@connextable/popbill-runtime 1.0.0

package/LICENSE.md

@@ -0,0 +1,19 @@
+Copyright (c) 2014 Linkhub
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

package/dist/index.d.mts

@@ -0,0 +1,245 @@
+import * as Spec from "@connextable/popbill-spec";
+
+//#region src/auth/types.d.ts
+type LinkhubTokenApiResponse = Spec.PopbillIssueTokenApiResponse;
+interface LinkhubTokenResponse {
+  sessionToken: string;
+  serviceId: Spec.PopbillIssueTokenApiResponse['serviceID'];
+  linkId: string;
+  userId: string;
+  partnerCode: string;
+  userCode: string;
+  scopes: Spec.PopbillIssueTokenApiResponse['scope'];
+  ipAddress: string;
+  expiredAt: Spec.PopbillIssueTokenApiResponse['expiration'];
+}
+interface IssueTokenRequest {
+  serviceId: Spec.PopbillIssueTokenApiRequestPath['serviceId'];
+  accessId: string;
+  scopes: readonly Spec.PopbillIssueTokenApiRequestBody['scope'][number][];
+  forwardedIp?: string;
+}
+interface LinkhubAuthClient {
+  issueToken(request: IssueTokenRequest): Promise<LinkhubTokenResponse>;
+}
+interface LinkhubAuthClientConfig {
+  /**
+   * Linkhub LinkID (required).
+   */
+  linkId: string;
+  /**
+   * Linkhub SecretKey (required, base64-encoded).
+   */
+  secretKey: string;
+  /**
+   * Override auth base URL.
+   */
+  authBaseUrl?: string;
+  /**
+   * Use static outbound auth host.
+   * @default false
+   */
+  useStaticIp?: boolean;
+  /**
+   * Use GA auth host.
+   * @default false
+   */
+  useGaIp?: boolean;
+  /**
+   * Use local UTC time for x-lh-date.
+   * @default true
+   */
+  useLocalTime?: boolean;
+  /**
+   * Request timeout in milliseconds.
+   * @default 180000
+   */
+  timeoutMs?: number;
+}
+interface TokenProvider {
+  getToken(businessNumber: string): Promise<LinkhubTokenResponse>;
+}
+interface CreateTokenProviderInput {
+  authClient: LinkhubAuthClient;
+  serviceId: Spec.PopbillIssueTokenApiRequestPath['serviceId'];
+  scopes: readonly Spec.PopbillIssueTokenApiRequestBody['scope'][number][];
+  forwardedIp?: string;
+  /**
+   * Refresh cached tokens this many milliseconds before expiration.
+   * @default 60000
+   */
+  refreshSkewMs?: number;
+}
+interface ResolvedLinkhubAuthClientConfig {
+  linkId: string;
+  secretKey: string;
+  authBaseUrl?: string;
+  useStaticIp: boolean;
+  useGaIp: boolean;
+  useLocalTime: boolean;
+  timeoutMs: number;
+}
+//#endregion
+//#region src/auth/auth-client.d.ts
+declare function createLinkhubAuthClient(config: LinkhubAuthClientConfig): LinkhubAuthClient;
+//#endregion
+//#region src/auth/token-provider.d.ts
+declare function createTokenProvider(input: CreateTokenProviderInput): TokenProvider;
+//#endregion
+//#region src/auth/enums.d.ts
+declare const LinkhubAuthScope: {
+  readonly Member: "member";
+  readonly TaxInvoice: "110";
+  readonly CashReceipt: "140";
+  readonly TradeStatement: "121";
+  readonly Invoice: "122";
+  readonly Estimate: "123";
+  readonly PurchaseOrder: "124";
+  readonly Deposit: "125";
+  readonly Receipt: "126";
+  readonly HomeTaxTaxInvoice: "111";
+  readonly HomeTaxCashReceipt: "141";
+  readonly BusinessCheck: "170";
+  readonly CorporateInfo: "171";
+  readonly DepositorNameCheck: "182";
+  readonly DepositorRealNameCheck: "183";
+  readonly AccountCheck: "180";
+  readonly AlimTalk: "153";
+  readonly BrandMessageI: "156";
+  readonly BrandMessageN: "157";
+  readonly BrandMessageM: "158";
+  readonly SMS: "150";
+  readonly LMS: "151";
+  readonly MMS: "152";
+  readonly Fax: "160";
+  readonly IntelligentFax: "161";
+};
+type LinkhubAuthScope = Spec.PopbillAuthScope;
+//#endregion
