@commercetools/checkout-payments-processor-sdk 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (105) hide show
  1. package/CHANGELOG.md +15 -0
  2. package/README.md +42 -0
  3. package/biome.json +38 -0
  4. package/package.json +48 -0
  5. package/src/api/context/request-context.helper.test.ts +98 -0
  6. package/src/api/context/request-context.helper.ts +89 -0
  7. package/src/api/context/request-context.provider.ts +27 -0
  8. package/src/api/context/types/request-context.type.ts +18 -0
  9. package/src/api/handlers/payment-components.handler.test.ts +378 -0
  10. package/src/api/handlers/payment-components.handler.ts +80 -0
  11. package/src/api/handlers/payment-intents.handler.test.ts +475 -0
  12. package/src/api/handlers/payment-intents.handler.ts +169 -0
  13. package/src/api/handlers/status.handler.test.ts +551 -0
  14. package/src/api/handlers/status.handler.ts +216 -0
  15. package/src/api/handlers/transaction.handler.ts +86 -0
  16. package/src/api/handlers/types/handler.type.ts +49 -0
  17. package/src/api/hooks/authorize.hook.test.ts +62 -0
  18. package/src/api/hooks/authorize.hook.ts +51 -0
  19. package/src/api/hooks/jwt-auth.hook.test.ts +54 -0
  20. package/src/api/hooks/jwt-auth.hook.ts +56 -0
  21. package/src/api/hooks/oauth2-auth.hook.test.ts +173 -0
  22. package/src/api/hooks/oauth2-auth.hook.ts +46 -0
  23. package/src/api/hooks/session-header-auth.hook.ts +47 -0
  24. package/src/api/hooks/session-query-param-auth.hook.ts +46 -0
  25. package/src/api/hooks/types/hook.type.ts +12 -0
  26. package/src/api/index.ts +11 -0
  27. package/src/api/types.ts +3 -0
  28. package/src/commercetools/api/base-api.ts +28 -0
  29. package/src/commercetools/api/cart-api.test.ts +95 -0
  30. package/src/commercetools/api/cart-api.ts +55 -0
  31. package/src/commercetools/api/custom-type-api.ts +39 -0
  32. package/src/commercetools/api/order-api.ts +22 -0
  33. package/src/commercetools/api/payment-api.ts +64 -0
  34. package/src/commercetools/api/payment-method-api.ts +118 -0
  35. package/src/commercetools/api/root-api.ts +109 -0
  36. package/src/commercetools/errors/ct-api.error.ts +27 -0
  37. package/src/commercetools/helpers/currency.converter.test.ts +121 -0
  38. package/src/commercetools/helpers/currency.converter.test_data.json +2379 -0
  39. package/src/commercetools/helpers/currency.converter.ts +102 -0
  40. package/src/commercetools/helpers/taxrate.converter.test.ts +48 -0
  41. package/src/commercetools/helpers/taxrate.converter.ts +39 -0
  42. package/src/commercetools/index.ts +22 -0
  43. package/src/commercetools/services/ct-cart.service.test.ts +1616 -0
  44. package/src/commercetools/services/ct-cart.service.ts +316 -0
  45. package/src/commercetools/services/ct-custom-type.service.ts +62 -0
  46. package/src/commercetools/services/ct-order.service.test.ts +136 -0
  47. package/src/commercetools/services/ct-order.service.ts +47 -0
  48. package/src/commercetools/services/ct-payment-method.service.test.ts +878 -0
  49. package/src/commercetools/services/ct-payment-method.service.ts +223 -0
  50. package/src/commercetools/services/ct-payment.service.test.ts +1123 -0
  51. package/src/commercetools/services/ct-payment.service.ts +574 -0
  52. package/src/commercetools/types/api.type.ts +162 -0
  53. package/src/commercetools/types/cart.type.ts +83 -0
  54. package/src/commercetools/types/custom-type.type.ts +21 -0
  55. package/src/commercetools/types/order.type.ts +19 -0
  56. package/src/commercetools/types/payment-method.type.ts +130 -0
  57. package/src/commercetools/types/payment.type.ts +74 -0
  58. package/src/commercetools/types/predefined-custom-types.type.ts +240 -0
  59. package/src/commercetools/types.ts +7 -0
  60. package/src/errorx/errorx.ts +625 -0
  61. package/src/errorx/index.ts +1 -0
  62. package/src/errorx/types.ts +5 -0
  63. package/src/fetch/decorators/base.decorator.ts +13 -0
  64. package/src/fetch/decorators/monitoring.decorator.ts +41 -0
  65. package/src/fetch/fetch.test.ts +57 -0
  66. package/src/fetch/index.ts +3 -0
