feat: trigger fraud evaluation on billing payment-method attach#44
Closed
mattdjenkinson wants to merge 2 commits into
Closed
feat: trigger fraud evaluation on billing payment-method attach#44mattdjenkinson wants to merge 2 commits into
mattdjenkinson wants to merge 2 commits into
Conversation
Adds a BillingPaymentMethodAttached trigger event so fraud evaluation fires once a card has been attached at signup, not on raw User creation. Extends the provider input with card metadata (BIN, last4, country, AVS, CVC) sourced from BillingAccount.status.paymentMethod and forwards it to MaxMind as the credit_card sub-object on /factors. Key changes: - BillingPaymentMethodAttachedTriggerReconciler watches BillingAccount and creates FraudEvaluations when an active FraudPolicy has the new trigger event - provider.CreditCard + resolver.resolvePaymentMethod() look up the user's BillingAccount via the iam.miloapis.com/owner-user label - MaxMind buildRequest emits credit_card with issuer.iin, last_digits, country, avs_result, cvv_result - After PlatformAccessApproval creation, mirror approval onto owned BillingAccounts so billing's phase controller can flip to Ready Note: go.mod uses a local replace for go.miloapis.com/billing while the module is unpublished. Drop the replace before merge.
The local-path replace directive blocked CI's go build. Point at a pinned commit on github.com/milo-os/billing so the module is resolvable on Linux runners. Update once go.miloapis.com/billing publishes a tagged release.
Contributor
Author
|
Closing — depends on billing CRD shape that needs to be redone per milo-os/billing#33 (generic PaymentMethod with normalized status; Stripe-specific state in a separate stripe-provider repo). Will reopen once the upstream PaymentMethod schema lands, reading PaymentMethod.status.details rather than BillingAccount.status.paymentMethod. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
BillingPaymentMethodAttachedtrigger event + reconciler so fraud evaluation fires once a card has been attached at signup, not on raw User creation.provider.Input.CreditCardfields (BIN, last4, country, AVS, CVC) sourced fromBillingAccount.status.paymentMethodand forwarded to MaxMind ascredit_cardon/factors.PlatformAccessApprovalcreation, mirror approval onto any BillingAccount owned by the user so billing's phase controller can flip toReady.Base + replace caveat
feat/maxmind-tracking-token. Rebase / change-base once that lands.go.moduses a localreplaceforgo.miloapis.com/billinguntil that module is published — drop the replace before merge.Pairs with
milo-os/billing:feat/stripe-payment-providerdatum-cloud/cloud-portal:feat/billing-setup-flow