npm - @chevre/domain - Versions diffs - 23.0.0-alpha.2 → 23.0.0-alpha.20 - Mend

@chevre/domain 23.0.0-alpha.2 → 23.0.0-alpha.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

package/lib/chevre/repo/productHasOfferCatalog.js ADDED Viewed

@@ -0,0 +1,71 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ProductHasOfferCatalogRepo = void 0;
+const mongoose_1 = require("mongoose");
+const factory = require("../factory");
+const settings_1 = require("../settings");
+const product_1 = require("./mongoose/schemas/product");
+/**
+ * プロダクトオファーカタログリポジトリ
+ */
+class ProductHasOfferCatalogRepo {
+    constructor(connection) {
+        this.productModel = connection.model(product_1.modelName, (0, product_1.createSchema)());
+    }
+    findOfferCatalogs(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b, _c, _d, _e, _f;
+            const matchStages = [];
+            const projectIdEq = (_b = (_a = params.project) === null || _a === void 0 ? void 0 : _a.id) === null || _b === void 0 ? void 0 : _b.$eq;
+            if (typeof projectIdEq === 'string') {
+                matchStages.push({ $match: { 'project.id': { $eq: projectIdEq } } });
+            }
+            const productIdEq = (_d = (_c = params.product) === null || _c === void 0 ? void 0 : _c.id) === null || _d === void 0 ? void 0 : _d.$eq;
+            if (typeof productIdEq === 'string') {
+                matchStages.push({ $match: { _id: { $eq: new mongoose_1.Types.ObjectId(productIdEq) } } });
+            }
+            const productIdIn = (_f = (_e = params.product) === null || _e === void 0 ? void 0 : _e.id) === null || _f === void 0 ? void 0 : _f.$in;
+            if (Array.isArray(productIdIn)) {
+                matchStages.push({ $match: { _id: { $in: productIdIn.map((productId) => new mongoose_1.Types.ObjectId(productId)) } } });
+            }
+            const aggregate = this.productModel.aggregate([
+                {
+                    $unwind: {
+                        path: '$hasOfferCatalog.itemListElement'
+                    }
+                },
+                ...matchStages,
+                { $sort: { productID: factory.sortType.Ascending } },
+                {
+                    $project: {
+                        _id: 0,
+                        id: '$hasOfferCatalog.itemListElement.id',
+                        aggregateElement: {
+                            itemOffered: {
+                                id: { $toString: '$_id' },
+                                typeOf: '$typeOf'
+                            }
+                        }
+                    }
+                }
+            ]);
+            if (typeof params.limit === 'number' && params.limit > 0) {
+                const page = (typeof params.page === 'number' && params.page > 0) ? params.page : 1;
+                aggregate.skip(params.limit * (page - 1))
+                    .limit(params.limit);
+            }
+            return aggregate.option({ maxTimeMS: settings_1.MONGO_MAX_TIME_MS })
+                .exec();
+        });
+    }
+}
+exports.ProductHasOfferCatalogRepo = ProductHasOfferCatalogRepo;

package/lib/chevre/repository.d.ts CHANGED Viewed

@@ -56,6 +56,7 @@ import type { SectionRepo } from './repo/place/section';
 import type { PotentialActionRepo } from './repo/potentialAction';
 import type { PriceSpecificationRepo } from './repo/priceSpecification';
 import type { ProductRepo } from './repo/product';
+import type { ProductHasOfferCatalogRepo } from './repo/productHasOfferCatalog';
 import type { ProductModelRepo } from './repo/productModel';
 import type { ProductOfferRepo } from './repo/productOffer';
 import type { ProjectRepo } from './repo/project';
@@ -348,6 +349,10 @@ export type Product = ProductRepo;
 export declare namespace Product {
     function createInstance(...params: ConstructorParameters<typeof ProductRepo>): Promise<ProductRepo>;
 }
+export type ProductHasOfferCatalog = ProductHasOfferCatalogRepo;
+export declare namespace ProductHasOfferCatalog {
+    function createInstance(...params: ConstructorParameters<typeof ProductHasOfferCatalogRepo>): Promise<ProductHasOfferCatalogRepo>;
+}
 export type ProductModel = ProductModelRepo;
 export declare namespace ProductModel {
     function createInstance(...params: ConstructorParameters<typeof ProductModelRepo>): Promise<ProductModelRepo>;