  67. package/src/fetch/types/fetch.type.ts +11 -0
  68. package/src/fetch/types.ts +1 -0
  69. package/src/index.ts +15 -0
  70. package/src/logger/commercetools-logger.ts +69 -0
  71. package/src/logger/index.ts +1 -0
  72. package/src/logger/types/logger.type.ts +6 -0
  73. package/src/logger/types.ts +1 -0
  74. package/src/mocks/auth.mock.ts +6 -0
  75. package/src/mocks/cart.mock.ts +239 -0
  76. package/src/mocks/ct-api-error.mock.ts +23 -0
  77. package/src/mocks/index.ts +4 -0
  78. package/src/mocks/payment.mock.ts +35 -0
  79. package/src/payment-processor.ts +317 -0
  80. package/src/security/authn/authns.ts +219 -0
  81. package/src/security/authn/bearer-utils.test.ts +35 -0
  82. package/src/security/authn/bearer-utils.ts +28 -0
  83. package/src/security/authn/jwt-authn-manager.ts +69 -0
  84. package/src/security/authn/oauth2-authn-manager.ts +105 -0
  85. package/src/security/authn/session-header-authn-manager.ts +58 -0
  86. package/src/security/authn/session-query-param-authn-manager.ts +53 -0
  87. package/src/security/authn/types/authn.type.ts +50 -0
  88. package/src/security/authz/authorization-manager.ts +39 -0
  89. package/src/security/authz/types/authz.type.ts +13 -0
  90. package/src/security/index.ts +13 -0
  91. package/src/security/services/authorization.service.ts +54 -0
  92. package/src/security/services/jwt.service.test.ts +27 -0
  93. package/src/security/services/jwt.service.ts +45 -0
  94. package/src/security/services/oauth2.service.ts +60 -0
  95. package/src/security/services/session.service.ts +141 -0
  96. package/src/security/services/types/authorization.type.ts +10 -0
  97. package/src/security/services/types/jwt.type.ts +3 -0
  98. package/src/security/services/types/oauth2.type.ts +15 -0
  99. package/src/security/services/types/session.type.ts +38 -0
  100. package/src/security/types.ts +6 -0
  101. package/tsconfig.json +28 -0
  102. package/tsconfig.prod.json +9 -0
  103. package/typedoc.json +6 -0
  104. package/vitest.config.ts +15 -0
  105. package/wiki/getting-started.md +13 -0
package/CHANGELOG.md ADDED
@@ -0,0 +1,15 @@
1
+ # @commercetools/checkout-payments-processor-sdk
2
+
3
+ ## 0.0.2
4
+
5
+ ### Patch Changes
6
+
7
+ - af90f7f: Sample change for all the packages
8
+ - Updated dependencies [af90f7f]
9
+ - @commercetools/checkout-payments-lib@0.0.2
10
+
11
+ ## 0.0.1
12
+
13
+ ### Patch Changes
14
+
15
+ - Initialising repository
package/README.md ADDED
@@ -0,0 +1,42 @@
1
+ # @commercetools/checkout-payments-processor-sdk
2
+
3
+ The Processor Module acts as the middleware between commercetools and the payment service provider, handling transaction processing and payment updates. It handles key operations such as payment authorization, capture, refund, and cancellation directly with the payment service provider while ensuring transactions are processed and saved accurately in commercetools composable commerce.
4
+
5
+ ## Key Responsibilities
6
+ * Receives payment requests from the enabler.
7
+ * Communicates with the PSP for authorization, capture, refund, and cancellation.
8
+ * Updates commercetools payment objects based on PSP responses.
9
+ * Ensures secure and idempotent transaction handling.
10
+
11
+ ## Prerequisites
12
+
13
+ commercetools Checkout has support for two component integration types (payment components and drop-in components)
14
+
15
+ The payment connector requires:
16
+
17
+ * A commercetools Composable Commerce API Client with permissions for:
18
+ * `manage_payments`
19
+ * `manage_orders`
20
+ * `view_sessions`
21
+ * `view_api_clients`
22
+ * `manage_checkout_payment_intents`
23
+ * `introspect_oauth_tokens`
24
+
25
+ * Additional API credentials capable of managing connnector-related operations. This includes tasks like:
26
+ * Installing the connector
27
+ * Deploying and updating the connector
28
+ * Performing connector-related maintenance operations
29
+
30
+ For more details on setting up and managing connectors, refer to the commercetools Connector Deployment Documentation.
