90dc-core 1.3.1 → 1.4.1

package/src/lib/utils/AuthenticationUtil.ts

@@ -0,0 +1,366 @@
+import * as dotenv from "dotenv";
+import jwt, { JwtPayload, VerifyErrors } from "jsonwebtoken";
+import axios, { AxiosResponse, isAxiosError } from "axios";
+import fs from "fs";
+import { google } from "googleapis";
+import  { PersistedUser } from "../dbmodels/PersistedUser";
+import type {
+  Credentials,
+  SignedTransactions, SingleTransactionResponse,
+  SubscriptionStatusResponse, SubscriptionStatusResponseError, SubscriptionStatusResult,
+  TransactionsResponse,
+  UserTypes,
+  VerificationStatus
+} from "../models/UserInterfaces";
+import { AppleTransactionError } from "../Errors/Errors";
+
+dotenv.config();
+
+
+export default class AuthenticationUtil {
+  private static readonly ACCESS_SECRET = <string>process.env.ACCESS_TOKEN_SECRET;
+
+  public static async fetchUserWithTokenInfo(token: string): Promise<PersistedUser | null> {
+    const userInToken: PersistedUser | null | false = await AuthenticationUtil.verifyTokenAndFetchUser(
+      token
+    );
+    if (userInToken === null || !userInToken || !userInToken.userUuid || !userInToken.userUuid) {
+      return null;
+    }
+
+    return userInToken;
+  }
+
+  public static async verifyAppleReceipt(data: string): Promise<VerificationStatus> {
+    const response: AxiosResponse = await axios.post("https://buy.itunes.apple.com/verifyReceipt", {
+      "receipt-data": data,
+      password: "55a50fe585494a11b6f848f4d2a7dff3",
+      "exclude-old-transactions": true,
+    });
+
+    return response.data as VerificationStatus;
+  }
+
+  public static verifyTokenAndFetchUser(token: string): Promise<PersistedUser | null | false> {
+    return new Promise<PersistedUser | null | false>((resolve, reject) => {
+      jwt.verify(
+        token,
+        this.ACCESS_SECRET,
+        (err: VerifyErrors | null, decoded: JwtPayload | string | undefined) => {
+          if (err) {
+            reject(err);
+          }
+
+          if (decoded === undefined) {
+            resolve(null);
+            return;
+          }
+
+          const user: UserTypes = <UserTypes>decoded;
+
+          if (!user.userUuid) {
+            resolve(false);
+            return;
+          }
+
+          PersistedUser.findByPk(user.userUuid)
+            .then((persistedUser: PersistedUser | null) => {
+              resolve(persistedUser);
+            })
+            .catch((e: Error) => {
+              reject(e);
+            });
+        }
+      );
+    });
+  }
+
+  public static generateAppleJWT() {
+      const privateKey: string = fs.readFileSync(
+        process.env.APPLE_SUBSCRIPTION_KEY_PATH as string,
+        "utf-8"
+      );
+
+      const header = {
+        alg: "ES256",
+        kid: process.env.APPLE_KID as string,
+        typ: "JWT",
+      };
+
+      const payload = {
+        iss: process.env.APPLE_ISSUER as string,
+        iat: Math.floor(Date.now() / 1000),
+        exp: Math.floor(Date.now() / 1000) + 3600,
+        aud: "appstoreconnect-v1",
+        bid: process.env.APPLE_BUNDLE_ID as string,
+      };
+
+      return jwt.sign(payload, privateKey, { header });
+
+  }
+
+  public static async getAppleTransactions(originalTransactionId: string) {
+    const result: SignedTransactions[] = [];
+    try {
+      const response: AxiosResponse<TransactionsResponse> = await axios.get(
+        `https://api.storekit.itunes.apple.com/inApps/v1/history/${originalTransactionId}`,
+        {
+          headers: {
+            Authorization: `Bearer ${this.generateAppleJWT()}`,
+            "Content-Type": "application/json",
+          },
+        }
+      );
+
+      for (const token of response.data.signedTransactions) {
+        result.push(jwt.decode(token) as SignedTransactions);
+      }
+
+      return result;
+    } catch (error) {
+      if (isAxiosError(error) && error.response?.status === 400) {
+        throw new AppleTransactionError("Invalid transaction id.");
+      }
+
+      if (
+        isAxiosError(error) &&