+//#region src/api/linkhub-request-client.d.ts
+type LinkhubRequestStage = 'issue_token' | 'request_api';
+interface LinkhubRequestStageError {
+  requestStage: LinkhubRequestStage;
+  cause: unknown;
+}
+interface LinkhubRequestClientConfig {
+  apiBaseUrl: string;
+  timeoutMs: number;
+  tokenProvider: TokenProvider;
+  tokenCacheKey: string;
+  userAgent?: string;
+  acceptEncoding?: string | null;
+  acceptLanguage?: string;
+}
+interface LinkhubRequestOptions {
+  uri: string;
+  method?: string;
+  body?: RequestInit['body'];
+  contentType?: string | null;
+  headers?: Record<string, string>;
+}
+interface LinkhubRequestClient {
+  requestJson<T>(options: LinkhubRequestOptions): Promise<T>;
+}
+declare function createLinkhubRequestClient(config: LinkhubRequestClientConfig): LinkhubRequestClient;
+declare function isLinkhubRequestStageError(error: unknown): error is LinkhubRequestStageError;
+//#endregion
+//#region src/api/request-client.d.ts
+type PopbillRequestStage = 'issue_token' | 'request_api';
+interface PopbillRequestStageError {
+  requestStage: PopbillRequestStage;
+  cause: unknown;
+}
+interface PopbillRequestClientConfig {
+  apiBaseUrl: string;
+  timeoutMs: number;
+  tokenProvider: TokenProvider;
+  acceptEncoding?: Spec.PopbillAcceptEncoding | null;
+  acceptLanguage?: Spec.PopbillAcceptLanguage;
+}
+interface PopbillRequestOptions {
+  uri: string;
+  corpNum?: string;
+  userId?: string;
+  method?: string;
+  body?: RequestInit['body'];
+  contentType?: string | null;
+  submitId?: string;
+  headers?: Record<string, string>;
+}
+interface PopbillRequestClient {
+  requestJson<T>(options: PopbillRequestOptions): Promise<T>;
+}
+declare function createPopbillRequestClient(config: PopbillRequestClientConfig): PopbillRequestClient;
+declare function isPopbillRequestStageError(error: unknown): error is PopbillRequestStageError;
+//#endregion
+//#region src/spec-constants.d.ts
+declare const PopbillServiceIds: {
+  readonly Test: "POPBILL_TEST";
+  readonly Production: "POPBILL";
+};
+declare const LinkhubServiceIds: {
+  readonly PopbillTest: "POPBILL_TEST";
+  readonly PopbillProduction: "POPBILL";
+  readonly JusoLink: "JUSOLINK";
+};
+type LinkhubServiceId = Spec.LinkhubServiceId;
+declare const PopbillApiBaseUrls: {
+  readonly Test: "https://popbill-test.linkhub.co.kr";
+  readonly Production: "https://popbill.linkhub.co.kr";
+  readonly StaticTest: "https://static-popbill-test.linkhub.co.kr";
+  readonly StaticProduction: "https://static-popbill.linkhub.co.kr";
+  readonly GaTest: "https://ga-popbill-test.linkhub.co.kr";
+  readonly GaProduction: "https://ga-popbill.linkhub.co.kr";
+};
+declare const LinkhubApiBaseUrls: {
+  readonly PopbillTest: "https://popbill-test.linkhub.co.kr";
+  readonly PopbillProduction: "https://popbill.linkhub.co.kr";
+  readonly PopbillStaticTest: "https://static-popbill-test.linkhub.co.kr";
+  readonly PopbillStaticProduction: "https://static-popbill.linkhub.co.kr";
+  readonly PopbillGaTest: "https://ga-popbill-test.linkhub.co.kr";
+  readonly PopbillGaProduction: "https://ga-popbill.linkhub.co.kr";
+  readonly JusoLink: "https://jusolink.linkhub.co.kr";
+};
+declare const PopbillAuthBaseUrls: {
+  readonly Default: "https://auth.linkhub.co.kr";
+  readonly Static: "https://static-auth.linkhub.co.kr";
+  readonly Ga: "https://ga-auth.linkhub.co.kr";
+};
+declare const PopbillAcceptLanguages: {
+  readonly KoreanKorea: "ko-KR";
+  readonly EnglishUnitedStates: "en-US";
+};
+declare const PopbillHttpMethodOverrides: {
+  readonly BulkIssue: "BULKISSUE";
+};
+declare const PopbillLinkhubApiVersion: "2.0";
