@emaraplay/nobles 1.0.1

package/index.js

@@ -0,0 +1 @@
+module.exports = require('./src/index');

package/package.json

@@ -0,0 +1,27 @@
+{
+  "name": "@emaraplay/nobles",
+  "version": "1.0.1",
+  "main": "index.js",
+  "scripts": {
+    "test": "mocha test --recursive --timeout 5000 --reporter mochawesome --exit",
+    "test:cov": "nyc --reporter lcov mocha test --recursive --timeout 5000 --reporter mochawesome --exit"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "@emaraplay/error-codes": "0.0.8",
+    "@emaraplay/utils": "1.0.20",
+    "@sentry/node": "^6.1.0",
+    "dayjs": "^1.11.10",
+    "got": "^11.8.6",
+    "xlsx": "^0.18.5",
+    "xss": "^1.0.8"
+  },
+  "devDependencies": {
+    "chai": "^4.3.0",
+    "mocha": "^8.2.1",
+    "mochawesome": "^6.2.1",
+    "moxios": "^0.4.0",
+    "nyc": "^15.1.0"
+  }
+}

package/src/games/index.js

@@ -0,0 +1,3 @@
+'use strict';
+
+exports.games = require('./list.method');

package/src/games/list.method.js

@@ -0,0 +1,163 @@
+'use strict';
+
+const dayjs = require('dayjs');
+const got = require('got');
+
+function mapCategoryToEnum(category) {
+  if (typeof category !== 'string') return undefined;
+  const raw = category.trim().toLowerCase();
+  const normalized = raw.replace(/[\s/_-]+/g, '');
+
+  const MAP = {
+    slot: 'SLOT',
+    slots: 'SLOT',
+    videoslot: 'SLOT',
+    videoslots: 'SLOT',
+    megaways: 'SLOT',
+
+    pool: 'POOL',
+
+    roulette: 'ROULETTE',
+
+    blackjack: 'BLACKJACK',
+
+    baccarat: 'BACCARAT',
+    crash: 'CRASH',
+
+    instant: 'INSTANT',
+    casual: 'INSTANT',
+    arcade: 'INSTANT',
+    mines: 'INSTANT',
+    plinko: 'INSTANT',
+    dice: 'INSTANT',
+
+    scratch: 'SCRATCH',
+    scratchcard: 'SCRATCH',
+    scratchcards: 'SCRATCH',
+
+    poker: 'POKER',
+    videopoker: 'POKER',
+    holdem: 'POKER',
+    threecardpoker: 'POKER',
+
+    bingo: 'BINGO',
+    keno: 'BINGO',
+    lotto: 'BINGO',
+    lottery: 'BINGO',
+
+    virtual: 'VIRTUAL',
+    virtualsports: 'VIRTUAL',
+
+    table: 'TABLE',
+    tablegame: 'TABLE',
+    tablegames: 'TABLE',
+    card: 'TABLE',
+    cards: 'TABLE',
+    board: 'TABLE'
+  };
+
+  if (MAP[normalized]) return MAP[normalized];
+
+  if (/roulette/.test(raw)) return 'ROULETTE';
+  if (/blackjack/.test(raw)) return 'BLACKJACK';
+  if (/crash/.test(raw)) return 'CRASH';
+  if (/poker/.test(raw)) return 'POKER';
+  if (/bingo|keno|lottery|lotto/.test(raw)) return 'BINGO';
+  if (/virtual/.test(raw)) return 'VIRTUAL';
+  if (/scratch/.test(raw)) return 'SCRATCH';
+  if (/table|card|cards|board/.test(raw)) return 'TABLE';
+  if (/slot|megaways/.test(raw)) return 'SLOT';
+  if (/instant|arcade|mines|plinko|dice/.test(raw)) return 'INSTANT';
+
+  return 'OTHER';
+}
+
+async function getGames(provider) {
+  try {
+    if (!provider || !provider.urls) {
+      throw new Error('Proveedor inválido o sin configuración de URLs');
+    }
+    if (!provider.urls.gameList) {
+      throw new Error('Proveedor no tiene configurado el endpoint de lista de juegos');
+    }
+    
+    const endpoint = provider.urls.gameList;
+    if (!endpoint) {
+      throw new Error('Proveedor sin endpoint de lista de juegos configurado');
+    }
+
+    const response = await got.get(endpoint, { 
+      responseType: 'json',
+      headers: {
+        'Content-Type': 'application/json'
+      }
+    });
+
+    const gamesData = response.body;
+    if (!Array.isArray(gamesData)) {
+      throw new Error('La respuesta del endpoint no es un array de juegos');
+    }
+
+    const processedGames = [];
+    let skippedGamesCount = 0;
+
+    for (const game of gamesData) {
+      try {
+        if (!game.gameMode || !game.title) {
+          skippedGamesCount++;
+          continue;
+        }
+
+        const gameType = mapCategoryToEnum(game.category) || 'OTHER';
+
+        const hasFreespins = Array.isArray(game.bonusTypes) && game.bonusTypes.length > 0;
+
+        const gameData = {
+          alias: game.gameMode,
+          name: game.title.trim(),
+          freespins: hasFreespins,
+          fun: true,
+          type: gameType,
+          platform: {
+            mobile: true,
+            desktop: true,
+          },
+          params: {
+            description: game.description || '',
+            multiplayer: game.multiplayer || false
+          }
+        };
+
+        if (game.rtp) {
+          const rtpVal = Number(game.rtp);
+          if (!Number.isNaN(rtpVal)) {
+            const normalizedRtp = rtpVal <= 1 ? rtpVal * 100 : rtpVal;
+            if (normalizedRtp > 0 && normalizedRtp <= 100) {
+              gameData.rtp = normalizedRtp;
+            }
+          }
+        }
+
+        gameData.launchDate = dayjs().toDate();
+
+        processedGames.push(gameData);
+      } catch (gameError) {
+        console.error('Error procesando juego:', gameError);
+        skippedGamesCount++;
+      }
+    }
+
+    if (skippedGamesCount > 0) {
+      console.log(`Se omitieron ${skippedGamesCount} juegos por datos inválidos`);
+    }
+
+    return processedGames;
+  } catch (error) {
+    console.error('Error obteniendo juegos de InOut desde API:', error.message);
+    throw error;
+  }
+}
+
+module.exports = {
+  getGames
+};