package/lib/chevre/repository.js CHANGED Viewed

@@ -10,7 +10,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Permit = exports.Person = exports.paymentMethod = exports.PendingReservation = exports.PaymentServiceProvider = exports.PaymentServiceChannel = exports.PaymentService = exports.Passport = exports.OwnershipInfo = exports.OrderNumber = exports.OrderInTransaction = exports.Order = exports.Offer = exports.OfferItemCondition = exports.OfferCatalogItem = exports.OfferCatalog = exports.NoteAboutOrder = exports.Note = exports.Message = exports.MerchantReturnPolicy = exports.MemberProgram = exports.Member = exports.Issuer = exports.IdentityProvider = exports.Identity = exports.EventSeries = exports.EventSellerMakesOffer = exports.Event = exports.EmailMessage = exports.CustomerType = exports.Customer = exports.Credentials = exports.CreativeWork = exports.ConfirmationNumber = exports.Comment = exports.Authorization = exports.CategoryCode = exports.AssetTransaction = exports.Aggregation = exports.AggregateReservation = exports.AggregateOrder = exports.AggregateOffer = exports.AdvanceBookingRequirement = exports.AdditionalProperty = exports.Action = exports.AccountTransaction = exports.AccountTitle = exports.AccountingReport = exports.Account = exports.AcceptedOffer = void 0;
-exports.WebSite = exports.rateLimit = exports.Trip = exports.TransactionProcess = exports.TransactionNumber = exports.Transaction = exports.Ticket = exports.Telemetry = exports.Task = exports.StockHolder = exports.setting = exports.Setting = exports.ServiceOutputIdentifier = exports.ServiceOutput = exports.ServiceAvailableHour = exports.SellerReturnPolicy = exports.SellerPaymentAccepted = exports.SellerMakesOffer = exports.Seller = exports.Schedule = exports.Role = exports.ReserveInterface = exports.Reservation = exports.ProjectMakesOffer = exports.Project = exports.ProductOffer = exports.ProductModel = exports.Product = exports.PriceSpecification = exports.PotentialAction = exports.place = void 0;
+exports.WebSite = exports.rateLimit = exports.Trip = exports.TransactionProcess = exports.TransactionNumber = exports.Transaction = exports.Ticket = exports.Telemetry = exports.Task = exports.StockHolder = exports.setting = exports.Setting = exports.ServiceOutputIdentifier = exports.ServiceOutput = exports.ServiceAvailableHour = exports.SellerReturnPolicy = exports.SellerPaymentAccepted = exports.SellerMakesOffer = exports.Seller = exports.Schedule = exports.Role = exports.ReserveInterface = exports.Reservation = exports.ProjectMakesOffer = exports.Project = exports.ProductOffer = exports.ProductModel = exports.ProductHasOfferCatalog = exports.Product = exports.PriceSpecification = exports.PotentialAction = exports.place = void 0;
 var AcceptedOffer;
 (function (AcceptedOffer) {
     let repo;
@@ -802,6 +802,19 @@ var Product;
     }
     Product.createInstance = createInstance;
 })(Product || (exports.Product = Product = {}));
+var ProductHasOfferCatalog;
+(function (ProductHasOfferCatalog) {
+    let repo;
+    function createInstance(...params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (repo === undefined) {
+                repo = (yield Promise.resolve().then(() => require('./repo/productHasOfferCatalog'))).ProductHasOfferCatalogRepo;
+            }
+            return new repo(...params);
+        });
+    }
+    ProductHasOfferCatalog.createInstance = createInstance;
+})(ProductHasOfferCatalog || (exports.ProductHasOfferCatalog = ProductHasOfferCatalog = {}));
 var ProductModel;
 (function (ProductModel) {
     let repo;