31
+
32
+ # Access & Authentication
33
+ The integration uses several authentication methods to ensure secure communication between different components. These include:
34
+
35
+ ## Session Authentication
36
+ The integration will use session-based authentication for frontend-to-backend communication. The session information is passed via the X-Session-Id header, which is validated by the Processor to ensure the request is trusted and associated with the correct session.
37
+
38
+ ## JWT Validation
39
+ JSON Web Tokens (JWT) are used to validate operations performed within the commercetools Merchant Center. The Processor supports JWT validation to authenticate and authorize requests for internal operations.
40
+
41
+ ## OAuth Authentication
42
+ OAuth 2.0 is used for server-to-server communication to manage secure operations such as capture, cancel, and refund of payments. The OAuth credentials are validated via the introspect_oauth_tokens scope to ensure that the Processor has the necessary permissions for these operations.
package/biome.json ADDED
@@ -0,0 +1,38 @@
1
+ {
2
+ "$schema": "https://biomejs.dev/schemas/2.2.4/schema.json",
3
+ "vcs": {
4
+ "enabled": false,
5
+ "clientKind": "git",
6
+ "useIgnoreFile": false
7
+ },
8
+ "files": {
9
+ "ignoreUnknown": false
10
+ },
11
+ "formatter": {
12
+ "enabled": true,
13
+ "indentStyle": "space",
14
+ "indentWidth": 2
15
+ },
16
+ "linter": {
17
+ "enabled": true,
18
+ "rules": {
19
+ "recommended": true,
20
+ "style": {
21
+ "useImportType": "error"
22
+ }
23
+ }
24
+ },
25
+ "javascript": {
26
+ "formatter": {
27
+ "quoteStyle": "single"
28
+ }
29
+ },
30
+ "assist": {
31
+ "enabled": true,
32
+ "actions": {
33
+ "source": {
34
+ "organizeImports": "on"
35
+ }
36
+ }
37
+ }
38
+ }
package/package.json ADDED
@@ -0,0 +1,48 @@
1
+ {
2
+ "name": "@commercetools/checkout-payments-processor-sdk",
3
+ "version": "0.0.6",
4
+ "description": "Checkout payments SDK for processor",
5
+ "type": "module",
6
+ "main": "dist/index.js",
7
+ "types": "dist/index.d.ts",
8
+ "publishConfig": {
9
+ "access": "public"
10
+ },
11
+ "keywords": [],
12
+ "author": "commercetools",
13
+ "license": "ISC",
14
+ "devDependencies": {
15
+ "@biomejs/biome": "2.2.5",
16
+ "@tsconfig/node24": "24.0.1",
17
+ "@types/jsonwebtoken": "9.0.10",
18
+ "@types/lodash": "4.17.20",
19
+ "@types/node": "24.7.0",
20
+ "@vitest/coverage-istanbul": "^3.2.4",
21
+ "msw": "2.11.3",
22
+ "tsc-alias": "1.8.16",
23
+ "tsx": "4.20.6",
24
+ "typedoc": "0.28.13",
25
+ "typescript": "5.9.3",
26
+ "vite-tsconfig-paths": "5.1.4",
27
+ "vitest": "3.2.4"
28
+ },
29
+ "dependencies": {
30
+ "@commercetools-backend/loggers": "24.7.2",
31
+ "@commercetools/platform-sdk": "8.18.0",
32
+ "@commercetools/ts-client": "4.3.0",
33
+ "jsonwebtoken": "^9.0.2",
34
+ "jwks-rsa": "3.2.0",
35
+ "lodash": "4.17.23",
36
+ "logform": "2.7.0",
37
+ "@commercetools/checkout-payments-core": "0.0.6"
38
+ },
39
+ "scripts": {
40
+ "build": "rm -rf ./dist && tsc -p tsconfig.prod.json && tsc-alias",
41
+ "clean": "rm -rf ./dist ./coverage ./node_modules",
42
+ "format": "biome check --write ./src",
43
+ "lint": "biome check ./src",
44
+ "test": "vitest run --coverage",
45
+ "test:watch": "vitest",
46
+ "doc": "typedoc --options typedoc.json"
47
+ }
48
+ }
@@ -0,0 +1,98 @@
1
+ import { SessionAuthentication } from '@security';
2
+ import type { SessionPrincipal } from '@security-types';
3
+ import { afterEach, beforeEach, describe, expect, test, vi } from 'vitest';
4
+ import {
5
+ getAllowedPaymentMethodsFromContext,
6
+ getCartIdFromContext,
7
+ getCheckoutTransactionItemIdFromContext,
8
+ getCtSessionIdFromContext,
9
+ getGiftCardPlannedAmountFromContext,
