@easyflow/javascript-sdk 2.1.7

package/libs/fingerprint.mjs

@@ -0,0 +1,270 @@
+/**
+ * Browser fingerprinting utilities for Easyflow SDK
+ *
+ * This module provides functions to generate unique browser fingerprints
+ * for security and fraud detection purposes.
+ */
+
+/**
+ * Generates a unique browser fingerprint based on hardware and software characteristics
+ *
+ * @param {Object} [options={}] - Fingerprinting options
+ * @param {boolean} [options.hardwareOnly=false] - Only include hardware-based characteristics
+ * @param {boolean} [options.enableWebgl=false] - Include WebGL fingerprinting
+ * @param {boolean} [options.debug=false] - Enable debug logging
+ * @returns {number} Unique fingerprint hash
+ *
+ * @example
+ * ```javascript
+ * const fingerprint = getBrowserFingerprint({ hardwareOnly: true });
+ * console.log('Browser fingerprint:', fingerprint);
+ * ```
+ */
+const getBrowserFingerprint = ({
+        hardwareOnly: e = !1,
+        enableWebgl: t = !1,
+        debug: r = !1,
+    } = {}) => {
+        const {
+            cookieEnabled: a,
+            deviceMemory: o,
+            doNotTrack: n,
+            hardwareConcurrency: i,
+            language: c,
+            languages: l,
+            maxTouchPoints: h,
+            platform: g,
+            userAgent: d,
+            vendor: s,
+        } = window.navigator
+        let {
+            width: u,
+            height: m,
+            colorDepth: f,
+            pixelDepth: A,
+        } = window.screen
+        ;(u = 1e3), (m = 1e3)
+        const v = new Date().getTimezoneOffset(),
+            S = Intl.DateTimeFormat().resolvedOptions().timeZone,
+            p = 'ontouchstart' in window,
+            x = window.devicePixelRatio,
+            E = null,
+            w = t ? getWebglID(r) : void 0,
+            R = t ? getWebglInfo(r) : void 0,
+            b = e
+                ? JSON.stringify({
+                      canvas: E,
+                      colorDepth: f,
+                      deviceMemory: o,
+                      devicePixelRatio: x,
+                      hardwareConcurrency: i,
+                      height: m,
+                      maxTouchPoints: h,
+                      pixelDepth: A,
+                      platform: g,
+                      touchSupport: p,
+                      webgl: w,
+                      webglInfo: R,
+                      width: u,
+                  })
+                : JSON.stringify({
+                      canvas: E,
+                      colorDepth: f,
+                      cookieEnabled: a,
+                      deviceMemory: o,
+                      devicePixelRatio: x,
+                      doNotTrack: n,
+                      hardwareConcurrency: i,
+                      height: m,
+                      language: c,
+                      languages: l,
+                      maxTouchPoints: h,
+                      pixelDepth: A,
+                      platform: g,
+                      timezone: S,
+                      timezoneOffset: v,
+                      touchSupport: p,
+                      userAgent: d,
+                      vendor: s,
+                      webgl: w,
+                      webglInfo: R,
+                      width: u,
+                  }),
+            y = JSON.stringify(b, null, 4)
+        return r && console.log('fingerprint data', y), murmurhash3_32_gc(y)
+    },
+    getCanvasID = (e) => {
+        try {
+            const t = document.createElement('canvas'),
+                r = t.getContext('2d'),
+                a =
+                    "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ\`~1!2@3#4$5%6^7&8*9(0)-_=+[{]}|;:',<.>/?"