+declare const PopbillAuthScopes: {
+  readonly Member: "member";
+  readonly TaxInvoice: "110";
+  readonly CashReceipt: "140";
+  readonly TradeStatement: "121";
+  readonly Invoice: "122";
+  readonly Estimate: "123";
+  readonly PurchaseOrder: "124";
+  readonly Deposit: "125";
+  readonly Receipt: "126";
+  readonly HomeTaxTaxInvoice: "111";
+  readonly HomeTaxCashReceipt: "141";
+  readonly BusinessCheck: "170";
+  readonly CorporateInfo: "171";
+  readonly DepositorNameCheck: "182";
+  readonly DepositorRealNameCheck: "183";
+  readonly AccountCheck: "180";
+  readonly AlimTalk: "153";
+  readonly BrandMessageI: "156";
+  readonly BrandMessageN: "157";
+  readonly BrandMessageM: "158";
+  readonly SMS: "150";
+  readonly LMS: "151";
+  readonly MMS: "152";
+  readonly Fax: "160";
+  readonly IntelligentFax: "161";
+};
+//#endregion
+export { CreateTokenProviderInput, IssueTokenRequest, LinkhubApiBaseUrls, LinkhubAuthClient, LinkhubAuthClientConfig, LinkhubAuthScope, LinkhubRequestClient, LinkhubRequestClientConfig, LinkhubRequestOptions, LinkhubRequestStage, LinkhubRequestStageError, LinkhubServiceId, LinkhubServiceIds, LinkhubTokenApiResponse, LinkhubTokenResponse, PopbillAcceptLanguages, PopbillApiBaseUrls, PopbillAuthBaseUrls, PopbillAuthScopes, PopbillHttpMethodOverrides, PopbillLinkhubApiVersion, PopbillRequestClient, PopbillRequestClientConfig, PopbillRequestOptions, PopbillRequestStage, PopbillRequestStageError, PopbillServiceIds, ResolvedLinkhubAuthClientConfig, TokenProvider, createLinkhubAuthClient, createLinkhubRequestClient, createPopbillRequestClient, createTokenProvider, isLinkhubRequestStageError, isPopbillRequestStageError };

package/dist/index.mjs

@@ -0,0 +1,352 @@
+import * as Spec from "@connextable/popbill-spec";
+import { hmacSha256Base64, isBlank, normalizeOptionalString, sha1Base64, sha256Base64, stringifyWithoutEmptyValues, trimTrailingSlash } from "@connextable/popbill-utils";
+//#region src/transport/fetch-json.ts
+var HttpResponseError = class extends Error {
+	status;
+	body;
+	constructor(status, body) {
+		super(`HTTP ${String(status)}`);
+		this.name = "HttpResponseError";
+		this.status = status;
+		this.body = body;
+	}
+};
+async function fetchJson(requestUrl, requestInit, options) {
+	const response = await fetchWithTimeout(requestUrl, requestInit, options.timeoutMs);
+	const responseBodyText = await response.text();
+	if (!response.ok) throw createHttpErrorPayload(response.status, parseErrorResponseBody(responseBodyText));
+	return parseJsonResponse(responseBodyText);
+}
+async function fetchText(requestUrl, requestInit, options) {
+	const response = await fetchWithTimeout(requestUrl, requestInit, options.timeoutMs);
+	const responseText = await response.text();
+	if (!response.ok) throw createHttpErrorPayload(response.status, responseText);
+	return responseText;
+}
+async function fetchWithTimeout(requestUrl, requestInit, timeoutMs) {
+	const externalSignal = requestInit.signal;
+	const abortController = new AbortController();
+	const abortFromExternalSignal = () => {
+		abortController.abort(externalSignal?.reason);
+	};
+	if (externalSignal?.aborted) abortFromExternalSignal();
+	else externalSignal?.addEventListener("abort", abortFromExternalSignal, { once: true });
+	const timer = setTimeout(() => {
+		abortController.abort();
+	}, timeoutMs);
+	try {
+		return await fetch(requestUrl, {
+			...requestInit,
+			signal: abortController.signal
+		});
+	} finally {
+		clearTimeout(timer);
+		externalSignal?.removeEventListener("abort", abortFromExternalSignal);