package/src/index.js

@@ -0,0 +1,7 @@
+'use strict';
+
+exports.game = require('./games');
+exports.utils = require('./utils');
+exports.wallet = require('./wallet');
+exports.launcher = require('./launcher');
+exports.rounds = require('./rounds');

package/src/launcher/get.method.js

@@ -0,0 +1,81 @@
+'use strict';
+
+const xss = require('xss');
+const crypto = require('crypto');
+const got = require('got');
+const { getHMAC } = require('../utils/sign.helper');
+
+function sortPlainObjectKeysAsc(obj) {
+  const sortedKeys = Object.keys(obj).sort();
+  const sortedObj = {};
+  for (const key of sortedKeys) {
+    sortedObj[key] = obj[key];
+  }
+  return sortedObj;
+}
+
+module.exports = async function(request, provider, aUser, game, sessionId, mode) {
+	try {
+	    const launchUrl = provider?.urls?.launcher;
+		if (!launchUrl) throw new Error('URL de lanzamiento (launcher) no configurada para el proveedor.');
+		const operatorId = provider?.k2;
+		if (!operatorId) throw new Error('operatorId (k2) no configurado para el proveedor.');
+		const gameMode = game?.a;
+		if (!gameMode) throw new Error('El ID del juego (game.a) es inválido.');
+
+		const lng = xss(request.data?.lang || aUser?.data?.language || request.body?.lang || 'es-ES');
+		const lobbyUrl = xss(request.query.lobby) || xss(request.bookmaker?.url?.l);
+		const callbackUrl = xss(provider.params?.callBack) || lobbyUrl;
+		const isDemo = mode === 'fun' || mode === 'demo';
+		const user = isDemo ? 'DemoUser' : String(aUser?.data?.internal || '');
+		const balance = isDemo ? 10000 : (aUser?.data?.balance || 0);
+		const currency = isDemo ? 'USD' : xss(aUser?.data?.currency || 'ARS');
+		let demoUrl;
+		let body;
+		
+		if (mode === 'fun' || mode === 'demo') {
+			demoUrl = `${provider.urls.baseUrl}/demo/sessions`;
+			const demoAuthToken = crypto.randomBytes(16).toString('hex');
+			body = {
+				gameCode: gameMode,
+				playerId: user,
+				operatorCode: operatorId,
+				callbackUrl: callbackUrl,
+				lobbyUrl: lobbyUrl,
+				sessionId: demoAuthToken,
+				locale: lng.substring(0, 2),
+				currency: currency || 'USD',
+				initialBalance: balance
+			};
+		} else {
+			body = {
+				gameCode: gameMode,
+				playerId: user,
+				operatorCode: operatorId,
+				callbackUrl: callbackUrl,
+				lobbyUrl: lobbyUrl,
+				sessionId: String(sessionId),
+				locale: lng.substring(0, 2),
+				currency: currency,
+				initialBalance: balance
+			};
+			
+		}
+		
+		const sortedBody = sortPlainObjectKeysAsc(body);
+		const signature = getHMAC(sortedBody, provider.k1);
+		
+		const response = await got.post(isDemo ? demoUrl : launchUrl, { 
+			json: body,
+			headers: {
+				'x-request-sign': signature
+			}
+		});
+		
+		const result = JSON.parse(response.body);
+		return result.url;
