npm - @creativeproject/fiscal-gateway - Versions diffs - 0.1.0 - Mend

@creativeproject/fiscal-gateway 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,166 @@
+# @creativeproject/fiscal-gateway
+SDK Node.js/TypeScript do **Fiscal Gateway** da Creative Project — emissão de NFS-e Padrão Nacional com uma chamada de função.
+- Zero dependências (usa `fetch` nativo — Node 18+)
+- ESM + CJS + tipos TypeScript completos
+- Retry automático com backoff para 429/5xx/falhas de rede (seguro: a emissão é idempotente)
+- Verificação de assinatura HMAC de webhooks embutida (com replay protection)
+## Instalação
+```bash
+npm install @creativeproject/fiscal-gateway
+```
+## Uso
+### Emitir uma NFS-e
+```typescript
+import { FiscalGateway } from '@creativeproject/fiscal-gateway';
+const fiscal = new FiscalGateway({
+  apiKey: process.env.FISCAL_API_KEY!,
+  baseUrl: 'https://api.fiscal.creativeproject.com.br',
+});
+const nota = await fiscal.nfse.emit({
+  organizationId: 'org_...',
+  externalId: 'charge_987',          // seu ID — reenviar nunca duplica a nota
+  customer: { name: 'João da Silva', cpfCnpj: '39053344705' },
+  service: { description: 'Taxa de administração 06/2026', amount: 200.0 },
+  metadata: { source: 'mylapro', contractId: 'contract_123' },
+});
+// nota.status === 'pending' — o resultado chega via webhook
+```
+### Receber o resultado via webhook (recomendado)
+```typescript
+import express from 'express';
+import { createWebhookHandler } from '@creativeproject/fiscal-gateway';
+const app = express();
+// IMPORTANTE: express.raw — o HMAC é calculado sobre o corpo cru
+app.post(
+  '/hooks/fiscal',
+  express.raw({ type: 'application/json' }),
+  createWebhookHandler({
+    secret: process.env.FISCAL_WEBHOOK_SECRET!, // retornado ao criar o endpoint
+    onAuthorized: async (nota) => {
+      await marcarCobrancaComNota(nota.externalId, nota.accessKey!);
+    },
+    onRejected: async (nota) => {
+      await alertarOperacao(nota.externalId, nota.rejectionReason!);
+    },
+    onCancelled: async (nota) => { /* ... */ },
+  }),
+);
+```
+Ou verifique manualmente (qualquer framework):
+```typescript
+import { verifyWebhook } from '@creativeproject/fiscal-gateway';
+const event = verifyWebhook(rawBody, req.headers['x-fiscal-signature'], secret);
+// lança WebhookVerificationError se a assinatura for inválida/expirada
+```
+### Outras operações
+```typescript
+// Consulta e polling (scripts/testes — em produção prefira webhooks)
+const doc = await fiscal.nfse.get(id);
+const final = await fiscal.nfse.waitForResult(id, { timeoutMs: 30_000 });
+// Listagem, XML, DANFSe, cancelamento
+const lista = await fiscal.nfse.list({ status: 'authorized', limit: 20 });
+const xml = await fiscal.nfse.xml(id);
+const { url } = await fiscal.nfse.pdf(id);         // URL pré-assinada (15 min)
+await fiscal.nfse.cancel(id, 'Valor incorreto');
+// Onboarding de organizações
+const org = await fiscal.organizations.create({
+  cnpj: '12345678000190',
+  legalName: 'Imobiliária Alfa Ltda',
+  cityCode: '3550308',
+  state: 'SP',
+  taxRegime: 'simples_nacional',
+  fiscalSettings: {
+    provider: 'nacional',
+    serviceCode: '070101',
+    serviceDescription: 'Administração imobiliária',
+    issRate: 2.0,
+  },
+});
+await fiscal.organizations.addCredential(org.id, {
+  type: 'certificate_a1',
+  payload: { pfxBase64: '...', password: '...' }, // validado no upload
+});
+// Webhook endpoints
+const endpoint = await fiscal.webhookEndpoints.create('https://meuapp.com/hooks/fiscal');
+console.log(endpoint.secret); // exibido SÓ aqui — guarde no seu secret manager
+```
+### Tratamento de erros
+```typescript
+import { FiscalGatewayError } from '@creativeproject/fiscal-gateway';
+try {
+  await fiscal.nfse.emit(params);
+} catch (err) {
+  if (err instanceof FiscalGatewayError) {
+    err.status;        // HTTP status
+    err.body;          // corpo da resposta do gateway
+    err.isClientError; // 4xx — corrija o payload, não retente
+  }
+}
+```
+Erros 429/5xx/rede são retentados automaticamente (3x, backoff exponencial). Configure com `maxRetries` e `timeoutMs` no construtor.
+## Desenvolvimento
+```bash
+npm install
+npm test         # vitest — 14 testes (HMAC, retry, contrato HTTP)
+npm run build    # tsup — dist/ com ESM + CJS + .d.ts
+```
+## Publicação no npm
+O `prepublishOnly` roda testes + build automaticamente.
