Merged in feat/sw-2862-move-booking-router-to-trpc-package (pull request #2421)

feat(SW-2861): Move booking router to trpc package

* Use direct imports from trpc package

* Add lint-staged config to trpc

* Move lang enum to common

* Restructure trpc package folder structure

* WIP first step

* update internal imports in trpc

* Fix most errors in scandic-web

Just 100 left...

* Move Props type out of trpc

* Fix CategorizedFilters types

* Move more schemas in hotel router

* Fix deps

* fix getNonContentstackUrls

* Fix import error

* Fix entry error handling

* Fix generateMetadata metrics

* Fix alertType enum

* Fix duplicated types

* lint:fix

* Merge branch 'master' into feat/sw-2863-move-contentstack-router-to-trpc-package

* Fix broken imports

* Move booking router to trpc package

* Move partners router to trpc package

* Move autocomplete router to trpc package

* Move booking router to trpc package

* Merge branch 'master' into feat/sw-2862-move-booking-router-to-trpc-package


Approved-by: Linus Flood

packages/trpc/lib/constants/apiLang.ts

@@ -0,0 +1,22 @@
+import { Lang } from "@scandic-hotels/common/constants/language"
+
+export enum ApiLang {
+  Da = "Da",
+  De = "De",
+  En = "En",
+  Fi = "Fi",
+  No = "No",
+  Sv = "Sv",
+  Unknown = "Unknown",
+}
+
+type ApiLangKey = keyof typeof ApiLang
+
+export const langToApiLang: Record<Lang, ApiLangKey> = {
+  [Lang.da]: ApiLang.Da,
+  [Lang.de]: ApiLang.De,
+  [Lang.en]: ApiLang.En,
+  [Lang.fi]: ApiLang.Fi,
+  [Lang.no]: ApiLang.No,
+  [Lang.sv]: ApiLang.Sv,
+}

packages/trpc/lib/enums/bookingStatus.ts

@@ -0,0 +1,16 @@
+export enum BookingStatusEnum {
+  BookingCompleted = "BookingCompleted",
+  Cancelled = "Cancelled",
+  CheckedOut = "CheckedOut",
+  ConfirmedInScorpio = "ConfirmedInScorpio",
+  CreatedInOhip = "CreatedInOhip",
+  PaymentAuthorized = "PaymentAuthorized",
+  PaymentCancelled = "PaymentCancelled",
+  PaymentError = "PaymentError",
+  PaymentFailed = "PaymentFailed",
+  PaymentRegistered = "PaymentRegistered",
+  PaymentSucceeded = "PaymentSucceeded",
+  PendingAcceptPriceChange = "PendingAcceptPriceChange",
+  PendingGuarantee = "PendingGuarantee",
+  PendingPayment = "PendingPayment",
+}

packages/trpc/lib/plugins/refIdToConfirmationNumber.ts

@@ -0,0 +1,46 @@
+import { initTRPC } from "@trpc/server"
+import { z } from "zod"
+
+import { parseRefId } from "../utils/refId"
+
+import type { Meta } from ".."
+import type { Context } from "../context"
+
+export function createRefIdPlugin() {
+  const t = initTRPC.context<Context>().meta<Meta>().create()
+
+  return {
+    toConfirmationNumber: t.procedure
+      .input(
+        z.object({
+          refId: z.string(),
+        })
+      )
+      .use(({ input, next }) => {
+        const { confirmationNumber } = parseRefId(input.refId)
+        return next({
+          ctx: {
+            confirmationNumber,
+          },
+        })
+      }),
+    toConfirmationNumbers: t.procedure
+      .input(
+        z.object({
+          refIds: z.array(z.string()),
+        })
+      )
+      .use(({ input, next }) => {
+        const confirmationNumbers = input.refIds.map((refId) => {
+          const { confirmationNumber } = parseRefId(refId)
+          return confirmationNumber
+        })
+
+        return next({
+          ctx: {
+            confirmationNumbers,
+          },
+        })
+      }),
+  }
+}

packages/trpc/lib/routers/booking/helpers.ts

@@ -0,0 +1,27 @@
+import type { BookingConfirmation } from "../../types/bookingConfirmation"
+import type { Room } from "../../types/hotel"
+
+export function getBookedHotelRoom(
+  rooms: Room[],
+  roomTypeCode: BookingConfirmation["booking"]["roomTypeCode"]
+) {
+  if (!rooms.length || !roomTypeCode) {
+    return null
+  }
+  const room = rooms.find((r) => {
+    return r.roomTypes.find((roomType) => roomType.code === roomTypeCode)
+  })
+  if (!room) {
+    return null
+  }
+  const bedType = room.roomTypes.find(
+    (roomType) => roomType.code === roomTypeCode
+  )
+  if (!bedType) {
+    return null
+  }
+  return {
+    ...room,
+    bedType,
+  }
+}

packages/trpc/lib/routers/booking/index.ts

@@ -0,0 +1,8 @@
+import { mergeRouters } from "../.."
+import { bookingMutationRouter } from "./mutation"
+import { bookingQueryRouter } from "./query"
+
+export const bookingRouter = mergeRouters(
+  bookingMutationRouter,
+  bookingQueryRouter
+)

