@chevre/domain 23.2.0-alpha.40 → 23.2.0-alpha.42

package/example/src/chevre/offerCatalog/upsertOfferCatalogItemsByIdentifier.ts

@@ -36,7 +36,10 @@ async function main() {
                 $unset: {}
             }
         ],
-        { update: true }
+        {
+            update: true,
+            productType: chevre.factory.product.ProductType.EventService
+        }
     );
     console.log('result:', result);
 }

package/example/src/chevre/offerCatalog/upsertOfferCatalogsByIdentifier.ts

@@ -36,7 +36,10 @@ async function main() {
                 $unset: {}
             }
         ],
-        { update: true }
+        {
+            update: false,
+            productType: chevre.factory.product.ProductType.EventService
+        }
         // { update: false }
     );
     console.log('result:', result);

package/example/src/chevre/{upsertOffersByIdentifier.ts → offers/upsertOffersByIdentifier.ts}

@@ -1,7 +1,7 @@
 // tslint:disable:no-console
 import * as mongoose from 'mongoose';
 
-import { chevre } from '../../../lib/index';
+import { chevre } from '../../../../lib/index';
 
 const PROJECT_ID = String(process.env.PROJECT_ID);
 const PRICE = 1234;
@@ -49,8 +49,10 @@ async function main() {
                 project: { typeOf: chevre.factory.organizationType.Project, id: PROJECT_ID },
                 typeOf: chevre.factory.offerType.Offer
             }
-        ]
-        // { replace: true }
+        ],
+        {
+            productType: chevre.factory.product.ProductType.EventService
+        }
     );
     // tslint:disable-next-line:no-null-keyword
     console.dir(result, { depth: null });

package/example/src/chevre/orderNumber/decryptOrderNumber.ts

@@ -0,0 +1,14 @@
+// tslint:disable:no-console
+// tslint:disable-next-line:no-require-imports no-var-requires
+const fpe = require('node-fpe-v1');
+
+// const orderNumber = 'CIN1-3796505-5174753';
+
+const timestamp = '1769837978000';
+const cipher = fpe({ secret: '3:v2-xxxxxx' });
+// .encrypt(orderNumber);
+
+const orderNumber = cipher.encrypt(`${timestamp}1`);
+console.log(orderNumber);
+console.log(cipher.decrypt(orderNumber));
+// '1234567'

package/example/src/chevre/transactionNumber/publishByTimestamp.ts

@@ -0,0 +1,34 @@
+// tslint:disable:no-console
+import * as mongoose from 'mongoose';
+import * as fpe2Module from 'node-fpe-v2';
+
+const fpe2 = (fpe2Module as unknown) as typeof fpe2Module.default;
+
+import { chevre } from '../../../../lib/index';
+
+// tslint:disable-next-line:max-func-body-length
+async function main() {
+    await mongoose.connect(<string>process.env.MONGOLAB_URI, { autoIndex: false });
+
+    const transactionNumberRepo = await chevre.repository.TransactionNumber.createInstance({
+        connection: mongoose.connection
+    });
+
+    const result = await transactionNumberRepo.publishByTimestamp({ startDate: new Date() });
+    console.log(result);
+    console.log('length:', result.transactionNumber.length);
+
+    const decryptResult = fpe2({ secret: String(result.secret) })
+        // tslint:disable-next-line:no-magic-numbers
+        .decrypt(result.transactionNumber.slice(2));
+    console.log(decryptResult);
+    console.log(decryptResult === `${result.timestamp}${result.incrReply.toString()
+        // tslint:disable-next-line:no-magic-numbers
+        .padStart(2, '0')}`);
+}
+
+main()
+    .then(() => {
+        console.log('success!');
+    })
+    .catch(console.error);