+### Opção A — npm público (npmjs.com)
+```bash
+# 1ª vez: criar a organização "creativeproject" em npmjs.com e fazer login
+npm login
+cd packages/sdk
+npm version patch        # ou minor/major — atualiza package.json e cria tag
+npm publish              # access public já configurado no package.json
+```
+### Opção B — GitHub Packages (privado, dentro da org)
+```bash
+# .npmrc do projeto consumidor:
+# @creativeproject:registry=https://npm.pkg.github.com
+cd packages/sdk
+npm publish --registry=https://npm.pkg.github.com
+```
+### Opção C — automática por tag (workflow já configurado)
+```bash
+git tag sdk-v0.1.0 && git push origin sdk-v0.1.0
+# o workflow .github/workflows/publish-sdk.yml testa, builda e publica
+# requer o secret NPM_TOKEN configurado no repositório (npmjs → Access Tokens → Automation)
+```

package/dist/index.cjs ADDED Viewed

@@ -0,0 +1,315 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  FiscalGateway: () => FiscalGateway,
+  FiscalGatewayError: () => FiscalGatewayError,
+  WebhookVerificationError: () => WebhookVerificationError,
+  createWebhookHandler: () => createWebhookHandler,
+  verifyWebhook: () => verifyWebhook
+});
+module.exports = __toCommonJS(index_exports);
+// src/errors.ts
+var FiscalGatewayError = class extends Error {
+  status;
+  body;
+  constructor(message, status, body) {
+    super(message);
+    this.name = "FiscalGatewayError";
+    this.status = status;
+    this.body = body;
+  }
+  /** Erro de validação ou regra de negócio — corrigir o payload, não retentar */
+  get isClientError() {
+    return this.status >= 400 && this.status < 500;
+  }
+  /** Rate limit — aguarde e retente (o SDK já retenta automaticamente) */
+  get isRateLimited() {
+    return this.status === 429;
+  }
+};
+var WebhookVerificationError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "WebhookVerificationError";
+  }
+};
+// src/http.ts
+var RETRYABLE_STATUS = /* @__PURE__ */ new Set([429, 500, 502, 503, 504]);
+var HttpClient = class {
+  constructor(options) {
+    this.options = options;
+    this.fetchFn = options.fetch ?? globalThis.fetch;
+    if (!this.fetchFn) {
+      throw new Error("fetch global n\xE3o dispon\xEDvel \u2014 Node 18+ \xE9 obrigat\xF3rio");
+    }
+  }
+  options;
+  fetchFn;
+  async request(method, path, body, query) {
+    const url = new URL(path, this.options.baseUrl);
+    for (const [key, value] of Object.entries(query ?? {})) {
+      if (value !== void 0) url.searchParams.set(key, String(value));
+    }
+    const maxRetries = this.options.maxRetries ?? 3;
+    let lastError;
+    for (let attempt = 0; attempt <= maxRetries; attempt++) {
+      if (attempt > 0) {
+        const backoff = Math.min(1e3 * 2 ** (attempt - 1), 8e3);
+        await sleep(backoff + Math.random() * 250);
+      }
+      try {
+        const response = await this.fetchFn(url, {
+          method,
+          headers: {
+            "x-api-key": this.options.apiKey,
+            ...body !== void 0 && { "content-type": "application/json" }
+          },
+          body: body !== void 0 ? JSON.stringify(body) : void 0,
+          signal: AbortSignal.timeout(this.options.timeoutMs ?? 3e4)
+        });
+        const text = await response.text();
+        const parsed = text ? safeJsonParse(text) : null;
+        if (response.ok) return parsed;
+        if (RETRYABLE_STATUS.has(response.status) && attempt < maxRetries) {
+          lastError = new FiscalGatewayError(
+            `HTTP ${response.status} em ${method} ${path}`,
+            response.status,
+            parsed
+          );
+          continue;
+        }
+        const message = parsed?.message ?? `HTTP ${response.status}`;
+        throw new FiscalGatewayError(
+          Array.isArray(message) ? message.join("; ") : message,
+          response.status,
+          parsed
+        );
+      } catch (err) {
+        if (err instanceof FiscalGatewayError) throw err;
+        lastError = err;
+        if (attempt === maxRetries) break;
+      }
+    }
+    throw lastError;
+  }
+  get(path, query) {
+    return this.request("GET", path, void 0, query);
+  }
+  post(path, body) {
+    return this.request("POST", path, body);
+  }
+  patch(path, body) {
+    return this.request("PATCH", path, body);
+  }
+  delete(path) {
+    return this.request("DELETE", path);
+  }
+};
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function safeJsonParse(text) {
+  try {
+    return JSON.parse(text);
+  } catch {
+    return { raw: text };
+  }
+}
+// src/resources.ts
+var NfseResource = class {
+  constructor(http) {
+    this.http = http;
+  }
+  http;
+  /**
+   * Solicita a emissão de uma NFS-e. Assíncrono: retorna `pending` e o
+   * resultado final chega via webhook (ou polling com get()).
+   * Idempotente por (organizationId, externalId).
+   */
+  emit(params) {
+    return this.http.post("/v1/nfse", params);
+  }
+  get(id) {
+    return this.http.get(`/v1/nfse/${id}`);
+  }
+  list(params = {}) {
+    return this.http.get("/v1/nfse", params);
+  }
+  events(id) {
+    return this.http.get(`/v1/nfse/${id}/events`);
+  }
+  xml(id) {
+    return this.http.get(`/v1/nfse/${id}/xml`);
+  }
+  /** DANFSe (PDF) — retorna URL pré-assinada com expiração */
+  pdf(id) {
+    return this.http.get(`/v1/nfse/${id}/pdf`);
+  }
+  cancel(id, reason) {
+    return this.http.post(`/v1/nfse/${id}/cancel`, { reason });
+  }
+  /**
+   * Aguarda o documento sair de pending/processing (polling).
+   * Use webhooks em produção; isto é conveniência para scripts e testes.