packages/trpc/lib/routers/booking/input.ts

@@ -0,0 +1,187 @@
+import { z } from "zod"
+
+import { Lang } from "@scandic-hotels/common/constants/language"
+
+import { langToApiLang } from "../../constants/apiLang"
+import { ChildBedTypeEnum } from "../../enums/childBedTypeEnum"
+
+const roomsSchema = z
+  .array(
+    z.object({
+      adults: z.number().int().nonnegative(),
+      bookingCode: z.string().nullish(),
+      childrenAges: z
+        .array(
+          z.object({
+            age: z.number().int().nonnegative(),
+            bedType: z.nativeEnum(ChildBedTypeEnum),
+          })
+        )
+        .default([]),
+      rateCode: z.string(),
+      redemptionCode: z.string().optional(),
+      roomTypeCode: z.coerce.string(),
+      guest: z.object({
+        becomeMember: z.boolean(),
+        countryCode: z.string(),
+        dateOfBirth: z.string().nullish(),
+        email: z.string().email(),
+        firstName: z.string(),
+        lastName: z.string(),
+        membershipNumber: z.string().nullish(),
+        postalCode: z.string().nullish(),
+        phoneNumber: z.string(),
+      }),
+      smsConfirmationRequested: z.boolean(),
+      specialRequest: z.object({
+        comment: z.string().optional(),
+      }),
+      packages: z.object({
+        breakfast: z.boolean(),
+        allergyFriendly: z.boolean(),
+        petFriendly: z.boolean(),
+        accessibility: z.boolean(),
+      }),
+      roomPrice: z.object({
+        memberPrice: z.number().nullish(),
+        publicPrice: z.number().nullish(),
+      }),
+    })
+  )
+  .superRefine((data, ctx) => {
+    data.forEach((room, idx) => {
+      if (idx === 0 && room.guest.becomeMember) {
+        if (!room.guest.dateOfBirth) {
+          ctx.addIssue({
+            code: z.ZodIssueCode.invalid_type,
+            expected: "string",
+            received: typeof room.guest.dateOfBirth,
+            path: ["guest", "dateOfBirth"],
+          })
+        }
+
+        if (!room.guest.postalCode) {
+          ctx.addIssue({
+            code: z.ZodIssueCode.invalid_type,
+            expected: "string",
+            received: typeof room.guest.postalCode,
+            path: ["guest", "postalCode"],
+          })
+        }
+      }
+    })
+  })
+
+const paymentSchema = z.object({
+  paymentMethod: z.string(),
+  card: z
+    .object({
+      alias: z.string(),
+      expiryDate: z.string(),
+      cardType: z.string(),
+    })
+    .optional(),
+  cardHolder: z
+    .object({
+      email: z.string().email(),
+      name: z.string(),
+      phoneCountryCode: z.string(),
+      phoneSubscriber: z.string(),
+    })
+    .optional(),
+  success: z.string(),
+  error: z.string(),
+  cancel: z.string(),
+})
+
+// Mutation
+export const createBookingInput = z.object({
+  hotelId: z.string(),
+  checkInDate: z.string(),
+  checkOutDate: z.string(),
+  rooms: roomsSchema,
+  payment: paymentSchema.optional(),
+  language: z.nativeEnum(Lang).transform((val) => langToApiLang[val]),
+})
+
+export const addPackageInput = z.object({
+  ancillaryComment: z.string(),
+  ancillaryDeliveryTime: z.string().nullish(),
+  packages: z.array(
+    z.object({
+      code: z.string(),
+      quantity: z.number(),
+      comment: z.string().optional(),
+    })
+  ),
+  language: z.nativeEnum(Lang).transform((val) => langToApiLang[val]),
+})
+
+export const removePackageInput = z.object({
+  codes: z.array(z.string()),
+  language: z.nativeEnum(Lang).transform((val) => langToApiLang[val]),
+})
+
+export const cancelBookingsInput = z.object({
+  language: z.nativeEnum(Lang),
+})
+
+export const guaranteeBookingInput = z.object({
+  card: z
+    .object({
+      alias: z.string(),
+      expiryDate: z.string(),
+      cardType: z.string(),
+    })
+    .optional(),
+  language: z.nativeEnum(Lang).transform((val) => langToApiLang[val]),
+  success: z.string().nullable(),
+  error: z.string().nullable(),
+  cancel: z.string().nullable(),
+})
+
+export const createRefIdInput = z.object({
+  confirmationNumber: z
+    .string()
+    .trim()
+    .regex(/^\s*[0-9]+(-[0-9])?\s*$/)
+    .min(1),
+  lastName: z.string().trim().max(250).min(1),
+})
+
+export const updateBookingInput = z.object({
+  checkInDate: z.string().optional(),
+  checkOutDate: z.string().optional(),
+  guest: z
+    .object({
+      email: z.string().optional(),
+      phoneNumber: z.string().optional(),
+      countryCode: z.string().optional(),
+    })
+    .optional(),
+  language: z.nativeEnum(Lang).transform((val) => langToApiLang[val]),
+})
+
+// Query
+
+export const getBookingInput = z.object({
+  lang: z.nativeEnum(Lang).optional(),
+})
+
+export const getLinkedReservationsInput = z.object({
+  lang: z.nativeEnum(Lang).optional(),
+})
+
+export const findBookingInput = z.object({
+  confirmationNumber: z.string(),
+  firstName: z.string(),
+  lastName: z.string(),
+  email: z.string(),
+  lang: z.nativeEnum(Lang).optional(),
+})
+
+export type LinkedReservationsInput = z.input<typeof getLinkedReservationsInput>
+
+export const getBookingStatusInput = z.object({
+  lang: z.nativeEnum(Lang).optional(),
+})