package/example/src/chevre/transactionNumber/testRandomness.ts

@@ -0,0 +1,42 @@
+// tslint:disable:object-literal-key-quotes no-console
+import * as mongoose from 'mongoose';
+
+import { chevre } from '../../../../lib/index';
+
+async function testGeneration() {
+    await mongoose.connect(<string>process.env.MONGOLAB_URI, { autoIndex: false });
+
+    const transactionNumberRepo = await chevre.repository.TransactionNumber.createInstance({
+        connection: mongoose.connection
+    });
+
+    const ts = new Date(); // 同一ミリ秒固定
+    const results: Record<string, string>[] = [];
+
+    console.log(`--- 同一ミリ秒(${ts})内での連続生成テスト ---`);
+
+    // tslint:disable-next-line:no-magic-numbers
+    for (let i = 0; i < 100; i += 1) {
+        // 同一ミリ秒内でシーケンス(00-99)だけが変わる状況を再現
+        const { transactionNumber, timestamp, incrReply } = await transactionNumberRepo.publishByTimestamp({ startDate: ts });
+
+        // 復号して元のデータに戻るかチェック
+        const decoded = await transactionNumberRepo.decrypt(transactionNumber);
+        const isSuccess = decoded === `${timestamp}${incrReply.toString()
+            // tslint:disable-next-line:no-magic-numbers
+            .padStart(2, '0')}`;
+
+        results.push({
+            timestamp: timestamp,
+            'シーケンス': incrReply.toString(),
+            '生成された番号 (17桁)': transactionNumber,
+            'ソルト(2文字目)': transactionNumber[1],
+            '復号結果': decoded,
+            '復号確認': isSuccess ? '✅OK' : '❌NG'
+        });
+    }
+
+    console.table(results);
+}
+
+testGeneration();

package/lib/chevre/repo/aggregateOffer.d.ts

@@ -74,7 +74,12 @@ export declare class AggregateOfferRepo {
     /**
      * コードをキーにして冪等置換(2023-12-13~)
      */
-    upsertByIdentifier(params: Omit<factory.unitPriceOffer.IUnitPriceOffer, 'id'>[]): Promise<{
+    upsertByIdentifier(params: Omit<factory.unitPriceOffer.IUnitPriceOffer, 'id'>[], options: {
+        /**
+         * プロダクトタイプでfilter(2026-01-30~)
+         */
+        productType: factory.product.ProductType;
+    }): Promise<{
         bulkWriteResult: BulkWriteResult;
         modifiedOffers: {
             id: string;

package/lib/chevre/repo/aggregateOffer.js

@@ -648,22 +648,30 @@ class AggregateOfferRepo {
     /**
      * コードをキーにして冪等置換(2023-12-13~)
      */
-    upsertByIdentifier(params) {
+    upsertByIdentifier(params, options) {
         return __awaiter(this, void 0, void 0, function* () {
+            const { productType } = options;
             const uniqid = yield Promise.resolve().then(() => require('uniqid'));
             const insertBulkWriteOps = [];
             // const updateBulkWriteOps: AnyBulkWriteOperation<factory.aggregateOffer.IAggregateOffer>[] = [];
             const queryFilters = [];
             if (Array.isArray(params)) {
                 params.forEach((p) => {
+                    var _a;
+                    // 指定されたproductTypeを強制する
+                    if (((_a = p.itemOffered) === null || _a === void 0 ? void 0 : _a.typeOf) !== productType) {
+                        throw new factory.errors.Argument('itemOffered.typeOf', `not matched with productType: ${productType}`);
+                    }
                     // リソースのユニークネスを保証するfilter
                     const filter = {
                         'project.id': { $eq: p.project.id },
-                        'offers.identifier': { $exists: true, $eq: p.identifier }
+                        'offers.identifier': { $exists: true, $eq: p.identifier },
+                        'offers.itemOffered.typeOf': { $eq: productType } // プロダクトタイプを変更させないためにフィルター追加(2026-01-30~)
                     };
                     queryFilters.push({
                         'project.id': { $eq: p.project.id },
-                        'offers.identifier': { $exists: true, $eq: p.identifier }
+                        'offers.identifier': { $exists: true, $eq: p.identifier },
+                        'offers.itemOffered.typeOf': { $eq: productType } // プロダクトタイプを変更させないためにフィルター追加(2026-01-30~)
                     });
                     const newOfferId = uniqid(); // setOnInsert時のみに利用する新ID
                     // サブオファー最適化(2023-12-22~)

package/lib/chevre/repo/confirmationNumber.js

@@ -14,7 +14,7 @@ const cdigit = require("cdigit");
 const moment = require("moment-timezone");
 // import { RedisClientType } from 'redis';
 // tslint:disable-next-line:no-require-imports no-var-requires
-const fpe = require('node-fpe');
+const fpe = require('node-fpe-v1');
 // import { createSchema as createSettingSchema, modelName as settingModelName } from './mongoose/schemas/setting';
 const transactionNumber_1 = require("./mongoose/schemas/transactionNumber");
 const transactionNumberCounter_1 = require("./transactionNumberCounter");

