@easypayment/medusa-payment-paypal 0.9.17 → 0.9.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.medusa/server/src/admin/index.js +326 -130
- package/.medusa/server/src/admin/index.mjs +326 -130
- package/.medusa/server/src/admin/routes/settings/paypal/connection/page.d.ts +4 -1
- package/.medusa/server/src/admin/routes/settings/paypal/connection/page.d.ts.map +1 -1
- package/.medusa/server/src/admin/routes/settings/paypal/connection/page.js +434 -113
- package/.medusa/server/src/admin/routes/settings/paypal/connection/page.js.map +1 -1
- package/.medusa/server/src/api/admin/paypal/onboarding-link/route.d.ts.map +1 -1
- package/.medusa/server/src/api/admin/paypal/onboarding-link/route.js +4 -0
- package/.medusa/server/src/api/admin/paypal/onboarding-link/route.js.map +1 -1
- package/.medusa/server/src/api/middlewares.d.ts.map +1 -1
- package/.medusa/server/src/api/middlewares.js +9 -0
- package/.medusa/server/src/api/middlewares.js.map +1 -1
- package/.medusa/server/src/api/store/paypal/webhook/route.d.ts.map +1 -1
- package/.medusa/server/src/api/store/paypal/webhook/route.js +13 -8
- package/.medusa/server/src/api/store/paypal/webhook/route.js.map +1 -1
- package/.medusa/server/src/modules/paypal/payment-provider/service.d.ts.map +1 -1
- package/.medusa/server/src/modules/paypal/payment-provider/service.js +54 -31
- package/.medusa/server/src/modules/paypal/payment-provider/service.js.map +1 -1
- package/.medusa/server/src/modules/paypal/payment-provider/status-utils.d.ts +32 -0
- package/.medusa/server/src/modules/paypal/payment-provider/status-utils.d.ts.map +1 -0
- package/.medusa/server/src/modules/paypal/payment-provider/status-utils.js +65 -0
- package/.medusa/server/src/modules/paypal/payment-provider/status-utils.js.map +1 -0
- package/.medusa/server/src/modules/paypal/service.d.ts +13 -1
- package/.medusa/server/src/modules/paypal/service.d.ts.map +1 -1
- package/.medusa/server/src/modules/paypal/service.js +19 -4
- package/.medusa/server/src/modules/paypal/service.js.map +1 -1
- package/.medusa/server/src/modules/paypal/utils/secret-crypto.d.ts +2 -1
- package/.medusa/server/src/modules/paypal/utils/secret-crypto.d.ts.map +1 -1
- package/.medusa/server/src/modules/paypal/utils/secret-crypto.js +82 -26
- package/.medusa/server/src/modules/paypal/utils/secret-crypto.js.map +1 -1
- package/.medusa/server/src/modules/paypal/utils/webhook-verify.d.ts +28 -0
- package/.medusa/server/src/modules/paypal/utils/webhook-verify.d.ts.map +1 -0
- package/.medusa/server/src/modules/paypal/utils/webhook-verify.js +58 -0
- package/.medusa/server/src/modules/paypal/utils/webhook-verify.js.map +1 -0
- package/package.json +1 -1
- package/src/admin/routes/settings/paypal/connection/page.tsx +471 -127
- package/src/api/admin/paypal/onboarding-link/route.ts +6 -0
- package/src/api/middlewares.ts +9 -0
- package/src/api/store/paypal/webhook/route.ts +22 -8
- package/src/modules/paypal/payment-provider/service.ts +73 -29
- package/src/modules/paypal/payment-provider/status-utils.ts +59 -0
- package/src/modules/paypal/service.ts +24 -5
- package/src/modules/paypal/utils/secret-crypto.ts +90 -27
- package/src/modules/paypal/utils/webhook-verify.ts +61 -0
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Helpers for calling PayPal's `verify-webhook-signature` API correctly.
|
|
3
|
+
*
|
|
4
|
+
* PayPal computes the expected signature over the EXACT bytes it transmitted.
|
|
5
|
+
* Re-serializing the parsed body (`JSON.stringify(req.body)`) can change those
|
|
6
|
+
* bytes — key ordering, non-ASCII escaping (`José` vs `José`), number and
|
|
7
|
+
* whitespace formatting — which makes verification intermittently return
|
|
8
|
+
* FAILURE for legitimate webhooks. When the original raw body is available we
|
|
9
|
+
* inject it verbatim as `webhook_event`; otherwise we fall back to serializing
|
|
10
|
+
* the parsed body so behavior never regresses.
|
|
11
|
+
*/
|
|
12
|
+
/** Normalize Medusa's `req.rawBody` (a Buffer when `preserveRawBody` is set) to a string. */
|
|
13
|
+
export declare function rawBodyToString(rawBody: unknown): string | null;
|
|
14
|
+
/**
|
|
15
|
+
* Compose the JSON request body for `verify-webhook-signature`.
|
|
16
|
+
*
|
|
17
|
+
* `fields` are the transmission headers + webhook_id; `webhookEventJson` is the
|
|
18
|
+
* raw webhook body verbatim (preferred) or a serialized fallback. Undefined /
|
|
19
|
+
* null header values are omitted. The webhook event is concatenated as raw JSON
|
|
20
|
+
* (not re-encoded) so the bytes PayPal hashes match what it signed.
|
|
21
|
+
*/
|
|
22
|
+
export declare function composeVerifyRequestBody(fields: Record<string, string | undefined | null>, webhookEventJson: string): string;
|
|
23
|
+
/**
|
|
24
|
+
* Pick the bytes to use for `webhook_event`: the raw body when present and
|
|
25
|
+
* non-blank, otherwise a JSON serialization of the parsed body.