packages/trpc/lib/routers/booking/mutation.ts

@@ -0,0 +1,402 @@
+import { createCounter } from "@scandic-hotels/common/telemetry"
+
+import { router } from "../.."
+import * as api from "../../api"
+import { createRefIdPlugin } from "../../plugins/refIdToConfirmationNumber"
+import { safeProtectedServiceProcedure } from "../../procedures"
+import { encrypt } from "../../utils/encryption"
+import { isValidSession } from "../../utils/session"
+import { getMembershipNumber } from "../user/utils"
+import {
+  addPackageInput,
+  cancelBookingsInput,
+  createBookingInput,
+  guaranteeBookingInput,
+  removePackageInput,
+  updateBookingInput,
+} from "./input"
+import { bookingConfirmationSchema, createBookingSchema } from "./output"
+import { cancelBooking } from "./utils"
+
+const refIdPlugin = createRefIdPlugin()
+
+export const bookingMutationRouter = router({
+  create: safeProtectedServiceProcedure
+    .input(createBookingInput)
+    .use(async ({ ctx, next }) => {
+      const token = isValidSession(ctx.session)
+        ? ctx.session.token.access_token
+        : ctx.serviceToken
+
+      return next({
+        ctx: {
+          token,
+        },
+      })
+    })
+    .mutation(async function ({ ctx, input }) {
+      const { language, ...inputWithoutLang } = input
+      const { rooms, ...loggableInput } = inputWithoutLang
+
+      const createBookingCounter = createCounter("trpc.booking", "create")
+      const metricsCreateBooking = createBookingCounter.init({
+        membershipNumber: await getMembershipNumber(ctx.session),
+        language,
+        ...loggableInput,
+        rooms: inputWithoutLang.rooms.map(({ guest, ...room }) => {
+          const { becomeMember, membershipNumber } = guest
+          return { ...room, guest: { becomeMember, membershipNumber } }
+        }),
+      })
+
+      metricsCreateBooking.start()
+
+      const headers = {
+        Authorization: `Bearer ${ctx.token}`,
+      }
+
+      const apiResponse = await api.post(
+        api.endpoints.v1.Booking.bookings,
+        {
+          headers,
+          body: inputWithoutLang,
+        },
+        { language }
+      )
+
+      if (!apiResponse.ok) {
+        await metricsCreateBooking.httpError(apiResponse)
+
+        const apiJson = await apiResponse.json()
+        if ("errors" in apiJson && apiJson.errors.length) {
+          const error = apiJson.errors[0]
+          return { error: true, cause: error.code } as const
+        }
+
+        return null
+      }
+
+      const apiJson = await apiResponse.json()
+
+      const verifiedData = createBookingSchema.safeParse(apiJson)
+      if (!verifiedData.success) {
+        metricsCreateBooking.validationError(verifiedData.error)
+        return null
+      }
+
+      metricsCreateBooking.success()
+
+      const expire = Math.floor(Date.now() / 1000) + 60 // 1 minute expiry
+
+      return {
+        booking: verifiedData.data,
+        sig: encrypt(expire.toString()),
+      }
+    }),
+  priceChange: safeProtectedServiceProcedure
+    .concat(refIdPlugin.toConfirmationNumber)
+    .use(async ({ ctx, next }) => {
+      const token = isValidSession(ctx.session)
+        ? ctx.session.token.access_token
+        : ctx.serviceToken
+
+      return next({
+        ctx: {
+          token,
+        },
+      })
+    })
+    .mutation(async function ({ ctx }) {
+      const { confirmationNumber, token } = ctx
+
+      const priceChangeCounter = createCounter("trpc.booking", "price-change")
+      const metricsPriceChange = priceChangeCounter.init({ confirmationNumber })
+
+      metricsPriceChange.start()
+
+      const headers = {
+        Authorization: `Bearer ${token}`,
+      }
+
+      const apiResponse = await api.put(
+        api.endpoints.v1.Booking.priceChange(confirmationNumber),
+        {
+          headers,
+        }
+      )
+
+      if (!apiResponse.ok) {
+        await metricsPriceChange.httpError(apiResponse)
+        return null
+      }
+
+      const apiJson = await apiResponse.json()
+      const verifiedData = createBookingSchema.safeParse(apiJson)
+      if (!verifiedData.success) {
+        metricsPriceChange.validationError(verifiedData.error)
+        return null
+      }
+
+      metricsPriceChange.success()
+
+      return verifiedData.data
+    }),
+  cancel: safeProtectedServiceProcedure
+    .input(cancelBookingsInput)
+    .concat(refIdPlugin.toConfirmationNumbers)
+    .use(async ({ ctx, next }) => {
+      const token = isValidSession(ctx.session)
+        ? ctx.session.token.access_token
+        : ctx.serviceToken
+
+      return next({
+        ctx: {
+          token,
+        },
+      })
+    })
+    .mutation(async function ({ ctx, input }) {
+      const { confirmationNumbers, token } = ctx
+      const { language } = input
+
+      const responses = await Promise.allSettled(
+        confirmationNumbers.map((confirmationNumber) =>
+          cancelBooking(confirmationNumber, language, token)
+        )
+      )
+
+      const cancelledRoomsSuccessfully: (string | null)[] = []
+      for (const [idx, response] of responses.entries()) {
+        if (response.status === "fulfilled") {
+          if (response.value) {
+            cancelledRoomsSuccessfully.push(confirmationNumbers[idx])
+            continue
+          }
+        } else {
+          console.info(
+            `Cancelling booking failed for confirmationNumber: ${confirmationNumbers[idx]}`
+          )
+          console.error(response.reason)
+        }
+
+        cancelledRoomsSuccessfully.push(null)
+      }
+
+      return cancelledRoomsSuccessfully
+    }),
+  packages: safeProtectedServiceProcedure
+    .input(addPackageInput)
