- Add comprehensive OxaPay payment provider with invoice creation, webhook processing, and subscription status sync
- Implement conditional payload fields (to_currency, callback_url) based on configuration
- Create universal sync command for all non-recurring payment providers
- Add subscription model fields for payment tracking
- Implement proper status mapping between OxaPay and Laravel subscription states
- Add webhook signature validation using HMAC SHA512
- Fix bulk delete and individual delete actions using before() hook with halt()
- Add daily/weekly billing cycle options to plan resource and Polar provider
- Enhance payment confirmation with dynamic polling and loading states
- Add graceful handling for deleted plans in subscription display
- Update Polar provider to support dynamic billing cycles
Add comprehensive webhook validation and processing system with Polar.sh integration:
- Create built-in Standard Webhooks package following official specification
- Implement HMAC-SHA256 signature validation with base64 encoding
- Add webhook factory for multi-provider support (Polar, Stripe, generic)
- Replace custom Polar webhook validation with Standard Webhooks implementation
- Add proper exception handling with custom WebhookVerificationException
- Support sandbox mode bypass for development environments
- Update Polar provider to use database-driven configuration
- Enhance webhook test suite with proper Standard Webhooks format
- Add PaymentProvider model HasFactory trait for testing
- Implement timestamp tolerance checking (±5 minutes) for replay protection
- Support multiple signature versions and proper header validation
This provides a secure, reusable webhook validation system that can be extended
to other payment providers while maintaining full compliance with Standard
Webhooks specification.
BREAKING CHANGE: Polar webhook validation now uses Standard Webhooks format
with headers 'webhook-id', 'webhook-timestamp', 'webhook-signature' instead of
previous Polar-specific headers.
- Add Polar-specific date field mapping in PaymentOrchestrator (current_period_start, current_period_end, cancelled_at, trial_end)
- Handle both cancellation scenarios: cancel_at_period_end=true and existing cancelled_at timestamp
- Map customer_cancellation_reason and customer_cancellation_comment from Polar to database
- Update billing page to show correct renewal vs expiry dates based on cancellation status
- Restrict cancel button to activation_key provider only (Polar uses customer portal)
- Fix button spacing between "Manage in Polar" and "Sync" buttons
- Ensure both "Sync" and "Recheck Status" buttons use identical sync functionality
- Add provider_checkout_id column to separate checkout ID from subscription ID
- Update Polar provider to store checkout ID separately and set subscription ID to null initially
- Implement smart sync logic that queries Polar API when subscription ID is missing
- Add fetchPolarSubscriptionId method to find active subscriptions via customer ID
- Update webhook handlers to use provider_checkout_id for subscription lookup
- Make makeAuthenticatedRequest public to enable Subscription model API access
- Support plan metadata matching for accurate subscription identification
- Add fallback to most recent active subscription when no exact match found
This resolves sync button issues by properly tracking checkout vs subscription IDs
and enables automatic subscription ID recovery when webhooks fail.
- Add PaymentProviderSeeder with initial provider data (Stripe, Lemon Squeezy, Polar, OxaPay, Crypto, Activation Key)
- Create migration to disable JSON constraints and change configuration column from JSON to TEXT
- Update PaymentProvider model cast from 'array' to 'encrypted:array' for secure configuration storage
- Add comprehensive rate limiting (300 req/min) with automatic throttling
- Implement centralized API request method for consistent authentication
- Add support for Polar-specific webhook events (order.created, order.paid, subscription.active, customer.state_changed, benefit_grant.created)
- Update API endpoints to match Polar's official structure (remove /v1 prefix)
- Add external_id support for reliable customer-user mapping
- Implement sandbox mode with separate credentials configuration
- Add discount code support in checkout flow
- Add credential validation method for API connectivity testing
- Update webhook signature validation and event handling
- Enhance error handling and logging throughout provider
- Add proper metadata structure with user and plan information
- Update services configuration and environment variables for sandbox support
BREAKING CHANGE: Updated API endpoint structure and webhook event handling to comply with Polar.sh official API specification.