+	}
+}
+function parseJsonResponse(responseText) {
+	if (responseText.length === 0) return {};
+	return JSON.parse(responseText);
+}
+function parseErrorResponseBody(responseText) {
+	if (responseText.length === 0) return {};
+	try {
+		return JSON.parse(responseText);
+	} catch {
+		return responseText;
+	}
+}
+function createHttpErrorPayload(status, body) {
+	return new HttpResponseError(status, body);
+}
+//#endregion
+//#region src/spec-constants.ts
+const PopbillServiceIds = Spec.PopbillServiceIds;
+const LinkhubServiceIds = Spec.LinkhubServiceIds;
+const PopbillApiBaseUrls = Spec.PopbillApiBaseUrls;
+const LinkhubApiBaseUrls = {
+	PopbillTest: PopbillApiBaseUrls.Test,
+	PopbillProduction: PopbillApiBaseUrls.Production,
+	PopbillStaticTest: PopbillApiBaseUrls.StaticTest,
+	PopbillStaticProduction: PopbillApiBaseUrls.StaticProduction,
+	PopbillGaTest: PopbillApiBaseUrls.GaTest,
+	PopbillGaProduction: PopbillApiBaseUrls.GaProduction,
+	JusoLink: "https://jusolink.linkhub.co.kr"
+};
+const PopbillAuthBaseUrls = Spec.PopbillAuthBaseUrls;
+const PopbillAcceptLanguages = Spec.PopbillAcceptLanguages;
+const PopbillHttpMethodOverrides = Spec.PopbillHttpMethodOverrides;
+const PopbillLinkhubApiVersion = Spec.PopbillLinkhubApiVersion;
+const PopbillAuthScopes = Spec.PopbillAuthScopes;
+//#endregion
+//#region src/auth/auth-client.ts
+const LINKHUB_VERSION = PopbillLinkhubApiVersion;
+const LINKHUB_USER_AGENT$1 = "NODEJS LINKHUB SDK";
+const DEFAULT_TIMEOUT_MS = 18e4;
+const POPBILL_SCOPE_SET = new Set(Object.values(PopbillAuthScopes));
+function createLinkhubAuthClient(config) {
+	return { async issueToken(request) {
+		return issueTokenRequest({
+			linkId: config.linkId,
+			secretKey: config.secretKey,
+			authBaseUrl: normalizeAuthBaseUrl(config.authBaseUrl),
+			useStaticIp: config.useStaticIp ?? false,
+			useGaIp: config.useGaIp ?? false,
+			useLocalTime: config.useLocalTime ?? true,
+			timeoutMs: config.timeoutMs ?? DEFAULT_TIMEOUT_MS
+		}, request);
+	} };
+}
+function resolveAuthBaseUrl(config) {
+	if (config.authBaseUrl) return config.authBaseUrl;
+	const { useStaticIp, useGaIp } = config;
+	if (useGaIp) return PopbillAuthBaseUrls.Ga;
+	if (useStaticIp) return PopbillAuthBaseUrls.Static;
+	return PopbillAuthBaseUrls.Default;
+}
+async function issueTokenRequest(config, request) {
+	validateIssueTokenRequest(request);
+	const authBaseUrl = resolveAuthBaseUrl(config);
+	const resourceUri = `/${request.serviceId}/Token`;
+	const body = stringifyWithoutEmptyValues({
+		access_id: request.accessId,
+		scope: [...request.scopes]
+	});
+	const bodyDigest = sha256Base64(body);
+	const dateHeader = await resolveDateHeader(config, authBaseUrl);
+	const signature = hmacSha256Base64(buildSignaturePayload("POST", bodyDigest, dateHeader, canonicalizeLinkhubHeaderValues(buildCanonicalHeaders(request.forwardedIp)), resourceUri), config.secretKey);
+	const requestHeaders = {
+		Authorization: `LINKHUB ${config.linkId} ${signature}`,
+		"Content-Type": "application/json",
+		"User-Agent": LINKHUB_USER_AGENT$1,
+		"x-lh-date": dateHeader,
+		"x-lh-version": LINKHUB_VERSION
+	};
+	if (request.forwardedIp) requestHeaders["x-lh-forwarded"] = request.forwardedIp;
+	return mapToLinkhubTokenResponse(await fetchJson(`${authBaseUrl}${resourceUri}`, {
+		method: "POST",
+		headers: requestHeaders,
+		body
+	}, { timeoutMs: config.timeoutMs }));
+}
+async function resolveDateHeader(config, authBaseUrl) {
+	if (config.useLocalTime) return formatUtcDateTime(/* @__PURE__ */ new Date());
+	try {