+    .concat(refIdPlugin.toConfirmationNumber)
+    .use(async ({ ctx, next }) => {
+      const token = isValidSession(ctx.session)
+        ? ctx.session.token.access_token
+        : ctx.serviceToken
+
+      return next({
+        ctx: {
+          token,
+        },
+      })
+    })
+    .mutation(async function ({ ctx, input }) {
+      const { confirmationNumber, token } = ctx
+      const { language, refId, ...body } = input
+
+      const addPackageCounter = createCounter("trpc.booking", "package.add")
+      const metricsAddPackage = addPackageCounter.init({
+        confirmationNumber,
+        language,
+      })
+
+      metricsAddPackage.start()
+
+      const headers = {
+        Authorization: `Bearer ${token}`,
+      }
+
+      const apiResponse = await api.post(
+        api.endpoints.v1.Booking.packages(confirmationNumber),
+        {
+          headers,
+          body: body,
+        },
+        { language }
+      )
+
+      if (!apiResponse.ok) {
+        await metricsAddPackage.httpError(apiResponse)
+        return null
+      }
+
+      const apiJson = await apiResponse.json()
+      const verifiedData = createBookingSchema.safeParse(apiJson)
+      if (!verifiedData.success) {
+        metricsAddPackage.validationError(verifiedData.error)
+        return null
+      }
+
+      metricsAddPackage.success()
+
+      return verifiedData.data
+    }),
+  guarantee: safeProtectedServiceProcedure
+    .input(guaranteeBookingInput)
+    .concat(refIdPlugin.toConfirmationNumber)
+    .use(async ({ ctx, next }) => {
+      const token = isValidSession(ctx.session)
+        ? ctx.session.token.access_token
+        : ctx.serviceToken
+
+      return next({
+        ctx: {
+          token,
+        },
+      })
+    })
+    .mutation(async function ({ ctx, input }) {
+      const { confirmationNumber, token } = ctx
+      const { language, refId, ...body } = input
+
+      const guaranteeBookingCounter = createCounter("trpc.booking", "guarantee")
+      const metricsGuaranteeBooking = guaranteeBookingCounter.init({
+        confirmationNumber,
+        language,
+      })
+
+      metricsGuaranteeBooking.start()
+
+      const headers = {
+        Authorization: `Bearer ${token}`,
+      }
+
+      const apiResponse = await api.put(
+        api.endpoints.v1.Booking.guarantee(confirmationNumber),
+        {
+          headers,
+          body: body,
+        },
+        { language }
+      )
+
+      if (!apiResponse.ok) {
+        await metricsGuaranteeBooking.httpError(apiResponse)
+        return null
+      }
+
+      const apiJson = await apiResponse.json()
+      const verifiedData = createBookingSchema.safeParse(apiJson)
+      if (!verifiedData.success) {
+        metricsGuaranteeBooking.validationError(verifiedData.error)
+        return null
+      }
+
+      metricsGuaranteeBooking.success()
+
+      return verifiedData.data
+    }),
+  update: safeProtectedServiceProcedure
+    .input(updateBookingInput)
+    .concat(refIdPlugin.toConfirmationNumber)
+    .use(async ({ ctx, next }) => {
+      const token = isValidSession(ctx.session)
+        ? ctx.session.token.access_token
+        : ctx.serviceToken
+
+      return next({
+        ctx: {
+          token,
+        },
+      })
+    })
+    .mutation(async function ({ ctx, input }) {
+      const { confirmationNumber, token } = ctx
+      const { language, refId, ...body } = input
+
+      const updateBookingCounter = createCounter("trpc.booking", "update")
+      const metricsUpdateBooking = updateBookingCounter.init({
+        confirmationNumber,
+        language,
+      })
+
+      metricsUpdateBooking.start()
+
+      const apiResponse = await api.put(
+        api.endpoints.v1.Booking.booking(confirmationNumber),
+        {
+          body,
+          headers: {
+            Authorization: `Bearer ${token}`,
+          },
+        },
+        { language }
+      )
+
+      if (!apiResponse.ok) {
+        await metricsUpdateBooking.httpError(apiResponse)
+        return null
+      }
+
+      const apiJson = await apiResponse.json()
+
+      const verifiedData = bookingConfirmationSchema.safeParse(apiJson)
+      if (!verifiedData.success) {
+        metricsUpdateBooking.validationError(verifiedData.error)
+        return null
+      }
+
+      metricsUpdateBooking.success()
+
+      return verifiedData.data
+    }),
+  removePackage: safeProtectedServiceProcedure
+    .input(removePackageInput)
+    .concat(refIdPlugin.toConfirmationNumber)
+    .use(async ({ ctx, next }) => {
+      const token = isValidSession(ctx.session)
+        ? ctx.session.token.access_token
+        : ctx.serviceToken
+
+      return next({
+        ctx: {
+          token,
+        },
+      })
+    })
+    .mutation(async function ({ ctx, input }) {
+      const { confirmationNumber, token } = ctx
+      const { codes, language } = input
+
+      const removePackageCounter = createCounter(
+        "trpc.booking",
+        "package.remove"
+      )
+      const metricsRemovePackage = removePackageCounter.init({
+        confirmationNumber,
+        codes,
+        language,
+      })
+
+      metricsRemovePackage.start()
+
+      const headers = {
+        Authorization: `Bearer ${token}`,
+      }
+
+      const apiResponse = await api.remove(
+        api.endpoints.v1.Booking.packages(confirmationNumber),
+        {
+          headers,
+        },
+        [["language", language], ...codes.map((code) => ["codes", code])]
+      )
+
+      if (!apiResponse.ok) {
+        await metricsRemovePackage.httpError(apiResponse)
+        return false
+      }
+
+      metricsRemovePackage.success()
+
+      return true
+    }),
+})