+	} catch (error) {
+		console.error(`Error en Nobles launcher: ${error.message}`);
+    	throw new Error(`Nobles launcher falló: ${error.message}`);
+	}
+}

package/src/launcher/index.js

@@ -0,0 +1,3 @@
+'use strict';
+
+module.exports.get = require('./get.method');

package/src/rounds/details.method.js

@@ -0,0 +1,90 @@
+'use strict';
+
+const xss = require('xss');
+const got = require('got');
+const { getHMAC } = require('../utils/sign.helper');
+const ERROR = require('@emaraplay/error-codes');
+
+const sanitize = (value) => xss(value)?.trim();
+
+const validateParams = ({ host, apiKey, casinoId, roundId }) => {
+  if (!host || !apiKey) {
+    return { ...ERROR.ERROR_CODES.UNAUTHORIZED, description: 'UNAUTHORIZED' };
+  }
+  if (!casinoId) {
+    return { ...ERROR.ERROR_CODES.INVALID_PARAMETERS, description: 'Casino Required' };
+  }
+  if (!roundId) {
+    return { ...ERROR.ERROR_CODES.INVALID_PARAMETERS, description: 'Round Required' };
+  }
+  return null;
+};
+
+const buildPayload = ({ casinoId, roundId, timeZone }) => ({
+  casino_id: casinoId,
+  round_id: roundId,
+  ...(timeZone ? { time_zone: timeZone } : {}),
+});
+
+const sendSignedRequest = async (endpoint, payload, secret) => {
+  const body = JSON.stringify(payload);
+  const signature = getHMAC(body, secret);
+
+  const response = await got.post(endpoint, {
+    body,
+    responseType: 'json',
+    headers: {
+      'Content-Type': 'application/json',
+      'x-request-sign': signature,
+    },
+  });
+  return response.body;
+};
+
+module.exports = async (host, apiKey, casino, round, timeZone = null) => {
+  const sanitizedParams = {
+    host: sanitize(host),
+    apiKey: sanitize(apiKey),
+    casinoId: sanitize(casino),
+    roundId: sanitize(round),
+    timeZone: timeZone ? sanitize(timeZone) : null,
+  };
+
+  const validationError = validateParams(sanitizedParams);
+  if (validationError) return validationError;
+
+  const endpoint = sanitizedParams.host
+
+  try {
+    const payload = buildPayload({
+      casinoId: sanitizedParams.casinoId,
+      roundId: sanitizedParams.roundId,
+      timeZone: sanitizedParams.timeZone,
+    });
+
+    const response = await sendSignedRequest(endpoint, payload, sanitizedParams.apiKey);
+    if (!response?.details_url) {
+      return {
+        error: 404,
+        description: 'Round details URL not provided',
+        raw: response,
+      };
+    }
+
+    return {
+      error: 0,
+      description: 'Success',
+      result: {
+        type: 'url',
+        value: response.details_url,
+      },
+    };
+  } catch (err) {
+    console.error(err);
+    return {
+      error: 500,
+      description: err?.response?.body?.error || err.message,
+      raw: err?.response?.body || err,
+    };
+  }
+};