+		const normalizedServerTime = normalizeUtcDateTime(await fetchText(`${authBaseUrl}/Time`, { method: "GET" }, { timeoutMs: config.timeoutMs }));
+		if (normalizedServerTime) return normalizedServerTime;
+	} catch {}
+	return formatUtcDateTime(/* @__PURE__ */ new Date());
+}
+function buildCanonicalHeaders(forwardedIp) {
+	const headers = { "x-lh-version": LINKHUB_VERSION };
+	if (forwardedIp) headers["x-lh-forwarded"] = forwardedIp;
+	return headers;
+}
+function canonicalizeLinkhubHeaderValues(headers) {
+	const normalizedEntries = [];
+	for (const [name, value] of Object.entries(headers)) normalizedEntries.push([name.toLowerCase().trim(), value.trim()]);
+	normalizedEntries.sort((a, b) => a[0].localeCompare(b[0]));
+	const mergedValues = /* @__PURE__ */ new Map();
+	for (const [key, value] of normalizedEntries) {
+		const existing = mergedValues.get(key);
+		if (existing) {
+			existing.push(value);
+			continue;
+		}
+		mergedValues.set(key, [value]);
+	}
+	const canonicalValues = [];
+	for (const key of [...mergedValues.keys()].sort()) {
+		const values = mergedValues.get(key) ?? [];
+		canonicalValues.push(values.join(","));
+	}
+	return canonicalValues.join("\n");
+}
+function buildSignaturePayload(method, contentMd5, dateHeader, canonicalizedHeaderValues, resourceUri) {
+	if (canonicalizedHeaderValues.length === 0) return `${method}\n${contentMd5}\n${dateHeader}\n${resourceUri}`;
+	return `${method}\n${contentMd5}\n${dateHeader}\n${canonicalizedHeaderValues}\n${resourceUri}`;
+}
+function mapToLinkhubTokenResponse(response) {
+	return {
+		sessionToken: response.session_token,
+		serviceId: response.serviceID,
+		linkId: response.linkID,
+		userId: response.userID,
+		partnerCode: response.partnerCode,
+		userCode: response.usercode,
+		scopes: response.scope,
+		ipAddress: response.ipaddress,
+		expiredAt: response.expiration
+	};
+}
+function validateIssueTokenRequest(request) {
+	if (request.serviceId.trim().length === 0) throw new Error("Linkhub serviceId is required.");
+	if (request.scopes.length === 0) throw new Error("At least one Linkhub auth scope is required.");
+	for (const scope of request.scopes) if (!POPBILL_SCOPE_SET.has(scope)) throw new Error(`Unsupported Linkhub auth scope: ${scope}`);
+}
+function formatUtcDateTime(date) {
+	return date.toISOString().replace(/\.\d{3}Z$/, "Z");
+}
+function normalizeUtcDateTime(value) {
+	const trimmed = value.trim();
+	const parsedMilliseconds = Date.parse(trimmed);
+	if (Number.isNaN(parsedMilliseconds)) return;
+	return formatUtcDateTime(new Date(parsedMilliseconds));
+}
+function normalizeAuthBaseUrl(value) {
+	const normalized = normalizeOptionalString(value);
+	if (!normalized) return;
+	return trimTrailingSlash(normalized);
+}
+//#endregion
+//#region src/auth/token-provider.ts
+const DEFAULT_TOKEN_REFRESH_SKEW_MS = 6e4;
+function createTokenProvider(input) {
+	const tokenCache = /* @__PURE__ */ new Map();
+	const pendingRequests = /* @__PURE__ */ new Map();
+	const refreshSkewMs = resolveRefreshSkewMs(input.refreshSkewMs);
+	return { async getToken(businessNumber) {
+		const cachedToken = tokenCache.get(businessNumber);
+		if (cachedToken && !isExpiredToken(cachedToken, refreshSkewMs)) return cachedToken;
+		const pendingRequest = pendingRequests.get(businessNumber);
+		if (pendingRequest) return pendingRequest;
+		const issueTokenPromise = input.authClient.issueToken({
+			serviceId: input.serviceId,
+			accessId: businessNumber,
+			scopes: input.scopes,
+			forwardedIp: input.forwardedIp
+		}).then((issuedToken) => {
+			tokenCache.set(businessNumber, issuedToken);
+			return issuedToken;
+		}).finally(() => {