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+        (error.response?.data.errorCode === 4040010 || error.response?.status === 401)
+      ) {
+        try {
+          const response: AxiosResponse<TransactionsResponse> = await axios.get(
+            `https://api.storekit-sandbox.itunes.apple.com/inApps/v1/history/${originalTransactionId}`,
+            {
+              headers: {
+                Authorization: `Bearer ${this.generateAppleJWT()}`,
+                "Content-Type": "application/json",
+              },
+            }
+          );
+
+          for (const token of response.data.signedTransactions) {
+            result.push(jwt.decode(token) as SignedTransactions);
+          }
+
+          return result;
+        } catch (e) {
+          if (isAxiosError(error) && error.response?.status === 400) {
+            throw new AppleTransactionError("Invalid transaction id.");
+          }
+        }
+        throw new AppleTransactionError("Transaction was not found in both environments.");
+      }
+      throw error
+
+    }
+  }
+
+  public static async getAndroidAccessToken() {
+    const keyPath = "src/lib/utils/dayschallenge-373510-dbde66bc0d05.json";
+
+    const jwtClient = new google.auth.JWT({
+      keyFile: keyPath,
+      scopes: ["https://www.googleapis.com/auth/androidpublisher"],
+    });
+
+    const authResponse: Credentials = await jwtClient.authorize();
+    return authResponse;
+  }
+
+  public static async getAndroidSubscriptionsStatuses(token: string) {
+    try {
+      const credentials = await this.getAndroidAccessToken();
+
+      const response: AxiosResponse = await axios.get(
+        `https://androidpublisher.googleapis.com/androidpublisher/v3/applications/nl.browney.nintydayschallenge/purchases/subscriptionsv2/tokens/${token}`,
+        {
+          headers: {
+            Authorization: `Bearer ${credentials.access_token as string}`,
+          },
+        }
+      );
+
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-return
+      return response.data;
+    } catch (error) {
+      if (isAxiosError(error) && error.response && error.response.status === 410) {
+        return {
+          lineItems: [
+            {
+              expiryTime: "2024-01-04T13:05:16.831Z",
+            },
+          ],
+        };
+      } else {
+        if (isAxiosError(error)) {
+          return false;
+        }
+      }
+    }
+  }
+
+  public static async isAndroidSubscriptionsActive(token: string) {
+    try {
+      const credentials = await this.getAndroidAccessToken();
+
+      const response: AxiosResponse = await axios.get(
+        `https://androidpublisher.googleapis.com/androidpublisher/v3/applications/nl.browney.nintydayschallenge/purchases/subscriptionsv2/tokens/${token}`,
+        {
+          headers: {
+            Authorization: `Bearer ${credentials.access_token as string}`,
+          },
+        }
+      );
+
+      return (
+        (response.data as { subscriptionState: string }).subscriptionState ===
+        "SUBSCRIPTION_STATE_ACTIVE"
+      );
+    } catch (error) {
+        if (isAxiosError(error)) {
+          console.error("An error occurred:", error.message);
+        }
+        return false
+    }
+  }
+
+  public static async isAppleSubscriptionActive(transactionId: string) {
+    try {
+      const response: AxiosResponse<SubscriptionStatusResponse> = await axios.get(
+        `https://api.storekit.itunes.apple.com/inApps/v1/subscriptions/${transactionId}`,
+        {
+          headers: {
+            Authorization: `Bearer ${this.generateAppleJWT()}`,
+            "Content-Type": "application/json",
+          },
+        }
+      );
+
+      return (
+        response.data.data[0].lastTransactions[0].status === 0 ||
+        response.data.data[0].lastTransactions[0].status === 2
+      );
+    } catch (e) {
+      if (
+        axios.isAxiosError(e) &&
+        e.response &&
+        (e.response.data as SubscriptionStatusResponseError)["errorMessage"] ===
+        "Invalid transaction id."
