@blocklet/payment-vendor 1.20.6

package/lib/logger.d.ts

@@ -0,0 +1,11 @@
+interface Logger {
+    debug: (...args: any[]) => void;
+    info: (...args: any[]) => void;
+    error: (...args: any[]) => void;
+    warn: (...args: any[]) => void;
+}
+declare const logger: Logger;
+export default logger;
+declare const setupAccessLogger: any;
+export { setupAccessLogger };
+//# sourceMappingURL=logger.d.ts.map

package/lib/logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../src/logger.ts"],"names":[],"mappings":"AAEA,UAAU,MAAM;IACd,KAAK,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,IAAI,CAAC;IAChC,IAAI,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,IAAI,CAAC;IAC/B,KAAK,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,IAAI,CAAC;IAChC,IAAI,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,IAAI,CAAC;CAChC;AAOD,QAAA,MAAM,MAAM,QAAqB,CAAC;AAElC,eAAe,MAAM,CAAC;AAEtB,QAAA,MAAQ,iBAAiB,KAAiB,CAAC;AAC3C,OAAO,EAAE,iBAAiB,EAAE,CAAC"}

package/lib/logger.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.setupAccessLogger = void 0;
+const createLogger = require('@blocklet/logger');
+const init = (label) => {
+    const instance = createLogger(label || '');
+    return instance;
+};
+const logger = init('vendor-sdk');
+exports.default = logger;
+const { setupAccessLogger } = createLogger;
+exports.setupAccessLogger = setupAccessLogger;
+//# sourceMappingURL=logger.js.map

package/lib/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sourceRoot":"","sources":["../src/logger.ts"],"names":[],"mappings":";;;AAAA,MAAM,YAAY,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;AASjD,MAAM,IAAI,GAAG,CAAC,KAAa,EAAU,EAAE;IACrC,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;IAC3C,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC;AAElC,kBAAe,MAAM,CAAC;AAEtB,MAAM,EAAE,iBAAiB,EAAE,GAAG,YAAY,CAAC;AAClC,8CAAiB"}

package/lib/middleware.d.ts

@@ -0,0 +1,31 @@
+import type { NextFunction, Request, Response } from 'express';
+import type { AuthMiddlewareOptions } from './types';
+/**
+ * @example
+ * app.use('/api/vendor', ensureVendorAuth());
+ */
+export declare function ensureVendorAuth(options?: AuthMiddlewareOptions): (req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
+/**
+ * @example
+ * app.get('/health', healthCheck());
+ * app.get('/vendor/health', healthCheck({ service: 'launcher-vendor' }));
+ */
+export declare function healthCheck(options?: {
+    service?: string;
+    version?: string;
+    includeDetails?: boolean;
+}): (req: Request, res: Response) => void;
+/**
+ * @example
+ * app.use(errorHandler());
+ */
+export declare function errorHandler(): (error: any, req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
+/**
+ * @example
+ * app.use('/api/vendor', rateLimiter({
+ *   windowMs: 60000, // 1分钟
+ *   defaultLimit: 100
+ * }));
+ */
+export declare function rateLimiter(): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
+//# sourceMappingURL=middleware.d.ts.map

package/lib/middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAI/D,OAAO,KAAK,EAAE,qBAAqB,EAA4C,MAAM,SAAS,CAAC;AAE/F;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,GAAE,qBAA0B,SAC/C,OAAO,OAAO,QAAQ,QAAQ,YAAY,wDAkI9D;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CACzB,OAAO,GAAE;IACP,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,cAAc,CAAC,EAAE,OAAO,CAAC;CACrB,SAEO,OAAO,OAAO,QAAQ,UAkCpC;AAED;;;GAGG;AACH,wBAAgB,YAAY,YACX,GAAG,OAAO,OAAO,OAAO,QAAQ,QAAQ,YAAY,+CAyCpE;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,UAKZ,OAAO,OAAO,QAAQ,QAAQ,YAAY,+CAgDxD"}