package/lib/chevre/repo/mongoose/schemas/setting.d.ts

@@ -110,6 +110,16 @@ export interface IJWTSetting {
      */
     algorithm: Algorithm;
 }
+export interface ITransactionNumberSetting {
+    /**
+     * fpe暗号鍵
+     */
+    fpeSecret: string;
+    /**
+     * "1"
+     */
+    version: string;
+}
 export interface ISetting {
     defaultSenderEmail?: string;
     jwt?: IJWTSetting;
@@ -127,6 +137,7 @@ export interface ISetting {
     };
     quota?: IQuotaSettings;
     storage?: IStorageSettings;
+    transactionNumber?: ITransactionNumberSetting;
     /**
      * 通知設定
      */

package/lib/chevre/repo/mongoose/schemas/setting.js

@@ -19,6 +19,7 @@ const schemaDefinition = {
     onTransactionStatusChanged: mongoose_1.SchemaTypes.Mixed,
     quota: mongoose_1.SchemaTypes.Mixed,
     storage: mongoose_1.SchemaTypes.Mixed,
+    transactionNumber: mongoose_1.SchemaTypes.Mixed,
     triggerWebhook: mongoose_1.SchemaTypes.Mixed,
     useInformResourceTypes: [String],
     userPoolIdOld: String,

package/lib/chevre/repo/offerCatalog.d.ts

@@ -40,6 +40,10 @@ export declare class OfferCatalogRepo {
          * support only update(2026-01-30~)
          */
         update: boolean;
+        /**
+         * プロダクトタイプでfilter(2026-01-30~)
+         */
+        productType: factory.product.ProductType;
     }): Promise<{
         bulkWriteResult: BulkWriteResult;
         modifiedCatalogs: {

package/lib/chevre/repo/offerCatalog.js

@@ -197,7 +197,7 @@ class OfferCatalogRepo {
      */
     upsertManyByIdentifier(params, options) {
         return __awaiter(this, void 0, void 0, function* () {
-            const { update } = options;
+            const { productType, update } = options;
             const uniqid = yield Promise.resolve().then(() => require('uniqid'));
             const bulkWriteOps = [];
             const queryFilters = [];
@@ -207,14 +207,20 @@ class OfferCatalogRepo {
                     if (typeof identifier !== 'string' || identifier.length === 0) {
                         throw new factory.errors.ArgumentNull('identifier');
                     }
+                    // 指定されたproductTypeを強制する
+                    if (setFields.itemOffered.typeOf !== productType) {
+                        throw new factory.errors.Argument('itemOffered.typeOf', `not matched with productType: ${productType}`);
+                    }
                     // リソースのユニークネスを保証するfilter
                     const filter = {
                         'project.id': { $eq: project.id },
-                        identifier: { $eq: identifier }
+                        identifier: { $eq: identifier },
+                        'itemOffered.typeOf': { $exists: true, $eq: productType } // プロダクトタイプを変更させないためにフィルター追加(2026-01-30~)
                     };
                     queryFilters.push({
                         'project.id': { $eq: project.id },
-                        identifier: { $eq: identifier }
+                        identifier: { $eq: identifier },
+                        'itemOffered.typeOf': { $exists: true, $eq: productType } // プロダクトタイプを変更させないためにフィルター追加(2026-01-30~)
                     });
                     if (update === true) {
                         const updateOne = {

package/lib/chevre/repo/offerCatalogItem.d.ts

@@ -37,6 +37,10 @@ export declare class OfferCatalogItemRepo {
          * support only update(2026-01-30~)
          */
         update: boolean;
+        /**
+         * プロダクトタイプでfilter(2026-01-30~)
+         */
+        productType: factory.product.ProductType;
     }): Promise<{
         bulkWriteResult: BulkWriteResult;
         modifiedCatalogs: {

