[AC-1938] Update provider payment method (#4140)

* Refactored GET provider subscription

Refactoring this endpoint and its associated tests in preparation for the addition of more endpoints that share similar patterns

* Replaced StripePaymentService call in AccountsController, OrganizationsController

This was made in error during a previous PR. Since this is not related to Consolidated Billing, we want to try not to include it in these changes.

* Removing GetPaymentInformation call from ProviderBillingService

This method is a good call for the SubscriberService as we'll want to extend the functionality to all subscriber types

* Refactored GetTaxInformation to use Billing owned DTO

* Add UpdateTaxInformation to SubscriberService

* Added GetTaxInformation and UpdateTaxInformation endpoints to ProviderBillingController

* Added controller to manage creation of Stripe SetupIntents

With the deprecation of the Sources API, we need to move the bank account creation process to using SetupIntents. This controller brings both the creation of "card" and "us_bank_account" SetupIntents
under billing management.

* Added UpdatePaymentMethod method to SubscriberService

This method utilizes the SetupIntents created by the StripeController from the previous commit when a customer adds a card or us_bank_account payment method (Stripe). We need to cache the most recent SetupIntent for the subscriber so that we know which PaymentMethod is their most recent even when it hasn't been confirmed yet.

* Refactored GetPaymentMethod to use billing owned DTO and check setup intents

* Added GetPaymentMethod and UpdatePaymentMethod endpoints to ProviderBillingController

* Re-added GetPaymentInformation endpoint to consolidate API calls on the payment method page

* Added VerifyBankAccount endpoint to ProviderBillingController in order to finalize bank account payment methods

* Updated BitPayInvoiceRequestModel to support providers

* run dotnet format

* Conner's feedback

* Run dotnet format'

src/Api/Billing/Controllers/ProviderBillingController.cs

@@ -1,10 +1,17 @@
-using Bit.Api.Billing.Models.Responses;
+using Bit.Api.Billing.Models.Requests;
+using Bit.Api.Billing.Models.Responses;
 using Bit.Core;
+using Bit.Core.AdminConsole.Entities.Provider;
+using Bit.Core.AdminConsole.Repositories;
+using Bit.Core.Billing.Constants;
+using Bit.Core.Billing.Extensions;
+using Bit.Core.Billing.Models;
 using Bit.Core.Billing.Services;
 using Bit.Core.Context;
 using Bit.Core.Services;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
+using Stripe;
 
 namespace Bit.Api.Billing.Controllers;
 
@@ -13,59 +20,194 @@ namespace Bit.Api.Billing.Controllers;
 public class ProviderBillingController(
     ICurrentContext currentContext,
     IFeatureService featureService,
-    IProviderBillingService providerBillingService) : Controller
+    IProviderBillingService providerBillingService,
+    IProviderRepository providerRepository,
+    IStripeAdapter stripeAdapter,
+    ISubscriberService subscriberService) : Controller
 {
-    [HttpGet("subscription")]
-    public async Task<IResult> GetSubscriptionAsync([FromRoute] Guid providerId)
-    {
-        if (!featureService.IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling))
-        {
-            return TypedResults.NotFound();
-        }
-
-        if (!currentContext.ProviderProviderAdmin(providerId))
-        {
-            return TypedResults.Unauthorized();
-        }
-
-        var providerSubscriptionDTO = await providerBillingService.GetSubscriptionDTO(providerId);
-
-        if (providerSubscriptionDTO == null)
-        {
-            return TypedResults.NotFound();
-        }
-
-        var (providerPlans, subscription) = providerSubscriptionDTO;
-
-        var providerSubscriptionResponse = ProviderSubscriptionResponse.From(providerPlans, subscription);
-
-        return TypedResults.Ok(providerSubscriptionResponse);
-    }
-
     [HttpGet("payment-information")]
     public async Task<IResult> GetPaymentInformationAsync([FromRoute] Guid providerId)
     {
-        if (!featureService.IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling))
+        var (provider, result) = await GetAuthorizedBillableProviderOrResultAsync(providerId);
+
+        if (provider == null)
+        {
+            return result;
+        }
+
+        var paymentInformation = await subscriberService.GetPaymentInformation(provider);
+
+        if (paymentInformation == null)
         {
             return TypedResults.NotFound();
         }
 