package/lib/middleware.js

@@ -0,0 +1,274 @@
+"use strict";
+/* eslint-disable import/prefer-default-export */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ensureVendorAuth = ensureVendorAuth;
+exports.healthCheck = healthCheck;
+exports.errorHandler = errorHandler;
+exports.rateLimiter = rateLimiter;
+const auth_1 = require("./auth");
+const whitelist_1 = require("./whitelist");
+const logger_1 = __importDefault(require("./logger"));
+/**
+ * @example
+ * app.use('/api/vendor', ensureVendorAuth());
+ */
+function ensureVendorAuth(options = {}) {
+    return async (req, res, next) => {
+        try {
+            // 1. check the header
+            const sig = req.headers['x-broker-sig'];
+            const brokerDid = req.headers['x-broker-did'];
+            if (!sig) {
+                // Security: Log missing authentication signature
+                logger_1.default.warn('Authentication failed: Missing signature header', { url: req.url });
+                return res.status(400).json({
+                    error: 'Server signature is required',
+                    code: 'MISSING_SIGNATURE',
+                });
+            }
+            if (!brokerDid) {
+                // Security: Log missing broker identification
+                logger_1.default.warn('Authentication failed: Missing broker DID header', { url: req.url });
+                return res.status(400).json({
+                    error: 'Broker DID is required',
+                    code: 'MISSING_BROKER_DID',
+                });
+            }
+            // 2. analysis the request body
+            const isGetRequest = req.method === 'GET';
+            const requestBody = isGetRequest ? req.query : req.body;
+            if (!requestBody || typeof requestBody !== 'object') {
+                return res.status(400).json({
+                    error: 'Valid request body is required',
+                    code: 'INVALID_REQUEST_BODY',
+                });
+            }
+            if (!isGetRequest) {
+                // 3. check required field
+                const requiredFields = ['userInfo'];
+                const missingFields = requiredFields.filter((field) => !requestBody[field]);
+                if (missingFields.length > 0) {
+                    return res.status(400).json({
+                        error: `Missing required fields: ${missingFields.join(', ')}`,
+                        code: 'MISSING_REQUIRED_FIELDS',
+                        details: { missingFields },
+                    });
+                }
+                // 4. check timestamp (optional)
+                if (!options.skipTimestamp && requestBody.timestamp) {
+                    const maxAge = options.maxAge || 300000; // 默认5分钟
+                    if (!auth_1.VendorAuth.validateTimestamp(requestBody.timestamp, maxAge)) {
+                        // Security: Log timestamp validation failure for replay attack detection
+                        logger_1.default.warn('Authentication failed: Request timestamp expired', {
+                            url: req.url,
+                            age: Date.now() - requestBody.timestamp,
+                            maxAge,
+                        });
+                        return res.status(401).json({
+                            error: 'Request timestamp expired',
+                            code: 'TIMESTAMP_EXPIRED',
+                        });
+                    }
+                }
+            }
+            // 5. check the whitelist
+            const broker = await whitelist_1.WhitelistManager.getBrokerByPublicKey(brokerDid);
+            if (!broker) {
+                // Security: Log unauthorized broker access attempt
+                logger_1.default.warn('Authorization failed: Broker not in whitelist', {
+                    url: req.url,
+                    brokerDid: `${brokerDid.substring(0, 10)}...`,
+                });
+                return res.status(403).json({
+                    error: 'Broker not in whitelist',
+                    code: 'BROKER_NOT_ALLOWED',
+                });
+            }
+            // 6. Verify the signature
+            const signedRequest = { ...requestBody, signature: sig };
+            const verified = await auth_1.VendorAuth.verifyRequest(signedRequest, broker.publicKey);
+            if (!verified) {
+                // Security: Log signature verification failure
+                logger_1.default.warn('Authentication failed: Invalid request signature', {
+                    url: req.url,
+                    brokerId: broker.id,
+                    path: requestBody.path,
+                });
+                return res.status(401).json({
+                    error: 'Invalid request signature',
+                    code: 'INVALID_SIGNATURE',
+                });
+            }
+            // 7. custom validator (optional)
+            if (options.customValidator) {
+                const customValid = await options.customValidator(req);
+                if (!customValid) {
+                    return res.status(403).json({
+                        error: 'Custom validation failed',
+                        code: 'CUSTOM_VALIDATION_FAILED',
+                    });
+                }
+            }
+            // 8. check success, set request info
+            req.broker = broker;
+            req.vendorRequest = signedRequest;