package/lib/chevre/service/assetTransaction/reserve/start.js CHANGED Viewed

@@ -100,9 +100,9 @@ function fixEvent(params) {
             // additionalProperty, // discontinue(2024-07-20~)
             'name', 'doorTime', 'endDate', 'eventStatus',
             'location', 'startDate', 'superEvent',
-            'offers', 'maximumPhysicalAttendeeCapacity'
+            'offers', 'maximumPhysicalAttendeeCapacity',
+            'identifier' // support identifier(2025-10-24~)
             // 'coaInfo', // discontinue(2024-07-24~)
-            // 'identifier' // discontinue(2024-07-24~)
         ]);
         const offeredThroughIdentifier = (_b = event.offers.offeredThrough) === null || _b === void 0 ? void 0 : _b.identifier;
         if (offeredThroughIdentifier === factory.service.webAPI.Identifier.COA) {

package/lib/chevre/service/assetTransaction/reserve/validateStartRequest/validateIssuedOfferIfExists.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import * as factory from '../../../../factory';
+import { IMinimizedIndividualEvent } from '../../../../factory/event';
+import type { IssuerRepo } from '../../../../repo/issuer';
+/**
+ * オファートークン検証(2025-10-21~)
+ */
+declare function validateIssuedOfferIfExists(params: {
+    event: Pick<IMinimizedIndividualEvent, 'offers' | 'id' | 'project' | 'identifier'>;
+    now: Date;
+    object: factory.assetTransaction.reserve.IObjectWithoutDetail;
+    makesOfferOnApplication: factory.event.screeningEvent.ISellerMakesOffer;
+}): (repos: {
+    issuer: IssuerRepo;
+}) => Promise<void>;
+export { validateIssuedOfferIfExists };

package/lib/chevre/service/assetTransaction/reserve/validateStartRequest/validateIssuedOfferIfExists.js ADDED Viewed