packages/trpc/lib/routers/booking/output.ts

@@ -0,0 +1,300 @@
+import { z } from "zod"
+
+import { CurrencyEnum } from "@scandic-hotels/common/constants/currency"
+import { dt } from "@scandic-hotels/common/dt"
+import { nullableArrayObjectValidator } from "@scandic-hotels/common/utils/zod/arrayValidator"
+import {
+  nullableStringEmailValidator,
+  nullableStringValidator,
+} from "@scandic-hotels/common/utils/zod/stringValidator"
+
+import { BookingStatusEnum } from "../../enums/bookingStatus"
+import { BreakfastPackageEnum } from "../../enums/breakfast"
+import { ChildBedTypeEnum } from "../../enums/childBedTypeEnum"
+import { calculateRefId } from "../../utils/refId"
+
+const guestSchema = z.object({
+  email: nullableStringEmailValidator,
+  firstName: nullableStringValidator,
+  lastName: nullableStringValidator,
+  membershipNumber: nullableStringValidator,
+  phoneNumber: nullableStringValidator,
+  countryCode: nullableStringValidator,
+})
+
+export type Guest = z.output<typeof guestSchema>
+
+// MUTATION
+export const createBookingSchema = z
+  .object({
+    data: z.object({
+      attributes: z.object({
+        reservationStatus: z.string(),
+        guest: guestSchema.optional(),
+        paymentUrl: z.string().nullable().optional(),
+        rooms: z
+          .array(
+            z.object({
+              confirmationNumber: z.string(),
+              cancellationNumber: z.string().nullable(),
+              priceChangedMetadata: z
+                .object({
+                  roomPrice: z.number(),
+                  totalPrice: z.number(),
+                })
+                .nullable()
+                .optional(),
+            })
+          )
+          .default([]),
+        errors: z
+          .array(
+            z.object({
+              confirmationNumber: z.string().nullable().optional(),
+              errorCode: z.string(),
+              description: z.string().nullable().optional(),
+              meta: z
+                .record(z.string(), z.union([z.string(), z.number()]))
+                .nullable()
+                .optional(),
+            })
+          )
+          .default([]),
+      }),
+      type: z.string(),
+      id: z.string(),
+      links: z.object({
+        self: z.object({
+          href: z.string().url(),
+          meta: z.object({
+            method: z.string(),
+          }),
+        }),
+      }),
+    }),
+  })
+  .transform((d) => ({
+    id: d.data.id,
+    links: d.data.links,
+    type: d.data.type,
+    reservationStatus: d.data.attributes.reservationStatus,
+    paymentUrl: d.data.attributes.paymentUrl,
+    rooms: d.data.attributes.rooms.map((room) => {
+      const lastName = d.data.attributes.guest?.lastName ?? ""
+      return {
+        ...room,
+        refId: calculateRefId(room.confirmationNumber, lastName),
+      }
+    }),
+    errors: d.data.attributes.errors,
+    guest: d.data.attributes.guest,
+  }))
+
+// QUERY
+const childBedPreferencesSchema = z.object({
+  bedType: z.nativeEnum(ChildBedTypeEnum),
+  quantity: z.number().int(),
+  code: z.string().nullable().default(""),
+})
+
+const priceSchema = z.object({
+  currency: z.nativeEnum(CurrencyEnum).default(CurrencyEnum.Unknown),
+  totalPrice: z.number().nullish(),
+  totalUnit: z.number().int().nullish(),
+  unit: z.number().int().nullish(),
+  unitPrice: z.number(),
+})
+
+export const packageSchema = z
+  .object({
+    code: nullableStringValidator,
+    comment: z.string().nullish(),
+    description: nullableStringValidator,
+    price: priceSchema,
+    type: z.string().nullish(),
+  })
+  .transform((packageData) => ({
+    code: packageData.code,
+    comment: packageData.comment,
+    currency: packageData.price.currency,
+    description: packageData.description,
+    totalPrice: packageData.price.totalPrice ?? 0,
+    totalUnit: packageData.price.totalUnit ?? 0,
+    type: packageData.type,
+    unit: packageData.price.unit ?? 0,
+    unitPrice: packageData.price.unitPrice,
+  }))
+
+const ancillarySchema = z
+  .object({
+    comment: z.string().default(""),
+    deliveryTime: z.string().default(""),
+  })
+  .nullable()
+  .default({
+    comment: "",
+    deliveryTime: "",
+  })
+
+const rateDefinitionSchema = z.object({
+  breakfastIncluded: z.boolean().default(false),
+  cancellationRule: z.string().nullable().default(""),
+  cancellationText: z.string().nullable().default(""),
+  generalTerms: z.array(z.string()).default([]),
+  isMemberRate: z.boolean().default(false),
+  mustBeGuaranteed: z.boolean().default(false),
+  rateCode: z.string().default(""),
+  title: z.string().nullable().default(""),
+})
+
+export const linkedReservationSchema = z.object({
+  confirmationNumber: z.string().default(""),
+  hotelId: z.string().default(""),
+  checkinDate: z.string(),
+  checkoutDate: z.string(),
+  cancellationNumber: nullableStringValidator,
+  roomTypeCode: z.string().default(""),
+  adults: z.number().int(),
+  children: z.number().int(),
+  profileId: z.string().default(""),
+})
+
+const linksSchema = z.object({
+  addAncillary: z
+    .object({
+      href: z.string(),
+      meta: z.object({
+        method: z.string(),
+      }),
+    })
+    .nullable(),
+  cancel: z
+    .object({
+      href: z.string(),
+      meta: z.object({
+        method: z.string(),
+      }),
+    })
+    .nullable(),
+  guarantee: z
+    .object({
+      href: z.string(),
+      meta: z.object({
+        method: z.string(),
+      }),
+    })
+    .nullable(),
+  modify: z
+    .object({
+      href: z.string(),
+      meta: z.object({
+        method: z.string(),
+      }),
+    })
+    .nullable(),
+  self: z
+    .object({
+      href: z.string(),
+      meta: z.object({
+        method: z.string(),
+      }),
+    })
+    .nullable(),
+})
+
+export const bookingConfirmationSchema = z
+  .object({
+    data: z.object({
+      attributes: z.object({
+        adults: z.number().int(),
+        ancillary: ancillarySchema,
+        cancelationNumber: z.string().nullable().default(""),
+        checkInDate: z.string().refine((val) => dt(val).isValid()),
+        checkOutDate: z.string().refine((val) => dt(val).isValid()),
+        childBedPreferences: z.array(childBedPreferencesSchema).default([]),
+        childrenAges: z.array(z.number().int()).default([]),
+        canChangeDate: z.boolean(),
+        bookingCode: z.string().nullable(),
+        cheques: z.number(),
+        vouchers: z.number(),
+        guaranteeInfo: z
+          .object({
+            maskedCard: z.string(),
+            cardType: z.string(),
+            paymentMethod: z.string(),
+            paymentMethodDescription: z.string(),
+          })
+          .nullish(),
+        computedReservationStatus: z.string().nullable().default(""),
+        confirmationNumber: nullableStringValidator,
+        createDateTime: z.string().refine((val) => dt(val).isValid()),
+        currencyCode: z.nativeEnum(CurrencyEnum),
+        guest: guestSchema,
+        linkedReservations: nullableArrayObjectValidator(
+          linkedReservationSchema
+        ),
+        hotelId: z.string(),
+        mainRoom: z.boolean(),
+        multiRoom: z.boolean(),
+        packages: z.array(packageSchema).default([]),
+        rateDefinition: rateDefinitionSchema,
+        reservationStatus: z.string().nullable().default(""),
+        roomPoints: z.number(),
+        roomPrice: z.number(),
+        roomTypeCode: z.string().default(""),
+        totalPoints: z.number(),
+        totalPrice: z.number(),
+        totalPriceExVat: z.number(),
+        vatAmount: z.number(),
+        vatPercentage: z.number(),
+      }),
+      id: z.string(),
+      type: z.literal("booking"),
+      links: linksSchema,
+    }),
+  })
+  .transform(({ data }) => ({
+    ...data.attributes,
+    refId: calculateRefId(
+      data.attributes.confirmationNumber,
+      data.attributes.guest.lastName
+    ),
+    linkedReservations: data.attributes.linkedReservations.map(
+      (linkedReservation) => {
+        /**
+         * We lazy load linked reservations in the client.
+         * The problem is that we need to load the reservation in order to
+         * calculate the refId for the reservation as the refId uses the guest's
+         * lastname in it. Ideally we should pass a promise to the React
+         * component that uses `use()` to resolve it. But right now we use tRPC
+         * in the client. That tRPC endpoint only uses the confirmationNumber
+         * from the refId. So that means we can pass whatever as the lastname
+         * here, because it is actually never read. We should change this ASAP.
+         */
+        return {
+          ...linkedReservation,
+          refId: calculateRefId(
+            linkedReservation.confirmationNumber,
+            "" // TODO: Empty lastname here, see comment above
+          ),
+        }
+      }
+    ),
+    packages: data.attributes.packages.filter((p) => p.type !== "Ancillary"),
+    ancillaries: data.attributes.packages.filter((p) => p.type === "Ancillary"),
+    extraBedTypes: data.attributes.childBedPreferences,
+    showAncillaries:
+      !!(
+        data.links.addAncillary ||
+        data.attributes.packages.some(
+          (p) =>
+            p.type === "Ancillary" ||
+            p.code === BreakfastPackageEnum.ANCILLARY_REGULAR_BREAKFAST
+        )
+      ) && data.attributes.reservationStatus !== BookingStatusEnum.Cancelled,
+    isCancelable: !!data.links.cancel,
+    isModifiable: !!data.links.modify,
+    canModifyAncillaries: !!data.links.addAncillary,
+    // Typo from API
+    cancellationNumber: data.attributes.cancelationNumber,
+  }))