+            // 8. check success, continue to process the request
+            return next();
+        }
+        catch (error) {
+            // Critical: Log authentication middleware errors
+            logger_1.default.error('Authentication middleware error', {
+                url: req.url,
+                error: error.message,
+                stack: error.stack,
+            });
+            return res.status(500).json({
+                error: 'Authentication failed',
+                code: 'AUTHENTICATION_ERROR',
+                details: process.env.NODE_ENV === 'development' ? error.message : undefined,
+            });
+        }
+    };
+}
+/**
+ * @example
+ * app.get('/health', healthCheck());
+ * app.get('/vendor/health', healthCheck({ service: 'launcher-vendor' }));
+ */
+function healthCheck(options = {}) {
+    return (req, res) => {
+        try {
+            const response = {
+                status: 'healthy',
+                timestamp: new Date().toISOString(),
+                service: options.service || 'vendor-api',
+            };
+            if (options.version) {
+                response.version = options.version;
+            }
+            if (options.includeDetails) {
+                response.details = {
+                    uptime: process.uptime(),
+                    memory: process.memoryUsage(),
+                    nodejs: process.version,
+                    platform: process.platform,
+                    pid: process.pid,
+                };
+            }
+            res.json(response);
+        }
+        catch (error) {
+            // Error: Log health check failures
+            logger_1.default.error('Health check failed', { url: req.url, error: error.message });
+            res.status(500).json({
+                status: 'unhealthy',
+                timestamp: new Date().toISOString(),
+                service: options.service || 'vendor-api',
+                error: error.message,
+            });
+        }
+    };
+}
+/**
+ * @example
+ * app.use(errorHandler());
+ */
+function errorHandler() {
+    return (error, req, res, next) => {
+        // Critical: Log unhandled errors in vendor API
+        logger_1.default.error('Unhandled error in vendor API', {
+            url: req.url,
+            method: req.method,
+            error: error.message,
+            stack: error.stack,
+            brokerId: req.broker?.id,
+        });
+        if (res.headersSent) {
+            return next(error);
+        }
+        let statusCode = 500;
+        let errorCode = 'INTERNAL_ERROR';
+        if (error.name === 'ValidationError') {
+            statusCode = 400;
+            errorCode = 'VALIDATION_ERROR';
+        }
+        else if (error.name === 'UnauthorizedError') {
+            statusCode = 401;
+            errorCode = 'UNAUTHORIZED';
+        }
+        else if (error.name === 'ForbiddenError') {
+            statusCode = 403;
+            errorCode = 'FORBIDDEN';
+        }
+        else if (error.name === 'NotFoundError') {
+            statusCode = 404;
+            errorCode = 'NOT_FOUND';
+        }
+        return res.status(statusCode).json({
+            success: false,
+            path: req.vendorRequest?.path,
+            message: 'Internal server error',
+            error: {
+                code: errorCode,
+                details: process.env.NODE_ENV === 'development' ? error.message : 'An error occurred',
+            },
+        });
+    };
+}
+/**
+ * @example
+ * app.use('/api/vendor', rateLimiter({
+ *   windowMs: 60000, // 1分钟
+ *   defaultLimit: 100
+ * }));
+ */
+function rateLimiter() {
+    const windowMs = parseInt(process.env.RATE_LIMIT_WINDOW_MS || '60000', 10);
+    const defaultLimit = parseInt(process.env.RATE_LIMIT_DEFAULT_LIMIT || '100', 10);
+    const requestCounts = new Map();
+    return (req, res, next) => {
+        // only for authenticated requests
+        if (!req.broker) {
+            return next();
+        }
+        const brokerId = req.broker.id;
+        const now = Date.now();
+        const limit = req.broker.rateLimit || defaultLimit;
+        // get or create counter
+        let counter = requestCounts.get(brokerId);
+        if (!counter || now > counter.resetTime) {
+            counter = { count: 0, resetTime: now + windowMs };
+            requestCounts.set(brokerId, counter);
+        }
+        // check if exceed the limit
+        if (counter.count >= limit) {
+            // Security: Log rate limit violations
+            logger_1.default.warn('Rate limit exceeded', {
+                url: req.url,
+                brokerId,
+                count: counter.count,
+                limit,
+            });
+            return res.status(429).json({
+                error: 'Rate limit exceeded',
+                code: 'RATE_LIMIT_EXCEEDED',
+                details: {
+                    limit,
+                    windowMs,
+                    resetTime: counter.resetTime,
+                },
+            });
+        }
+        counter.count++;
+        res.set({
+            'X-RateLimit-Limit': limit.toString(),
+            'X-RateLimit-Remaining': (limit - counter.count).toString(),
+            'X-RateLimit-Reset': new Date(counter.resetTime).toISOString(),
+        });
+        return next();
+    };
+}
+//# sourceMappingURL=middleware.js.map

