Add an endpoint for processing pay for order orders (#10287)

* Register order route

* Check authorization for getting the order

* Add order data to the response

* Add order schema for the endpoint

* Move validation check to order controller

* Add order item schema

* Check if the order is associated with current user

* Fix after rebase

* Add checkout order endpoint

* Add order authorization trait

* Allow to use the order update customer endpoint in dev build only

* Get both customer and guest details

* Remove duplicate function

* Update the cart update customer class doc block

* Remove duplicate order route

* Update documentation for feature flags

* Add checkout trait

* Remove checkout trait

* Update billing address and order

* Only allow checkout pending orders

* Create checout trait

* Use sanitize text field

* Extend from checkout schema

* Update response message

* Allow failed orders to be paid for

* Update authorization error message

docs/internal-developers/blocks/feature-flags-and-experimental-interfaces.md

@@ -43,6 +43,7 @@ The majority of our feature flagging is blocks, this is a list of them:
 -   Product Rating Counter ([PHP flag](https://github.com/woocommerce/woocommerce-blocks/blob/trunk/src/BlockTypesController.php#L229) | [webpack flag](https://github.com/woocommerce/woocommerce-blocks/blob/trunk/bin/webpack-entries.js#L71-L73))
 -   ⚛️ Add to cart ([JS flag](https://github.com/woocommerce/woocommerce-blocks/blob/dfd2902bd8a247b5d048577db6753c5e901fc60f/assets/js/atomic/blocks/product-elements/add-to-cart/index.ts#L26-L29)).
 -   Order Route ([PHP flag](https://github.com/woocommerce/woocommerce-blocks/blob/b4a9dc9334f82c09f533b0f88c947b5c34e4e546/src/StoreApi/RoutesController.php#L65-L67))
+-   Checkout Order Route ([PHP flag](https://github.com/woocommerce/woocommerce-blocks/blob/add/an-endpoint-for-process-pay-for-order-orders/src/StoreApi/RoutesController.php#L67))
 
 ## Features behind flags
 

src/StoreApi/Routes/V1/CartUpdateCustomer.php

@@ -7,7 +7,7 @@
 /**
  * CartUpdateCustomer class.
  *
- * Updates the customer billing and shipping address and returns an updated cart--things such as taxes may be recalculated.
+ * Updates the customer billing and shipping addresses, recalculates the cart totals, and returns an updated cart.
  */
 class CartUpdateCustomer extends AbstractCartRoute {
 	use DraftOrderTrait;

src/StoreApi/Routes/V1/Checkout.php

@@ -1,20 +1,21 @@
 <?php
 namespace Automattic\WooCommerce\StoreApi\Routes\V1;
 
-use Automattic\WooCommerce\StoreApi\Payments\PaymentContext;
 use Automattic\WooCommerce\StoreApi\Payments\PaymentResult;
 use Automattic\WooCommerce\StoreApi\Exceptions\InvalidStockLevelsInCartException;
 use Automattic\WooCommerce\StoreApi\Exceptions\InvalidCartException;
 use Automattic\WooCommerce\StoreApi\Exceptions\RouteException;
 use Automattic\WooCommerce\StoreApi\Utilities\DraftOrderTrait;
 use Automattic\WooCommerce\Checkout\Helpers\ReserveStock;
 use Automattic\WooCommerce\Checkout\Helpers\ReserveStockException;
+use Automattic\WooCommerce\StoreApi\Utilities\CheckoutTrait;
 
 /**
  * Checkout class.
  */
 class Checkout extends AbstractCartRoute {
 	use DraftOrderTrait;
+	use CheckoutTrait;
 
 	/**
 	 * The route identifier.
@@ -138,29 +139,6 @@ public function get_response( \WP_REST_Request $request ) {
 		return $this->add_response_headers( $response );
 	}
 
-	/**
-	 * Prepare a single item for response. Handles setting the status based on the payment result.
-	 *
-	 * @param mixed            $item Item to format to schema.
-	 * @param \WP_REST_Request $request Request object.
-	 * @return \WP_REST_Response $response Response data.
-	 */
-	public function prepare_item_for_response( $item, \WP_REST_Request $request ) {
-		$response     = parent::prepare_item_for_response( $item, $request );
-		$status_codes = [
-			'success' => 200,
-			'pending' => 202,
-			'failure' => 400,
-			'error'   => 500,
-		];
-
-		if ( isset( $item->payment_result ) && $item->payment_result instanceof PaymentResult ) {
-			$response->set_status( $status_codes[ $item->payment_result->status ] ?? 200 );
-		}
-
-		return $response;
-	}
-
 	/**
 	 * Convert the cart into a new draft order, or update an existing draft order, and return an updated cart response.
 	 *
@@ -466,133 +444,6 @@ private function update_customer_from_request( \WP_REST_Request $request ) {
 		$customer->save();
 	}
 