+			pendingRequests.delete(businessNumber);
+		});
+		pendingRequests.set(businessNumber, issueTokenPromise);
+		return issueTokenPromise;
+	} };
+}
+function isExpiredToken(token, refreshSkewMs) {
+	const expiresAt = Date.parse(token.expiredAt);
+	if (Number.isNaN(expiresAt)) return true;
+	return Date.now() + refreshSkewMs >= expiresAt;
+}
+function resolveRefreshSkewMs(value) {
+	if (value === void 0) return DEFAULT_TOKEN_REFRESH_SKEW_MS;
+	if (!Number.isFinite(value) || value < 0) throw new Error("refreshSkewMs must be a non-negative finite number.");
+	return value;
+}
+//#endregion
+//#region src/auth/enums.ts
+const LinkhubAuthScope = PopbillAuthScopes;
+//#endregion
+//#region src/api/linkhub-request-client.ts
+const LINKHUB_USER_AGENT = "NODEJS LINKHUB SDK";
+function createLinkhubRequestClient(config) {
+	const normalizedApiBaseUrl = trimTrailingSlash(config.apiBaseUrl);
+	const normalizedAcceptLanguage = normalizeOptionalString(config.acceptLanguage);
+	const normalizedUserAgent = normalizeOptionalString(config.userAgent) ?? LINKHUB_USER_AGENT;
+	return { async requestJson(options) {
+		const method = (options.method ?? "GET").toUpperCase();
+		const requestHeaders = {
+			...options.headers,
+			"User-Agent": normalizedUserAgent
+		};
+		if (options.contentType !== null) {
+			if (typeof options.contentType === "string") requestHeaders["Content-Type"] = options.contentType;
+			else if (!isFormDataBody$1(options.body) && method !== "GET") requestHeaders["Content-Type"] = "application/json;charset=utf-8";
+		}
+		if (config.acceptEncoding !== null) requestHeaders["Accept-Encoding"] = config.acceptEncoding === void 0 ? "gzip" : config.acceptEncoding;
+		if (normalizedAcceptLanguage) requestHeaders["Accept-Language"] = normalizedAcceptLanguage;
+		try {
+			requestHeaders["Authorization"] = `Bearer ${(await config.tokenProvider.getToken(config.tokenCacheKey)).sessionToken}`;
+		} catch (error) {
+			throw createLinkhubStageError("issue_token", error);
+		}
+		try {
+			return await fetchJson(`${normalizedApiBaseUrl}${options.uri}`, {
+				method,
+				headers: requestHeaders,
+				body: method === "GET" ? void 0 : options.body ?? void 0
+			}, { timeoutMs: config.timeoutMs });
+		} catch (error) {
+			throw createLinkhubStageError("request_api", error);
+		}
+	} };
+}
+function isFormDataBody$1(body) {
+	return typeof FormData !== "undefined" && body instanceof FormData;
+}
+function isLinkhubRequestStageError(error) {
+	if (typeof error !== "object" || error === null) return false;
+	if (!("requestStage" in error) || !("cause" in error)) return false;
+	const stage = error.requestStage;
+	return stage === "issue_token" || stage === "request_api";
+}
+function createLinkhubStageError(stage, cause) {
+	return Object.assign(/* @__PURE__ */ new Error(`Linkhub request failed at stage "${stage}".`), {
+		requestStage: stage,
+		cause
+	});
+}
+//#endregion
+//#region src/api/request-client.ts
+const POPBILL_USER_AGENT = "NODEJS POPBILL SDK";
+function createPopbillRequestClient(config) {
+	const normalizedApiBaseUrl = trimTrailingSlash(config.apiBaseUrl);
+	const normalizedAcceptLanguage = normalizeOptionalString(config.acceptLanguage);
+	return { async requestJson(options) {
+		const method = (options.method ?? "GET").toUpperCase();
+		const requestHeaders = {
+			...options.headers,
+			"User-Agent": POPBILL_USER_AGENT
+		};
+		if (options.contentType !== null) {
+			if (typeof options.contentType === "string") requestHeaders["Content-Type"] = options.contentType;
+			else if (!isFormDataBody(options.body)) requestHeaders["Content-Type"] = "application/json;charset=utf-8";