package/lib/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":";AAAA,iDAAiD;;;;;AAYjD,4CAmIC;AAOD,kCAyCC;AAMD,oCA0CC;AASD,kCAqDC;AA1SD,iCAAoC;AACpC,2CAA+C;AAC/C,sDAA8B;AAG9B;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,UAAiC,EAAE;IAClE,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/D,IAAI,CAAC;YACH,sBAAsB;YACtB,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,CAAW,CAAC;YAClD,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,CAAW,CAAC;YAExD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,iDAAiD;gBACjD,gBAAM,CAAC,IAAI,CAAC,iDAAiD,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBACjF,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,8BAA8B;oBACrC,IAAI,EAAE,mBAAmB;iBAC1B,CAAC,CAAC;YACL,CAAC;YAED,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,8CAA8C;gBAC9C,gBAAM,CAAC,IAAI,CAAC,kDAAkD,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBAClF,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,wBAAwB;oBAC/B,IAAI,EAAE,oBAAoB;iBAC3B,CAAC,CAAC;YACL,CAAC;YAED,+BAA+B;YAC/B,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,KAAK,KAAK,CAAC;YAC1C,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAE,GAAG,CAAC,KAA6B,CAAC,CAAC,CAAE,GAAG,CAAC,IAA4B,CAAC;YAE1G,IAAI,CAAC,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;gBACpD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,gCAAgC;oBACvC,IAAI,EAAE,sBAAsB;iBAC7B,CAAC,CAAC;YACL,CAAC;YAED,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,0BAA0B;gBAC1B,MAAM,cAAc,GAAG,CAAC,UAAU,CAAC,CAAC;gBACpC,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC;gBAE5E,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC7B,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBAC1B,KAAK,EAAE,4BAA4B,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;wBAC7D,IAAI,EAAE,yBAAyB;wBAC/B,OAAO,EAAE,EAAE,aAAa,EAAE;qBAC3B,CAAC,CAAC;gBACL,CAAC;gBAED,gCAAgC;gBAChC,IAAI,CAAC,OAAO,CAAC,aAAa,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;oBACpD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,MAAM,CAAC,CAAC,QAAQ;oBACjD,IAAI,CAAC,iBAAU,CAAC,iBAAiB,CAAC,WAAW,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,CAAC;wBACjE,yEAAyE;wBACzE,gBAAM,CAAC,IAAI,CAAC,kDAAkD,EAAE;4BAC9D,GAAG,EAAE,GAAG,CAAC,GAAG;4BACZ,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,SAAS;4BACvC,MAAM;yBACP,CAAC,CAAC;wBACH,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;4BAC1B,KAAK,EAAE,2BAA2B;4BAClC,IAAI,EAAE,mBAAmB;yBAC1B,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAED,yBAAyB;YACzB,MAAM,MAAM,GAAG,MAAM,4BAAgB,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC;YACtE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,mDAAmD;gBACnD,gBAAM,CAAC,IAAI,CAAC,+CAA+C,EAAE;oBAC3D,GAAG,EAAE,GAAG,CAAC,GAAG;oBACZ,SAAS,EAAE,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK;iBAC9C,CAAC,CAAC;gBACH,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,yBAAyB;oBAChC,IAAI,EAAE,oBAAoB;iBAC3B,CAAC,CAAC;YACL,CAAC;YAED,0BAA0B;YAC1B,MAAM,aAAa,GAAG,EAAE,GAAG,WAAW,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;YACzD,MAAM,QAAQ,GAAG,MAAM,iBAAU,CAAC,aAAa,CAAC,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;YAEjF,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,+CAA+C;gBAC/C,gBAAM,CAAC,IAAI,CAAC,kDAAkD,EAAE;oBAC9D,GAAG,EAAE,GAAG,CAAC,GAAG;oBACZ,QAAQ,EAAE,MAAM,CAAC,EAAE;oBACnB,IAAI,EAAE,WAAW,CAAC,IAAI;iBACvB,CAAC,CAAC;gBACH,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,2BAA2B;oBAClC,IAAI,EAAE,mBAAmB;iBAC1B,CAAC,CAAC;YACL,CAAC;YAED,iCAAiC;YACjC,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;gBAC5B,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;gBACvD,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBAC1B,KAAK,EAAE,0BAA0B;wBACjC,IAAI,EAAE,0BAA0B;qBACjC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YACpB,GAAG,CAAC,aAAa,GAAG,aAAa,CAAC;YAElC,oDAAoD;YAEpD,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,iDAAiD;YACjD,gBAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE;gBAC9C,GAAG,EAAE,GAAG,CAAC,GAAG;gBACZ,KAAK,EAAE,KAAK,CAAC,OAAO;gBACpB,KAAK,EAAE,KAAK,CAAC,KAAK;aACnB,CAAC,CAAC;YAEH,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,KAAK,EAAE,uBAAuB;gBAC9B,IAAI,EAAE,sBAAsB;gBAC5B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;aAC5E,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAgB,WAAW,CACzB,UAII,EAAE;IAEN,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;QACrC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAwB;gBACpC,MAAM,EAAE,SAAS;gBACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,YAAY;aACzC,CAAC;YAEF,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBACpB,QAAQ,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;YACrC,CAAC;YAED,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;gBAC3B,QAAQ,CAAC,OAAO,GAAG;oBACjB,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE;oBACxB,MAAM,EAAE,OAAO,CAAC,WAAW,EAAE;oBAC7B,MAAM,EAAE,OAAO,CAAC,OAAO;oBACvB,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,GAAG,EAAE,OAAO,CAAC,GAAG;iBACjB,CAAC;YACJ,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,mCAAmC;YACnC,gBAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5E,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,MAAM,EAAE,WAAW;gBACnB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,YAAY;gBACxC,KAAK,EAAE,KAAK,CAAC,OAAO;aACrB,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAgB,YAAY;IAC1B,OAAO,CAAC,KAAU,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACrE,+CAA+C;QAC/C,gBAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE;YAC5C,GAAG,EAAE,GAAG,CAAC,GAAG;YACZ,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,KAAK,EAAE,KAAK,CAAC,OAAO;YACpB,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,EAAE;SACzB,CAAC,CAAC;QAEH,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC;QACrB,CAAC;QAED,IAAI,UAAU,GAAG,GAAG,CAAC;QACrB,IAAI,SAAS,GAAG,gBAAgB,CAAC;QAEjC,IAAI,KAAK,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;YACrC,UAAU,GAAG,GAAG,CAAC;YACjB,SAAS,GAAG,kBAAkB,CAAC;QACjC,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;YAC9C,UAAU,GAAG,GAAG,CAAC;YACjB,SAAS,GAAG,cAAc,CAAC;QAC7B,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;YAC3C,UAAU,GAAG,GAAG,CAAC;YACjB,SAAS,GAAG,WAAW,CAAC;QAC1B,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAC1C,UAAU,GAAG,GAAG,CAAC;YACjB,SAAS,GAAG,WAAW,CAAC;QAC1B,CAAC;QAED,OAAO,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC;YACjC,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,GAAG,CAAC,aAAa,EAAE,IAAI;YAC7B,OAAO,EAAE,uBAAuB;YAChC,KAAK,EAAE;gBACL,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB;aACtF;SACF,CAAC,CAAC;IACL,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,WAAW;IACzB,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,OAAO,EAAE,EAAE,CAAC,CAAC;IAC3E,MAAM,YAAY,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,KAAK,EAAE,EAAE,CAAC,CAAC;IACjF,MAAM,aAAa,GAAG,IAAI,GAAG,EAAgD,CAAC;IAE9E,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACzD,kCAAkC;QAClC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,SAAS,IAAI,YAAY,CAAC;QAEnD,wBAAwB;QACxB,IAAI,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC1C,IAAI,CAAC,OAAO,IAAI,GAAG,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;YACxC,OAAO,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,SAAS,EAAE,GAAG,GAAG,QAAQ,EAAE,CAAC;YAClD,aAAa,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACvC,CAAC;QAED,4BAA4B;QAC5B,IAAI,OAAO,CAAC,KAAK,IAAI,KAAK,EAAE,CAAC;YAC3B,sCAAsC;YACtC,gBAAM,CAAC,IAAI,CAAC,qBAAqB,EAAE;gBACjC,GAAG,EAAE,GAAG,CAAC,GAAG;gBACZ,QAAQ;gBACR,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,KAAK;aACN,CAAC,CAAC;YAEH,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,KAAK,EAAE,qBAAqB;gBAC5B,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE;oBACP,KAAK;oBACL,QAAQ;oBACR,SAAS,EAAE,OAAO,CAAC,SAAS;iBAC7B;aACF,CAAC,CAAC;QACL,CAAC;QAED,OAAO,CAAC,KAAK,EAAE,CAAC;QAEhB,GAAG,CAAC,GAAG,CAAC;YACN,mBAAmB,EAAE,KAAK,CAAC,QAAQ,EAAE;YACrC,uBAAuB,EAAE,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE;YAC3D,mBAAmB,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE;SAC/D,CAAC,CAAC;QAEH,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC"}

