@commercetools/connect-payments-sdk 0.0.1 → 0.0.4

package/dist/security/services/oauth2.service.js

@@ -1,53 +1,40 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.DefaultOauth2Service = void 0;
-const errorx_1 = require("../../errorx/errorx");
+const errorx_1 = require("../../errorx");
 class DefaultOauth2Service {
-    authUrl;
-    fetch;
-    logger;
-    constructor(opts) {
-        this.authUrl = opts.authUrl;
-        this.fetch = opts.fetch;
-        this.logger = opts.logger;
-    }
-    oauth2tokenCache = new Map();
-    oauth2tokenKey(clientId, clientSecret) {
-        return `${clientId}:${clientSecret}`;
-    }
-    async getAccessToken(opts) {
-        const token = this.oauth2tokenCache.get(this.oauth2tokenKey(opts.clientId, opts.clientSecret));
-        // Check if token is valid for at least 1 hour
-        if (token && token.expiresAt + 3600 * 1000 > Date.now()) {
-            if (this.logger) {
-                this.logger.debug({
-                    isRenewal: token ? true : false,
-                }, 'Renewing token access token');
-            }
-            return token.token;
-        }
-        const encodedCredentials = btoa(`${opts.clientId}:${opts.clientSecret}`);
+    async introspectToken(opts) {
         const urlencoded = new URLSearchParams();
-        urlencoded.append('grant_type', 'client_credentials');
-        const response = await this.fetch(`${this.authUrl}/oauth/token`, {
+        urlencoded.append('token', opts.token);
+        const tokenResponse = await fetch(opts.url, {
             method: 'POST',
             headers: {
                 'Content-Type': 'application/x-www-form-urlencoded',
-                Authorization: `Basic ${encodedCredentials}`,
+                Authorization: `Basic ${btoa(opts.clientId + ':' + opts.clientSecret)}`,
             },
             body: urlencoded,
         });
-        if (!response.ok) {
-            throw new errorx_1.ErrorGeneral(undefined, {
-                privateMessage: 'Failed to get auth token',
+        if (tokenResponse.status > 299) {
+            if (tokenResponse.status === 401) {
+                const tokenResponseJson = (await tokenResponse.json());
+                throw new errorx_1.ErrorAuthErrorResponse(tokenResponseJson.message, {
+                    privateFields: {
+                        clientId: opts.clientId,
+                        status: tokenResponse.status,
+                    },
+                    skipLog: true,
+                }, tokenResponseJson.error);
+            }
+            throw new errorx_1.ErrorGeneral('Failed to authorize request.', {
+                privateMessage: 'some error happened while requesting token from coco',
                 privateFields: {
-                    responseStatus: response.status,
-                    responseText: await response.text(),
+                    clientId: opts.clientId,
+                    status: tokenResponse.status,
                 },
+                skipLog: true,
             });
         }
-        const tokenRes = (await response.json());
-        return tokenRes;
+        return (await tokenResponse.json());
     }
 }
 exports.DefaultOauth2Service = DefaultOauth2Service;

package/dist/security/services/types/jwt.type.d.ts

@@ -0,0 +1,5 @@
+export interface JWTService {
+    verify(opts: {
+        token: string | undefined;
+    }): Promise<unknown>;
+}

package/dist/security/services/types/jwt.type.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/security/services/types/oauth2.type.d.ts

@@ -0,0 +1,14 @@
+export type TokenInfo = {
+    active: boolean;
+    scope: string;
+    exp: number;
+    client_id: string;
+};
+export interface Oauth2Service {
+    introspectToken(opts: {
+        url: string;
+        clientId: string;
+        clientSecret: string;
+        token: string;
+    }): Promise<TokenInfo>;
+}

package/dist/security/services/types/oauth2.type.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@commercetools/connect-payments-sdk",
-  "version": "0.0.1",
+  "version": "0.0.4",
   "description": "Payment SDK for commercetools payment connectors",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -15,7 +15,9 @@
   ],
   "license": "ISC",
   "dependencies": {
-    "@commercetools/platform-sdk": "6.0.0",
-    "@commercetools/sdk-client-v2": "2.3.0"
+    "@commercetools/platform-sdk": "7.2.0-alpha.4",
+    "@commercetools/sdk-client-v2": "2.3.0",
+    "jsonwebtoken": "9.0.2",
+    "jwks-rsa": "3.1.0"
   }
 }

package/.github/workflows/ci.yml

@@ -1,34 +0,0 @@
-name: CI
-
-on:
-  pull_request:
-    branches: [ main ]
-
-jobs:
-  ci:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout Repo
-        uses: actions/checkout@v4
-
-      - name: Install Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: 20
-
-      - name: Install dependencies
-        uses: pnpm/action-setup@v2
-        with:
-          version: 8
-          run_install: |
-            - recursive: true
-              args: [--frozen-lockfile, --strict-peer-dependencies]
-
-      - name: Build
-        run: pnpm run build
-
-      - name: Static code analysis
-        run: pnpm run lint
-
-      - name: Tests
-        run: pnpm run test