+   */
+  async waitForResult(id, opts = {}) {
+    const deadline = Date.now() + (opts.timeoutMs ?? 6e4);
+    for (; ; ) {
+      const doc = await this.get(id);
+      if (doc.status !== "pending" && doc.status !== "processing") return doc;
+      if (Date.now() > deadline) {
+        throw new Error(`Timeout aguardando resultado da NFS-e ${id} (status: ${doc.status})`);
+      }
+      await new Promise((resolve) => setTimeout(resolve, opts.intervalMs ?? 1500));
+    }
+  }
+};
+var OrganizationsResource = class {
+  constructor(http) {
+    this.http = http;
+  }
+  http;
+  create(params) {
+    return this.http.post("/v1/organizations", params);
+  }
+  list() {
+    return this.http.get("/v1/organizations");
+  }
+  get(id) {
+    return this.http.get(`/v1/organizations/${id}`);
+  }
+  update(id, params) {
+    return this.http.patch(`/v1/organizations/${id}`, params);
+  }
+  /** Cadastra credencial fiscal (certificado A1 é validado no upload) */
+  addCredential(organizationId, params) {
+    return this.http.post(`/v1/organizations/${organizationId}/credentials`, params);
+  }
+};
+var WebhookEndpointsResource = class {
+  constructor(http) {
+    this.http = http;
+  }
+  http;
+  /** O `secret` retornado é exibido apenas aqui — guarde-o para verificar assinaturas */
+  create(url) {
+    return this.http.post("/v1/webhook-endpoints", { url });
+  }
+  list() {
+    return this.http.get("/v1/webhook-endpoints");
+  }
+  deactivate(id) {
+    return this.http.delete(`/v1/webhook-endpoints/${id}`);
+  }
+};
+// src/webhooks.ts
+var import_node_crypto = require("crypto");
+var DEFAULT_TOLERANCE_SECONDS = 300;
+function verifyWebhook(rawBody, signatureHeader, secret, options = {}) {
+  if (!signatureHeader) {
+    throw new WebhookVerificationError("Header x-fiscal-signature ausente");
+  }
+  const parts = Object.fromEntries(
+    signatureHeader.split(",").map((part) => part.split("=", 2))
+  );
+  const timestamp = Number(parts.t);
+  const signature = parts.v1;
+  if (!timestamp || !signature) {
+    throw new WebhookVerificationError("Formato de assinatura inv\xE1lido (esperado t=...,v1=...)");
+  }
+  const tolerance = options.toleranceSeconds ?? DEFAULT_TOLERANCE_SECONDS;
+  const ageSeconds = Math.abs(Date.now() / 1e3 - timestamp);
+  if (ageSeconds > tolerance) {
+    throw new WebhookVerificationError(`Timestamp fora da toler\xE2ncia (${Math.round(ageSeconds)}s)`);
+  }
+  const body = typeof rawBody === "string" ? rawBody : rawBody.toString("utf8");
+  const expected = (0, import_node_crypto.createHmac)("sha256", secret).update(`${timestamp}.${body}`).digest("hex");
+  const a = Buffer.from(signature, "hex");
+  const b = Buffer.from(expected, "hex");
+  if (a.length !== b.length || !(0, import_node_crypto.timingSafeEqual)(a, b)) {
+    throw new WebhookVerificationError("Assinatura HMAC inv\xE1lida");
+  }
+  return JSON.parse(body);
+}
+function createWebhookHandler(options) {
+  return async (req, res) => {
+    const header = req.headers["x-fiscal-signature"];
+    const rawBody = Buffer.isBuffer(req.body) || typeof req.body === "string" ? req.body : JSON.stringify(req.body);
+    let event;
+    try {
+      event = verifyWebhook(rawBody, Array.isArray(header) ? header[0] : header, options.secret, options);
+    } catch (err) {
+      res.status(400).send({ error: err.message });
+      return;
+    }
+    try {
+      switch (event.type) {
+        case "nfse.authorized":
+          await options.onAuthorized?.(event.data, event);
+          break;
+        case "nfse.rejected":
+          await options.onRejected?.(event.data, event);
+          break;
+        case "nfse.cancelled":
+          await options.onCancelled?.(event.data, event);
+          break;
+      }
+      await options.onEvent?.(event);
+      res.status(200).send({ received: true });
+    } catch (err) {
+      options.onError?.(err);
+      res.status(500).send({ error: "handler failed" });
+    }
+  };
+}
+// src/index.ts
+var FiscalGateway = class {
+  nfse;
+  organizations;
+  webhookEndpoints;
+  constructor(options) {
+    if (!options.apiKey) throw new Error("apiKey \xE9 obrigat\xF3ria");
+    const http = new HttpClient({
+      baseUrl: options.baseUrl ?? "http://localhost:3333",
+      apiKey: options.apiKey,
+      timeoutMs: options.timeoutMs,
+      maxRetries: options.maxRetries,
+      fetch: options.fetch
+    });
+    this.nfse = new NfseResource(http);
+    this.organizations = new OrganizationsResource(http);
+    this.webhookEndpoints = new WebhookEndpointsResource(http);
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  FiscalGateway,
+  FiscalGatewayError,
+  WebhookVerificationError,
+  createWebhookHandler,
+  verifyWebhook
+});

package/dist/index.d.cts ADDED Viewed

@@ -0,0 +1,301 @@
+interface HttpClientOptions {
+    baseUrl: string;
+    apiKey: string;
+    /** Timeout por requisição em ms (padrão: 30000) */
+    timeoutMs?: number;
+    /** Máximo de tentativas para 429/5xx/erros de rede (padrão: 3) */
+    maxRetries?: number;
+    fetch?: typeof fetch;
+}
+declare class HttpClient {
+    private readonly options;
+    private readonly fetchFn;
+    constructor(options: HttpClientOptions);
+    request<T>(method: string, path: string, body?: unknown, query?: Record<string, string | number | undefined>): Promise<T>;
+    get<T>(path: string, query?: Record<string, string | number | undefined>): Promise<T>;
+    post<T>(path: string, body?: unknown): Promise<T>;
+    patch<T>(path: string, body?: unknown): Promise<T>;
+    delete<T>(path: string): Promise<T>;
+}
+type NfseStatus = 'draft' | 'pending' | 'processing' | 'authorized' | 'rejected' | 'cancelled' | 'error';
+type TaxRegime = 'simples_nacional' | 'lucro_presumido' | 'lucro_real' | 'mei';
+type FiscalEnvironment = 'production' | 'restricted_production';
+type FiscalProvider = 'mock' | 'nacional';
+interface Customer {
+    name: string;
+    /** 11 dígitos (CPF) ou 14 (CNPJ), somente números */
+    cpfCnpj?: string;
+    email?: string;
+}
+interface ServiceInfo {
+    description: string;
+    amount: number;
+    /** Sobrescreve o código de tributação padrão da organização */