package/lib/types.d.ts

@@ -0,0 +1,114 @@
+export type VendorOrderStatus = 'pending' | 'processing' | 'completed' | 'failed' | 'cancelled' | 'return_requested';
+export type BrokerStatus = 'active' | 'inactive';
+export interface DeliveryRequest {
+    description: string;
+    userInfo: {
+        userDid: string;
+        email: string;
+        description?: string;
+    };
+    deliveryParams: {
+        instanceName: string;
+        blockletMetaUrl?: string;
+        productId?: string;
+        customParams?: Record<string, any>;
+    };
+}
+export type VendorRequest = Record<string, any>;
+export interface VendorSignedRequest extends VendorRequest {
+    signature: string;
+}
+export interface VendorResponse {
+    success: boolean;
+    orderId: string;
+    status?: VendorOrderStatus;
+    message?: string;
+    data?: {
+        fulfillmentId?: string;
+        serviceUrl?: string;
+        instanceId?: string;
+        progress?: number;
+        estimatedTime?: number;
+        [key: string]: any;
+    };
+    error?: {
+        code: string;
+        details: string;
+    };
+}
+export interface BrokerConfig {
+    id: string;
+    name: string;
+    publicKey: string;
+    status: BrokerStatus;
+    rateLimit?: number;
+    createdAt?: string;
+    description?: string;
+}
+export interface SigningOptions {
+    brokerSk: string;
+    brokerPk: string;
+}
+export interface AuthMiddlewareOptions {
+    skipTimestamp?: boolean;
+    maxAge?: number;
+    customValidator?: (req: any) => Promise<boolean>;
+}
+export interface VendorOrder {
+    id: string;
+    orderId: string;
+    brokerId: string;
+    status: VendorOrderStatus;
+    params: Record<string, any>;
+    result?: any;
+    error?: {
+        code: string;
+        message: string;
+        details?: any;
+    };
+    retryCount?: number;
+    maxRetries?: number;
+    createdAt: Date;
+    updatedAt: Date;
+    completedAt?: Date;
+    failedAt?: Date;
+}
+export interface VendorHooks {
+    onOrderCreated?: (order: VendorOrder) => Promise<void>;
+    onProcessOrder: (order: VendorOrder) => Promise<any>;
+    onOrderCompleted?: (order: VendorOrder, result: any) => Promise<void>;
+    onOrderFailed?: (order: VendorOrder, error: Error) => Promise<void>;
+    onOrderRetry?: (order: VendorOrder, retryCount: number) => Promise<void>;
+}
+export interface VendorStorage {
+    createOrder(orderData: Partial<VendorOrder>): Promise<VendorOrder>;
+    getOrder(orderId: string): Promise<VendorOrder | null>;
+    updateOrderStatus(orderId: string, status: VendorOrderStatus, data?: any): Promise<void>;
+    updateOrder(orderId: string, updates: Partial<VendorOrder>): Promise<void>;
+    listOrders(filters?: {
+        brokerId?: string;
+        status?: VendorOrderStatus;
+        limit?: number;
+        offset?: number;
+    }): Promise<VendorOrder[]>;
+}
+declare global {
+    namespace Express {
+        interface Request {
+            broker?: BrokerConfig;
+            vendorRequest?: VendorSignedRequest;
+        }
+    }
+}
+export type CreateOrderParams = Pick<VendorOrder, 'orderId' | 'brokerId' | 'params'> & {
+    maxRetries?: number;
+};
+export type UpdateOrderParams = Partial<Pick<VendorOrder, 'status' | 'result' | 'error' | 'retryCount'>>;
+export interface HealthCheckResponse {
+    status: 'healthy' | 'unhealthy';
+    timestamp: string;
+    service: string;
+    version?: string;
+    details?: Record<string, any>;
+}
+//# sourceMappingURL=types.d.ts.map

