feat(membership): in-app Zoho Sign agreement signing#290
Open
dkaygithub wants to merge 1 commit into
Open
Conversation
Adds the "send for signature" half of the Zoho Sign integration (the webhook
half already existed) and the applicant CUJ: after the "Your Family" intake
step, a green "Sign your membership agreement" button creates a Zoho signing
request once (stored on the process), prefills Printed Name, and drops the
applicant straight into an embedded signing ceremony via an embedtoken URL.
Re-clicking reuses the stored request; the existing webhook flips the contract
task to signed.
Ported from innovationtreehouse/sign-script (send_for_signature.py): the OAuth
refresh flow, create/submit request, and the exact 5-field layout (Signature,
Date, Printed Name, Insurance Company, Policy #). PDF geometry read via pdf-lib.
- schema: MembershipProcess.zohoActionId (+ migration) paired with zohoEnvelopeId
- contract/{signFields,zohoClient,agreementDocument}.ts + service in external.ts
- POST /api/membership/contract/sign + green button in membership/page.tsx
- config accessors + next.config file-tracing for the (pending) agreement PDF
- unit tests (mocked) + CI-only integration test (idempotency/phase/403/503)
The real agreement PDF and the Zoho AWS secrets are pending; a CI guard
(block-pending-issue.yml) fails this PR until issue #289 is closed.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01VFRSkNj6e2abgSe5PC66g3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Implements the "send for signature" half of the Zoho Sign integration (the webhook half already existed) and the applicant CUJ: after the Your Family intake step, a green "Sign your membership agreement →" button creates a Zoho signing request once (stored on the process), prefills Printed Name, and drops the applicant straight into an embedded signing ceremony (
embedtokenURL). Re-clicking reuses the stored request ("Resume signing"); the existing webhook flips the contract task to ✓.Ported from
innovationtreehouse/sign-script(send_for_signature.py) as the source of truth: OAuth refresh, create/submit request, and the exact 5-field layout (Signature, Date, Printed Name, Insurance Company, Policy #). PDF geometry read viapdf-lib.Changes
MembershipProcess.zohoActionId(+ migration), paired withzohoEnvelopeIdcontract/{signFields,zohoClient,agreementDocument}.ts+getOrCreateContractSigningUrlservice inexternal.tsPOST /api/membership/contract/sign+ green button inmembership/page.tsxnext.configfile-tracing for the (pending) agreement PDF⛔ Blocked — DO NOT MERGE yet
A CI guard (
block-pending-issue.yml) fails this PR until issue #289 is closed. Two things are pending:checkin-app/src/lib/membership/contract/assets/membership-agreement.pdf(TODO Add membership pdf to checkin repo #289). Until then the endpoint returns 503.zoho-client-id/-client-secret/-refresh-token/-webhook-secret) — see the companion infra PR. Plus Zoho console: webhook →/api/webhooks/zohowithx-zoho-webhook-token, and allow-list the host for embedded signing.Companion infra PR: declares the secret shells.
🤖 Generated with Claude Code