packages/trpc/lib/routers/booking/query.ts

@@ -0,0 +1,267 @@
+import { createCounter } from "@scandic-hotels/common/telemetry"
+
+import { router } from "../.."
+import * as api from "../../api"
+import { badRequestError, serverErrorByStatus } from "../../errors"
+import { createRefIdPlugin } from "../../plugins/refIdToConfirmationNumber"
+import {
+  safeProtectedServiceProcedure,
+  serviceProcedure,
+} from "../../procedures"
+import { getHotel } from "../../routers/hotels/utils"
+import { toApiLang } from "../../utils"
+import { encrypt } from "../../utils/encryption"
+import { getBookedHotelRoom } from "./helpers"
+import {
+  createRefIdInput,
+  findBookingInput,
+  getBookingInput,
+  getBookingStatusInput,
+  getLinkedReservationsInput,
+} from "./input"
+import { createBookingSchema } from "./output"
+import { findBooking, getBooking } from "./utils"
+
+const refIdPlugin = createRefIdPlugin()
+
+export const bookingQueryRouter = router({
+  get: safeProtectedServiceProcedure
+    .input(getBookingInput)
+    .concat(refIdPlugin.toConfirmationNumber)
+    .use(async ({ ctx, input, next }) => {
+      const lang = input.lang ?? ctx.lang
+
+      return next({
+        ctx: {
+          lang,
+        },
+      })
+    })
+    .query(async function ({ ctx }) {
+      const { confirmationNumber, lang, serviceToken } = ctx
+
+      const getBookingCounter = createCounter("trpc.booking", "get")
+      const metricsGetBooking = getBookingCounter.init({ confirmationNumber })
+
+      metricsGetBooking.start()
+
+      const booking = await getBooking(confirmationNumber, lang, serviceToken)
+
+      if (!booking) {
+        metricsGetBooking.dataError(
+          `Fail to get booking data for ${confirmationNumber}`,
+          { confirmationNumber }
+        )
+        return null
+      }
+
+      const hotelData = await getHotel(
+        {
+          hotelId: booking.hotelId,
+          isCardOnlyPayment: false,
+          language: lang,
+        },
+        serviceToken
+      )
+
+      if (!hotelData) {
+        metricsGetBooking.dataError(
+          `Failed to get hotel data for ${booking.hotelId}`,
+          {
+            hotelId: booking.hotelId,
+          }
+        )
+
+        throw serverErrorByStatus(404)
+      }
+
+      metricsGetBooking.success()
+
+      return {
+        ...hotelData,
+        booking,
+        room: getBookedHotelRoom(
+          hotelData.roomCategories,
+          booking.roomTypeCode
+        ),
+      }
+    }),
+  findBooking: safeProtectedServiceProcedure
+    .input(findBookingInput)
+    .query(async function ({
+      ctx,
+      input: { confirmationNumber, lastName, firstName, email },
+    }) {
+      const findBookingCounter = createCounter("trpc.booking", "findBooking")
+      const metricsFindBooking = findBookingCounter.init({ confirmationNumber })
+
+      metricsFindBooking.start()
+
+      const booking = await findBooking(
+        confirmationNumber,
+        ctx.lang,
+        ctx.serviceToken,
+        lastName,
+        firstName,
+        email
+      )
+
+      if (!booking) {
+        metricsFindBooking.dataError(
+          `Fail to find booking data for ${confirmationNumber}`,
+          { confirmationNumber }
+        )
+        return null
+      }
+
+      const hotelData = await getHotel(
+        {
+          hotelId: booking.hotelId,
+          isCardOnlyPayment: false,
+          language: ctx.lang,
+        },
+        ctx.serviceToken
+      )
+
+      if (!hotelData) {
+        metricsFindBooking.dataError(
+          `Failed to find hotel data for ${booking.hotelId}`,
+          {
+            hotelId: booking.hotelId,
+          }
+        )
+
+        throw serverErrorByStatus(404)
+      }
+
+      metricsFindBooking.success()
+
+      return {
+        ...hotelData,
+        booking,
+        room: getBookedHotelRoom(
+          hotelData.roomCategories,
+          booking.roomTypeCode
+        ),
+      }
+    }),
+  linkedReservations: safeProtectedServiceProcedure
+    .input(getLinkedReservationsInput)
+    .concat(refIdPlugin.toConfirmationNumber)
+    .use(async ({ ctx, input, next }) => {
+      const lang = input.lang ?? ctx.lang
+      return next({
+        ctx: {
+          lang,
+        },
+      })
+    })
+    .query(async function ({ ctx }) {
+      const { confirmationNumber, lang, serviceToken } = ctx
+
+      const getLinkedReservationsCounter = createCounter(
+        "trpc.booking",
+        "linkedReservations"
+      )
+      const metricsGetLinkedReservations = getLinkedReservationsCounter.init({
+        confirmationNumber,
+      })
+
+      metricsGetLinkedReservations.start()
+
+      const booking = await getBooking(confirmationNumber, lang, serviceToken)
+
+      if (!booking) {
+        return []
+      }
+
+      const linkedReservationsResults = await Promise.allSettled(
+        booking.linkedReservations.map((linkedReservation) =>
+          getBooking(linkedReservation.confirmationNumber, lang, serviceToken)
+        )
+      )
+
+      const linkedReservations = []
+      for (const linkedReservationsResult of linkedReservationsResults) {
+        if (linkedReservationsResult.status === "fulfilled") {
+          if (linkedReservationsResult.value) {
+            linkedReservations.push(linkedReservationsResult.value)
+          } else {
+            metricsGetLinkedReservations.dataError(
+              `Unexpected value for linked reservation`
+            )
+          }
+        } else {
+          metricsGetLinkedReservations.dataError(
+            `Failed to get linked reservation`
+          )
+        }
+      }
+
+      metricsGetLinkedReservations.success()
+
+      return linkedReservations
+    }),
+  status: serviceProcedure
+    .input(getBookingStatusInput)
+    .concat(refIdPlugin.toConfirmationNumber)
+    .query(async function ({ ctx, input }) {
+      const lang = input.lang ?? ctx.lang
+      const { confirmationNumber } = ctx
+      const language = toApiLang(lang)
+
+      const getBookingStatusCounter = createCounter("trpc.booking", "status")
+      const metricsGetBookingStatus = getBookingStatusCounter.init({
+        confirmationNumber,
+      })
+
+      metricsGetBookingStatus.start()
+
+      const apiResponse = await api.get(
+        api.endpoints.v1.Booking.status(confirmationNumber),
+        {
+          headers: {
+            Authorization: `Bearer ${ctx.serviceToken}`,
+          },
+        },
+        {
+          language,
+        }
+      )
+
+      if (!apiResponse.ok) {
+        await metricsGetBookingStatus.httpError(apiResponse)
+        throw serverErrorByStatus(apiResponse.status, apiResponse)
+      }
+
+      const apiJson = await apiResponse.json()
+      const verifiedData = createBookingSchema.safeParse(apiJson)
+      if (!verifiedData.success) {
+        metricsGetBookingStatus.validationError(verifiedData.error)
+        throw badRequestError()
+      }
+
+      metricsGetBookingStatus.success()
+
+      const expire = Math.floor(Date.now() / 1000) + 60 // 1 minute expiry
+
+      return {
+        booking: verifiedData.data,
+        sig: encrypt(expire.toString()),
+      }
+    }),
+  createRefId: serviceProcedure
+    .input(createRefIdInput)
+    .mutation(async function ({ input }) {
+      const { confirmationNumber, lastName } = input
+      const encryptedRefId = encrypt(`${confirmationNumber},${lastName}`)
+
+      if (!encryptedRefId) {
+        throw serverErrorByStatus(422, "Was not able to encrypt ref id")
+      }
+
+      return {
+        refId: encryptedRefId,
+      }
+    }),
+})