@@ -0,0 +1,159 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateIssuedOfferIfExists = validateIssuedOfferIfExists;
+const jwt = require("jsonwebtoken");
+const moment = require("moment");
+const factory = require("../../../../factory");
+const NUM_ACCEPTED_OFFERS_MAX_VALUE = 50;
+function verifyOfferToken(params) {
+    return __awaiter(this, void 0, void 0, function* () {
+        let result;
+        const { issuer, secret, token } = params;
+        try {
+            result = yield new Promise((resolve, reject) => {
+                jwt.verify(token, secret, {
+                    algorithms: ['HS256'],
+                    issuer
+                    // ...(Array.isArray(params.audience)) ? { audience: params.audience } : undefined
+                }, (err, decoded) => {
+                    if (err instanceof Error) {
+                        reject(err);
+                    }
+                    else {
+                        resolve(decoded);
+                    }
+                });
+            });
+        }
+        catch (error) {
+            // JWTエラーをハンドリング
+            if (error instanceof jwt.TokenExpiredError) {
+                throw new factory.errors.Argument('reservationFor.offers.token', `invalid token. [${error.message} expiredAt:${error.expiredAt}]`);
+            }
+            else if (error instanceof jwt.JsonWebTokenError) {
+                throw new factory.errors.Argument('reservationFor.offers.token', `invalid token. [${error.message}]`);
+            }
+            throw error;
+        }
+        return result;
+    });
+}
+const OFFER_TOKEN_DATE_FORMAT = 'YYYY-MM-DDTHH:mm:ssZ';
+function validateOfferToken(params) {
+    return () => __awaiter(this, void 0, void 0, function* () {
+        var _a, _b;
+        const { event, acceptedDate, verifiedOffer, makesOfferOnApplication } = params;
+        // イベント識別子一致検証
+        const itemOfferedIdentifier = verifiedOffer.itemOffered.identifier;
+        if (typeof itemOfferedIdentifier !== 'string' || itemOfferedIdentifier === '') {
+            throw new factory.errors.Argument('reservationFor.offers.token', 'itemOffered.identifier must be string');
+        }
+        const itemOfferedIdentifierMustBe = event.identifier;
+        if (typeof itemOfferedIdentifierMustBe !== 'string') {
+            throw new factory.errors.NotFound('identifier', 'the event must have an identifier');
+        }
+        if (itemOfferedIdentifier !== itemOfferedIdentifierMustBe) {
+            throw new factory.errors.Argument('reservationFor.offers.token', 'itemOffered.identifier not matched');
+        }
+        // アプリケーションオファーコード一致検証
+        const applicationOfferIdentifier = verifiedOffer.identifier;
+        if (typeof applicationOfferIdentifier !== 'string' || applicationOfferIdentifier === '') {
+            throw new factory.errors.Argument('reservationFor.offers.token', 'identifier must be string');
+        }
+        const applicationOfferIdentifierMustBe = makesOfferOnApplication.identifier;
+        if (typeof applicationOfferIdentifierMustBe !== 'string') {
+            throw new factory.errors.NotFound('makesOffer.identifier');
+        }
+        if (applicationOfferIdentifier !== applicationOfferIdentifierMustBe) {
+            throw new factory.errors.Argument('reservationFor.offers.token', 'identifier not matched');
+        }
+        // 有効期間検証
+        let validThroughMoment;
+        let validFromMoment;
+        validThroughMoment = moment(verifiedOffer.validThrough, OFFER_TOKEN_DATE_FORMAT, true);
+        validFromMoment = moment(verifiedOffer.validFrom, OFFER_TOKEN_DATE_FORMAT, true);
+        if (!validThroughMoment.isValid()) {
+            throw new factory.errors.Argument('reservationFor.offers.token', 'invalid validThrough');
+        }
+        if (!validFromMoment.isValid()) {
+            throw new factory.errors.Argument('reservationFor.offers.token', 'invalid validFrom');