- Create 7 new models with full relationships and business logic:
* PlanFeature: Define available features with categories and types
* PlanFeatureLimit: Manage usage limits per plan with trial overrides
* PlanPermission: Granular permissions system for features
* PlanProvider: Multi-provider payment configuration
* PlanTier: Hierarchical plan structure with upgrade paths
* PlanUsage: Real-time usage tracking and analytics
* TrialConfiguration: Advanced trial settings per plan
- Enhance Plan model with 25+ new methods:
* Feature checking: hasFeature(), canUseFeature(), getRemainingUsage()
* Permission system: hasPermission() with trial support
* Payment providers: getAllowedProviders(), supportsProvider()
* Trial management: hasTrial(), getTrialConfig()
* Upgrade paths: isUpgradeFrom(), getUpgradePath()
* Utility methods: getBillingCycleDisplay(), metadata handling
- Completely redesign PlanResource with tabbed interface:
* Basic Info: Core plan configuration with dynamic billing cycles
* Features & Limits: Dynamic feature management with trial overrides
* Payment Providers: Multi-provider configuration (Stripe, Lemon Squeezy, etc.)
* Trial Settings: Advanced trial configuration with always-visible toggle
- Create new Filament resources:
* PlanFeatureResource: Manage available features by category
* PlanTierResource: Hierarchical tier management with parent-child relationships
- Implement comprehensive data migration:
* Migrate legacy plan data to new enhanced system
* Create default features (mailbox accounts, email forwarding, etc.)
* Preserve existing payment provider configurations
* Set up trial configurations (disabled for legacy plans)
* Handle duplicate data gracefully with rollback support
- Add proper database constraints and indexes:
* Unique constraints on plan-feature relationships
* Foreign key constraints with cascade deletes
* Performance indexes for common queries
* JSON metadata columns for flexible configuration
- Fix trial configuration form handling:
* Add required validation for numeric fields
* Implement proper null handling with defaults
* Add type casting for all numeric fields
* Ensure database constraint compliance
- Replace Laravel Cashier methods with new subscription system
- Remove session-based subscription checking in bulk components
- Update Dashboard.php to use PaymentOrchestrator for provider-agnostic sync
- Maintain backward compatibility with existing Stripe subscriptions
- Improve performance by eliminating session overhead
- Add automatic migration of legacy subscriptions to new system
BREAKING CHANGE: Subscription checking now uses unified payment system instead of Laravel Cashier methods
- Add unified payment provider architecture with contract-based design
- Implement 6 payment providers: Stripe, Lemon Squeezy, Polar, Oxapay, Crypto, Activation Keys
- Create subscription management with lifecycle handling (create, cancel, pause, resume, update)
- Add coupon system with usage tracking and trial extensions
- Build Filament admin resources for payment providers, subscriptions, coupons, and trials
- Implement payment orchestration service with provider registry and configuration management
- Add comprehensive payment logging and webhook handling for all providers
- Create customer analytics dashboard with revenue, churn, and lifetime value metrics
- Add subscription migration service for provider switching
- Include extensive test coverage for all payment functionality
- Upgrade Filament framework from v3 to v4
- Update all Filament resources and pages for v4 compatibility
- Fix test suite to maintain 100% pass rate (321 tests passing)
- Add visibility condition for ticket close action (only when not closed)
- Update dependencies and build assets for new Filament version
- Maintain backward compatibility while leveraging v4 improvements
- Add proper Tests\ namespace to all test classes in tests/Feature and tests/Unit
- Split RemainingModelsTest.php into separate files (PSR-4 compliance)
- Create missing factories: MetaFactory, RemoteEmailFactory
- Add HasFactory trait to RemoteEmail model
- Add missing ReflectionClass imports to test files
- Fix mass assignment issues in Meta and RemoteEmail models
- Override database connection for RemoteEmail in testing environment
- Fix DateTime comparison precision issues in tests
- Fix Laravel bootstrap issues in TestCase setup
- Add missing database factories (Setting, PremiumEmail, ActivationKey, etc.)
- Convert Pest tests to PHPUnit style for compatibility
- Fix model relationships and boolean casts
- Add missing Filament resource actions and filters
- Fix form validation and test data mismatches
- Resolve assertion parameter order issues
- Add proper configuration for test views
- Fix searchable columns and table sorting
- Simplify complex filter assertions for stability