package/src/rounds/index.js

@@ -0,0 +1,3 @@
+'use strict';
+
+module.exports.details = require('./details.method');

package/src/utils/constants.js

@@ -0,0 +1,3 @@
+'use strict';
+
+module.exports.PROVIDER_CODE = 'NB';

package/src/utils/currency.helper.js

@@ -0,0 +1,12 @@
+'use strict';
+
+exports.currencyHelper = (bCurrency, uCurrency) => {
+	if(!bCurrency || !uCurrency) {
+		return false;
+	}
+	if(bCurrency === uCurrency) {
+		return true;
+	} else {
+		return false
+	}
+}

package/src/utils/error.helper.js

@@ -0,0 +1,225 @@
+'use strict';
+
+const ERRORS = {
+    NONE: {
+        error: 0,
+        httpCode: 200,
+        message: 'Success',
+    },
+    TEMPORARY_ERROR: {
+        error: 1,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    INVALID_TOKEN: {
+        error: 4,
+        httpCode: 401,
+        errorNobles: 'ERROR4',
+        message: 'Player authentication failed',
+    },
+    ACCOUNT_LOCKED: {
+        error: 6,
+        httpCode: 401,
+        errorNobles: 'ERROR4',
+        message: 'Player authentication failed',
+    },
+    ACCOUNT_INVALID: {
+        error: 2,
+        httpCode: 401,
+        errorNobles: 'ERROR4',
+        message: 'Player authentication failed',
+    },
+    UNKNOWN_ERROR: {
+        error: 100,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    GAME_DISABLED: {
+        error: 8,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    INSUFFICIENT_FUNDS: {
+        error: 1,
+        httpCode: 400,
+        errorNobles: 'ERROR2',
+        message: 'Not enough balance to complete the action',
+    },
+    CHECKS_FAIL: {
+        error: 3,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    DEBIT_TRANSACTION_NOT_FOUND: {
+        error: 14,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    INVALID_HASH: {
+        error: 5,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    MISSING_SIGNATURE: {
+        error: 16,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted'
+    },
+    INVALID_PARAMS: {
+        error: 7,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    DUPLICATED_TRANSACTION: {
+        error: 11,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    INVALID_TRANSACTION: {
+        error: 12,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    ROUND_ALREADY_STARTED: {
+        error: 13,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    ROUND_ALREADY_CLOSED: {
+        error: 15,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    ROUND_NOT_FOUND: {
+        error: 16,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    INVALID_AMOUNT: {
+        error: 21,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    PROVIDER_NOT_FOUND: {
+        error: 30,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    INTERNAL_SERVER_ERROR_1: {
+        error: 120,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    INTERNAL_SERVER_ERROR_2: {
+        error: 120,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    BET_OUT_OF_LIMIT: {
+        error: 310,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    UNAUTHORIZED: {
+        error: 401,
+        httpCode: 401,
+        errorNobles: 'ERROR3',
+        message: 'Unauthorized operation attempted',
+    },
+    NOT_IMPLEMENTED: {
+        error: 501,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    EMPTY_SESSION_ID: {
+        error: 1000,
+        httpCode: 401,