package/lib/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,iBAAiB,GAAG,SAAS,GAAG,YAAY,GAAG,WAAW,GAAG,QAAQ,GAAG,WAAW,GAAG,kBAAkB,CAAC;AAErH,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,UAAU,CAAC;AAEjD,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE;QACR,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,EAAE,MAAM,CAAC;QACd,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,cAAc,EAAE;QACd,YAAY,EAAE,MAAM,CAAC;QACrB,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;KACpC,CAAC;CACH;AAED,MAAM,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;AAEhD,MAAM,WAAW,mBAAoB,SAAQ,aAAa;IACxD,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,iBAAiB,CAAC;IAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE;QACL,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;KACpB,CAAC;IACF,KAAK,CAAC,EAAE;QACN,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAElB,MAAM,EAAE,YAAY,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,qBAAqB;IACpC,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;CAClD;AAED,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,iBAAiB,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC5B,MAAM,CAAC,EAAE,GAAG,CAAC;IACb,KAAK,CAAC,EAAE;QACN,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,CAAC,EAAE,GAAG,CAAC;KACf,CAAC;IACF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,WAAW,CAAC,EAAE,IAAI,CAAC;IACnB,QAAQ,CAAC,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAC1B,cAAc,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAEvD,cAAc,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;IAErD,gBAAgB,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtE,aAAa,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAEpE,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC1E;AAED,MAAM,WAAW,aAAa;IAC5B,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IACnE,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;IACvD,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB,EAAE,IAAI,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACzF,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3E,UAAU,CAAC,OAAO,CAAC,EAAE;QACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,iBAAiB,CAAC;QAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;CAC5B;AAED,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,OAAO;YACf,MAAM,CAAC,EAAE,YAAY,CAAC;YACtB,aAAa,CAAC,EAAE,mBAAmB,CAAC;SACrC;KACF;CACF;AAED,MAAM,MAAM,iBAAiB,GAAG,IAAI,CAAC,WAAW,EAAE,SAAS,GAAG,UAAU,GAAG,QAAQ,CAAC,GAAG;IACrF,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,GAAG,QAAQ,GAAG,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC;AAEzG,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,SAAS,GAAG,WAAW,CAAC;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAC/B"}

package/lib/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/lib/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}

package/lib/whitelist.d.ts

@@ -0,0 +1,26 @@
+import { BrokerConfig } from './types';
+/**
+ * @example
+ * WhitelistManager.setBrokers([{ id: 'payment-kit', name: 'Payment Kit', publicKey: '...', status: 'active' }]);
+ * WhitelistManager.setBrokers(() => fetchBrokersFromAPI());
+ * const broker = await WhitelistManager.getBroker('payment-kit');
+ */
+export declare class WhitelistManager {
+    private static brokers;
+    private static brokerGetter?;
+    /**
+     * @example
+     * VendorSDK.setBrokers([{ id: 'payment-kit', ... }]);
+     * VendorSDK.setBrokers(() => parseMyConfig());
+     */
+    static setBrokers(brokersOrGetter: BrokerConfig[] | (() => BrokerConfig[] | Promise<BrokerConfig[]>)): void;
+    static getWhitelist(): Promise<BrokerConfig[]>;
+    static getActiveBrokers(): Promise<BrokerConfig[]>;
+    static clearBrokers(): void;
+    private static validateBrokers;
+    static getBroker(brokerId: string): Promise<BrokerConfig | null>;
+    static getBrokerByPublicKey(brokerPublicKey: string): Promise<BrokerConfig | null>;
+    static checkBrokerPermission(brokerId: string): Promise<boolean>;
+    static listActiveBrokers(): Promise<BrokerConfig[]>;
+}
+//# sourceMappingURL=whitelist.d.ts.map

package/lib/whitelist.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"whitelist.d.ts","sourceRoot":"","sources":["../src/whitelist.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC;;;;;GAKG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAC,OAAO,CAAsB;IAE5C,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAiD;IAE7E;;;;OAIG;IACH,MAAM,CAAC,UAAU,CAAC,eAAe,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,YAAY,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC,GAAG,IAAI;WAqB9F,YAAY,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;WAcvC,gBAAgB,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;IAKxD,MAAM,CAAC,YAAY,IAAI,IAAI;IAI3B,OAAO,CAAC,MAAM,CAAC,eAAe;WAgBjB,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;WAMzD,oBAAoB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;WAM3E,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAOtE,MAAM,CAAC,iBAAiB,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;CAGpD"}