package/lib/chevre/repo/offerCatalogItem.js

@@ -161,7 +161,7 @@ class OfferCatalogItemRepo {
      */
     upsertManyByIdentifier(params, options) {
         return __awaiter(this, void 0, void 0, function* () {
-            const { update } = options;
+            const { productType, update } = options;
             const bulkWriteOps = [];
             const queryFilters = [];
             if (Array.isArray(params)) {
@@ -170,14 +170,20 @@ class OfferCatalogItemRepo {
                     if (typeof identifier !== 'string' || identifier.length === 0) {
                         throw new factory.errors.ArgumentNull('identifier');
                     }
+                    // 指定されたproductTypeを強制する
+                    if (setFields.itemOffered.typeOf !== productType) {
+                        throw new factory.errors.Argument('itemOffered.typeOf', `not matched with productType: ${productType}`);
+                    }
                     // リソースのユニークネスを保証するfilter
                     const filter = {
                         'project.id': { $eq: project.id },
-                        identifier: { $eq: identifier }
+                        identifier: { $eq: identifier },
+                        'itemOffered.typeOf': { $exists: true, $eq: productType } // プロダクトタイプを変更させないためにフィルター追加(2026-01-30~)
                     };
                     queryFilters.push({
                         'project.id': { $eq: project.id },
-                        identifier: { $eq: identifier }
+                        identifier: { $eq: identifier },
+                        'itemOffered.typeOf': { $exists: true, $eq: productType } // プロダクトタイプを変更させないためにフィルター追加(2026-01-30~)
                     });
                     if (update === true) {
                         const updateOne = {

package/lib/chevre/repo/orderNumber.js

@@ -14,7 +14,7 @@ const cdigit = require("cdigit");
 const moment = require("moment-timezone");
 // import { RedisClientType } from 'redis';
 // tslint:disable-next-line:no-require-imports no-var-requires
-const fpe = require('node-fpe');
+const fpe = require('node-fpe-v1');
 // import { createSchema as createSettingSchema, modelName as settingModelName } from './mongoose/schemas/setting';
 const transactionNumber_1 = require("./mongoose/schemas/transactionNumber");
 const transactionNumberCounter_1 = require("./transactionNumberCounter");

package/lib/chevre/repo/serviceOutputIdentifier.js

@@ -14,7 +14,7 @@ const cdigit = require("cdigit");
 const moment = require("moment-timezone");
 // import { RedisClientType } from 'redis';
 // tslint:disable-next-line:no-require-imports no-var-requires
-const fpe = require('node-fpe');
+const fpe = require('node-fpe-v1');
 // import { createSchema as createSettingSchema, modelName as settingModelName } from './mongoose/schemas/setting';
 const transactionNumber_1 = require("./mongoose/schemas/transactionNumber");
 const transactionNumberCounter_1 = require("./transactionNumberCounter");

package/lib/chevre/repo/transactionNumber.d.ts

@@ -1,12 +1,16 @@
 import type { Connection } from 'mongoose';
 interface IPublishResult {
     transactionNumber: string;
+    timestamp: string;
+    incrReply: number;
+    secret?: string;
 }
 /**
  * 取引番号リポジトリ
  */
 export declare class TransactionNumberRepo {
     private readonly counterRepo;
+    private readonly settingModel;
     constructor(params: {
         connection: Connection;
     });
@@ -16,5 +20,7 @@ export declare class TransactionNumberRepo {
     publishByTimestamp(params: {
         startDate: Date;
     }): Promise<IPublishResult>;
+    decrypt(id: string): Promise<string>;
+    private findSetting;
 }
 export {};

