npm - @goweekdays/core - Versions diffs - 2.4.2 → 2.6.0 - Mend

@goweekdays/core 2.4.2 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,17 @@
 # @goweekdays/core
+## 2.6.0
+### Minor Changes
+- 260c0c8: Paypal webhook verification implementation
+## 2.5.0
+### Minor Changes
+- c861819: Initiate paypal service function
 ## 2.4.2
 ### Patch Changes

package/dist/index.d.ts CHANGED Viewed

@@ -398,7 +398,10 @@ declare function useOrgRepo(): {
 declare function useOrgService(): {
     add: (value: TOrg & {
         seats: number;
-    }) => Promise<string>;
+    }) => Promise<{
+        org: string;
+        paypalOrderLink: any;
+    }>;
 };
 declare function useOrgController(): {
@@ -627,6 +630,7 @@ declare function useGitHubService(): {
 declare function useUtilController(): {
     healthCheck: (req: Request, res: Response, next: NextFunction) => Promise<void>;
     setGitHubVariables: (req: Request, res: Response, next: NextFunction) => Promise<void>;
+    paypalWebhook: (req: Request, res: Response, next: NextFunction) => Promise<void>;
 };
 declare const transactionSchema: Joi.ObjectSchema<any>;
@@ -1026,8 +1030,10 @@ declare const SPACES_BUCKET: string;
 declare const PAYPAL_CLIENT_ID: string;
 declare const PAYPAL_CLIENT_SECRET: string;
 declare const PAYPAL_API_URL: string;
+declare const PAYPAL_WEBHOOK_ID: string;
 declare const XENDIT_SECRET_KEY: string;
 declare const XENDIT_BASE_URL: string;
 declare const DOMAIN: string;
+declare const APP_ORG: string;
-export { ACCESS_TOKEN_EXPIRY, ACCESS_TOKEN_SECRET, APP_ACCOUNT, APP_MAIN, DEFAULT_USER_EMAIL, DEFAULT_USER_FIRST_NAME, DEFAULT_USER_LAST_NAME, DEFAULT_USER_PASSWORD, DOMAIN, MAILER_EMAIL, MAILER_PASSWORD, MAILER_TRANSPORT_HOST, MAILER_TRANSPORT_PORT, MAILER_TRANSPORT_SECURE, MBuilding, MBuildingUnit, MFile, MONGO_DB, MONGO_URI, PAYPAL_API_URL, PAYPAL_CLIENT_ID, PAYPAL_CLIENT_SECRET, PORT, REDIS_HOST, REDIS_PASSWORD, REDIS_PORT, REFRESH_TOKEN_EXPIRY, REFRESH_TOKEN_SECRET, SECRET_KEY, SPACES_ACCESS_KEY, SPACES_BUCKET, SPACES_ENDPOINT, SPACES_REGION, SPACES_SECRET_KEY, TApp, TBuilding, TBuildingUnit, TCounter, TFile, TMember, TOrg, TPermission, TPermissionGroup, TPlan, TPromo, TRole, TSubscription, TSubscriptionTransaction, TUser, TVerification, TVerificationMetadata, VERIFICATION_FORGET_PASSWORD_DURATION, VERIFICATION_USER_INVITE_DURATION, XENDIT_BASE_URL, XENDIT_SECRET_KEY, currencies, isDev, modelApp, modelMember, modelOrg, modelPermission, modelPermissionGroup, modelPlan, modelPromo, modelRole, modelSubscription, modelSubscriptionTransaction, modelUser, modelVerification, schemaApp, schemaAppUpdate, schemaBuilding, schemaBuildingUnit, schemaInviteMember, schemaMember, schemaMemberRole, schemaMemberStatus, schemaOrg, schemaOrgAdd, schemaOrgUpdate, schemaPermission, schemaPermissionGroup, schemaPermissionGroupUpdate, schemaPermissionUpdate, schemaPlan, schemaPromo, schemaRole, schemaRoleUpdate, schemaSubscription, schemaSubscriptionSeats, schemaSubscriptionTransaction, schemaSubscriptionUpdate, schemaUpdateOptions, schemaUser, schemaVerification, transactionSchema, useAppController, useAppRepo, useAppService, useAuthController, useAuthService, useBuildingController, useBuildingRepo, useBuildingService, useBuildingUnitController, useBuildingUnitRepo, useBuildingUnitService, useCounterModel, useCounterRepo, useFileController, useFileRepo, useFileService, useGitHubService, useMemberController, useMemberRepo, useOrgController, useOrgRepo, useOrgService, usePermissionController, usePermissionGroupController, usePermissionGroupRepo, usePermissionGroupService, usePermissionRepo, usePermissionService, usePlanController, usePlanRepo, usePlanService, usePromoRepo, useRoleController, useRoleRepo, useRoleService, useSubscriptionController, useSubscriptionRepo, useSubscriptionTransactionController, useSubscriptionTransactionRepo, useUserController, useUserRepo, useUserService, useUtilController, useVerificationController, useVerificationRepo, useVerificationService };