-	/**
-	 * Update the current order using the posted values from the request.
-	 *
-	 * @param \WP_REST_Request $request Full details about the request.
-	 */
-	private function update_order_from_request( \WP_REST_Request $request ) {
-		$this->order->set_customer_note( $request['customer_note'] ?? '' );
-		$this->order->set_payment_method( $this->get_request_payment_method_id( $request ) );
-		$this->order->set_payment_method_title( $this->get_request_payment_method_title( $request ) );
-
-		wc_do_deprecated_action(
-			'__experimental_woocommerce_blocks_checkout_update_order_from_request',
-			array(
-				$this->order,
-				$request,
-			),
-			'6.3.0',
-			'woocommerce_store_api_checkout_update_order_from_request',
-			'This action was deprecated in WooCommerce Blocks version 6.3.0. Please use woocommerce_store_api_checkout_update_order_from_request instead.'
-		);
-
-		wc_do_deprecated_action(
-			'woocommerce_blocks_checkout_update_order_from_request',
-			array(
-				$this->order,
-				$request,
-			),
-			'7.2.0',
-			'woocommerce_store_api_checkout_update_order_from_request',
-			'This action was deprecated in WooCommerce Blocks version 7.2.0. Please use woocommerce_store_api_checkout_update_order_from_request instead.'
-		);
-
-		/**
-		 * Fires when the Checkout Block/Store API updates an order's from the API request data.
-		 *
-		 * This hook gives extensions the chance to update orders based on the data in the request. This can be used in
-		 * conjunction with the ExtendSchema class to post custom data and then process it.
-		 *
-		 * @since 7.2.0
-		 *
-		 * @param \WC_Order $order Order object.
-		 * @param \WP_REST_Request $request Full details about the request.
-		 */
-		do_action( 'woocommerce_store_api_checkout_update_order_from_request', $this->order, $request );
-
-		$this->order->save();
-	}
-
-	/**
-	 * For orders which do not require payment, just update status.
-	 *
-	 * @param \WP_REST_Request $request Request object.
-	 * @param PaymentResult    $payment_result Payment result object.
-	 */
-	private function process_without_payment( \WP_REST_Request $request, PaymentResult $payment_result ) {
-		// Transition the order to pending, and then completed. This ensures transactional emails fire for pending_to_complete events.
-		$this->order->update_status( 'pending' );
-		$this->order->payment_complete();
-
-		// Mark the payment as successful.
-		$payment_result->set_status( 'success' );
-		$payment_result->set_redirect_url( $this->order->get_checkout_order_received_url() );
-	}
-
-	/**
-	 * Fires an action hook instructing active payment gateways to process the payment for an order and provide a result.
-	 *
-	 * @throws RouteException On error.
-	 *
-	 * @param \WP_REST_Request $request Request object.
-	 * @param PaymentResult    $payment_result Payment result object.
-	 */
-	private function process_payment( \WP_REST_Request $request, PaymentResult $payment_result ) {
-		try {
-			// Transition the order to pending before making payment.
-			$this->order->update_status( 'pending' );
-
-			// Prepare the payment context object to pass through payment hooks.
-			$context = new PaymentContext();
-			$context->set_payment_method( $this->get_request_payment_method_id( $request ) );
-			$context->set_payment_data( $this->get_request_payment_data( $request ) );
-			$context->set_order( $this->order );
-
-			/**
-			 * Process payment with context.
-			 *
-			 * @hook woocommerce_rest_checkout_process_payment_with_context
-			 *
-			 * @throws \Exception If there is an error taking payment, an \Exception object can be thrown with an error message.
-			 *
-			 * @param PaymentContext $context        Holds context for the payment, including order ID and payment method.
-			 * @param PaymentResult  $payment_result Result object for the transaction.
-			 */
-			do_action_ref_array( 'woocommerce_rest_checkout_process_payment_with_context', [ $context, &$payment_result ] );
-
-			if ( ! $payment_result instanceof PaymentResult ) {
-				throw new RouteException( 'woocommerce_rest_checkout_invalid_payment_result', __( 'Invalid payment result received from payment method.', 'woo-gutenberg-products-block' ), 500 );
-			}
-		} catch ( \Exception $e ) {
-			throw new RouteException( 'woocommerce_rest_checkout_process_payment_error', $e->getMessage(), 402 );
-		}
-	}
-
-	/**
-	 * Gets the chosen payment method ID from the request.
-	 *
-	 * @throws RouteException On error.
-	 * @param \WP_REST_Request $request Request object.
-	 * @return string
-	 */
-	private function get_request_payment_method_id( \WP_REST_Request $request ) {
-		$payment_method = $this->get_request_payment_method( $request );
-		return is_null( $payment_method ) ? '' : $payment_method->id;
-	}
-
-	/**
-	 * Gets the chosen payment method title from the request.
-	 *
-	 * @throws RouteException On error.
-	 * @param \WP_REST_Request $request Request object.
-	 * @return string
-	 */
-	private function get_request_payment_method_title( \WP_REST_Request $request ) {
-		$payment_method = $this->get_request_payment_method( $request );
-		return is_null( $payment_method ) ? '' : $payment_method->get_title();
-	}
-
 	/**
 	 * Gets the chosen payment method from the request.
 	 *
@@ -633,26 +484,6 @@ private function get_request_payment_method( \WP_REST_Request $request ) {
 		return $available_gateways[ $request_payment_method ];
 	}
 
-	/**
-	 * Gets and formats payment request data.
-	 *
-	 * @param \WP_REST_Request $request Request object.
-	 * @return array
-	 */
-	private function get_request_payment_data( \WP_REST_Request $request ) {
-		static $payment_data = [];
-		if ( ! empty( $payment_data ) ) {
-			return $payment_data;
-		}
-		if ( ! empty( $request['payment_data'] ) ) {
-			foreach ( $request['payment_data'] as $data ) {
-				$payment_data[ sanitize_key( $data['key'] ) ] = wc_clean( $data['value'] );
-			}
-		}
-
-		return $payment_data;
-	}
-
 	/**
 	 * Order processing relating to customer account.
 	 *