+        errorNobles: 'ERROR4',
+        message: 'Player authentication failed',
+    },
+    INVALID_USER: {
+        error: 1001,
+        httpCode: 401,
+        errorNobles: 'ERROR4',
+        message: 'Player authentication failed',
+    },
+    INVALID_CASINO_ID: {
+        error: 1002,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    INVALID_GAME_ID: {
+        error: 1003,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred',
+    },
+    INVALID_USER_CURRENCY: {
+        error: 1004,
+        httpCode: 400,
+        errorNobles: 'ERROR6',
+        message: 'Unsupported currency',
+    },
+}
+
+const getErrorByNumber = (errorNumber) => {
+    const k = Object.keys(ERRORS).find(key => ERRORS[key].error === errorNumber);
+    return ERRORS[k] || {
+        error: errorNumber,
+        httpCode: 500,
+        errorNobles: 'ERROR1',
+        message: 'An internal error occurred'
+    };
+};
+
+function buildHttpError(codeOrKey) {
+    let error;
+    
+    if (typeof codeOrKey === 'number') {
+        error = getErrorByNumber(codeOrKey);
+    } 
+    else if (typeof codeOrKey === 'string' && ERRORS[codeOrKey]) {
+        error = ERRORS[codeOrKey];
+    }
+    else {
+        error = {
+            error: codeOrKey,
+            httpCode: 500,
+            errorNobles: 'ERROR1',
+            message: 'An internal error occurred'
+        };
+    }
+    
+    return {
+        httpCode: error.httpCode,
+        body: {
+            error: {
+                code: error.errorNobles,
+                message: error.message
+            }
+        }
+    };
+}
+
+
+module.exports = { ERRORS, buildHttpError };

package/src/utils/index.js

@@ -0,0 +1,5 @@
+module.exports.normalize = require('./normalize.helper');
+module.exports.getError = require('./error.helper');
+module.exports.constants = require('./constants');
+module.exports.security = require('./sign.helper');
+module.exports.currencyHelper = require('./currency.helper');

package/src/utils/normalize.helper.js

@@ -0,0 +1,31 @@
+'use strict';
+
+const xss = require('xss');
+
+module.exports = (params, request) => {
+  const normalized = {
+    lang: xss(request.data.lang) || "",
+    ip: xss((request.data.ip || {}).ip) || "",
+    provider: xss(request.provider) || "",
+
+    game: xss(params?.gameCode),
+    transaction: xss(params?.trxUid),
+    user: xss(request.user?.r),
+    userInternal: xss(request.user?._id),
+    currency: xss(params?.currency),
+    gameCycle: xss(params?.roundUid),
+    gameCycleClosed: params?.isRoundClosed,
+    originalTransaction: xss(params?.data?.debitId),
+    amount: xss((params?.bet && params?.win) ? 
+      (Number(params?.win || 0) - Number(params?.bet || 0)).toString() : 
+      (params?.bet)
+    ),
+    betAmount: xss(params?.bet),
+    winAmount: xss(params?.win),
+    typeToRollback: ['betwin'],
+
+    // promoId: xss(params?.eventSource),
+    raw: params,
+  };
+  return normalized;
+};

package/src/utils/sign.helper.js

@@ -0,0 +1,14 @@
+'use strict';
+
+const crypto = require('crypto');
+
+exports.getHMAC = (json, secret) => {
+  const data = (typeof json === 'string' ? json : JSON.stringify(json));
+  const hmacData = crypto.createHmac('sha256', secret).update(data).digest('hex');
+  return hmacData;
+};
+
+exports.isValidSign = (sign, body, secret) => {
+  const check = this.getHMAC(body, secret);
+  return sign === check;
+};