10
+ getMerchantReturnUrlFromContext,
11
+ getProcessorUrlFromContext,
12
+ } from '@/api/context/request-context.helper.js';
13
+ import { RequestContextProvider } from '@/api/context/request-context.provider.js';
14
+
15
+ describe('context', () => {
16
+ const sessionId = 'random-session-id';
17
+ const principal: SessionPrincipal = {
18
+ cartId: 'sample-cart-id',
19
+ allowedPaymentMethods: [],
20
+ processorUrl: 'http://127.0.0.1',
21
+ paymentInterface: 'sample-payment-interface',
22
+ checkoutTransactionItemId: 'sample-transaction-item-id',
23
+ merchantReturnUrl: 'https://merchant.return.url',
24
+ giftCardPlannedAmount: {
25
+ centAmount: 10,
26
+ currencyCode: 'EUR',
27
+ },
28
+ };
29
+
30
+ const authn: SessionAuthentication = new SessionAuthentication(
31
+ sessionId,
32
+ principal,
33
+ );
34
+
35
+ const contextProvider = new RequestContextProvider({
36
+ getContextFn: () => ({
37
+ correlationId: 'correlation-id',
38
+ requestId: 'request-id',
39
+ authentication: authn,
40
+ }),
41
+ updateContextFn: () => {},
42
+ });
43
+
44
+ beforeEach(() => {
45
+ // jest.setTimeout(10000);
46
+ vi.resetAllMocks();
47
+ });
48
+
49
+ afterEach(() => {
50
+ vi.restoreAllMocks();
51
+ });
52
+
53
+ test('getGiftCardPlannedAmountFromContext', async () => {
54
+ const result = getGiftCardPlannedAmountFromContext(
55
+ contextProvider.getContextData(),
56
+ );
57
+ expect(result).toStrictEqual({
58
+ centAmount: 10,
59
+ currencyCode: 'EUR',
60
+ });
61
+ });
62
+
63
+ test('getCtSessionIdFromContext', async () => {
64
+ const result = getCtSessionIdFromContext(contextProvider.getContextData());
65
+ expect(result).toStrictEqual(sessionId);
66
+ });
67
+
68
+ test('getAllowedPaymentMethodsFromContext', async () => {
69
+ const result = getAllowedPaymentMethodsFromContext(
70
+ contextProvider.getContextData(),
71
+ );
72
+ expect(result).toHaveLength(0);
73
+ });
74
+
75
+ test('getCartIdFromContext', async () => {
76
+ const result = getCartIdFromContext(contextProvider.getContextData());
77
+ expect(result).toStrictEqual('sample-cart-id');
78
+ });
79
+
80
+ test('getMerchantReturnUrlFromContext', async () => {
81
+ const result = getMerchantReturnUrlFromContext(
82
+ contextProvider.getContextData(),
83
+ );
84
+ expect(result).toStrictEqual('https://merchant.return.url');
85
+ });
86
+
87
+ test('getProcessorUrlFromContext', async () => {
88
+ const result = getProcessorUrlFromContext(contextProvider.getContextData());
89
+ expect(result).toStrictEqual('http://127.0.0.1');
90
+ });
91
+
92
+ test('getCheckoutTransactionItemIdFromContext', async () => {
93
+ const result = getCheckoutTransactionItemIdFromContext(
94
+ contextProvider.getContextData(),
95
+ );
96
+ expect(result).toStrictEqual('sample-transaction-item-id');
97
+ });
98
+ });
@@ -0,0 +1,89 @@
1
+ import type { RequestContextData } from '@api-types';
2
+ import type { Money } from '@commercetools/platform-sdk';
3
+ import { SessionAuthentication } from '@security';
4
+
5
+ export function getGiftCardPlannedAmountFromContext(
6
+ context: RequestContextData,
7
+ ): Money | undefined {
8
+ const authentication = context.authentication;
9
+ if (authentication && authentication instanceof SessionAuthentication) {
10
+ return authentication?.getPrincipal().giftCardPlannedAmount;
11
+ }
12
+ }
13
+
14
+ export function getCtSessionIdFromContext(
15
+ context: RequestContextData,
16
+ ): string | undefined {
17
+ const authentication = context.authentication;
18
+ if (authentication && authentication instanceof SessionAuthentication) {
19
+ return authentication?.getCredentials();
20
+ }
21
+ }
22
+
23
+ export function getCartIdFromContext(
