }
    });

    it('应该处理退款回调并更新订单状态', async () => {
      // 模拟退款回调数据
      const mockWxPay = {
        verifySign: vi.fn().mockResolvedValue(true),
        decipher_gcm: vi.fn().mockReturnValue(JSON.stringify({
          out_trade_no: testPayment.outTradeNo,
          trade_state: 'REFUND',
          transaction_id: 'test_refund_transaction_id',
          amount: {
            total: 1
          }
        }))
      };
      vi.mocked(WxPay).mockImplementation(() => mockWxPay as any);

      const response = await client.payment.callback.$post({
        json: {}
      }, {
        headers: callbackHeader,
        init: {
          body: rawBody
        }
      });

      expect(response.status).toBe(200);

      if (response.status === 200) {
        const result = await response.text();
        expect(result).toBe('SUCCESS');

        // 验证订单状态已更新为已退款 (3)
        const dataSource = await IntegrationTestDatabase.getDataSource();
        const orderRepository = dataSource.getRepository(OrderMt);
        const updatedOrder = await orderRepository.findOne({
          where: { id: testOrder.id, tenantId: 1 }
        });

        expect(updatedOrder).toBeDefined();
        expect(updatedOrder?.payState).toBe(3); // 已退款
      }
    });

    it('应该验证多租户数据隔离', async () => {
      // 创建第二个租户的测试数据
      const dataSource = await IntegrationTestDatabase.getDataSource();

      const userRepository = dataSource.getRepository(UserEntityMt);
      const testUser2 = userRepository.create({
        username: `test_user2_${Date.now()}`,
        password: 'test_password',
        nickname: '测试用户2',
        openid: 'oJy1-16IIG18XZLl7G32k1hHMUFg2',
        tenantId: 2
      });
      await userRepository.save(testUser2);

      const orderRepository = dataSource.getRepository(OrderMt);
      const testOrder2 = orderRepository.create({
        tenantId: 2,
        orderNo: `ORD${Date.now()}_2`,
        userId: testUser2.id,
        amount: 1,
        costAmount: 0.5,
        payAmount: 1,
        orderType: 1,
        payType: 2,
        payState: 0,
        state: 0,
        addressId: 0,
        merchantId: 0,
        supplierId: 0,
        createdBy: testUser2.id,
        updatedBy: testUser2.id
      });
      await orderRepository.save(testOrder2);

      const paymentRepository = dataSource.getRepository(PaymentMtEntity);
      const testPayment2 = paymentRepository.create({
        externalOrderId: testOrder2.id,
        userId: testUser2.id,
        totalAmount: 1,
        description: '测试支付2',
        paymentStatus: PaymentStatus.PROCESSING,
        openid: testUser2.openid!,
        outTradeNo: `ORDER_${testOrder2.id}_${Date.now()}`,
        tenantId: 2
      });
      await paymentRepository.save(testPayment2);

      // 处理租户1的支付回调
      const response = await client.payment.callback.$post({
        json: {}
      }, {
        headers: callbackHeader,
        init: {
          body: rawBody
        }
      });

      expect(response.status).toBe(200);

      // 验证租户1的订单状态已更新
      const updatedOrder1 = await orderRepository.findOne({
        where: { id: testOrder.id, tenantId: 1 }
      });
      expect(updatedOrder1?.payState).toBe(2); // 已支付

      // 验证租户2的订单状态未受影响
      const updatedOrder2 = await orderRepository.findOne({
        where: { id: testOrder2.id, tenantId: 2 }
      });
      expect(updatedOrder2?.payState).toBe(0); // 仍为未支付
    });

    it('应该处理无效的回调数据格式', async () => {
      const response = await client.payment.callback.$post({
        body: 'invalid json data'
      }, {
        headers: {
          ...callbackHeader,
          'content-type': 'text/plain'
        }
      });

      // 由于JSON解析失败，应该返回500错误
      expect(response.status).toBe(500);
    });

    it('应该处理缺少必要头信息的情况', async () => {
      const response = await client.payment.callback.$post({
        body: rawBody
      }, {
        headers: {
          // 缺少必要的微信支付头信息
          'Content-Type': 'text/plain'
        }
      });

      // 由于缺少必要头信息，应该返回500错误
      expect(response.status).toBe(500);
    });

    it('应该验证回调数据解密后的支付处理', async () => {
      const response = await client.payment.callback.$post({
        // 使用空的json参数，通过init传递原始请求体
        json: {}
      }, {
        headers: callbackHeader,
        init: {
          body: rawBody
        }
      });

      // 现在支付记录存在，回调处理应该成功
      expect(response.status).toBe(200);

      if (response.status === 200) {
        const result = await response.text();
        expect(result).toBe('SUCCESS');
      }
    });
  });
});