+        var response = PaymentInformationResponse.From(paymentInformation);
+
+        return TypedResults.Ok(response);
+    }
+
+    [HttpGet("payment-method")]
+    public async Task<IResult> GetPaymentMethodAsync([FromRoute] Guid providerId)
+    {
+        var (provider, result) = await GetAuthorizedBillableProviderOrResultAsync(providerId);
+
+        if (provider == null)
+        {
+            return result;
+        }
+
+        var maskedPaymentMethod = await subscriberService.GetPaymentMethod(provider);
+
+        if (maskedPaymentMethod == null)
+        {
+            return TypedResults.NotFound();
+        }
+
+        var response = MaskedPaymentMethodResponse.From(maskedPaymentMethod);
+
+        return TypedResults.Ok(response);
+    }
+
+    [HttpPut("payment-method")]
+    public async Task<IResult> UpdatePaymentMethodAsync(
+        [FromRoute] Guid providerId,
+        [FromBody] TokenizedPaymentMethodRequestBody requestBody)
+    {
+        var (provider, result) = await GetAuthorizedBillableProviderOrResultAsync(providerId);
+
+        if (provider == null)
+        {
+            return result;
+        }
+
+        var tokenizedPaymentMethod = new TokenizedPaymentMethodDTO(
+            requestBody.Type,
+            requestBody.Token);
+
+        await subscriberService.UpdatePaymentMethod(provider, tokenizedPaymentMethod);
+
+        await stripeAdapter.SubscriptionUpdateAsync(provider.GatewaySubscriptionId,
+            new SubscriptionUpdateOptions
+            {
+                CollectionMethod = StripeConstants.CollectionMethod.ChargeAutomatically
+            });
+
+        return TypedResults.Ok();
+    }
+
+    [HttpPost]
+    [Route("payment-method/verify-bank-account")]
+    public async Task<IResult> VerifyBankAccountAsync(
+        [FromRoute] Guid providerId,
+        [FromBody] VerifyBankAccountRequestBody requestBody)
+    {
+        var (provider, result) = await GetAuthorizedBillableProviderOrResultAsync(providerId);
+
+        if (provider == null)
+        {
+            return result;
+        }
+
+        await subscriberService.VerifyBankAccount(provider, (requestBody.Amount1, requestBody.Amount2));
+
+        return TypedResults.Ok();
+    }
+
+    [HttpGet("subscription")]
+    public async Task<IResult> GetSubscriptionAsync([FromRoute] Guid providerId)
+    {
+        var (provider, result) = await GetAuthorizedBillableProviderOrResultAsync(providerId);
+
+        if (provider == null)
+        {
+            return result;
+        }
+
+        var consolidatedBillingSubscription = await providerBillingService.GetConsolidatedBillingSubscription(provider);
+
+        if (consolidatedBillingSubscription == null)
+        {
+            return TypedResults.NotFound();
+        }
+
+        var response = ConsolidatedBillingSubscriptionResponse.From(consolidatedBillingSubscription);
+
+        return TypedResults.Ok(response);
+    }
+
+    [HttpGet("tax-information")]
+    public async Task<IResult> GetTaxInformationAsync([FromRoute] Guid providerId)
+    {
+        var (provider, result) = await GetAuthorizedBillableProviderOrResultAsync(providerId);
+
+        if (provider == null)
+        {
+            return result;
+        }
+
+        var taxInformation = await subscriberService.GetTaxInformation(provider);
+
+        if (taxInformation == null)
+        {
+            return TypedResults.NotFound();
+        }
+
+        var response = TaxInformationResponse.From(taxInformation);
+
+        return TypedResults.Ok(response);
+    }
+
+    [HttpPut("tax-information")]
+    public async Task<IResult> UpdateTaxInformationAsync(
+        [FromRoute] Guid providerId,
+        [FromBody] TaxInformationRequestBody requestBody)
+    {
+        var (provider, result) = await GetAuthorizedBillableProviderOrResultAsync(providerId);
+
+        if (provider == null)
+        {
+            return result;
+        }
+
+        var taxInformation = new TaxInformationDTO(
+            requestBody.Country,
+            requestBody.PostalCode,
+            requestBody.TaxId,
+            requestBody.Line1,
+            requestBody.Line2,
+            requestBody.City,
+            requestBody.State);
+
+        await subscriberService.UpdateTaxInformation(provider, taxInformation);
+
+        return TypedResults.Ok();
+    }
+
+    private async Task<(Provider, IResult)> GetAuthorizedBillableProviderOrResultAsync(Guid providerId)
+    {
+        if (!featureService.IsEnabled(FeatureFlagKeys.EnableConsolidatedBilling))
+        {
+            return (null, TypedResults.NotFound());
+        }
+
+        var provider = await providerRepository.GetByIdAsync(providerId);
+
+        if (provider == null)
+        {
+            return (null, TypedResults.NotFound());
+        }
+
         if (!currentContext.ProviderProviderAdmin(providerId))
         {
-            return TypedResults.Unauthorized();
+            return (null, TypedResults.Unauthorized());
         }
 
-        var providerPaymentInformationDto = await providerBillingService.GetPaymentInformationAsync(providerId);
-
-        if (providerPaymentInformationDto == null)
+        if (!provider.IsBillable())
         {
-            return TypedResults.NotFound();
+            return (null, TypedResults.Unauthorized());
         }
 
-        var (paymentSource, taxInfo) = providerPaymentInformationDto;
-
-        var providerPaymentInformationResponse = PaymentInformationResponse.From(paymentSource, taxInfo);
-
-        return TypedResults.Ok(providerPaymentInformationResponse);
+        return (provider, null);
     }
 }