+    serviceCode?: string;
+    /** Competência da prestação (ISO date) */
+    competence?: string;
+}
+interface EmitNfseParams {
+    organizationId: string;
+    /** ID do seu sistema — chave de idempotência: reenviar nunca duplica a nota */
+    externalId: string;
+    customer: Customer;
+    service: ServiceInfo;
+    metadata?: Record<string, unknown>;
+}
+interface NfseDocument {
+    id: string;
+    organizationId: string;
+    externalId: string;
+    status: NfseStatus;
+    amount: string;
+    nfseNumber: string | null;
+    accessKey: string | null;
+    verificationCode: string | null;
+    rejectionReason: string | null;
+    createdAt: string;
+    /** true quando o POST devolveu um documento já existente (replay idempotente) */
+    idempotentReplay?: boolean;
+}
+interface NfseListResult {
+    total: number;
+    limit: number;
+    offset: number;
+    items: NfseDocument[];
+}
+interface ListNfseParams {
+    organizationId?: string;
+    status?: NfseStatus;
+    externalId?: string;
+    limit?: number;
+    offset?: number;
+}
+interface FiscalEvent {
+    id: string;
+    documentId: string;
+    type: string;
+    status: string | null;
+    payload: Record<string, unknown> | null;
+    createdAt: string;
+}
+interface XmlArtifact {
+    type: string;
+    content: string | null;
+    url: string | null;
+    checksum: string;
+    createdAt: string;
+}
+interface DanfseResult {
+    documentId: string;
+    type: 'danfse_pdf';
+    /** URL pré-assinada (expira) */
+    url: string;
+    expiresInSeconds: number;
+}
+interface FiscalSettingsInput {
+    provider?: FiscalProvider;
+    environment?: FiscalEnvironment;
+    serviceCode: string;
+    serviceDescription: string;
+    cnae?: string;
+    issRate: number;
+    issWithheld?: boolean;
+}
+interface CreateOrganizationParams {
+    cnpj: string;
+    legalName: string;
+    tradeName?: string;
+    /** Código IBGE de 7 dígitos */
+    cityCode: string;
+    state: string;
+    municipalRegistration?: string;
+    taxRegime: TaxRegime;
+    fiscalSettings?: FiscalSettingsInput;
+}
+interface Organization {
+    id: string;
+    accountId: string;
+    cnpj: string;
+    legalName: string;
+    tradeName: string | null;
+    cityCode: string;
+    state: string;
+    municipalRegistration: string | null;
+    taxRegime: TaxRegime;
+    status: 'active' | 'inactive' | 'pending_setup';
+    fiscalSettings: (FiscalSettingsInput & {
+        id: string;
+    }) | null;
+    createdAt: string;
+    updatedAt: string;
+}
+interface CreateCredentialParams {
+    type: 'certificate_a1' | 'token' | 'credential';
+    /** Para certificate_a1: { pfxBase64, password } — validado no upload */
+    payload: Record<string, unknown>;
+    expiresAt?: string;
+}
+interface Credential {
+    id: string;
+    type: string;
+    status: string;
+    expiresAt: string | null;
+    certificate?: {
+        subject: string;
+        notAfter: string;
+    };
+    createdAt: string;
+}
+interface WebhookEndpoint {
+    id: string;
+    url: string;
+    /** Exibido apenas na criação — guarde para verificar assinaturas */
+    secret?: string;
+    active: boolean;
+}
+type WebhookEventType = 'nfse.authorized' | 'nfse.rejected' | 'nfse.cancelled' | (string & {});
+interface WebhookEvent {
+    id: string;
+    type: WebhookEventType;
+    createdAt: string;
+    data: {
+        documentId: string;
+        organizationId: string;
+        externalId: string;
+        status: NfseStatus;
+        nfseNumber: string | null;
+        accessKey: string | null;
+        rejectionReason: string | null;
+        payload: Record<string, unknown> | null;
+    };
+}
+declare class NfseResource {
+    private readonly http;
+    constructor(http: HttpClient);
+    /**
+     * Solicita a emissão de uma NFS-e. Assíncrono: retorna `pending` e o
+     * resultado final chega via webhook (ou polling com get()).
+     * Idempotente por (organizationId, externalId).
+     */
+    emit(params: EmitNfseParams): Promise<NfseDocument>;
+    get(id: string): Promise<NfseDocument>;
+    list(params?: ListNfseParams): Promise<NfseListResult>;
+    events(id: string): Promise<FiscalEvent[]>;
+    xml(id: string): Promise<XmlArtifact>;
+    /** DANFSe (PDF) — retorna URL pré-assinada com expiração */
+    pdf(id: string): Promise<DanfseResult>;
+    cancel(id: string, reason: string): Promise<{
+        id: string;
+        status: string;
+    }>;
+    /**
+     * Aguarda o documento sair de pending/processing (polling).
+     * Use webhooks em produção; isto é conveniência para scripts e testes.
+     */
+    waitForResult(id: string, opts?: {
+        intervalMs?: number;
+        timeoutMs?: number;
+    }): Promise<NfseDocument>;
+}
+declare class OrganizationsResource {
+    private readonly http;
+    constructor(http: HttpClient);
+    create(params: CreateOrganizationParams): Promise<Organization>;
+    list(): Promise<Organization[]>;
+    get(id: string): Promise<Organization>;
+    update(id: string, params: Partial<CreateOrganizationParams> & {
+        status?: string;
+    }): Promise<Organization>;
+    /** Cadastra credencial fiscal (certificado A1 é validado no upload) */
+    addCredential(organizationId: string, params: CreateCredentialParams): Promise<Credential>;
+}
+declare class WebhookEndpointsResource {
+    private readonly http;
+    constructor(http: HttpClient);
+    /** O `secret` retornado é exibido apenas aqui — guarde-o para verificar assinaturas */
+    create(url: string): Promise<WebhookEndpoint>;
+    list(): Promise<WebhookEndpoint[]>;
+    deactivate(id: string): Promise<{
+        id: string;
+        active: boolean;
+    }>;
+}
+interface VerifyOptions {
+    /** Tolerância do timestamp em segundos (padrão: 300) */
+    toleranceSeconds?: number;
+}
+/**
+ * Verifica a assinatura `x-fiscal-signature: t=<unix>,v1=<hmac>` e retorna o
+ * evento parseado. Lança WebhookVerificationError se inválida ou expirada.
+ *
+ * IMPORTANTE: `rawBody` deve ser o corpo EXATO recebido (Buffer ou string),
+ * antes de qualquer JSON.parse — re-serializar quebra o HMAC.