packages/trpc/lib/routers/booking/utils.ts

@@ -0,0 +1,158 @@
+import { createCounter } from "@scandic-hotels/common/telemetry"
+
+import * as api from "../../api"
+import { badRequestError, serverErrorByStatus } from "../../errors"
+import { toApiLang } from "../../utils"
+import { bookingConfirmationSchema, createBookingSchema } from "./output"
+
+import type { Lang } from "@scandic-hotels/common/constants/language"
+
+export async function getBooking(
+  confirmationNumber: string,
+  lang: Lang,
+  token: string
+) {
+  const getBookingCounter = createCounter("booking", "get")
+  const metricsGetBooking = getBookingCounter.init({ confirmationNumber })
+
+  metricsGetBooking.start()
+
+  const apiResponse = await api.get(
+    api.endpoints.v1.Booking.booking(confirmationNumber),
+    {
+      headers: {
+        Authorization: `Bearer ${token}`,
+      },
+    },
+    { language: toApiLang(lang) }
+  )
+
+  if (!apiResponse.ok) {
+    await metricsGetBooking.httpError(apiResponse)
+
+    // If the booking is not found, return null.
+    // This scenario is expected to happen when a logged in user trying to access a booking that doesn't belong to them.
+    if (apiResponse.status === 404) {
+      return null
+    }
+
+    throw serverErrorByStatus(apiResponse.status, apiResponse)
+  }
+
+  const apiJson = await apiResponse.json()
+  const booking = bookingConfirmationSchema.safeParse(apiJson)
+  if (!booking.success) {
+    metricsGetBooking.validationError(booking.error)
+    throw badRequestError()
+  }
+
+  metricsGetBooking.success()
+
+  return booking.data
+}
+
+export async function findBooking(
+  confirmationNumber: string,
+  lang: Lang,
+  token: string,
+  lastName?: string,
+  firstName?: string,
+  email?: string
+) {
+  const findBookingCounter = createCounter("booking", "find")
+  const metricsGetBooking = findBookingCounter.init({
+    confirmationNumber,
+    lastName,
+    firstName,
+    email,
+  })
+
+  metricsGetBooking.start()
+
+  const apiResponse = await api.post(
+    api.endpoints.v1.Booking.find(confirmationNumber),
+    {
+      headers: {
+        Authorization: `Bearer ${token}`,
+      },
+      body: {
+        lastName,
+        firstName,
+        email,
+      },
+    },
+    { language: toApiLang(lang) }
+  )
+
+  if (!apiResponse.ok) {
+    await metricsGetBooking.httpError(apiResponse)
+
+    // If the booking is not found, return null.
+    // This scenario is expected to happen when a logged in user trying to access a booking that doesn't belong to them.
+    if (apiResponse.status === 400) {
+      return null
+    }
+
+    throw serverErrorByStatus(apiResponse.status, apiResponse)
+  }
+
+  const apiJson = await apiResponse.json()
+  const booking = bookingConfirmationSchema.safeParse(apiJson)
+  if (!booking.success) {
+    metricsGetBooking.validationError(booking.error)
+    throw badRequestError()
+  }
+
+  metricsGetBooking.success()
+
+  return booking.data
+}
+
+export async function cancelBooking(
+  confirmationNumber: string,
+  language: Lang,
+  token: string
+) {
+  const cancelBookingCounter = createCounter("booking", "cancel")
+  const metricsCancelBooking = cancelBookingCounter.init({
+    confirmationNumber,
+    language,
+  })
+
+  metricsCancelBooking.start()
+
+  const headers = {
+    Authorization: `Bearer ${token}`,
+  }
+
+  const booking = await getBooking(confirmationNumber, language, token)
+  if (!booking) {
+    metricsCancelBooking.noDataError({ confirmationNumber })
+    return null
+  }
+  const { firstName, lastName, email } = booking.guest
+  const apiResponse = await api.remove(
+    api.endpoints.v1.Booking.cancel(confirmationNumber),
+    {
+      headers,
+      body: { firstName, lastName, email },
+    },
+    { language: toApiLang(language) }
+  )
+
+  if (!apiResponse.ok) {
+    await metricsCancelBooking.httpError(apiResponse)
+    return null
+  }
+
+  const apiJson = await apiResponse.json()
+  const verifiedData = createBookingSchema.safeParse(apiJson)
+  if (!verifiedData.success) {
+    metricsCancelBooking.validationError(verifiedData.error)
+    return null
+  }
+
+  metricsCancelBooking.success()
+
+  return verifiedData.data
+}