package/src/wallet/balance.method.js

@@ -0,0 +1,52 @@
+'use strict';
+
+const Sentry = require('@sentry/node');
+const { normalize } = require('../utils');
+const utils = require('@emaraplay/utils');
+const { ERRORS, buildHttpError } = require('../utils/error.helper');
+const { isValidSign } = require('../utils/sign.helper');
+const { currencyHelper } = require('../utils/currency.helper');
+
+const validateAuthenticateRequest = (params) => {
+  if (!params.user) return buildHttpError(ERRORS.INVALID_USER.error);
+  if (!params.currency) return buildHttpError(ERRORS.INVALID_USER_CURRENCY.error);
+  return null;
+};
+
+module.exports = async function(controller, fastify, request) {
+  try {
+    const signature = request.headers['x-request-sign'];
+    if (!signature) return buildHttpError(ERRORS.MISSING_SIGNATURE.error);
+    const query = JSON.stringify(request.query);
+    const secretKey = request.provider.k1;
+    if (!isValidSign(signature, query, secretKey)) {
+      return buildHttpError(ERRORS.INVALID_HASH.error);
+    }
+
+    const body = normalize(request.query, request);
+    const sameCurrency = currencyHelper(body.currency, request.user.currency);
+    if (!sameCurrency) return buildHttpError(ERRORS.INVALID_USER_CURRENCY.error);
+    
+    const validationError = validateAuthenticateRequest(body);
+    if (validationError) return validationError;
+
+    const payload = utils.wallet.balance(request, {
+      user: body.user,
+      currency: body.currency,
+    });
+
+    const response = await controller(fastify, payload, request);
+    if (response.error) {
+      return buildHttpError(response.code);
+    }
+
+    return {
+      balance: Number(response.data.balance),
+      playerId: body.userInternal,
+      currency: response.data.currency,
+    };
+  } catch (error) {
+    Sentry.captureException(error);
+    return buildHttpError(ERRORS.INTERNAL_SERVER_ERROR_2.error);
+  }
+};

package/src/wallet/bet-win.method.js

@@ -0,0 +1,63 @@
+'use strict';
+
+const Sentry = require('@sentry/node');
+const { ERRORS, buildHttpError } = require('../utils/error.helper');
+const { normalize } = require('../utils');
+const { isValidSign } = require('../utils/sign.helper');
+const { currencyHelper } = require('../utils/currency.helper');
+const utils = require('@emaraplay/utils');
+
+const validateBetRequest = (params) => {
+  if (!params.gameCycle) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  if (!params.transaction) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  if (params.amount === undefined || params.amount === null || Number(params.amount) < 0) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  if (params.betAmount === undefined || params.betAmount === null || Number(params.betAmount) < 0) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  if (params.winAmount === undefined || params.winAmount === null || Number(params.winAmount) < 0) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  if (!params.userInternal) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  if (!params.game) return buildHttpError(ERRORS.INVALID_GAME_ID.error);
+  if (!params.currency) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  if (!params.user) return buildHttpError(ERRORS.INVALID_USER.error);
+  return null;
+};
+
+module.exports = async function (controller, fastify, request) {
+  try {
+    const signature = request.headers['x-request-sign'];
+   if (!signature) {
+     return buildHttpError(ERRORS.MISSING_SIGNATURE.error);
+   }
+    const secretKey = request.provider.k1;
+   if (!isValidSign(signature, request.rawBody, secretKey)) {
+       return buildHttpError(ERRORS.INVALID_HASH.error)
+   }
+    const body = normalize(request.body, request);
+    const sameCurrency = currencyHelper(body.currency, request.user.currency)
+    if(!sameCurrency) {
+      return buildHttpError(ERRORS.INVALID_USER_CURRENCY.error);
+    }
+    
+    const validationError = validateBetRequest(body);
+    if (validationError) return validationError;
+
+    const failOnExist = !request.provider.p?.cfg?.rst;
+    const checkRound = !request.provider.p?.cfg?.amb;
+
+    const payload = utils.casino.stakeAndSettle(request, body, failOnExist, checkRound);
+    const response = await controller(fastify, payload, request);
+    if (response && response.error) {
+      return buildHttpError(response.error);
+    }
+    const balance = Number(response.data?.balance);
+
+    return {
+      balance,
+      playerId: body.userInternal,
+      trxId: response.data.transaction || response.data.txid,
+      currency: body.currency
+    };
+  } catch (err) {
+    console.error('ERROR in bet:', err);
+    Sentry.captureException(err);
+    return buildHttpError(ERRORS.INTERNAL_SERVER_ERROR_2.error);
+  }
+};