+export { ACCESS_TOKEN_EXPIRY, ACCESS_TOKEN_SECRET, APP_ACCOUNT, APP_MAIN, APP_ORG, DEFAULT_USER_EMAIL, DEFAULT_USER_FIRST_NAME, DEFAULT_USER_LAST_NAME, DEFAULT_USER_PASSWORD, DOMAIN, MAILER_EMAIL, MAILER_PASSWORD, MAILER_TRANSPORT_HOST, MAILER_TRANSPORT_PORT, MAILER_TRANSPORT_SECURE, MBuilding, MBuildingUnit, MFile, MONGO_DB, MONGO_URI, PAYPAL_API_URL, PAYPAL_CLIENT_ID, PAYPAL_CLIENT_SECRET, PAYPAL_WEBHOOK_ID, PORT, REDIS_HOST, REDIS_PASSWORD, REDIS_PORT, REFRESH_TOKEN_EXPIRY, REFRESH_TOKEN_SECRET, SECRET_KEY, SPACES_ACCESS_KEY, SPACES_BUCKET, SPACES_ENDPOINT, SPACES_REGION, SPACES_SECRET_KEY, TApp, TBuilding, TBuildingUnit, TCounter, TFile, TMember, TOrg, TPermission, TPermissionGroup, TPlan, TPromo, TRole, TSubscription, TSubscriptionTransaction, TUser, TVerification, TVerificationMetadata, VERIFICATION_FORGET_PASSWORD_DURATION, VERIFICATION_USER_INVITE_DURATION, XENDIT_BASE_URL, XENDIT_SECRET_KEY, currencies, isDev, modelApp, modelMember, modelOrg, modelPermission, modelPermissionGroup, modelPlan, modelPromo, modelRole, modelSubscription, modelSubscriptionTransaction, modelUser, modelVerification, schemaApp, schemaAppUpdate, schemaBuilding, schemaBuildingUnit, schemaInviteMember, schemaMember, schemaMemberRole, schemaMemberStatus, schemaOrg, schemaOrgAdd, schemaOrgUpdate, schemaPermission, schemaPermissionGroup, schemaPermissionGroupUpdate, schemaPermissionUpdate, schemaPlan, schemaPromo, schemaRole, schemaRoleUpdate, schemaSubscription, schemaSubscriptionSeats, schemaSubscriptionTransaction, schemaSubscriptionUpdate, schemaUpdateOptions, schemaUser, schemaVerification, transactionSchema, useAppController, useAppRepo, useAppService, useAuthController, useAuthService, useBuildingController, useBuildingRepo, useBuildingService, useBuildingUnitController, useBuildingUnitRepo, useBuildingUnitService, useCounterModel, useCounterRepo, useFileController, useFileRepo, useFileService, useGitHubService, useMemberController, useMemberRepo, useOrgController, useOrgRepo, useOrgService, usePermissionController, usePermissionGroupController, usePermissionGroupRepo, usePermissionGroupService, usePermissionRepo, usePermissionService, usePlanController, usePlanRepo, usePlanService, usePromoRepo, useRoleController, useRoleRepo, useRoleService, useSubscriptionController, useSubscriptionRepo, useSubscriptionTransactionController, useSubscriptionTransactionRepo, useUserController, useUserRepo, useUserService, useUtilController, useVerificationController, useVerificationRepo, useVerificationService };

package/dist/index.js CHANGED Viewed

@@ -34,6 +34,7 @@ __export(src_exports, {
   ACCESS_TOKEN_SECRET: () => ACCESS_TOKEN_SECRET,
   APP_ACCOUNT: () => APP_ACCOUNT,
   APP_MAIN: () => APP_MAIN,
+  APP_ORG: () => APP_ORG,
   DEFAULT_USER_EMAIL: () => DEFAULT_USER_EMAIL,
   DEFAULT_USER_FIRST_NAME: () => DEFAULT_USER_FIRST_NAME,
   DEFAULT_USER_LAST_NAME: () => DEFAULT_USER_LAST_NAME,
@@ -52,6 +53,7 @@ __export(src_exports, {
   PAYPAL_API_URL: () => PAYPAL_API_URL,
   PAYPAL_CLIENT_ID: () => PAYPAL_CLIENT_ID,
   PAYPAL_CLIENT_SECRET: () => PAYPAL_CLIENT_SECRET,
+  PAYPAL_WEBHOOK_ID: () => PAYPAL_WEBHOOK_ID,
   PORT: () => PORT,
   REDIS_HOST: () => REDIS_HOST,