+ */
+declare function verifyWebhook(rawBody: string | Buffer, signatureHeader: string | undefined, secret: string, options?: VerifyOptions): WebhookEvent;
+interface WebhookHandlerOptions extends VerifyOptions {
+    secret: string;
+    onAuthorized?: (data: WebhookEvent['data'], event: WebhookEvent) => void | Promise<void>;
+    onRejected?: (data: WebhookEvent['data'], event: WebhookEvent) => void | Promise<void>;
+    onCancelled?: (data: WebhookEvent['data'], event: WebhookEvent) => void | Promise<void>;
+    /** Chamado para qualquer evento (além dos handlers específicos) */
+    onEvent?: (event: WebhookEvent) => void | Promise<void>;
+    /** Erros dos seus handlers (padrão: responde 500 para o gateway retentar) */
+    onError?: (error: unknown) => void;
+}
+interface MinimalRequest {
+    headers: Record<string, string | string[] | undefined>;
+    body?: unknown;
+}
+interface MinimalResponse {
+    status(code: number): {
+        send(body?: unknown): unknown;
+        json(body?: unknown): unknown;
+    };
+}
+/**
+ * Handler pronto para Express/Fastify/Nest. A rota PRECISA receber o corpo
+ * cru — em Express use:
+ *
+ *   app.post('/hooks/fiscal',
+ *     express.raw({ type: 'application/json' }),
+ *     createWebhookHandler({ secret, onAuthorized: ... }),
+ *   );
+ */
+declare function createWebhookHandler(options: WebhookHandlerOptions): (req: MinimalRequest, res: MinimalResponse) => Promise<void>;
+declare class FiscalGatewayError extends Error {
+    readonly status: number;
+    readonly body: unknown;
+    constructor(message: string, status: number, body: unknown);
+    /** Erro de validação ou regra de negócio — corrigir o payload, não retentar */
+    get isClientError(): boolean;
+    /** Rate limit — aguarde e retente (o SDK já retenta automaticamente) */
+    get isRateLimited(): boolean;
+}
+declare class WebhookVerificationError extends Error {
+    constructor(message: string);
+}
+interface FiscalGatewayOptions {
+    /** API key da sua account (header x-api-key) */
+    apiKey: string;
+    /** URL base do gateway (padrão: http://localhost:3333) */
+    baseUrl?: string;
+    /** Timeout por requisição em ms (padrão: 30000) */
+    timeoutMs?: number;
+    /** Retentativas automáticas para 429/5xx/rede (padrão: 3) */
+    maxRetries?: number;
+    /** Implementação customizada de fetch (testes) */
+    fetch?: typeof fetch;
+}
+declare class FiscalGateway {
+    readonly nfse: NfseResource;
+    readonly organizations: OrganizationsResource;
+    readonly webhookEndpoints: WebhookEndpointsResource;
+    constructor(options: FiscalGatewayOptions);
+}
+export { type CreateCredentialParams, type CreateOrganizationParams, type Credential, type Customer, type DanfseResult, type EmitNfseParams, type FiscalEnvironment, type FiscalEvent, FiscalGateway, FiscalGatewayError, type FiscalGatewayOptions, type FiscalProvider, type FiscalSettingsInput, type ListNfseParams, type NfseDocument, type NfseListResult, type NfseStatus, type Organization, type ServiceInfo, type TaxRegime, type VerifyOptions, type WebhookEndpoint, type WebhookEvent, type WebhookEventType, type WebhookHandlerOptions, WebhookVerificationError, type XmlArtifact, createWebhookHandler, verifyWebhook };

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,301 @@
+interface HttpClientOptions {
+    baseUrl: string;
+    apiKey: string;
+    /** Timeout por requisição em ms (padrão: 30000) */
+    timeoutMs?: number;
+    /** Máximo de tentativas para 429/5xx/erros de rede (padrão: 3) */
+    maxRetries?: number;
+    fetch?: typeof fetch;
+}
+declare class HttpClient {
+    private readonly options;
+    private readonly fetchFn;
+    constructor(options: HttpClientOptions);
+    request<T>(method: string, path: string, body?: unknown, query?: Record<string, string | number | undefined>): Promise<T>;
+    get<T>(path: string, query?: Record<string, string | number | undefined>): Promise<T>;
+    post<T>(path: string, body?: unknown): Promise<T>;
+    patch<T>(path: string, body?: unknown): Promise<T>;
+    delete<T>(path: string): Promise<T>;
+}
+type NfseStatus = 'draft' | 'pending' | 'processing' | 'authorized' | 'rejected' | 'cancelled' | 'error';
+type TaxRegime = 'simples_nacional' | 'lucro_presumido' | 'lucro_real' | 'mei';
+type FiscalEnvironment = 'production' | 'restricted_production';
+type FiscalProvider = 'mock' | 'nacional';
+interface Customer {
+    name: string;
+    /** 11 dígitos (CPF) ou 14 (CNPJ), somente números */
+    cpfCnpj?: string;
+    email?: string;
+}
+interface ServiceInfo {
+    description: string;
+    amount: number;
+    /** Sobrescreve o código de tributação padrão da organização */
+    serviceCode?: string;
+    /** Competência da prestação (ISO date) */
+    competence?: string;
+}
+interface EmitNfseParams {
+    organizationId: string;
+    /** ID do seu sistema — chave de idempotência: reenviar nunca duplica a nota */
+    externalId: string;
+    customer: Customer;
+    service: ServiceInfo;
+    metadata?: Record<string, unknown>;
+}
+interface NfseDocument {
+    id: string;
+    organizationId: string;
+    externalId: string;
+    status: NfseStatus;
+    amount: string;
+    nfseNumber: string | null;
+    accessKey: string | null;
+    verificationCode: string | null;
+    rejectionReason: string | null;
+    createdAt: string;
+    /** true quando o POST devolveu um documento já existente (replay idempotente) */