package/lib/chevre/repo/transactionNumber.js

@@ -11,11 +11,15 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.TransactionNumberRepo = void 0;
 const cdigit = require("cdigit");
+const crypto_1 = require("crypto");
 const moment = require("moment-timezone");
-// import { RedisClientType } from 'redis';
+const fpe2Module = require("node-fpe-v2");
+// 型定義が新しいtypescriptに適合しないので、強制的に型変更
+const fpe2 = fpe2Module;
 // tslint:disable-next-line:no-require-imports no-var-requires
-const fpe = require('node-fpe');
-// import { createSchema as createSettingSchema, modelName as settingModelName } from './mongoose/schemas/setting';
+const fpe1 = require('node-fpe-v1');
+const factory = require("../factory");
+const setting_1 = require("./mongoose/schemas/setting");
 const transactionNumber_1 = require("./mongoose/schemas/transactionNumber");
 const transactionNumberCounter_1 = require("./transactionNumberCounter");
 /**
@@ -23,25 +27,15 @@ const transactionNumberCounter_1 = require("./transactionNumberCounter");
  */
 class TransactionNumberRepo {
     constructor(params) {
-        // const { connection } = params;
-        // this.settingModel = connection.model(settingModelName, createSettingSchema());
         this.counterRepo = new transactionNumberCounter_1.TransactionNumberCounterRepo(params);
+        this.settingModel = params.connection.model(setting_1.modelName, (0, setting_1.createSchema)());
     }
-    // private static createKey(params: {
-    //     startDate: Date;
-    //     timestamp: string;
-    // }): string {
-    //     return util.format(
-    //         '%s:%s',
-    //         TransactionNumberRepo.REDIS_KEY_PREFIX,
-    //         params.timestamp
-    //     );
-    // }
     /**
      * タイムスタンプから発行する
      */
     publishByTimestamp(params) {
         return __awaiter(this, void 0, void 0, function* () {
+            const { fpeSecret, version } = yield this.findSetting();
             const timestamp = moment(params.startDate)
                 .valueOf()
                 .toString();
@@ -57,13 +51,67 @@ class TransactionNumberRepo {
                 includedInDataCatalog: { identifier: transactionNumber_1.DataCatalogIdentifier.transactionNumber },
                 expires: dataFeedExpires
             });
-            let transactionNumber = `${timestamp}${incrReply}`;
-            // checkdigit
-            const cd = cdigit.luhn.compute(transactionNumber);
-            transactionNumber = fpe({ password: cd })
-                .encrypt(transactionNumber);
-            transactionNumber = `${cd}${transactionNumber}`;
-            return { transactionNumber };
+            let transactionNumber;
+            let secret;
+            if (typeof fpeSecret === 'string' && typeof version === 'string') {
+                // tslint:disable-next-line:no-magic-numbers
+                const saltDigit = (0, crypto_1.randomInt)(0, 10);
+                const saltStr = saltDigit.toString();
+                secret = `${fpeSecret}${saltStr}`;
+                const cipher = fpe2({ secret });
+                // incrReplyが 0〜99 なら "00"〜"99" になり（15桁）
+                // incrReplyが 100〜999 なら "100"〜"999" になる（16桁）
+                const rawBody = `${timestamp}${incrReply.toString()
+                    // tslint:disable-next-line:no-magic-numbers
+                    .padStart(2, '0')}`;
+                const encryptedBody = cipher.encrypt(rawBody);
+                // ソルトを「あえて」2文字目に含める
+                transactionNumber = `${version}${saltStr}${encryptedBody}`;
+            }
+            else {
+                transactionNumber = `${timestamp}${incrReply}`;
+                // checkdigit
+                const cd = cdigit.luhn.compute(transactionNumber);
+                transactionNumber = fpe1({ password: cd })
+                    .encrypt(transactionNumber);
+                transactionNumber = `${cd}${transactionNumber}`;
+            }
+            return { transactionNumber, timestamp, incrReply, secret };
+        });
+    }
+    decrypt(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { fpeSecret } = yield this.findSetting();
+            const saltStr = id[1]; // 2文字目からソルト（鍵のヒント）を回収
+            // tslint:disable-next-line:no-magic-numbers
+            const encryptedBody = id.slice(2);
+            const cipher = fpe2({
+                secret: `${fpeSecret}${saltStr}`
+            });
+            return cipher.decrypt(encryptedBody);
+        });
+    }
+    findSetting() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const filterQuery = { 'project.id': { $eq: '*' } };
+            const projection = {
+                _id: 0,
+                transactionNumber: 1
+            };
+            const setting = yield this.settingModel.findOne(filterQuery, projection)
+                .lean()
+                .exec();
+            if (setting === null || setting.transactionNumber === undefined) {
+                return {};
+            }
+            const { fpeSecret, version } = setting.transactionNumber;
+            if (typeof fpeSecret !== 'string' || fpeSecret === '') {
+                throw new factory.errors.NotFound('setting.transactionNumber.secret');
+            }
+            if (typeof version !== 'string' || version === '') {
+                throw new factory.errors.NotFound('setting.transactionNumber.version');
+            }
+            return { fpeSecret, version };
         });
     }
 }

package/package.json

@@ -25,7 +25,8 @@
     "lodash.difference": "^4.5.0",
     "moment": "^2.29.1",
     "moment-timezone": "^0.5.33",
-    "node-fpe": "1.0.0",
+    "node-fpe-v1": "npm:node-fpe@1.0.0",
+    "node-fpe-v2": "npm:node-fpe@2.0.4",
     "pug": "^2.0.4",
     "uniqid": "5.4.0",
     "uuid": "^3.4.0"
@@ -116,5 +117,5 @@
     "postversion": "git push origin --tags",
     "prepublishOnly": "npm run clean && npm run build && npm test && npm run doc"
   },
-  "version": "23.2.0-alpha.40"
+  "version": "23.2.0-alpha.42"
 }