+        }
+        if (acceptedDate.isBefore(validFromMoment)) {
+            throw new factory.errors.Argument('reservationFor.offers.token', `the offer id valid from ${validFromMoment}`);
+        }
+        if (acceptedDate.isAfter(validThroughMoment)) {
+            throw new factory.errors.Argument('reservationFor.offers.token', `the offer id valid through ${validThroughMoment}`);
+        }
+        // maxValueを検証
+        const maxValue = (_a = verifiedOffer === null || verifiedOffer === void 0 ? void 0 : verifiedOffer.eligibleQuantity) === null || _a === void 0 ? void 0 : _a.maxValue;
+        if (typeof maxValue !== 'number') {
+            throw new factory.errors.Argument('reservationFor.offers.token', 'eligibleQuantity.maxValue must be number');
+        }
+        if (maxValue > NUM_ACCEPTED_OFFERS_MAX_VALUE) {
+            throw new factory.errors.Argument('reservationFor.offers.token', `eligibleQuantity.maxValue must be <= ${NUM_ACCEPTED_OFFERS_MAX_VALUE}`);
+        }
+        const numAcceptedOffers = (_b = params.object.acceptedOffer) === null || _b === void 0 ? void 0 : _b.length;
+        if (typeof numAcceptedOffers === 'number' && numAcceptedOffers > 0) {
+            if (numAcceptedOffers > maxValue) {
+                throw new factory.errors.Argument('reservationFor.id', `Maximum number of offers exceeded`);
+            }
+        }
+    });
+}
+/**
+ * オファートークン検証(2025-10-21~)
+ */
+function validateIssuedOfferIfExists(params) {
+    return (repos) => __awaiter(this, void 0, void 0, function* () {
+        var _a, _b, _c, _d, _e;
+        const { event, makesOfferOnApplication } = params;
+        const acceptedDate = moment(params.now);
+        const offerTokenIssuer = (_a = makesOfferOnApplication.offeredBy) === null || _a === void 0 ? void 0 : _a.identifier;
+        const offerTokenRequired = typeof offerTokenIssuer === 'string';
+        if (offerTokenRequired) {
+            const offerIdentifierMustBe = (_c = (_b = params.object.reservationFor) === null || _b === void 0 ? void 0 : _b.offers) === null || _c === void 0 ? void 0 : _c.identifier;
+            const offerToken = (_e = (_d = params.object.reservationFor) === null || _d === void 0 ? void 0 : _d.offers) === null || _e === void 0 ? void 0 : _e.token;
+            if (typeof offerIdentifierMustBe !== 'string' || offerIdentifierMustBe === '') {
+                throw new factory.errors.ArgumentNull('object.reservationFor.offers.identifier');
+            }
+            if (typeof offerToken !== 'string' || offerToken === '') {
+                throw new factory.errors.ArgumentNull('object.reservationFor.offers.token');
+            }
+            if (typeof makesOfferOnApplication.identifier !== 'string' || makesOfferOnApplication.identifier === '') {
+                throw new factory.errors.NotFound('seller.makesOffer.identifier');
+            }
+            // アプリケーションオファーコード一致検証
+            if (makesOfferOnApplication.identifier !== offerIdentifierMustBe) {
+                throw new factory.errors.Argument('object.reservationFor.offers.identifier', 'offers.identifier not matched');
+            }
+            const issuer = yield repos.issuer.findByIdentifier({
+                project: { id: event.project.id },
+                identifier: offerTokenIssuer
+            });
+            if (typeof issuer.tokenSecret !== 'string' || issuer.tokenSecret === '') {
+                throw new factory.errors.NotFound('issuer.tokenSecret');
+            }
+            const verifiedOffer = yield verifyOfferToken({
+                secret: issuer.tokenSecret,
+                issuer: issuer.url,
+                token: offerToken
+            });
+            yield validateOfferToken({
+                event,
+                acceptedDate,
+                verifiedOffer,
+                makesOfferOnApplication,
+                object: params.object
+            })();
+        }
+    });
+}