24
+ context: RequestContextData,
25
+ ): string | undefined {
26
+ const authentication = context.authentication;
27
+ if (authentication && authentication instanceof SessionAuthentication) {
28
+ return authentication?.getPrincipal().cartId;
29
+ }
30
+ }
31
+
32
+ export function getAllowedPaymentMethodsFromContext(
33
+ context: RequestContextData,
34
+ ): string[] | undefined {
35
+ const authentication = context.authentication;
36
+ if (authentication && authentication instanceof SessionAuthentication) {
37
+ return authentication?.getPrincipal().allowedPaymentMethods;
38
+ }
39
+ }
40
+
41
+ /**
42
+ * @deprecated use getCheckoutTransactionItemIdFromContext instead
43
+ * @param context
44
+ * @returns
45
+ */
46
+ export function getPaymentInterfaceFromContext(
47
+ context: RequestContextData,
48
+ ): string | undefined {
49
+ const authentication = context.authentication;
50
+ if (authentication && authentication instanceof SessionAuthentication) {
51
+ return authentication?.getPrincipal().paymentInterface;
52
+ }
53
+ }
54
+
55
+ export function getCheckoutTransactionItemIdFromContext(
56
+ context: RequestContextData,
57
+ ): string | undefined {
58
+ const authentication = context.authentication;
59
+ if (authentication && authentication instanceof SessionAuthentication) {
60
+ return authentication?.getPrincipal().checkoutTransactionItemId;
61
+ }
62
+ }
63
+
64
+ export function getProcessorUrlFromContext(
65
+ context: RequestContextData,
66
+ ): string | undefined {
67
+ const authentication = context.authentication;
68
+ if (authentication && authentication instanceof SessionAuthentication) {
69
+ return authentication?.getPrincipal().processorUrl;
70
+ }
71
+ }
72
+
73
+ export function getMerchantReturnUrlFromContext(
74
+ context: RequestContextData,
75
+ ): string | undefined {
76
+ const authentication = context.authentication;
77
+ if (authentication && authentication instanceof SessionAuthentication) {
78
+ return authentication?.getPrincipal().merchantReturnUrl;
79
+ }
80
+ }
81
+
82
+ export function getFutureOrderNumberFromContext(
83
+ context: RequestContextData,
84
+ ): string | undefined {
85
+ const authentication = context.authentication;
86
+ if (authentication && authentication instanceof SessionAuthentication) {
87
+ return authentication?.getPrincipal().futureOrderNumber;
88
+ }
89
+ }
@@ -0,0 +1,27 @@
1
+ import type { ContextProvider, RequestContextData } from '@api-types';
2
+
3
+ /**
4
+ * ContextProvider is a class that provides a way to access and update the context data.
5
+ */
6
+ export class RequestContextProvider
7
+ implements ContextProvider<RequestContextData>
8
+ {
9
+ private getContextFn: () => RequestContextData;
10
+ private updateContextFn: (ctx: Partial<RequestContextData>) => void;
11
+
12
+ constructor(opts: {
13
+ getContextFn: () => RequestContextData;
14
+ updateContextFn: (ctx: Partial<RequestContextData>) => void;
15
+ }) {
16
+ this.getContextFn = opts.getContextFn;
17
+ this.updateContextFn = opts.updateContextFn;
18
+ }
19
+
20
+ getContextData(): RequestContextData {
21
+ return this.getContextFn();
22
+ }
23
+
24
+ updateContextData(ctx: Partial<RequestContextData>) {
25
+ this.updateContextFn(ctx);
26
+ }
27
+ }
@@ -0,0 +1,18 @@
1
+ import type { Authentication } from '@security-types';
2
+
3
+ /**
4
+ * Context provider interface
5
+ */
6
+ export interface ContextProvider<T> {
7
+ getContextData(): T;
8
+ updateContextData(ctx: Partial<T>): void;
9
+ }
10
+
11
+ /**
12
+ * Request context data
13
+ */
14
+ export type RequestContextData = {
15
+ correlationId: string;
16
+ requestId: string;
17
+ authentication?: Authentication;
18
+ };