package/.github/workflows/release.yml

@@ -1,46 +0,0 @@
-name: Release
-
-on:
-  push:
-    branches: [ main ]
-
-jobs:
-  publish-gpr:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout Repo
-        uses: actions/checkout@v4
-
-      - name: Install Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: 20
-
-      - name: Install dependencies
-        uses: pnpm/action-setup@v2
-        with:
-          version: 8
-          run_install: |
-            - recursive: true
-              args: [--frozen-lockfile, --strict-peer-dependencies]
-
-      - name: Static code analysis
-        run: pnpm run lint
-
-      - name: Tests
-        run: pnpm run test
-
-      - name: Create Release Pull Request or Publish to npm
-        id: changesets
-        uses: changesets/action@v1
-        with:
-          # This expects you to have a script called release which does a build for your packages and calls changeset publish
-          publish: pnpm run release
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-      
-      - name: Create release
-        if: steps.changesets.outputs.published == 'true'
-        # You can do something when a publish happens.
-        run: VERSION=$(jq '.version' package.json -r);gh release create "$VERSION" --title "$VERSION [@commercetools/connect-payments-sdk]" --notes 'Check CHANGELOG.md file.'

package/.husky/pre-commit

@@ -1,4 +0,0 @@
-#!/usr/bin/env sh
-. "$(dirname -- "$0")/_/husky.sh"
-
-pnpm run format && pnpm run lint

package/dist/security/auth/session.auth.d.ts

@@ -1,20 +0,0 @@
-import { Fetch } from '../../fetch/types/fetch.type';
-import { Oauth2Service } from '../types/oauth2.type';
-import { IntrospectSessionParams, PaymentSessionData, SessionAuthenticator } from '../types/session.type';
-export declare class DefaultSessionAuthenticator implements SessionAuthenticator {
-    private oauth2Service;
-    private sessionUrl;
-    private clientId;
-    private clientSecret;
-    private projectKey;
-    private fetch;
-    constructor(opts: {
-        oauth2Service: Oauth2Service;
-        sessionUrl: string;
-        clientId: string;
-        clientSecret: string;
-        projectKey: string;
-        fetch: Fetch;
-    });
-    introspectSession(opts: IntrospectSessionParams): Promise<PaymentSessionData>;
-}

package/dist/security/auth/session.auth.js

@@ -1,54 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DefaultSessionAuthenticator = void 0;
-const errorx_1 = require("../../errorx/errorx");
-class DefaultSessionAuthenticator {
-    oauth2Service;
-    sessionUrl;
-    clientId;
-    clientSecret;
-    projectKey;
-    fetch;
-    constructor(opts) {
-        this.oauth2Service = opts.oauth2Service;
-        this.sessionUrl = opts.sessionUrl;
-        this.clientId = opts.clientId;
-        this.clientSecret = opts.clientSecret;
-        this.projectKey = opts.projectKey;
-        this.fetch = opts.fetch;
-    }
-    async introspectSession(opts) {
-        const accessToken = await this.oauth2Service.getAccessToken({
-            clientId: this.clientId,
-            clientSecret: this.clientSecret,
-        });
-        const response = await this.fetch(`${this.sessionUrl}/${this.projectKey}/sessions/${opts.sessionId}`, {
-            method: 'GET',
-            headers: {
-                'Content-Type': 'application/json',
-                Authorization: `Bearer ${accessToken.access_token}`,
-            },
-        });
-        if (!response.ok) {
-            if (response.status === 401) {
-                throw new errorx_1.ErrorAuthErrorResponse({
-                    privateMessage: 'Failed to get session data',
-                    privateFields: {
-                        responseStatus: response.status,
-                        responseText: await response.text(),
-                    },
-                });
-            }
-            throw new errorx_1.ErrorGeneral(undefined, {
-                privateMessage: 'Failed to get session data',
-                privateFields: {
-                    responseStatus: response.status,
-                    responseText: await response.text(),
-                },
-            });
-        }
-        const sessionRes = (await response.json());
-        return sessionRes.metadata;
-    }
-}
-exports.DefaultSessionAuthenticator = DefaultSessionAuthenticator;

package/dist/security/types/oauth2.type.d.ts

@@ -1,13 +0,0 @@
-export type TokenResponse = {
-    access_token: string;
-    token_type: string;
-    scope: string;
-    expires_in: number;
-};
-export interface Oauth2Service {
-    getAccessToken(opts: GetAccessTokenParams): Promise<TokenResponse>;
-}
-export type GetAccessTokenParams = {
-    clientId: string;
-    clientSecret: string;
-};

package/dist/security/types/session.type.d.ts

@@ -1,10 +0,0 @@
-export type PaymentSessionData = {
-    cartId: string;
-    allowedPaymentMethods?: string[];
-};
-export interface SessionAuthenticator {
-    introspectSession(opts: IntrospectSessionParams): Promise<PaymentSessionData>;
-}
-export type IntrospectSessionParams = {
-    sessionId: string;
-};