package/lib/chevre/service/assetTransaction/reserve/validateStartRequest/validateMemberTierIfExists.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import * as factory from '../../../../factory';
+import { IMinimizedIndividualEvent } from '../../../../factory/event';
+import type { IssuerRepo } from '../../../../repo/issuer';
+import type { MemberProgramRepo } from '../../../../repo/memberProgram';
+import type { ProductOfferRepo } from '../../../../repo/productOffer';
+declare function validateMemberTierIfExists(params: {
+    event: Pick<IMinimizedIndividualEvent, 'offers' | 'id' | 'project'>;
+    now: Date;
+    object: factory.assetTransaction.reserve.IObjectWithoutDetail;
+    makesOfferOnApplication: factory.event.screeningEvent.ISellerMakesOffer;
+}): (repos: {
+    issuer: IssuerRepo;
+    memberProgram: MemberProgramRepo;
+    productOffer: ProductOfferRepo;
+}) => Promise<void>;
+export { validateMemberTierIfExists };

package/lib/chevre/service/assetTransaction/reserve/validateStartRequest/validateMemberTierIfExists.js ADDED Viewed

@@ -0,0 +1,184 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateMemberTierIfExists = validateMemberTierIfExists;
+const jwt = require("jsonwebtoken");
+const moment = require("moment");
+const factory = require("../../../../factory");
+function validateMemberTier(params) {
+    return (repos) => __awaiter(this, void 0, void 0, function* () {
+        var _a, _b, _c, _d, _e;
+        const { acceptedDate, event, verifiedValidForMemberTier, memberProgramIdentifierMustBe, aggregateOfferIdentifier } = params;
+        const tierIdentifier = (_b = (_a = verifiedValidForMemberTier.member) === null || _a === void 0 ? void 0 : _a.memberOf) === null || _b === void 0 ? void 0 : _b.identifier;
+        const memberProgramIdentifier = (_e = (_d = (_c = verifiedValidForMemberTier.member) === null || _c === void 0 ? void 0 : _c.memberOf) === null || _d === void 0 ? void 0 : _d.isTierOf) === null || _e === void 0 ? void 0 : _e.identifier;
+        if (typeof tierIdentifier !== 'string') {
+            throw new factory.errors.Argument('reservationFor.offers.validForMemberTier', 'tier identifier must be string');
+        }
+        if (typeof memberProgramIdentifier !== 'string') {
+            throw new factory.errors.Argument('reservationFor.offers.validForMemberTier', 'member program must be string');
+        }
+        if (memberProgramIdentifier !== memberProgramIdentifierMustBe) {
+            throw new factory.errors.Argument('reservationFor.offers.validForMemberTier', 'member program not matched');
+        }
+        const sellerId = event.offers.seller.id;
+        if (typeof sellerId !== 'string' || sellerId === '') {
+            throw new factory.errors.NotFound('event.offers.seller.id');
+        }
+        // 有効なプロダクトオファーを検証
+        const productOfferForMemberTier = (yield repos.productOffer.findProductOffers({
+            limit: 1,
+            page: 1,
+            project: { id: { $eq: event.project.id } },
+            // availableAtOrFrom: { id: { $eq: availableAt.id } },
+            itemOffered: { identifier: { $eq: aggregateOfferIdentifier } }, // オファーコレクションコード
+            validForMemberTier: { identifier: { $eq: tierIdentifier } },
+            validFrom: { $lte: acceptedDate.toDate() },
+            validThrough: { $gte: acceptedDate.toDate() },
+            offeredBy: { id: { $eq: sellerId } } // オファー提供者も検証する
+        }, ['identifier'])).shift();
+        if (productOfferForMemberTier === undefined) {
+            throw new factory.errors.NotFound(factory.offerType.Offer, 'valid product offers for member tier not found');
+        }
+        // let validThroughMoment: moment.Moment;
+        // let validFromMoment: moment.Moment;
+        // validThroughMoment = moment(productOfferForMemberTier.validThrough, ROLE_DATE_FORMAT, true);
+        // validFromMoment = moment(productOfferForMemberTier.validFrom, ROLE_DATE_FORMAT, true);
+        // if (acceptedDate.isBefore(validFromMoment)) {
+        //     throw new factory.errors.Argument(
+        //         'reservationFor.offers.validForMemberTier',
+        //         `the offer id valid from ${validFromMoment}`
+        //     );
+        // }
+        // if (acceptedDate.isAfter(validThroughMoment)) {
+        //     throw new factory.errors.Argument(
+        //         'reservationFor.offers.validForMemberTier',
+        //         `the offer id valid through ${validThroughMoment}`
+        //     );
+        // }
+    });
+}
+function verifyMemberTierToken(params) {
+    return __awaiter(this, void 0, void 0, function* () {
+        let result;
+        const { issuer, secret, token } = params;
+        try {
+            result = yield new Promise((resolve, reject) => {
+                jwt.verify(token, secret, {
+                    algorithms: ['HS256'],
+                    issuer
+                    // ...(Array.isArray(params.audience)) ? { audience: params.audience } : undefined
+                }, (err, decoded) => {
+                    if (err instanceof Error) {
+                        reject(err);
+                    }
+                    else {
+                        resolve(decoded);
+                    }
+                });
+            });
+        }
+        catch (error) {
+            // JWTエラーをハンドリング
+            if (error instanceof jwt.TokenExpiredError) {
+                throw new factory.errors.Argument('reservationFor.offers.validForMemberTier', `invalid token. [${error.message} expiredAt:${error.expiredAt}]`);
+            }
+            else if (error instanceof jwt.JsonWebTokenError) {