+    idempotentReplay?: boolean;
+}
+interface NfseListResult {
+    total: number;
+    limit: number;
+    offset: number;
+    items: NfseDocument[];
+}
+interface ListNfseParams {
+    organizationId?: string;
+    status?: NfseStatus;
+    externalId?: string;
+    limit?: number;
+    offset?: number;
+}
+interface FiscalEvent {
+    id: string;
+    documentId: string;
+    type: string;
+    status: string | null;
+    payload: Record<string, unknown> | null;
+    createdAt: string;
+}
+interface XmlArtifact {
+    type: string;
+    content: string | null;
+    url: string | null;
+    checksum: string;
+    createdAt: string;
+}
+interface DanfseResult {
+    documentId: string;
+    type: 'danfse_pdf';
+    /** URL pré-assinada (expira) */
+    url: string;
+    expiresInSeconds: number;
+}
+interface FiscalSettingsInput {
+    provider?: FiscalProvider;
+    environment?: FiscalEnvironment;
+    serviceCode: string;
+    serviceDescription: string;
+    cnae?: string;
+    issRate: number;
+    issWithheld?: boolean;
+}
+interface CreateOrganizationParams {
+    cnpj: string;
+    legalName: string;
+    tradeName?: string;
+    /** Código IBGE de 7 dígitos */
+    cityCode: string;
+    state: string;
+    municipalRegistration?: string;
+    taxRegime: TaxRegime;
+    fiscalSettings?: FiscalSettingsInput;
+}
+interface Organization {
+    id: string;
+    accountId: string;
+    cnpj: string;
+    legalName: string;
+    tradeName: string | null;
+    cityCode: string;
+    state: string;
+    municipalRegistration: string | null;
+    taxRegime: TaxRegime;
+    status: 'active' | 'inactive' | 'pending_setup';
+    fiscalSettings: (FiscalSettingsInput & {
+        id: string;
+    }) | null;
+    createdAt: string;
+    updatedAt: string;
+}
+interface CreateCredentialParams {
+    type: 'certificate_a1' | 'token' | 'credential';
+    /** Para certificate_a1: { pfxBase64, password } — validado no upload */
+    payload: Record<string, unknown>;
+    expiresAt?: string;
+}
+interface Credential {
+    id: string;
+    type: string;
+    status: string;
+    expiresAt: string | null;
+    certificate?: {
+        subject: string;
+        notAfter: string;
+    };
+    createdAt: string;
+}
+interface WebhookEndpoint {
+    id: string;
+    url: string;
+    /** Exibido apenas na criação — guarde para verificar assinaturas */
+    secret?: string;
+    active: boolean;
+}
+type WebhookEventType = 'nfse.authorized' | 'nfse.rejected' | 'nfse.cancelled' | (string & {});
+interface WebhookEvent {
+    id: string;
+    type: WebhookEventType;
+    createdAt: string;
+    data: {
+        documentId: string;
+        organizationId: string;
+        externalId: string;
+        status: NfseStatus;
+        nfseNumber: string | null;
+        accessKey: string | null;
+        rejectionReason: string | null;
+        payload: Record<string, unknown> | null;
+    };
+}
+declare class NfseResource {
+    private readonly http;
+    constructor(http: HttpClient);
+    /**
+     * Solicita a emissão de uma NFS-e. Assíncrono: retorna `pending` e o
+     * resultado final chega via webhook (ou polling com get()).
+     * Idempotente por (organizationId, externalId).
+     */
+    emit(params: EmitNfseParams): Promise<NfseDocument>;
+    get(id: string): Promise<NfseDocument>;
+    list(params?: ListNfseParams): Promise<NfseListResult>;
+    events(id: string): Promise<FiscalEvent[]>;
+    xml(id: string): Promise<XmlArtifact>;
+    /** DANFSe (PDF) — retorna URL pré-assinada com expiração */
+    pdf(id: string): Promise<DanfseResult>;
+    cancel(id: string, reason: string): Promise<{
+        id: string;
+        status: string;
+    }>;
+    /**
+     * Aguarda o documento sair de pending/processing (polling).
+     * Use webhooks em produção; isto é conveniência para scripts e testes.
+     */
+    waitForResult(id: string, opts?: {
+        intervalMs?: number;
+        timeoutMs?: number;
+    }): Promise<NfseDocument>;
+}
+declare class OrganizationsResource {
+    private readonly http;
+    constructor(http: HttpClient);
+    create(params: CreateOrganizationParams): Promise<Organization>;
+    list(): Promise<Organization[]>;
+    get(id: string): Promise<Organization>;
+    update(id: string, params: Partial<CreateOrganizationParams> & {
+        status?: string;
+    }): Promise<Organization>;
+    /** Cadastra credencial fiscal (certificado A1 é validado no upload) */
+    addCredential(organizationId: string, params: CreateCredentialParams): Promise<Credential>;
+}
+declare class WebhookEndpointsResource {
+    private readonly http;
+    constructor(http: HttpClient);
+    /** O `secret` retornado é exibido apenas aqui — guarde-o para verificar assinaturas */
+    create(url: string): Promise<WebhookEndpoint>;
+    list(): Promise<WebhookEndpoint[]>;
+    deactivate(id: string): Promise<{
+        id: string;
+        active: boolean;
+    }>;
+}
+interface VerifyOptions {
+    /** Tolerância do timestamp em segundos (padrão: 300) */
+    toleranceSeconds?: number;
+}
+/**
+ * Verifica a assinatura `x-fiscal-signature: t=<unix>,v1=<hmac>` e retorna o
+ * evento parseado. Lança WebhookVerificationError se inválida ou expirada.
+ *
+ * IMPORTANTE: `rawBody` deve ser o corpo EXATO recebido (Buffer ou string),
+ * antes de qualquer JSON.parse — re-serializar quebra o HMAC.