+            ;(r.textBaseline = 'top'),
+                (r.font = "14px 'Arial'"),
+                (r.textBaseline = 'alphabetic'),
+                (r.fillStyle = '#f60'),
+                r.fillRect(125, 1, 62, 20),
+                (r.fillStyle = '#069'),
+                r.fillText(a, 2, 15),
+                (r.fillStyle = 'rgba(102, 204, 0, 0.7)'),
+                r.fillText(a, 4, 17)
+            const o = t.toDataURL()
+            return (
+                e
+                    ? document.body.appendChild(t)
+                    : r.clearRect(0, 0, t.width, t.height),
+                murmurhash3_32_gc(o)
+            )
+        } catch {
+            return null
+        }
+    },
+    getWebglID = (e) => {
+        try {
+            const t = document.createElement('canvas'),
+                r = t.getContext('webgl')
+            ;(t.width = 256), (t.height = 128)
+            const a =
+                    'attribute vec2 attrVertex;varying vec2 varyinTexCoordinate;uniform vec2 uniformOffset;void main(){varyinTexCoordinate=attrVertex+uniformOffset;gl_Position=vec4(attrVertex,0,1);}',
+                o =
+                    'precision mediump float;varying vec2 varyinTexCoordinate;void main() {gl_FragColor=vec4(varyinTexCoordinate,0,1);}',
+                n = r.createBuffer()
+            r.bindBuffer(r.ARRAY_BUFFER, n)
+            const i = new Float32Array([
+                -0.2, -0.9, 0, 0.4, -0.26, 0, 0, 0.7321, 0,
+            ])
+            r.bufferData(r.ARRAY_BUFFER, i, r.STATIC_DRAW),
+                (n.itemSize = 3),
+                (n.numItems = 3)
+            const c = r.createProgram(),
+                l = r.createShader(r.VERTEX_SHADER)
+            r.shaderSource(l, a), r.compileShader(l)
+            const h = r.createShader(r.FRAGMENT_SHADER)
+            r.shaderSource(h, o),
+                r.compileShader(h),
+                r.attachShader(c, l),
+                r.attachShader(c, h),
+                r.linkProgram(c),
+                r.useProgram(c),
+                (c.vertexPosAttrib = r.getAttribLocation(c, 'attrVertex')),
+                (c.offsetUniform = r.getUniformLocation(c, 'uniformOffset')),
+                r.enableVertexAttribArray(c.vertexPosArray),
+                r.vertexAttribPointer(
+                    c.vertexPosAttrib,
+                    n.itemSize,
+                    r.FLOAT,
+                    !1,
+                    0,
+                    0
+                ),
+                r.uniform2f(c.offsetUniform, 1, 1),
+                r.drawArrays(r.TRIANGLE_STRIP, 0, n.numItems)
+            const g = new Uint8Array(t.width * t.height * 4)
+            r.readPixels(0, 0, t.width, t.height, r.RGBA, r.UNSIGNED_BYTE, g)
+            const d = JSON.stringify(g).replace(/,?"[0-9]+":/g, '')
+            return (
+                e
+                    ? document.body.appendChild(t)
+                    : r.clear(
+                          r.COLOR_BUFFER_BIT |
+                              r.DEPTH_BUFFER_BIT |
+                              r.STENCIL_BUFFER_BIT
+                      ),
+                murmurhash3_32_gc(d)
+            )
+        } catch {
+            return null
+        }
+    },
+    getWebglInfo = () => {
+        try {
+            const e = document.createElement('canvas').getContext('webgl')
+            return {
+                VERSION: e.getParameter(e.VERSION),
+                SHADING_LANGUAGE_VERSION: e.getParameter(
+                    e.SHADING_LANGUAGE_VERSION
+                ),
+                VENDOR: e.getParameter(e.VENDOR),
+                SUPORTED_EXTENSIONS: e.getSupportedExtensions(),
+            }
+        } catch {
+            return null
+        }
+    },
+    murmurhash3_32_gc = (e) => {
+        const t = 3 & e.length,
+            r = e.length - t,
+            a = 3432918353,
+            o = 461845907
+        let n, i, c
+        for (let t = 0; t < r; t++)
+            (c =
+                (255 & e.charCodeAt(t)) |
+                ((255 & e.charCodeAt(++t)) << 8) |
+                ((255 & e.charCodeAt(++t)) << 16) |