+      ) {
+        return false;
+      }
+      return false;
+    }
+  }
+
+  public static async getAppleSubscriptionsStatuses(transactionId: string) {
+    const result: SubscriptionStatusResult[] = [];
+    try {
+      const response: AxiosResponse<SubscriptionStatusResponse> = await axios.get(
+        `https://api.storekit.itunes.apple.com/inApps/v1/subscriptions/${transactionId}`,
+        {
+          headers: {
+            Authorization: `Bearer ${this.generateAppleJWT()}`,
+            "Content-Type": "application/json",
+          },
+        }
+      );
+
+      for (const transaction of response.data.data[0].lastTransactions) {
+        result.push({
+          originalTransactionId: transaction.originalTransactionId,
+          status: transaction.status,
+          signedTransactionInfo: jwt.decode(transaction.signedTransactionInfo),
+          signedRenewalInfo: jwt.decode(transaction.signedRenewalInfo),
+        });
+      }
+
+      return result;
+    } catch (error: unknown) {
+      if (isAxiosError(error) && error.response?.status === 400) {
+        throw new AppleTransactionError("Invalid transaction id.");
+      }
+
+      if (
+        isAxiosError(error) &&
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+        (error.response?.data.errorCode === 4040010 || error.response?.status === 401)
+      ) {
+        try {
+          const response: AxiosResponse<SubscriptionStatusResponse> = await axios.get(
+            `https://api.storekit-sandbox.itunes.apple.com/inApps/v1/subscriptions/${transactionId}`,
+            {
+              headers: {
+                Authorization: `Bearer ${this.generateAppleJWT()}`,
+                "Content-Type": "application/json",
+              },
+            }
+          );
+
+          for (const transaction of response.data.data[0].lastTransactions) {
+            result.push({
+              originalTransactionId: transaction.originalTransactionId,
+              status: transaction.status,
+              signedTransactionInfo: jwt.decode(transaction.signedTransactionInfo),
+              signedRenewalInfo: jwt.decode(transaction.signedRenewalInfo),
+            });
+          }
+
+          return result;
+        } catch (e) {
+          if (isAxiosError(error) && error.response?.status === 400) {
+            throw new AppleTransactionError("Invalid transaction id.");
+          }
+        }
+        throw new AppleTransactionError("Transaction was not found in both environments.");
+      }
+      throw error
+    }
+  }
+
+  public static async getSingleAppleTransactionsInfo(transactionId: string) {
+    try {
+      const response: AxiosResponse<SingleTransactionResponse> = await axios.get(
+        `https://api.storekit.itunes.apple.com/inApps/v1/transactions/${transactionId}`,
+        {
+          headers: {
+            Authorization: `Bearer ${this.generateAppleJWT()}`,
+            "Content-Type": "application/json",
+          },
+        }
+      );
+
+      return { signedTransactionInfo: jwt.decode(response.data.signedTransactionInfo) };
+    } catch (error) {
+      if (isAxiosError(error) && error.response?.status === 400) {
+        throw new AppleTransactionError("Invalid transaction id.");
+      }
+
+      if (
+        isAxiosError(error) &&
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+        (error.response?.data.errorCode === 4040010 || error.response?.status === 401)
+      ) {
+        try {
+          const response: AxiosResponse<SingleTransactionResponse> = await axios.get(
+            `https://api.storekit-sandbox.itunes.apple.com/inApps/v1/transactions/${transactionId}`,
+            {
+              headers: {
+                Authorization: `Bearer ${this.generateAppleJWT()}`,
+                "Content-Type": "application/json",
+              },
+            }
+          );
+
+          return { signedTransactionInfo: jwt.decode(response.data.signedTransactionInfo) };
+        } catch (e) {
+          if (isAxiosError(error) && error.response?.status === 400) {
+            throw new AppleTransactionError("Invalid transaction id.");
+          }
+        }
+        throw new AppleTransactionError("Transaction was not found in both environments.");
+      }
+      throw error
+    }
+  }
+}