   REDIS_PASSWORD: () => REDIS_PASSWORD,
@@ -1028,9 +1030,11 @@ var SPACES_BUCKET = process.env.SPACES_BUCKET;
 var PAYPAL_CLIENT_ID = process.env.PAYPAL_CLIENT_ID ?? "";
 var PAYPAL_CLIENT_SECRET = process.env.PAYPAL_CLIENT_SECRET ?? "";
 var PAYPAL_API_URL = process.env.PAYPAL_API_URL ?? "https://api-m.sandbox.paypal.com";
+var PAYPAL_WEBHOOK_ID = process.env.PAYPAL_WEBHOOK_ID ?? "";
 var XENDIT_SECRET_KEY = process.env.XENDIT_SECRET_KEY ?? "";
 var XENDIT_BASE_URL = process.env.XENDIT_BASE_URL ?? "https://api.xendit.co";
 var DOMAIN = process.env.DOMAIN || "localhost";
+var APP_ORG = process.env.APP_ORG || "http://localhost/organizations/create";
 // src/resources/user/user.service.ts
 var import_utils38 = require("@goweekdays/utils");
@@ -3555,6 +3559,11 @@ function useAppService() {
         code: "ride",
         name: "Ride",
         description: "Transportation and ride services."
+      },
+      {
+        code: "job",
+        name: "jobs",
+        description: "Job listings and recruitment services."
       }
     ];
     const session = import_utils17.useAtlas.getClient()?.startSession();
@@ -6350,6 +6359,96 @@ function usePlanController() {
   };
 }
+// src/resources/utils/paypal.service.ts
+var import_paypal_server_sdk = require("@paypal/paypal-server-sdk");
+var import_crypto3 = __toESM(require("crypto"));
+var import_buffer_crc32 = __toESM(require("buffer-crc32"));
+var certCache = /* @__PURE__ */ new Map();
+function usePaypalService() {
+  const paypalClient = new import_paypal_server_sdk.Client({
+    clientCredentialsAuthCredentials: {
+      oAuthClientId: PAYPAL_CLIENT_ID,
+      oAuthClientSecret: PAYPAL_CLIENT_SECRET
+    },
+    timeout: 0,
+    environment: isDev ? import_paypal_server_sdk.Environment.Sandbox : import_paypal_server_sdk.Environment.Production
+  });
+  function addOrder({
+    amount = 0,
+    currency = "PHP",
+    customId = "",
+    returnUrl = "",
+    cancelUrl = "",
+    action = "pay"
+  } = {}) {
+    return new import_paypal_server_sdk.OrdersController(paypalClient).createOrder({
+      body: {
+        intent: import_paypal_server_sdk.CheckoutPaymentIntent.Capture,
+        purchaseUnits: [
+          {
+            amount: {
+              currencyCode: currency,
+              value: amount.toFixed(2)
+            },
+            customId
+          }
+        ],
+        applicationContext: {
+          returnUrl,
+          cancelUrl,
+          userAction: action === "pay" ? import_paypal_server_sdk.OrderApplicationContextUserAction.PayNow : action === "continue" ? import_paypal_server_sdk.OrderApplicationContextUserAction.Continue : void 0
+        }
+      },
+      prefer: "return=minimal"
+    });
+  }
+  function captureOrder(id) {
+    return new import_paypal_server_sdk.OrdersController(paypalClient).captureOrder({ id });
+  }
+  async function downloadAndCacheCert(url) {
+    const cachedCert = certCache.get(url);
+    if (cachedCert) {
+      return cachedCert;
+    }
+    const response = await fetch(url);
+    if (!response.ok) {
+      throw new Error(
+        `Failed to download PayPal certificate: ${response.statusText}`
+      );
+    }
+    const certPem = await response.text();
+    certCache.set(url, certPem);
+    return certPem;
+  }
+  async function verifyWebhook(rawBody, headers, webhookId = PAYPAL_WEBHOOK_ID) {
+    const transmissionId = headers["paypal-transmission-id"];
+    const timeStamp = headers["paypal-transmission-time"];
+    const certUrl = headers["paypal-cert-url"];
+    const transmissionSig = headers["paypal-transmission-sig"];
