@corsa-labs/sdk 1.0.0

package/dist/webhooks/types.d.ts

@@ -0,0 +1,56 @@
+import { CreateIndividualClientResponseDto as IndividualClientDto } from "../models/CreateIndividualClientResponseDto";
+import { CorporateClientDto } from "../models/CorporateClientDto";
+import { AlertDto } from "../models/AlertDto";
+export declare enum WebhookEventType {
+    INDIVIDUAL_CLIENT_CREATED = "individual_client.created",
+    INDIVIDUAL_CLIENT_UPDATED = "individual_client.updated",
+    CORPORATE_CLIENT_CREATED = "corporate_client.created",
+    CORPORATE_CLIENT_UPDATED = "corporate_client.updated",
+    ALERT_CREATED = "alert.created",
+    ALERT_UPDATED = "alert.updated",
+    CASE_CREATED = "case.created",
+    CASE_UPDATED = "case.updated"
+}
+export interface EntityCreatedPayload<T> {
+    id: string;
+    referenceId?: string;
+    entity: T;
+}
+export interface EntityUpdatedPayload<T> {
+    id: string;
+    referenceId?: string;
+    updated: Partial<T>;
+}
+export interface WebhookEvent<M, T extends EntityCreatedPayload<M> | EntityUpdatedPayload<M>> {
+    data: T;
+    type: WebhookEventType;
+    timestamp: string;
+}
+/** todo export case dto from openapi schema */
+export declare enum CaseStatus {
+    NEW = "NEW",
+    UNDER_INVESTIGATION = "UNDER_INVESTIGATION",
+    PENDING_EDD = "PENDING_EDD",
+    PENDING_RFI = "PENDING_RFI",
+    PENDING_REVIEW = "PENDING_REVIEW",
+    CLOSED_DISMISSED = "CLOSED_DISMISSED",
+    CLOSED_ESCALATION_TO_SAR = "CLOSED_ESCALATION_TO_SAR"
+}
+export interface CaseDto {
+    id: string;
+    status: CaseStatus;
+    assigneeId?: string | null;
+    reviewersIds: string[];
+}
+export type IndividualClientCreatedEvent = WebhookEvent<IndividualClientDto, EntityCreatedPayload<IndividualClientDto>>;
+export type IndividualClientUpdatedEvent = WebhookEvent<IndividualClientDto, EntityUpdatedPayload<IndividualClientDto>>;
+export type CorporateClientCreatedEvent = WebhookEvent<CorporateClientDto, EntityCreatedPayload<CorporateClientDto>>;
+export type CorporateClientUpdatedEvent = WebhookEvent<CorporateClientDto, EntityUpdatedPayload<CorporateClientDto>>;
+export type AlertCreatedEvent = WebhookEvent<AlertDto, EntityCreatedPayload<AlertDto>>;
+export type AlertUpdatedEvent = WebhookEvent<AlertDto, EntityUpdatedPayload<AlertDto>>;
+export type CaseCreatedEvent = WebhookEvent<CaseDto, EntityCreatedPayload<CaseDto>>;
+export type CaseUpdatedEvent = WebhookEvent<CaseDto, EntityUpdatedPayload<CaseDto>>;
+export declare const WebhookSignatureHeader = "x-hub-signature-256";
+export declare const WebhookIdHeader = "x-tweed-hook-id";
+export declare const WebhookDeliveryIdHeader = "x-tweed-delivery";
+export declare const WebhookEventTypeHeader = "x-tweed-event";