+                throw new factory.errors.Argument('reservationFor.offers.validForMemberTier', `invalid token. [${error.message}]`);
+            }
+            throw error;
+        }
+        return result;
+    });
+}
+function validateMemberTierIfExists(params) {
+    // tslint:disable-next-line:cyclomatic-complexity max-func-body-length
+    return (repos) => __awaiter(this, void 0, void 0, function* () {
+        var _a, _b, _c, _d;
+        const { event, makesOfferOnApplication } = params;
+        const acceptedDate = moment(params.now);
+        const eventOffers = event.offers;
+        // 有効メンバープログラムティアが存在する場合
+        // support validForMemberTier(2025-05-14~)
+        const validForMemberTierExists = ((_a = makesOfferOnApplication.validForMemberTier) === null || _a === void 0 ? void 0 : _a.typeOf) === 'MemberProgramTier';
+        if (validForMemberTierExists) {
+            const tokenizedMemberProgramTier = (_c = (_b = params.object.reservationFor) === null || _b === void 0 ? void 0 : _b.offers) === null || _c === void 0 ? void 0 : _c.validForMemberTier;
+            const validForMemberTierToken = tokenizedMemberProgramTier === null || tokenizedMemberProgramTier === void 0 ? void 0 : tokenizedMemberProgramTier.token;
+            const memberProgramIdentifierMustBe = (_d = tokenizedMemberProgramTier === null || tokenizedMemberProgramTier === void 0 ? void 0 : tokenizedMemberProgramTier.isTierOf) === null || _d === void 0 ? void 0 : _d.identifier;
+            // ティアトークンが必須
+            if (typeof validForMemberTierToken !== 'string' || validForMemberTierToken === '') {
+                throw new factory.errors.ArgumentNull('reservationFor.offers.validForMemberTier.token');
+            }
+            // メンバープログラムコード指定が必須
+            if (typeof memberProgramIdentifierMustBe !== 'string' || memberProgramIdentifierMustBe === '') {
+                throw new factory.errors.ArgumentNull('reservationFor.offers.validForMemberTier.isTierOf.identifier');
+            }
+            // 有効メンバープログラムティアが存在する場合、オファーコレクションコードが必須
+            const aggregateOfferIdentifier = eventOffers.identifier;
+            if (typeof aggregateOfferIdentifier !== 'string' || aggregateOfferIdentifier === '') {
+                throw new factory.errors.NotFound('makesOfferOnApplication.identifier');
+            }
+            // トークン検証
+            const memberProgram = (yield repos.memberProgram.projectMemberPrograms({
+                limit: 1,
+                page: 1,
+                project: { id: { $eq: params.event.project.id } },
+                identifier: { $eq: memberProgramIdentifierMustBe }
+            })).shift();
+            if (memberProgram === undefined) {
+                throw new factory.errors.NotFound('MemberProgram', `MemberProgram '${memberProgramIdentifierMustBe}' not found`);
+            }
+            const issuer = yield repos.issuer.findByIdentifier({
+                project: { id: params.event.project.id },
+                identifier: memberProgram.hostingOrganization.identifier
+            });
+            if (typeof issuer.tokenSecret !== 'string' || issuer.tokenSecret === '') {
+                throw new factory.errors.NotFound('issuer.tokenSecret');
+            }
+            const verifiedValidForMemberTier = yield verifyMemberTierToken({
+                secret: issuer.tokenSecret,
+                issuer: issuer.url,
+                token: validForMemberTierToken
+            });
+            yield validateMemberTier({
+                event, acceptedDate, verifiedValidForMemberTier,
+                memberProgramIdentifierMustBe, aggregateOfferIdentifier
+            })(repos);
+        }
+        // tslint:disable-next-line:no-suspicious-comment
+        // TODO オファートークン検証(2025-10-21~)
+        // const offerTokenIssuer = makesOfferOnApplication.issuedBy?.identifier;
+        // const offerTokenRequired = typeof offerTokenIssuer === 'string';
+        // if (offerTokenRequired) {
+        //     const offerToken = params.object.reservationFor?.offers?.token;
+        //     if (typeof offerToken !== 'string' || offerToken === '') {
+        //         throw new factory.errors.ArgumentNull('object.reservationFor.offers.token');
+        //     }
+        //     const issuer = await repos.issuer.findByIdentifier({
+        //         project: { id: params.event.project.id },
+        //         identifier: offerTokenIssuer
+        //     });
+        //     if (typeof issuer.tokenSecret !== 'string' || issuer.tokenSecret === '') {
+        //         throw new factory.errors.NotFound('issuer.tokenSecret');
+        //     }
+        //     const verifiedOffer = await verifyOfferToken({
+        //         secret: issuer.tokenSecret,
+        //         issuer: issuer.url,
+        //         token: offerToken
+        //     });
+        //     await validateOfferToken({
+        //         acceptedDate,
+        //         verifiedOffer,
+        //         makesOfferOnApplication,
+        //         object: params.object
+        //     })();
+        // }
+    });
+}

package/lib/chevre/service/assetTransaction/reserve/validateStartRequest.d.ts CHANGED Viewed

@@ -5,7 +5,10 @@ import type { MemberProgramRepo } from '../../../repo/memberProgram';
 import type { ProductOfferRepo } from '../../../repo/productOffer';
 declare function validateStartRequest(params: {
     object: factory.assetTransaction.reserve.IObjectWithoutDetail;
-    event: Pick<IMinimizedIndividualEvent, 'offers' | 'id' | 'project'>;
+    event: Pick<IMinimizedIndividualEvent, 'offers' | 'id' | 'project' | 'identifier'>;
+    /**
+     * アプリケーションごとのオファーを検証するかどうか
+     */
     validateEventOfferPeriod?: boolean;
     validateEvent?: boolean;
     now: Date;