+                ((255 & e.charCodeAt(++t)) << 24)),
+                ++t,
+                (c =
+                    ((65535 & c) * a + ((((c >>> 16) * a) & 65535) << 16)) &
+                    4294967295),
+                (c = (c << 15) | (c >>> 17)),
+                (c =
+                    ((65535 & c) * o + ((((c >>> 16) * o) & 65535) << 16)) &
+                    4294967295),
+                (n ^= c),
+                (n = (n << 13) | (n >>> 19)),
+                (i =
+                    (5 * (65535 & n) + (((5 * (n >>> 16)) & 65535) << 16)) &
+                    4294967295),
+                (n =
+                    27492 +
+                    (65535 & i) +
+                    (((58964 + (i >>> 16)) & 65535) << 16))
+        const l = r - 1
+        switch (((c = 0), t)) {
+            case 3:
+                c ^= (255 & e.charCodeAt(l + 2)) << 16
+                break
+            case 2:
+                c ^= (255 & e.charCodeAt(l + 1)) << 8
+                break
+            case 1:
+                c ^= 255 & e.charCodeAt(l)
+        }
+        return (
+            (c =
+                ((65535 & c) * a + ((((c >>> 16) * a) & 65535) << 16)) &
+                4294967295),
+            (c = (c << 15) | (c >>> 17)),
+            (c =
+                ((65535 & c) * o + ((((c >>> 16) * o) & 65535) << 16)) &
+                4294967295),
+            (n ^= c),
+            (n ^= e.length),
+            (n ^= n >>> 16),
+            (n =
+                (2246822507 * (65535 & n) +
+                    (((2246822507 * (n >>> 16)) & 65535) << 16)) &
+                4294967295),
+            (n ^= n >>> 13),
+            (n =
+                (3266489909 * (65535 & n) +
+                    (((3266489909 * (n >>> 16)) & 65535) << 16)) &
+                4294967295),
+            (n ^= n >>> 16),
+            n >>> 0
+        )
+    }
+
+const makeFingerprint = () => {
+    try {
+        const fingerprint = getBrowserFingerprint()
+        console.log('Fingerprint:', fingerprint)
+        return fingerprint
+    } catch (e) {
+        console.log('Error generating fingerprint', e)
+        return null
+    }
+}
+
+export { makeFingerprint }

package/libs/http.mjs

@@ -0,0 +1,163 @@
+import { buildApiUrl, getBrowserFingerprint } from './utils.mjs'
+import { DEFAULT_CONFIG, HTTP_REQUEST_METHODS, TARGETS } from './constants.mjs'
+import { throwsError } from './exception-handler.mjs'
+import { SecureFetch } from './security.mjs'
+import { NetworkError, SecurityError, ValidationError } from './errors.mjs'
+
+/**
+ * Checks if an error is a known SDK error type
+ *
+ * @param {Error} error - Error to check
+ * @returns {boolean} True if error is a known SDK error type
+ *
+ * @private
+ */
+function isKnownError(error) {
+    return (
+        error instanceof SecurityError ||
+        error instanceof ValidationError ||
+        error instanceof NetworkError
+    )
+}
+
+/**
+ * Ensures fingerprint header is present, generating one if missing
+ *
+ * @param {Object} headers - Request headers
+ * @returns {Object} Headers with fingerprint included
+ *
+ * @private
+ */
+function ensureFingerprintHeader(headers = {}) {
+    if (!headers['x-fingerprint-id']) {
+        try {
+            const fingerprint = getBrowserFingerprint({ hardwareOnly: true })
+            if (fingerprint) {
+                headers['x-fingerprint-id'] = fingerprint
+            }
+        } catch (error) {
+            console.warn('Failed to generate fingerprint:', error.message)
+        }
+    }
+    return headers
+}
+
+/**
+ * Makes a secure HTTP request and returns JSON response
+ *
+ * @param {string} url - URL to request
+ * @param {Object} options - Request options
+ * @returns {Promise<Object>} Promise that resolves to JSON response
+ *
+ * @private
+ * @throws {NetworkError} When request fails
+ */
+async function request(url, options) {
+    const response = await SecureFetch.request(url, options)
+    return await response.json()
+}
+
+/**
+ * Makes a secure API call to the Easyflow backend
+ *
+ * This function handles different types of API calls (GET vs POST) based on the target.