package/dist/webhooks/types.js

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WebhookEventTypeHeader = exports.WebhookDeliveryIdHeader = exports.WebhookIdHeader = exports.WebhookSignatureHeader = exports.CaseStatus = exports.WebhookEventType = void 0;
+var WebhookEventType;
+(function (WebhookEventType) {
+    WebhookEventType["INDIVIDUAL_CLIENT_CREATED"] = "individual_client.created";
+    WebhookEventType["INDIVIDUAL_CLIENT_UPDATED"] = "individual_client.updated";
+    WebhookEventType["CORPORATE_CLIENT_CREATED"] = "corporate_client.created";
+    WebhookEventType["CORPORATE_CLIENT_UPDATED"] = "corporate_client.updated";
+    WebhookEventType["ALERT_CREATED"] = "alert.created";
+    WebhookEventType["ALERT_UPDATED"] = "alert.updated";
+    WebhookEventType["CASE_CREATED"] = "case.created";
+    WebhookEventType["CASE_UPDATED"] = "case.updated";
+})(WebhookEventType || (exports.WebhookEventType = WebhookEventType = {}));
+/** todo export case dto from openapi schema */
+var CaseStatus;
+(function (CaseStatus) {
+    CaseStatus["NEW"] = "NEW";
+    CaseStatus["UNDER_INVESTIGATION"] = "UNDER_INVESTIGATION";
+    CaseStatus["PENDING_EDD"] = "PENDING_EDD";
+    CaseStatus["PENDING_RFI"] = "PENDING_RFI";
+    CaseStatus["PENDING_REVIEW"] = "PENDING_REVIEW";
+    CaseStatus["CLOSED_DISMISSED"] = "CLOSED_DISMISSED";
+    CaseStatus["CLOSED_ESCALATION_TO_SAR"] = "CLOSED_ESCALATION_TO_SAR";
+})(CaseStatus || (exports.CaseStatus = CaseStatus = {}));
+exports.WebhookSignatureHeader = 'x-hub-signature-256';
+exports.WebhookIdHeader = 'x-tweed-hook-id';
+exports.WebhookDeliveryIdHeader = 'x-tweed-delivery';
+exports.WebhookEventTypeHeader = 'x-tweed-event';
+//# sourceMappingURL=types.js.map

package/dist/webhooks/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../webhooks/types.ts"],"names":[],"mappings":";;;AAIA,IAAY,gBASX;AATD,WAAY,gBAAgB;IAC1B,2EAAuD,CAAA;IACvD,2EAAuD,CAAA;IACvD,yEAAqD,CAAA;IACrD,yEAAqD,CAAA;IACrD,mDAA+B,CAAA;IAC/B,mDAA+B,CAAA;IAC/B,iDAA6B,CAAA;IAC7B,iDAA6B,CAAA;AAC/B,CAAC,EATW,gBAAgB,gCAAhB,gBAAgB,QAS3B;AAoBD,+CAA+C;AAC/C,IAAY,UAQX;AARD,WAAY,UAAU;IAClB,yBAAW,CAAA;IACX,yDAA2C,CAAA;IAC3C,yCAA2B,CAAA;IAC3B,yCAA2B,CAAA;IAC3B,+CAAiC,CAAA;IACjC,mDAAqC,CAAA;IACrC,mEAAqD,CAAA;AACzD,CAAC,EARW,UAAU,0BAAV,UAAU,QAQrB;AAkBY,QAAA,sBAAsB,GAAG,qBAAqB,CAAC;AAC/C,QAAA,eAAe,GAAG,iBAAiB,CAAC;AACpC,QAAA,uBAAuB,GAAG,kBAAkB,CAAC;AAC7C,QAAA,sBAAsB,GAAG,eAAe,CAAC"}

package/dist/webhooks/verify-signature.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Signs a payload with a secret - this is the function we use to sign the payload before sending it to the webhook
+ * @param secret The secret to sign the payload with
+ * @param payload The payload to sign
+ * @returns The signature
+ */
+export declare function signWebhookPayload(secret: string, payload: string): string;
+/**
+ * Verifies a signature against a secret
+ * @param secret The secret to verify the signature against
+ * @param eventPayload The payload to verify the signature against
+ * @param signature The signature to verify
+ * @returns True if the signature is valid, false otherwise
+ */
+export declare function verifyWebhookSignature(secret: string, eventPayload: string, signature: string): boolean;