+		}
+		if (config.acceptEncoding !== null) requestHeaders["Accept-Encoding"] = config.acceptEncoding === void 0 ? "gzip" : config.acceptEncoding;
+		if (normalizedAcceptLanguage) requestHeaders["Accept-Language"] = normalizedAcceptLanguage;
+		if (isNonBlankString(options.userId)) requestHeaders["x-pb-userid"] = options.userId;
+		if (method !== "GET" && method !== "POST") {
+			requestHeaders["X-HTTP-Method-Override"] = method;
+			if (method === PopbillHttpMethodOverrides.BulkIssue) {
+				requestHeaders["X-PB-MESSAGE-DIGEST"] = sha1Base64(typeof options.body === "string" ? options.body : "");
+				if (isNonBlankString(options.submitId)) requestHeaders["X-PB-SUBMIT-ID"] = options.submitId;
+			}
+		}
+		if (isNonBlankString(options.corpNum)) try {
+			requestHeaders["Authorization"] = `Bearer ${(await config.tokenProvider.getToken(options.corpNum)).sessionToken}`;
+		} catch (error) {
+			throw createStageError("issue_token", error);
+		}
+		try {
+			return await fetchJson(`${normalizedApiBaseUrl}${options.uri}`, {
+				method: method === "GET" ? "GET" : "POST",
+				headers: requestHeaders,
+				body: method === "GET" ? void 0 : options.body ?? void 0
+			}, { timeoutMs: config.timeoutMs });
+		} catch (error) {
+			throw createStageError("request_api", error);
+		}
+	} };
+}
+function isFormDataBody(body) {
+	return typeof FormData !== "undefined" && body instanceof FormData;
+}
+function isNonBlankString(value) {
+	return !isBlank(value);
+}
+function isPopbillRequestStageError(error) {
+	if (typeof error !== "object" || error === null) return false;
+	if (!("requestStage" in error) || !("cause" in error)) return false;
+	const stage = error.requestStage;
+	return stage === "issue_token" || stage === "request_api";
+}
+function createStageError(stage, cause) {
+	return Object.assign(/* @__PURE__ */ new Error(`Popbill request failed at stage "${stage}".`), {
+		requestStage: stage,
+		cause
+	});
+}
+//#endregion
+export { LinkhubApiBaseUrls, LinkhubAuthScope, LinkhubServiceIds, PopbillAcceptLanguages, PopbillApiBaseUrls, PopbillAuthBaseUrls, PopbillAuthScopes, PopbillHttpMethodOverrides, PopbillLinkhubApiVersion, PopbillServiceIds, createLinkhubAuthClient, createLinkhubRequestClient, createPopbillRequestClient, createTokenProvider, isLinkhubRequestStageError, isPopbillRequestStageError };

package/package.json

@@ -0,0 +1,46 @@
+{
+  "name": "@connextable/popbill-runtime",
+  "version": "1.0.0",
+  "description": "Shared runtime clients for Popbill authentication and API transport",
+  "bugs": {
+    "url": "https://github.com/connextable/popbill/issues"
+  },
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/connextable/popbill.git"
+  },
+  "files": [
+    "dist"
+  ],
+  "type": "module",
+  "sideEffects": false,
+  "types": "./dist/index.d.mts",
+  "exports": {
+    ".": "./dist/index.mjs",
+    "./package.json": "./package.json"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "dependencies": {
+    "@connextable/popbill-spec": "1.0.0",
+    "@connextable/popbill-utils": "1.0.0"
+  },
+  "engines": {
+    "node": ">=20"
+  },
+  "scripts": {
+    "build": "tsdown",
+    "test": "vitest run",
+    "test:coverage": "vitest run --coverage",
+    "lint": "oxlint --type-aware",
+    "lint:fix": "oxlint --fix",
+    "fmt": "oxfmt",
+    "fmt:check": "oxfmt --check",
+    "typecheck": "tsgo -b --noEmit",
+    "typecheck:lib": "tsgo -p tsconfig.lib.json --noEmit",
+    "typecheck:test": "tsgo -p tsconfig.test.json --noEmit",
+    "clean": "del node_modules dist"
+  }
+}