@bloonio/lokotro-pay 1.1.0 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/index.d.ts
CHANGED
|
@@ -218,6 +218,7 @@ interface LokotroPaymentBody {
|
|
|
218
218
|
cardHolderName?: string;
|
|
219
219
|
merchant?: LokotroMerchantInfo;
|
|
220
220
|
mastercardPaymentMethod?: 'HOSTED_SESSION' | 'DIRECT_CAPTURE';
|
|
221
|
+
transactionalCurrency?: string;
|
|
221
222
|
metadata?: Record<string, unknown>;
|
|
222
223
|
}
|
|
223
224
|
/**
|
|
@@ -571,11 +572,15 @@ interface LokotroPaymentState {
|
|
|
571
572
|
}
|
|
572
573
|
declare class LokotroPaymentService {
|
|
573
574
|
private httpClient;
|
|
575
|
+
/** Allowed domains for redirect URLs to prevent open redirect attacks */
|
|
576
|
+
private static readonly ALLOWED_REDIRECT_DOMAINS;
|
|
574
577
|
private stateSubject;
|
|
575
578
|
state$: Observable<LokotroPaymentState>;
|
|
576
579
|
private currentPaymentBody?;
|
|
577
580
|
private mobileMoneyPollingTimer?;
|
|
578
581
|
private mobileMoneyPollingAttempts;
|
|
582
|
+
private pollingStop$;
|
|
583
|
+
private pollingSubscription?;
|
|
579
584
|
private static readonly MOBILE_MONEY_POLL_INTERVAL;
|
|
580
585
|
private static readonly MOBILE_MONEY_MAX_ATTEMPTS;
|
|
581
586
|
constructor(httpClient: LokotroHttpClientService);
|
|
@@ -704,6 +709,16 @@ declare class LokotroPaymentService {
|
|
|
704
709
|
private getBoolean;
|
|
705
710
|
private asRecord;
|
|
706
711
|
private getRecordArray;
|
|
712
|
+
/**
|
|
713
|
+
* Validate that a redirect URL points to an allowed domain.
|
|
714
|
+
* Prevents open redirect attacks if the API response is compromised.
|
|
715
|
+
*/
|
|
716
|
+
private isValidRedirectUrl;
|
|
717
|
+
/**
|
|
718
|
+
* Full cleanup - call when the host component is destroyed.
|
|
719
|
+
* Addresses singleton state collision by ensuring polling and state are reset.
|
|
720
|
+
*/
|
|
721
|
+
destroy(): void;
|
|
707
722
|
static ɵfac: i0.ɵɵFactoryDeclaration<LokotroPaymentService, never>;
|
|
708
723
|
static ɵprov: i0.ɵɵInjectableDeclaration<LokotroPaymentService>;
|
|
709
724
|
}
|
|
@@ -948,6 +963,7 @@ declare class LokotroPayCheckoutComponent implements OnInit, OnDestroy {
|
|
|
948
963
|
private static readonly MAX_RETRY_ATTEMPTS;
|
|
949
964
|
private retryAttempts;
|
|
950
965
|
private stateSubscription?;
|
|
966
|
+
private readonly destroy$;
|
|
951
967
|
constructor(paymentService: LokotroPaymentService, localization: LokotroLocalizationService);
|
|
952
968
|
/** Check if user has retries left */
|
|
953
969
|
get hasRetriesLeft(): boolean;
|