package/src/wallet/index.js

@@ -0,0 +1,5 @@
+'use strict';
+
+module.exports.balance = require('./balance.method');
+module.exports.betWin = require('./bet-win.method');
+module.exports.rollback = require('./rollback.method');

package/src/wallet/rollback.method.js

@@ -0,0 +1,65 @@
+'use strict';
+
+const Sentry = require('@sentry/node');
+const { ERRORS, buildHttpError } = require('../utils/error.helper');
+const { normalize } = require('../utils');
+const { isValidSign } = require('../utils/sign.helper');
+const  { currencyHelper } = require('../utils/currency.helper');
+const utils = require('@emaraplay/utils');
+
+const validateRollbackRequest = (params) => {
+  if (!params.gameCycle) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  if (!params.transaction) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  if (!params.game) return buildHttpError(ERRORS.INVALID_GAME_ID.error);
+  if (!params.user) return buildHttpError(ERRORS.INVALID_USER.error);
+  if (!params.currency) return buildHttpError(ERRORS.INVALID_USER_CURRENCY.error);
+  if (params.amount === undefined || params.amount === null) return buildHttpError(ERRORS.INVALID_PARAMS.error);
+  const amount = Number(params.amount);
+  if (Number.isNaN(amount) || amount < 0) {
+    return buildHttpError(ERRORS.INVALID_AMOUNT.error);
+  }
+  return null;
+};
+
+module.exports = async function (controller, fastify, request) {
+  try {
+    const signature = request.headers['x-request-sign'];
+    const secretKey = request.provider.k1;
+    const body = normalize(request.body, request);
+    const sameCurrency = currencyHelper(body.currency, request.user.currency)
+    if(!sameCurrency) {
+      return buildHttpError(ERRORS.INVALID_USER_CURRENCY.error);
+    }
+    
+    if (!signature) return buildHttpError(ERRORS.MISSING_SIGNATURE.error);
+    if (!isValidSign(signature, request.rawBody, secretKey)) {
+      return buildHttpError(ERRORS.INVALID_HASH.error);
+    }
+
+    const validationError = validateRollbackRequest(body);
+    if (validationError) return validationError;
+
+    const failOnExist = !request.provider.p?.cfg?.rst;
+    const checkRound = !request.provider.p?.cfg?.amb;
+
+    const payload = utils.casino.rollback(request, body, body.gameCycleClosed, failOnExist, checkRound);
+    const response = await controller(fastify, payload, request);
+
+    if (response && response.error) {
+      return buildHttpError(response.error);
+    }
+
+    const balance = Number(response.data?.balance);
+
+    return {
+      balance,
+      playerId: body.userInternal,
+      trxId: response.data.transaction || response.data.txid,
+      currency: body.currency
+    };
+  } catch (err) {
+    console.error('ERROR in rollback/refund:', err);
+    Sentry.captureException(err);
+    return buildHttpError(ERRORS.INTERNAL_SERVER_ERROR_1.error)
+  }
+};