+ */
+declare function verifyWebhook(rawBody: string | Buffer, signatureHeader: string | undefined, secret: string, options?: VerifyOptions): WebhookEvent;
+interface WebhookHandlerOptions extends VerifyOptions {
+    secret: string;
+    onAuthorized?: (data: WebhookEvent['data'], event: WebhookEvent) => void | Promise<void>;
+    onRejected?: (data: WebhookEvent['data'], event: WebhookEvent) => void | Promise<void>;
+    onCancelled?: (data: WebhookEvent['data'], event: WebhookEvent) => void | Promise<void>;
+    /** Chamado para qualquer evento (além dos handlers específicos) */
+    onEvent?: (event: WebhookEvent) => void | Promise<void>;
+    /** Erros dos seus handlers (padrão: responde 500 para o gateway retentar) */
+    onError?: (error: unknown) => void;
+}
+interface MinimalRequest {
+    headers: Record<string, string | string[] | undefined>;
+    body?: unknown;
+}
+interface MinimalResponse {
+    status(code: number): {
+        send(body?: unknown): unknown;
+        json(body?: unknown): unknown;
+    };
+}
+/**
+ * Handler pronto para Express/Fastify/Nest. A rota PRECISA receber o corpo
+ * cru — em Express use:
+ *
+ *   app.post('/hooks/fiscal',
+ *     express.raw({ type: 'application/json' }),
+ *     createWebhookHandler({ secret, onAuthorized: ... }),
+ *   );
+ */
+declare function createWebhookHandler(options: WebhookHandlerOptions): (req: MinimalRequest, res: MinimalResponse) => Promise<void>;
+declare class FiscalGatewayError extends Error {
+    readonly status: number;
+    readonly body: unknown;
+    constructor(message: string, status: number, body: unknown);
+    /** Erro de validação ou regra de negócio — corrigir o payload, não retentar */
+    get isClientError(): boolean;
+    /** Rate limit — aguarde e retente (o SDK já retenta automaticamente) */
+    get isRateLimited(): boolean;
+}
+declare class WebhookVerificationError extends Error {
+    constructor(message: string);
+}
+interface FiscalGatewayOptions {
+    /** API key da sua account (header x-api-key) */
+    apiKey: string;
+    /** URL base do gateway (padrão: http://localhost:3333) */
+    baseUrl?: string;
+    /** Timeout por requisição em ms (padrão: 30000) */
+    timeoutMs?: number;
+    /** Retentativas automáticas para 429/5xx/rede (padrão: 3) */
+    maxRetries?: number;
+    /** Implementação customizada de fetch (testes) */
+    fetch?: typeof fetch;
+}
+declare class FiscalGateway {
+    readonly nfse: NfseResource;
+    readonly organizations: OrganizationsResource;
+    readonly webhookEndpoints: WebhookEndpointsResource;
+    constructor(options: FiscalGatewayOptions);
+}
+export { type CreateCredentialParams, type CreateOrganizationParams, type Credential, type Customer, type DanfseResult, type EmitNfseParams, type FiscalEnvironment, type FiscalEvent, FiscalGateway, FiscalGatewayError, type FiscalGatewayOptions, type FiscalProvider, type FiscalSettingsInput, type ListNfseParams, type NfseDocument, type NfseListResult, type NfseStatus, type Organization, type ServiceInfo, type TaxRegime, type VerifyOptions, type WebhookEndpoint, type WebhookEvent, type WebhookEventType, type WebhookHandlerOptions, WebhookVerificationError, type XmlArtifact, createWebhookHandler, verifyWebhook };

package/dist/index.js ADDED Viewed

@@ -0,0 +1,284 @@
+// src/errors.ts
+var FiscalGatewayError = class extends Error {
+  status;
+  body;
+  constructor(message, status, body) {
+    super(message);
+    this.name = "FiscalGatewayError";
+    this.status = status;
+    this.body = body;
+  }
+  /** Erro de validação ou regra de negócio — corrigir o payload, não retentar */
+  get isClientError() {
+    return this.status >= 400 && this.status < 500;
+  }
+  /** Rate limit — aguarde e retente (o SDK já retenta automaticamente) */
+  get isRateLimited() {
+    return this.status === 429;
+  }
+};
+var WebhookVerificationError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "WebhookVerificationError";
+  }
+};
+// src/http.ts
+var RETRYABLE_STATUS = /* @__PURE__ */ new Set([429, 500, 502, 503, 504]);
+var HttpClient = class {
+  constructor(options) {
+    this.options = options;
+    this.fetchFn = options.fetch ?? globalThis.fetch;
+    if (!this.fetchFn) {
+      throw new Error("fetch global n\xE3o dispon\xEDvel \u2014 Node 18+ \xE9 obrigat\xF3rio");
+    }
+  }
+  options;
+  fetchFn;
+  async request(method, path, body, query) {
+    const url = new URL(path, this.options.baseUrl);
+    for (const [key, value] of Object.entries(query ?? {})) {
+      if (value !== void 0) url.searchParams.set(key, String(value));
+    }
+    const maxRetries = this.options.maxRetries ?? 3;
+    let lastError;
+    for (let attempt = 0; attempt <= maxRetries; attempt++) {
+      if (attempt > 0) {
+        const backoff = Math.min(1e3 * 2 ** (attempt - 1), 8e3);
+        await sleep(backoff + Math.random() * 250);
+      }
+      try {
+        const response = await this.fetchFn(url, {
+          method,
+          headers: {
+            "x-api-key": this.options.apiKey,
+            ...body !== void 0 && { "content-type": "application/json" }
+          },
+          body: body !== void 0 ? JSON.stringify(body) : void 0,
+          signal: AbortSignal.timeout(this.options.timeoutMs ?? 3e4)
+        });
+        const text = await response.text();
+        const parsed = text ? safeJsonParse(text) : null;
+        if (response.ok) return parsed;
+        if (RETRYABLE_STATUS.has(response.status) && attempt < maxRetries) {
+          lastError = new FiscalGatewayError(
+            `HTTP ${response.status} em ${method} ${path}`,
+            response.status,
+            parsed
+          );
+          continue;
+        }
+        const message = parsed?.message ?? `HTTP ${response.status}`;
+        throw new FiscalGatewayError(
+          Array.isArray(message) ? message.join("; ") : message,
+          response.status,
+          parsed
+        );
+      } catch (err) {
+        if (err instanceof FiscalGatewayError) throw err;
+        lastError = err;
+        if (attempt === maxRetries) break;
+      }
+    }
+    throw lastError;
+  }
+  get(path, query) {
+    return this.request("GET", path, void 0, query);
+  }
+  post(path, body) {
+    return this.request("POST", path, body);
+  }
+  patch(path, body) {
+    return this.request("PATCH", path, body);
+  }
+  delete(path) {
+    return this.request("DELETE", path);
+  }
+};
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function safeJsonParse(text) {
+  try {
+    return JSON.parse(text);
+  } catch {
+    return { raw: text };
+  }
+}
+// src/resources.ts
+var NfseResource = class {
+  constructor(http) {
+    this.http = http;
+  }
+  http;
+  /**
+   * Solicita a emissão de uma NFS-e. Assíncrono: retorna `pending` e o
+   * resultado final chega via webhook (ou polling com get()).
+   * Idempotente por (organizationId, externalId).
+   */
+  emit(params) {
+    return this.http.post("/v1/nfse", params);
+  }
+  get(id) {
+    return this.http.get(`/v1/nfse/${id}`);
+  }
+  list(params = {}) {
+    return this.http.get("/v1/nfse", params);
+  }
+  events(id) {
+    return this.http.get(`/v1/nfse/${id}/events`);
+  }
+  xml(id) {
+    return this.http.get(`/v1/nfse/${id}/xml`);
+  }
+  /** DANFSe (PDF) — retorna URL pré-assinada com expiração */
+  pdf(id) {
+    return this.http.get(`/v1/nfse/${id}/pdf`);
+  }
+  cancel(id, reason) {
+    return this.http.post(`/v1/nfse/${id}/cancel`, { reason });
+  }
+  /**
+   * Aguarda o documento sair de pending/processing (polling).