package/dist/webhooks/verify-signature.js

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.signWebhookPayload = signWebhookPayload;
+exports.verifyWebhookSignature = verifyWebhookSignature;
+const node_crypto_1 = require("node:crypto");
+// This is a clone of the verify function from the @octokit/webhooks-methods package
+/**
+ * Signs a payload with a secret - this is the function we use to sign the payload before sending it to the webhook
+ * @param secret The secret to sign the payload with
+ * @param payload The payload to sign
+ * @returns The signature
+ */
+function signWebhookPayload(secret, payload) {
+    if (!secret || !payload) {
+        throw new TypeError('[@paytweed/compliance-sdk] secret & payload required for sign()');
+    }
+    if (typeof payload !== 'string') {
+        throw new TypeError('[@paytweed/compliance-sdk] payload must be a string');
+    }
+    const algorithm = 'sha256';
+    return `${algorithm}=${(0, node_crypto_1.createHmac)(algorithm, secret)
+        .update(payload)
+        .digest('hex')}`;
+}
+/**
+ * Verifies a signature against a secret
+ * @param secret The secret to verify the signature against
+ * @param eventPayload The payload to verify the signature against
+ * @param signature The signature to verify
+ * @returns True if the signature is valid, false otherwise
+ */
+function verifyWebhookSignature(secret, eventPayload, signature) {
+    if (!secret || !eventPayload || !signature) {
+        throw new TypeError('[@paytweed/compliance-sdk] secret, eventPayload & signature required');
+    }
+    if (typeof eventPayload !== 'string') {
+        throw new TypeError('[@paytweed/compliance-sdk] eventPayload must be a string');
+    }
+    const signatureBuffer = Buffer.from(signature);
+    const verificationBuffer = Buffer.from(signWebhookPayload(secret, eventPayload));
+    if (signatureBuffer.length !== verificationBuffer.length) {
+        return false;
+    }
+    // constant time comparison to prevent timing attacks
+    // https://stackoverflow.com/a/31096242/206879
+    // https://en.wikipedia.org/wiki/Timing_attack
+    return (0, node_crypto_1.timingSafeEqual)(signatureBuffer, verificationBuffer);
+}
+//# sourceMappingURL=verify-signature.js.map

package/dist/webhooks/verify-signature.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-signature.js","sourceRoot":"","sources":["../../webhooks/verify-signature.ts"],"names":[],"mappings":";;AAUA,gDAgBC;AASD,wDA6BC;AAhED,6CAA0D;AAE1D,oFAAoF;AAEpF;;;;;GAKG;AACH,SAAgB,kBAAkB,CAAC,MAAc,EAAE,OAAe;IAChE,IAAI,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACxB,MAAM,IAAI,SAAS,CACjB,iEAAiE,CAClE,CAAA;IACH,CAAC;IAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QAChC,MAAM,IAAI,SAAS,CAAC,qDAAqD,CAAC,CAAA;IAC5E,CAAC;IAED,MAAM,SAAS,GAAG,QAAQ,CAAA;IAE1B,OAAO,GAAG,SAAS,IAAI,IAAA,wBAAU,EAAC,SAAS,EAAE,MAAM,CAAC;SACjD,MAAM,CAAC,OAAO,CAAC;SACf,MAAM,CAAC,KAAK,CAAC,EAAE,CAAA;AACpB,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,sBAAsB,CACpC,MAAc,EACd,YAAoB,EACpB,SAAiB;IAEjB,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,IAAI,CAAC,SAAS,EAAE,CAAC;QAC3C,MAAM,IAAI,SAAS,CACjB,sEAAsE,CACvE,CAAA;IACH,CAAC;IAED,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,IAAI,SAAS,CACjB,0DAA0D,CAC3D,CAAA;IACH,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IAE9C,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAAA;IAEhF,IAAI,eAAe,CAAC,MAAM,KAAK,kBAAkB,CAAC,MAAM,EAAE,CAAC;QACzD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,qDAAqD;IACrD,8CAA8C;IAC9C,8CAA8C;IAC9C,OAAO,IAAA,6BAAe,EAAC,eAAe,EAAE,kBAAkB,CAAC,CAAA;AAC7D,CAAC"}

package/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@corsa-labs/sdk",
+  "version": "1.0.0",
+  "description": "SDK for Corsa API",
+  "main": "dist/main.js",
+  "types": "dist/main.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "prebuild": "rimraf dist",
+    "build": "rimraf dist && tsc",
+    "prepublishOnly": "npm run build",
+    "test": "jest --coverage --passWithNoTests --runInBand --detectOpenHandles --forceExit",
+    "semantic-release": "semantic-release --debug"
+  },
+  "license": "MIT",
+  "dependencies": {
+    "axios": "^0.21.1",
+    "uuid": "^11.1.0"
+  },
+  "peerDependencies": {},
+  "devDependencies": {
+    "@semantic-release/npm": "^12.0.1",
+    "@types/node": "^22.15.2",
+    "rimraf": "^6.0.1",
+    "semantic-release": "^24.1.1"
+  },
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org/",
+    "access": "public"
+  },
+  "release": {
+    "branches": [
+      "main"
+    ],
+    "plugins": [
+      "@semantic-release/npm",
+      "@semantic-release/github"
+    ]
+  }
+}