|
|
26
|
+
*/
|
|
27
|
+
export declare function resolveWebhookEventJson(rawBody: string | null | undefined, parsedBody: unknown): string;
|
|
28
|
+
//# sourceMappingURL=webhook-verify.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"webhook-verify.d.ts","sourceRoot":"","sources":["../../../../../../src/modules/paypal/utils/webhook-verify.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,6FAA6F;AAC7F,wBAAgB,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAc/D;AAED;;;;;;;GAOG;AACH,wBAAgB,wBAAwB,CACtC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,CAAC,EACjD,gBAAgB,EAAE,MAAM,GACvB,MAAM,CAMR;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EAClC,UAAU,EAAE,OAAO,GAClB,MAAM,CAKR"}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Helpers for calling PayPal's `verify-webhook-signature` API correctly.
|
|
4
|
+
*
|
|
5
|
+
* PayPal computes the expected signature over the EXACT bytes it transmitted.
|
|
6
|
+
* Re-serializing the parsed body (`JSON.stringify(req.body)`) can change those
|
|
7
|
+
* bytes — key ordering, non-ASCII escaping (`José` vs `José`), number and
|
|
8
|
+
* whitespace formatting — which makes verification intermittently return
|
|
9
|
+
* FAILURE for legitimate webhooks. When the original raw body is available we
|
|
10
|
+
* inject it verbatim as `webhook_event`; otherwise we fall back to serializing
|
|
11
|
+
* the parsed body so behavior never regresses.
|
|
12
|
+
*/
|
|
13
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
14
|
+
exports.rawBodyToString = rawBodyToString;
|
|
15
|
+
exports.composeVerifyRequestBody = composeVerifyRequestBody;
|
|
16
|
+
exports.resolveWebhookEventJson = resolveWebhookEventJson;
|
|
17
|
+
/** Normalize Medusa's `req.rawBody` (a Buffer when `preserveRawBody` is set) to a string. */
|
|
18
|
+
function rawBodyToString(rawBody) {
|
|
19
|
+
if (rawBody == null) {
|
|
20
|
+
return null;
|
|
21
|
+
}
|
|
22
|
+
if (typeof rawBody === "string") {
|
|
23
|
+
return rawBody.length > 0 ? rawBody : null;
|
|
24
|
+
}
|
|
25
|
+
if (Buffer.isBuffer(rawBody)) {
|
|
26
|
+
return rawBody.length > 0 ? rawBody.toString("utf8") : null;
|
|
27
|
+
}
|
|
28
|
+
if (rawBody instanceof Uint8Array) {
|
|
29
|
+
return rawBody.length > 0 ? Buffer.from(rawBody).toString("utf8") : null;
|
|
30
|
+
}
|
|
31
|
+
return null;
|
|
32
|
+
}
|
|
33
|
+
/**
|
|
34
|
+
* Compose the JSON request body for `verify-webhook-signature`.
|
|
35
|
+
*
|
|
36
|
+
* `fields` are the transmission headers + webhook_id; `webhookEventJson` is the
|
|
37
|
+
* raw webhook body verbatim (preferred) or a serialized fallback. Undefined /
|
|
38
|
+
* null header values are omitted. The webhook event is concatenated as raw JSON
|
|
39
|
+
* (not re-encoded) so the bytes PayPal hashes match what it signed.
|
|
40
|
+
*/
|
|
41
|
+
function composeVerifyRequestBody(fields, webhookEventJson) {
|
|
42
|
+
const head = Object.entries(fields)
|
|
43
|
+
.filter(([, v]) => v !== undefined && v !== null)
|
|
44
|
+
.map(([k, v]) => `${JSON.stringify(k)}:${JSON.stringify(v)}`)
|
|
45
|
+
.join(",");
|
|
46
|
+
return `{${head}${head ? "," : ""}"webhook_event":${webhookEventJson}}`;
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* Pick the bytes to use for `webhook_event`: the raw body when present and
|
|
50
|
+
* non-blank, otherwise a JSON serialization of the parsed body.
|
|
51
|
+
*/
|
|
52
|
+
function resolveWebhookEventJson(rawBody, parsedBody) {
|
|
53
|
+
if (typeof rawBody === "string" && rawBody.trim().length > 0) {
|
|
54
|
+
return rawBody;
|
|
55
|
+
}
|
|
56
|
+
return JSON.stringify(parsedBody ?? {});
|
|
57
|
+
}
|
|
58
|
+
//# sourceMappingURL=webhook-verify.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"webhook-verify.js","sourceRoot":"","sources":["../../../../../../src/modules/paypal/utils/webhook-verify.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;AAGH,0CAcC;AAUD,4DASC;AAMD,0DAQC;AAhDD,6FAA6F;AAC7F,SAAgB,eAAe,CAAC,OAAgB;IAC9C,IAAI,OAAO,IAAI,IAAI,EAAE,CAAC;QACpB,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QAChC,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAA;IAC5C,CAAC;IACD,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7B,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC7D,CAAC;IACD,IAAI,OAAO,YAAY,UAAU,EAAE,CAAC;QAClC,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC1E,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,wBAAwB,CACtC,MAAiD,EACjD,gBAAwB;IAExB,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;SAChC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,IAAI,CAAC;SAChD,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC;SAC5D,IAAI,CAAC,GAAG,CAAC,CAAA;IACZ,OAAO,IAAI,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,mBAAmB,gBAAgB,GAAG,CAAA;AACzE,CAAC;AAED;;;GAGG;AACH,SAAgB,uBAAuB,CACrC,OAAkC,EAClC,UAAmB;IAEnB,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7D,OAAO,OAAO,CAAA;IAChB,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;AACzC,CAAC"}
|