+   * Use webhooks em produção; isto é conveniência para scripts e testes.
+   */
+  async waitForResult(id, opts = {}) {
+    const deadline = Date.now() + (opts.timeoutMs ?? 6e4);
+    for (; ; ) {
+      const doc = await this.get(id);
+      if (doc.status !== "pending" && doc.status !== "processing") return doc;
+      if (Date.now() > deadline) {
+        throw new Error(`Timeout aguardando resultado da NFS-e ${id} (status: ${doc.status})`);
+      }
+      await new Promise((resolve) => setTimeout(resolve, opts.intervalMs ?? 1500));
+    }
+  }
+};
+var OrganizationsResource = class {
+  constructor(http) {
+    this.http = http;
+  }
+  http;
+  create(params) {
+    return this.http.post("/v1/organizations", params);
+  }
+  list() {
+    return this.http.get("/v1/organizations");
+  }
+  get(id) {
+    return this.http.get(`/v1/organizations/${id}`);
+  }
+  update(id, params) {
+    return this.http.patch(`/v1/organizations/${id}`, params);
+  }
+  /** Cadastra credencial fiscal (certificado A1 é validado no upload) */
+  addCredential(organizationId, params) {
+    return this.http.post(`/v1/organizations/${organizationId}/credentials`, params);
+  }
+};
+var WebhookEndpointsResource = class {
+  constructor(http) {
+    this.http = http;
+  }
+  http;
+  /** O `secret` retornado é exibido apenas aqui — guarde-o para verificar assinaturas */
+  create(url) {
+    return this.http.post("/v1/webhook-endpoints", { url });
+  }
+  list() {
+    return this.http.get("/v1/webhook-endpoints");
+  }
+  deactivate(id) {
+    return this.http.delete(`/v1/webhook-endpoints/${id}`);
+  }
+};
+// src/webhooks.ts
+import { createHmac, timingSafeEqual } from "crypto";
+var DEFAULT_TOLERANCE_SECONDS = 300;
+function verifyWebhook(rawBody, signatureHeader, secret, options = {}) {
+  if (!signatureHeader) {
+    throw new WebhookVerificationError("Header x-fiscal-signature ausente");
+  }
+  const parts = Object.fromEntries(
+    signatureHeader.split(",").map((part) => part.split("=", 2))
+  );
+  const timestamp = Number(parts.t);
+  const signature = parts.v1;
+  if (!timestamp || !signature) {
+    throw new WebhookVerificationError("Formato de assinatura inv\xE1lido (esperado t=...,v1=...)");
+  }
+  const tolerance = options.toleranceSeconds ?? DEFAULT_TOLERANCE_SECONDS;
+  const ageSeconds = Math.abs(Date.now() / 1e3 - timestamp);
+  if (ageSeconds > tolerance) {
+    throw new WebhookVerificationError(`Timestamp fora da toler\xE2ncia (${Math.round(ageSeconds)}s)`);
+  }
+  const body = typeof rawBody === "string" ? rawBody : rawBody.toString("utf8");
+  const expected = createHmac("sha256", secret).update(`${timestamp}.${body}`).digest("hex");
+  const a = Buffer.from(signature, "hex");
+  const b = Buffer.from(expected, "hex");
+  if (a.length !== b.length || !timingSafeEqual(a, b)) {
+    throw new WebhookVerificationError("Assinatura HMAC inv\xE1lida");
+  }
+  return JSON.parse(body);
+}
+function createWebhookHandler(options) {
+  return async (req, res) => {
+    const header = req.headers["x-fiscal-signature"];
+    const rawBody = Buffer.isBuffer(req.body) || typeof req.body === "string" ? req.body : JSON.stringify(req.body);
+    let event;
+    try {
+      event = verifyWebhook(rawBody, Array.isArray(header) ? header[0] : header, options.secret, options);
+    } catch (err) {
+      res.status(400).send({ error: err.message });
+      return;
+    }
+    try {
+      switch (event.type) {
+        case "nfse.authorized":
+          await options.onAuthorized?.(event.data, event);
+          break;
+        case "nfse.rejected":
+          await options.onRejected?.(event.data, event);
+          break;
+        case "nfse.cancelled":
+          await options.onCancelled?.(event.data, event);
+          break;
+      }
+      await options.onEvent?.(event);
+      res.status(200).send({ received: true });
+    } catch (err) {
+      options.onError?.(err);
+      res.status(500).send({ error: "handler failed" });
+    }
+  };
+}
+// src/index.ts
+var FiscalGateway = class {
+  nfse;
+  organizations;
+  webhookEndpoints;
+  constructor(options) {
+    if (!options.apiKey) throw new Error("apiKey \xE9 obrigat\xF3ria");
+    const http = new HttpClient({
+      baseUrl: options.baseUrl ?? "http://localhost:3333",
+      apiKey: options.apiKey,
+      timeoutMs: options.timeoutMs,
+      maxRetries: options.maxRetries,
+      fetch: options.fetch
+    });
+    this.nfse = new NfseResource(http);
+    this.organizations = new OrganizationsResource(http);
+    this.webhookEndpoints = new WebhookEndpointsResource(http);
+  }
+};
+export {
+  FiscalGateway,
+  FiscalGatewayError,
+  WebhookVerificationError,
+  createWebhookHandler,
+  verifyWebhook
+};

package/package.json ADDED Viewed

@@ -0,0 +1,40 @@
+{
+  "name": "@creativeproject/fiscal-gateway",
+  "version": "0.1.0",
+  "description": "SDK Node.js/TypeScript do Fiscal Gateway — emissão de NFS-e Padrão Nacional",
+  "license": "UNLICENSED",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/CreativeProjectBR/cp-fiscal-gateway.git",
+    "directory": "packages/sdk"
+  },
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": ["dist", "README.md"],
+  "engines": {
+    "node": ">=18"
+  },
+  "scripts": {
+    "build": "tsup src/index.ts --format esm,cjs --dts --clean",
+    "test": "vitest run",
+    "prepublishOnly": "npm run test && npm run build"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "keywords": ["nfse", "nota-fiscal", "fiscal", "nfse-nacional", "sdk"],
+  "devDependencies": {
+    "tsup": "^8.0.0",
+    "typescript": "^5.6.0",
+    "vitest": "^3.0.0"
+  }
+}