+    if (!transmissionId || !timeStamp || !certUrl || !transmissionSig) {
+      return false;
+    }
+    const eventBuffer = Buffer.isBuffer(rawBody) ? rawBody : Buffer.from(rawBody);
+    const crcValue = parseInt("0x" + (0, import_buffer_crc32.default)(eventBuffer).toString("hex"));
+    const message = `${transmissionId}|${timeStamp}|${webhookId}|${crcValue}`;
+    try {
+      const certPem = await downloadAndCacheCert(certUrl);
+      const signatureBuffer = Buffer.from(transmissionSig, "base64");
+      const verifier = import_crypto3.default.createVerify("SHA256");
+      verifier.update(message);
+      return verifier.verify(certPem, signatureBuffer);
+    } catch (error) {
+      console.error("PayPal webhook verification error:", error);
+      throw new Error("Failed to verify PayPal webhook signature.");
+    }
+  }
+  return {
+    addOrder,
+    captureOrder,
+    verifyWebhook
+  };
+}
 // src/resources/organization/organization.service.ts
 function useOrgService() {
   const { add: addOrg } = useOrgRepo();
@@ -6360,6 +6459,7 @@ function useOrgService() {
   const { getDefault } = usePlanRepo();
   const { add: addSubscription } = useSubscriptionRepo();
   const { add: addSubscriptionTransaction } = useSubscriptionTransactionRepo();
+  const { addOrder: addPaypalOrder } = usePaypalService();
   async function add(value) {
     const { error } = schemaOrgAdd.validate(value);
     if (error) {
@@ -6454,8 +6554,22 @@ function useOrgService() {
         },
         session
       );
+      const order = await addPaypalOrder({
+        amount,
+        currency: plan.currency,
+        customId: subscriptionId,
+        returnUrl: `${APP_ORG}/organizations/success`,
+        cancelUrl: `${APP_ORG}/organizations/cancel`,
+        action: "pay"
+      });
       await session?.commitTransaction();
-      return String(org);
+      const paypalOrderLink = JSON.parse(order.body.toString()).links.find(
+        (link) => link.rel === "approve"
+      );
+      return {
+        org: String(org),
+        paypalOrderLink: paypalOrderLink ? paypalOrderLink.href : ""
+      };
     } catch (error2) {
       await session?.abortTransaction();
       throw error2;
@@ -6488,10 +6602,10 @@ function useOrgController() {
       return;
     }
     try {
-      const org = await _add(value);
+      const data = await _add(value);
       res.json({
         message: "Organization created successfully.",
-        data: { org }
+        data
       });
       return;
     } catch (error2) {
@@ -9709,9 +9823,26 @@ function useUtilController() {
       }
     }
   }
+  const { verifyWebhook } = usePaypalService();
+  async function paypalWebhook(req, res, next) {
+    console.log(req);
+    try {
+      await verifyWebhook(req.body, req.headers, PAYPAL_WEBHOOK_ID);
+      res.status(200).send("OK");
+      return;
+    } catch (error) {
+      import_utils55.logger.log({
+        level: "error",
+        message: "PayPal webhook verification failed"
+      });
+      res.status(400).send("Invalid webhook");
+      return;
+    }
+  }
   return {
     healthCheck,
-    setGitHubVariables
+    setGitHubVariables,
+    paypalWebhook
   };
 }
@@ -9974,6 +10105,7 @@ function useVerificationController() {
   ACCESS_TOKEN_SECRET,
   APP_ACCOUNT,
   APP_MAIN,
+  APP_ORG,
   DEFAULT_USER_EMAIL,
   DEFAULT_USER_FIRST_NAME,
   DEFAULT_USER_LAST_NAME,
@@ -9992,6 +10124,7 @@ function useVerificationController() {
   PAYPAL_API_URL,
   PAYPAL_CLIENT_ID,
   PAYPAL_CLIENT_SECRET,
+  PAYPAL_WEBHOOK_ID,
   PORT,
   REDIS_HOST,
   REDIS_PASSWORD,