feat(revenue_recovery): Add redis-based payment processor token tracking for revenue recovery

[aniketburman014]

Type of Change

• Bugfix
• New feature
• Enhancement
• Refactoring
• Dependency updates
• Documentation
• CI/CD

Description

This module implements a Redis-backed system for managing and selecting the best payment processor token during payment retries.

It ensures:

• Safe token usage (no race conditions with locks) locked on connector customer level - if a payment has been scheduled then all other invoices for that customer will be in a queue.
• Consistent retry limit enforcement

---

Why This Exists

In the revenue recovery flow, there is no direct mapping between a customer and their payment methods.

However, card networks enforce retry limits (daily and rolling 30-day) for each merchant–customer card.
Without tracking at this level, retries could breach these limits, leading to:

• Higher decline rates
• Potential network penalties

The Solution

1. Group multiple cards of a customer under a single connector_customer_id.
2. Store all payment processor tokens for that connector customer in Redis.
3. Allow tokens to be:
   • Inserted when a webhook is received
   • Retrieved during the process tracker’s calculation flow to select the best retry candidate

This enables:

• Enforcement of daily and 30-day rolling thresholds
• Compliance with network-level retry rules
• Token availability across flows without additional database lookups

---

Redis Schema

Key Pattern	Type	Purpose
customer:{customer_id}:status	String	Lock key storing the payment_id to prevent parallel updates
customer:{customer_id}:tokens	Hash	Maps token_id → TokenStatus JSON

Example TokenStatus JSON

{
  "token_id": "tok_abc123",
  "error_code": "do_not_honor",
  "network": "visa",
  "added_by_payment_id": "pay_xyz789",
  "retry_history": {
    "2025-08-01": 1,
    "2025-08-02": 2
  }
}

Flow

Step 1 – Acquire Lock

• Create a lock key:
  customer:{customer_id}:status → value = payment_id
• Purpose: Prevent parallel processes from working on the same customer
• If the lock is already present:
  • Exit early with message: "Customer is already locked by another process."

---

Step 2– Fetch Existing Tokens

• Retrieve all payment processor tokens from
  customer:{customer_id}:tokens
• These tokens are then evaluated for retry eligibility

---

Step 3 – Check Retry Limits

For each token:

• Count retries in the last 30 days
• Check if daily or rolling 30-day limit is exceeded
• If limit exceeded → give a wait time for those tokens
• Calculate wait time before the token can be retried again

---

Step 4 – Decider Logic (Upcoming)

• For all eligible tokens:
  1. Determine the ** schedule time** for the psp tokens
  2. Select the token with the earliest schedule time

---

Step 5 – Update Retry State

• After Transaction Executed
• Increment today’s retry count for the selected token
• Persist the updated TokenStatus back to Redis

---

Step 6 – Release Lock

• Delete customer:{customer_id}:status lock key
• Allow the next payment flow to proceed

Additional Changes

• This PR modifies the API contract
• This PR modifies the database schema
• This PR modifies application configuration/environment variables

Motivation and Context

How did you test it?

Checklist

• I formatted the code cargo +nightly fmt --all
• addressed lints thrown by cargo clippy
• I reviewed the submitted code
• I added unit tests for my changes where possible

[semanticdiff-com]

Review changes with  

Changed Files

File	Status
api-reference/v1/openapi_spec_v1.json	67% smaller
api-reference/v2/openapi_spec_v2.json	67% smaller
crates/router/src/core/payments/transformers.rs	51% smaller
crates/common_enums/src/enums.rs	23% smaller
crates/router/src/core/revenue_recovery/transformers.rs	19% smaller
crates/router/src/workflows/revenue_recovery.rs	11% smaller
crates/router/src/core/webhooks/recovery_incoming.rs	6% smaller
crates/router/src/types/storage/revenue_recovery.rs	6% smaller
crates/hyperswitch_connectors/src/connectors/stripebilling/transformers.rs	4% smaller
config/deployments/integration_test.toml	Unsupported file format
config/deployments/production.toml	Unsupported file format
config/deployments/sandbox.toml	Unsupported file format
config/development.toml	Unsupported file format
crates/hyperswitch_connectors/src/connectors/chargebee/transformers.rs	0% smaller
crates/hyperswitch_connectors/src/connectors/recurly/transformers.rs	0% smaller
crates/hyperswitch_domain_models/src/payments.rs	0% smaller
crates/hyperswitch_domain_models/src/revenue_recovery.rs	0% smaller
crates/hyperswitch_domain_models/src/router_response_types/revenue_recovery.rs	0% smaller
crates/router/src/core/errors.rs	0% smaller
crates/router/src/core/revenue_recovery/api.rs	0% smaller
crates/router/src/types/storage.rs	0% smaller
crates/router/src/types/storage/revenue_recovery_redis_operation.rs	0% smaller
loadtest/config/development.toml	Unsupported file format
proto/recovery_decider.proto	Unsupported file format

[Copilot]

Pull Request Overview

This PR implements Redis-based token management functionality for revenue recovery with network-specific retry limits. The changes add comprehensive Redis operations for managing payment processor tokens with customer locking mechanisms and configurable retry thresholds per card network.

• Adds Redis-based token management with customer locking and retry tracking
• Implements network-specific retry limits configuration for different card types
• Changes default feature flag from "v1" to "v2" in Cargo.toml

Reviewed Changes

Copilot reviewed 10 out of 12 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
crates/router/src/types/storage/revenue_recovery_redis_operation.rs	New module implementing comprehensive Redis token management with async operations, customer locking, and retry logic
crates/router/src/types/storage/revenue_recovery.rs	Adds network-specific retry configuration structures and network type enum
crates/router/src/workflows/revenue_recovery.rs	Imports new Redis token manager and adds commented placeholder function
crates/router/src/types/storage.rs	Registers new revenue_recovery_redis_operation module
crates/router/Cargo.toml	Changes default feature from "v1" to "v2"
Config files	Adds card network retry limits configuration across all environments

[jarnura]

why discarding error? change_context to EApiErrorResponse

[jarnura]

we should not use this api to get the list of response, we should use normal get with the expanding the attempts

[aniketburman014]

We would need this api, as we won't have active_attempt_id. Active attempt id is mandatory for get payments.

[jarnura]

For call_psync_api only payment_id is required

[aniketburman014]

There is a validation in get payment api, which require active_payment_attempt_id as mandatory field.
but in our flow we only update active_payment_attempt_id when reaching terminal state.

[jarnura]

follow the way how call_psync_api is implemented, @Aprabhat19 said there is equivalent api for the below implementation also available

[jarnura]

These api related things are already defined in revenue_recovery api's reuse them

[jarnura]

follow the way how call_psync_api is implemented, @Aprabhat19 said there is equivalent api for the below implementation also available