package/lib/whitelist.js

@@ -0,0 +1,90 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WhitelistManager = void 0;
+/**
+ * @example
+ * WhitelistManager.setBrokers([{ id: 'payment-kit', name: 'Payment Kit', publicKey: '...', status: 'active' }]);
+ * WhitelistManager.setBrokers(() => fetchBrokersFromAPI());
+ * const broker = await WhitelistManager.getBroker('payment-kit');
+ */
+class WhitelistManager {
+    /**
+     * @example
+     * VendorSDK.setBrokers([{ id: 'payment-kit', ... }]);
+     * VendorSDK.setBrokers(() => parseMyConfig());
+     */
+    static setBrokers(brokersOrGetter) {
+        if (!brokersOrGetter) {
+            this.brokers = [];
+            this.brokerGetter = undefined;
+            return;
+        }
+        if (typeof brokersOrGetter === 'function') {
+            this.brokerGetter = brokersOrGetter;
+            this.brokers = [];
+        }
+        else if (Array.isArray(brokersOrGetter)) {
+            this.validateBrokers(brokersOrGetter);
+            this.brokers = brokersOrGetter;
+            this.brokerGetter = undefined;
+        }
+        else {
+            throw new Error(`Invalid parameter type for setBrokers. Expected array or function, got: ${typeof brokersOrGetter}. Value: ${JSON.stringify(brokersOrGetter)}`);
+        }
+    }
+    static async getWhitelist() {
+        if (this.brokerGetter) {
+            try {
+                const brokers = await this.brokerGetter();
+                this.validateBrokers(brokers);
+                return brokers;
+            }
+            catch (error) {
+                return this.brokers || [];
+            }
+        }
+        return this.brokers || [];
+    }
+    static async getActiveBrokers() {
+        const whitelist = await this.getWhitelist();
+        return whitelist.filter((item) => item.status === 'active');
+    }
+    static clearBrokers() {
+        this.brokers = [];
+    }
+    static validateBrokers(brokers) {
+        if (!Array.isArray(brokers)) {
+            throw new Error('Brokers must be an array');
+        }
+        for (const config of brokers) {
+            if (!config.id || !config.name || !config.publicKey) {
+                throw new Error('Invalid broker: missing required fields (id, name, publicKey)');
+            }
+            if (!['active', 'inactive'].includes(config.status)) {
+                throw new Error('Invalid broker: status must be "active" or "inactive"');
+            }
+        }
+    }
+    static async getBroker(brokerId) {
+        const whitelist = await this.getWhitelist();
+        const broker = whitelist.find((b) => b.id === brokerId && b.status === 'active');
+        return broker || null;
+    }
+    static async getBrokerByPublicKey(brokerPublicKey) {
+        const whitelist = await this.getWhitelist();
+        const broker = whitelist.find((b) => b.publicKey === brokerPublicKey && b.status === 'active');
+        return broker || null;
+    }
+    static async checkBrokerPermission(brokerId) {
+        const broker = await WhitelistManager.getBroker(brokerId);
+        if (!broker)
+            return false;
+        return broker.status === 'active';
+    }
+    static listActiveBrokers() {
+        return this.getActiveBrokers();
+    }
+}
+exports.WhitelistManager = WhitelistManager;
+WhitelistManager.brokers = [];
+//# sourceMappingURL=whitelist.js.map

package/lib/whitelist.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"whitelist.js","sourceRoot":"","sources":["../src/whitelist.ts"],"names":[],"mappings":";;;AAEA;;;;;GAKG;AACH,MAAa,gBAAgB;IAK3B;;;;OAIG;IACH,MAAM,CAAC,UAAU,CAAC,eAAkF;QAClG,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC;YAClB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;YAC9B,OAAO;QACT,CAAC;QAED,IAAI,OAAO,eAAe,KAAK,UAAU,EAAE,CAAC;YAC1C,IAAI,CAAC,YAAY,GAAG,eAAe,CAAC;YACpC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC;QACpB,CAAC;aAAM,IAAI,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;YAC1C,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,CAAC;YACtC,IAAI,CAAC,OAAO,GAAG,eAAe,CAAC;YAC/B,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CACb,2EAA2E,OAAO,eAAe,YAAY,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,EAAE,CAC/I,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY;QACvB,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC1C,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;gBAC9B,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,OAAO,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;YAC5B,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;IAC5B,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,gBAAgB;QAC3B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC5C,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,CAAC,YAAY;QACjB,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC;IACpB,CAAC;IAEO,MAAM,CAAC,eAAe,CAAC,OAAuB;QACpD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAC9C,CAAC;QAED,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;gBACpD,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;YACnF,CAAC;YAED,IAAI,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpD,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,QAAgB;QACrC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC5C,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC;QACjF,OAAO,MAAM,IAAI,IAAI,CAAC;IACxB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,eAAuB;QACvD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC5C,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,eAAe,IAAI,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC;QAC/F,OAAO,MAAM,IAAI,IAAI,CAAC;IACxB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,QAAgB;QACjD,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC1D,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAE1B,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC;IACpC,CAAC;IAED,MAAM,CAAC,iBAAiB;QACtB,OAAO,IAAI,CAAC,gBAAgB,EAAE,CAAC;IACjC,CAAC;;AA3FH,4CA4FC;AA3FgB,wBAAO,GAAmB,EAAE,CAAC"}