packages/trpc/lib/routers/hotels/query.ts

@@ -47,9 +47,9 @@ import {
   breakfastPackagesSchema,
   getNearbyHotelIdsSchema,
 } from "../../routers/hotels/output"
-import { additionalDataSchema } from "../../routers/hotels/schemas/hotel/include/additionalData"
 import { toApiLang } from "../../utils"
 import { getVerifiedUser } from "../user/utils"
+import { additionalDataSchema } from "./schemas/hotel/include/additionalData"
 import { meetingRoomsSchema } from "./schemas/meetingRoom"
 import {
   getCitiesByCountry,

packages/trpc/lib/routers/user/utils.ts

@@ -2,10 +2,24 @@ import { createCounter } from "@scandic-hotels/common/telemetry"
 
 import * as api from "../../api"
 import { cache } from "../../DUPLICATED/cache"
+import { isValidSession } from "../../utils/session"
 import { getUserSchema } from "./output"
 
 import type { Session } from "next-auth"
 
+export async function getMembershipNumber(
+  session: Session | null
+): Promise<string | undefined> {
+  if (!isValidSession(session)) return undefined
+
+  const verifiedUser = await getVerifiedUser({ session })
+  if (!verifiedUser || "error" in verifiedUser) {
+    return undefined
+  }
+
+  return verifiedUser.data.membershipNumber
+}
+
 export const getVerifiedUser = cache(
   async ({
     session,

packages/trpc/lib/types/bookingConfirmation.ts

@@ -0,0 +1,21 @@
+import type { z } from "zod"
+
+import type {
+  bookingConfirmationSchema,
+  packageSchema,
+} from "../routers/booking/output"
+import type { HotelData, Room } from "./hotel"
+
+export interface BookingConfirmationSchema
+  extends z.output<typeof bookingConfirmationSchema> {}
+
+export interface PackageSchema extends z.output<typeof packageSchema> {}
+
+export interface BookingConfirmation extends HotelData {
+  booking: BookingConfirmationSchema
+  room:
+    | (Room & {
+        bedType: Room["roomTypes"][number]
+      })
+    | null
+}

packages/trpc/lib/utils/encryption.ts

@@ -0,0 +1,52 @@
+import "server-only"
+
+import crypto from "crypto"
+
+import { env } from "../../env/server"
+
+const algorithm = "DES-ECB"
+const encryptionKey = env.BOOKING_ENCRYPTION_KEY
+const bufferKey = Buffer.from(encryptionKey, "utf8")
+
+export function encrypt(originalString: string) {
+  try {
+    const cipher = crypto.createCipheriv(algorithm, bufferKey, null)
+    cipher.setAutoPadding(false)
+    const bufferString = Buffer.from(originalString, "utf8")
+    const paddingSize =
+      bufferKey.length - (bufferString.length % bufferKey.length)
+    const paddedStr = Buffer.concat([
+      bufferString,
+      Buffer.alloc(paddingSize, 0),
+    ])
+    const buffers: Buffer[] = []
+    buffers.push(cipher.update(paddedStr))
+    buffers.push(cipher.final())
+    const result = Buffer.concat(buffers).toString("base64")
+    return result
+  } catch (e) {
+    console.log(e)
+    return ""
+  }
+}
+
+export function decrypt(encryptedString: string) {
+  try {
+    const decipher = crypto.createDecipheriv(algorithm, bufferKey, null)
+    decipher.setAutoPadding(false)
+    const buffers: Buffer[] = []
+    buffers.push(decipher.update(encryptedString, "base64"))
+    buffers.push(decipher.final())
+    const result = Buffer.concat(buffers)
+      .toString("utf8")
+      /*
+       * Hexadecimal byte (null byte) replace. These occur when decrypting because
+       * we're disabling the auto padding for historical/compatibility reasons.
+       */
+      .replace(/(\x00)*/g, "")
+    return result
+  } catch (e) {
+    console.log(e)
+    return ""
+  }
+}

packages/trpc/lib/utils/refId.ts

@@ -0,0 +1,34 @@
+import "server-only"
+
+import { decrypt, encrypt } from "./encryption"
+
+export function calculateRefId(confirmationNumber: string, lastName: string) {
+  const encryptedRefId = encrypt(`${confirmationNumber},${lastName}`)
+
+  return encryptedRefId
+}
+
+export function parseRefId(refId: string) {
+  // RefId is DES-ECB encryption + Base64 encoding. For legacy reasons we have
+  // to do some manual handling here to get a proper Base64 string.
+  //
+  // - Use case: Current web replaced plus sign with hyphens when generating RefIds.
+  //   Handling: We replace hyphens with plus signs.
+  //
+  // - Use case: Incoming links in the wild do not encode the RefId properly.
+  //   Handling: We replace spaces with plus signs. Effectively, reversing the
+  //   decoding of plus signs into spaces that Next.js does for us for incoming
+  //   search params.
+  //   Slash and equal sign are not decoded into anything, so no action needed.
+  //   We only need to cater for those three (plus, slash, equals) as RefId is
+  //   Base64 encoded which only has these three special characters.
+  const data = decrypt(refId.replace(/ |-/g, "+"))
+  const parts = data.split(",")
+  if (parts.length !== 2) {
+    throw new Error("Invalid refId format")
+  }
+  return {
+    confirmationNumber: parts[0],
+    lastName: parts[1],
+  }
+}

packages/trpc/lib/utils/session.ts

@@ -0,0 +1,26 @@
+import "server-only"
+
+import type { Session } from "next-auth"
+
+export function isValidSession(session: Session | null): session is Session {
+  if (!session) {
+    return false
+  }
+  if (session.error) {
+    console.log(`Session error: ${session.error}`)
+    return false
+  }
+
+  const token = session.token
+
+  if (token?.error) {
+    console.log(`Session token error: ${token.error}`)
+    return false
+  }
+  if (token?.expires_at && token.expires_at < Date.now()) {
+    console.log(`Session expired: ${session.token.expires_at}`)
+    return false
+  }
+
+  return true
+}