fix(router): decrease payment method token time based on payment_intent creation time (#1682)

Co-authored-by: Sahkal Poddar <sahkal.poddar@juspay.in>
Co-authored-by: Arun Raj M <jarnura47@gmail.com>

crates/router/src/compatibility/stripe/customers.rs

@@ -9,7 +9,7 @@ use crate::{
     core::{customers, payment_methods::cards},
     routes,
     services::{api, authentication as auth},
-    types::api::customers as customer_types,
+    types::api::{customers as customer_types, payment_methods},
 };
 
 #[instrument(skip_all, fields(flow = ?Flow::CustomersCreate))]
@@ -168,9 +168,10 @@ pub async fn list_customer_payment_method_api(
     state: web::Data<routes::AppState>,
     req: HttpRequest,
     path: web::Path<String>,
+    json_payload: web::Query<payment_methods::PaymentMethodListRequest>,
 ) -> HttpResponse {
     let customer_id = path.into_inner();
-
+    let payload = json_payload.into_inner();
     let flow = Flow::CustomerPaymentMethodsList;
 
     wrap::compatibility_api_wrap::<
@@ -186,9 +187,15 @@ pub async fn list_customer_payment_method_api(
         flow,
         state.get_ref(),
         &req,
-        customer_id.as_ref(),
+        payload,
         |state, auth, req| {
-            cards::list_customer_payment_method(state, auth.merchant_account, auth.key_store, req)
+            cards::list_customer_payment_method(
+                state,
+                auth.merchant_account,
+                auth.key_store,
+                req,
+                &customer_id,
+            )
         },
         &auth::ApiKeyAuth,
     )

crates/router/src/core/payment_methods/cards.rs

@@ -1647,6 +1647,7 @@ pub async fn list_customer_payment_method(
     state: &routes::AppState,
     merchant_account: domain::MerchantAccount,
     key_store: domain::MerchantKeyStore,
+    req: api::PaymentMethodListRequest,
     customer_id: &str,
 ) -> errors::RouterResponse<api::CustomerPaymentMethodsListResponse> {
     let db = &*state.store;
@@ -1702,11 +1703,23 @@ pub async fn list_customer_payment_method(
             "pm_token_{}_{}_hyperswitch",
             parent_payment_method_token, pma.payment_method
         );
+
+        let payment_intent = helpers::verify_payment_intent_time_and_client_secret(
+            db,
+            &merchant_account,
+            req.client_secret.clone(),
+        )
+        .await?;
+        let current_datetime_utc = common_utils::date_time::now();
+        let time_eslapsed = current_datetime_utc
+            - payment_intent
+                .map(|intent| intent.created_at)
+                .unwrap_or_else(|| current_datetime_utc);
         redis_conn
             .set_key_with_expiry(
                 &key_for_hyperswitch_token,
                 hyperswitch_token,
-                consts::TOKEN_TTL,
+                consts::TOKEN_TTL - time_eslapsed.whole_seconds(),
             )
             .await
             .map_err(|error| {
@@ -1731,7 +1744,11 @@ pub async fn list_customer_payment_method(
                     parent_payment_method_token, pma.payment_method, pm_metadata.0
                 );
                 redis_conn
-                    .set_key_with_expiry(&key, pm_metadata.1, consts::TOKEN_TTL)
+                    .set_key_with_expiry(
+                        &key,
+                        pm_metadata.1,
+                        consts::TOKEN_TTL - time_eslapsed.whole_seconds(),
+                    )
                     .await
                     .map_err(|error| {
                         logger::error!(connector_payment_method_token_kv_error=?error);

crates/router/src/routes/payment_methods.rs

@@ -138,11 +138,12 @@ pub async fn list_customer_payment_method_api(
         state.get_ref(),
         &req,
         json_payload.into_inner(),
-        |state, auth, _| {
+        |state, auth, req| {
             cards::list_customer_payment_method(
                 state,
                 auth.merchant_account,
                 auth.key_store,
+                req,
                 &customer_id,
             )
         },