+ * GET requests (like getOffer and getOrder) use query parameters, while POST requests
+ * send data in the request body.
+ *
+ * @param {string} target - API target from TARGETS constants
+ * @param {Object} bodyOrQueryParams - Data to send (body for POST, query params for GET)
+ * @param {Object} [headers={}] - Additional HTTP headers
+ * @returns {Promise<Object>} Promise that resolves to API response
+ *
+ * @throws {NetworkError} When network request fails
+ * @throws {SecurityError} When security validation fails
+ * @throws {ValidationError} When input validation fails
+ *
+ * @example
+ * ```javascript
+ * // GET request
+ * const offer = await callSecureApi(TARGETS.GET_OFFER, { offerId: '123' });
+ *
+ * // POST request
+ * const orderId = await callSecureApi(TARGETS.PLACE_ORDER, {
+ *   businessId: 'business-123',
+ *   payments: [...]
+ * });
+ * ```
+ */
+async function callSecureApi(target, bodyOrQueryParams, headers = {}) {
+    try {
+        const secureHeaders = ensureFingerprintHeader(headers)
+
+        const requestOptions = {
+            method: HTTP_REQUEST_METHODS.POST,
+            headers: secureHeaders,
+        }
+        if (target === TARGETS.GET_OFFER) {
+            const { offerId } = bodyOrQueryParams
+            const url = buildApiUrl(DEFAULT_CONFIG.baseUrl, target, { offerId })
+            return await request(url, requestOptions)
+        } else if (target === TARGETS.GET_ORDER) {
+            const { orderId } = bodyOrQueryParams
+            const url = buildApiUrl(DEFAULT_CONFIG.baseUrl, target, { orderId })
+            return await request(url, requestOptions)
+        } else if (target === TARGETS.ADD_CREDIT_CARD) {
+            const { customerId, ...bodyData } = bodyOrQueryParams
+            const url = buildApiUrl(DEFAULT_CONFIG.baseUrl, target, {
+                customerId,
+            })
+            return await request(url, {
+                ...requestOptions,
+                body: JSON.stringify(bodyData),
+            })
+        } else if (target === TARGETS.REMOVE_CREDIT_CARD) {
+            const { customerId, creditCardId, ...bodyData } = bodyOrQueryParams
+            const url = buildApiUrl(DEFAULT_CONFIG.baseUrl, target, {
+                customerId,
+                creditCardId,
+            })
+            return await request(url, {
+                ...requestOptions,
+                body: JSON.stringify(bodyData),
+            })
+        } else if (target === TARGETS.GET_CREDIT_CARD) {
+            const { customerId, creditCardId, ...bodyData } = bodyOrQueryParams
+            const url = buildApiUrl(DEFAULT_CONFIG.baseUrl, target, {
+                customerId,
+                creditCardId,
+            })
+            return await request(url, {
+                ...requestOptions,
+                body: JSON.stringify(bodyData),
+            })
+        } else if (target === TARGETS.GET_CUSTOMER) {
+            const { customerId, ...bodyData } = bodyOrQueryParams
+            const url = buildApiUrl(DEFAULT_CONFIG.baseUrl, target, {
+                customerId,
+            })
+            return await request(url, {
+                ...requestOptions,
+                body: JSON.stringify(bodyData),
+            })
+        } else if (target === TARGETS.UPDATE_CUSTOMER) {
+            const { customerId, ...bodyData } = bodyOrQueryParams
+            const url = buildApiUrl(DEFAULT_CONFIG.baseUrl, target, {
+                customerId,
+            })
+            return await request(url, {
+                ...requestOptions,
+                body: JSON.stringify(bodyData),
+            })
+        }
+        const url = buildApiUrl(DEFAULT_CONFIG.baseUrl, target)
+        return await request(url, {
+            ...requestOptions,
+            body: JSON.stringify(bodyOrQueryParams),
+        })
+    } catch (error) {
+        if (isKnownError(error)) throwsError(error)
+        throwsError(new NetworkError(`Network error: ${error.message}`))
+    }
+}
+
+export { callSecureApi }