@katorymnd/pawapay-node-sdk 1.1.0

package/src/utils/license/validator.js

@@ -0,0 +1,81 @@
+//# Core license validation
+
+// const crypto = require("crypto");
+const {
+  // PAWAPAY_SDK_LICENSE_DOMAIN,  // The domain (e.g., startup-app.com)
+  PAWAPAY_SDK_LICENSE_SECRET   //  Required for signature validation (Base64)
+} = process.env;
+
+class LicenseValidator {
+  constructor() {
+    this.validatedLicenses = new WeakMap();
+    this.lastCheck = Date.now();
+  }
+
+  validate(licenseKey) {
+    // --- LOG: Initial input ---
+    console.log(`[PawaPay License] Validating key: ${licenseKey}`);
+
+    if (!licenseKey || typeof licenseKey !== "string") {
+      return this._fail("Invalid license key format: Key is null, undefined, or not a string");
+    }
+
+    // --- 1. FORMAT VALIDATION: Accept TECH-TIER-XXXX-XXXX-XXXX ---
+    // Example: NODE-START-14F6-1053-4CD7
+    const regex = /^[A-Z]+-[A-Z]+-[A-F0-9]{4}-[A-F0-9]{4}-[A-F0-9]{4}$/;
+    if (!regex.test(licenseKey)) {
+      return this._fail(`License key format mismatch. Expected format like: NODE-START-XXXX-XXXX-XXXX. Got: ${licenseKey}`);
+    }
+
+    // --- 2. SECRET KEY VALIDATION ---
+    if (!PAWAPAY_SDK_LICENSE_SECRET) {
+      return this._fail("Environment variable PAWAPAY_SDK_LICENSE_SECRET is not set. This is required to validate license signatures.");
+    }
+
+    // --- 3. REPLICATE PHP LOGIC: DECODE SECRET ---
+    let secretHexFull;
+    try {
+      // PHP: base64_decode($clientSecret, true) -> bin2hex(...)
+      const secretBuffer = Buffer.from(PAWAPAY_SDK_LICENSE_SECRET, "base64");
+      if (secretBuffer.length === 0) throw new Error("Empty secret");
+
+      secretHexFull = secretBuffer.toString("hex");
+    } catch (err) {
+      return this._fail(`Failed to decode secret key (Base64): ${err.message}`);
+    }
+
+    // --- 4. EXTRACT SIGNATURES ---
+    // PHP Logic: $secretSignature = strtoupper(substr($fullHex, 0, 12));
+    const expectedSignature = secretHexFull.substring(0, 12).toUpperCase();
+
+    // PHP Logic: $licenseSignature = strtoupper($parts[2] . $parts[3] . $parts[4]);
+    const parts = licenseKey.split("-");
+    const techPrefix = parts[0]; // e.g. NODE
+    const tier = parts[1];       // e.g. START, PRO
+    const providedSignature = (parts[2] + parts[3] + parts[4]).toUpperCase();
+
+    console.log(`[PawaPay License] Expected Signature (from Secret): ${expectedSignature}`);
+    console.log(`[PawaPay License] Provided Signature (from Key):    ${providedSignature}`);
+
+    // --- 5. COMPARE ---
+    if (providedSignature !== expectedSignature) {
+      return this._fail("Invalid license signature. Credentials do not match.");
+    }
+
+    // --- SUCCESS ---
+    console.log(`[PawaPay License] License key validation SUCCESSFUL for: ${licenseKey}`);
+    return {
+      valid: true,
+      tech: techPrefix,
+      tier: tier,
+      licenseKey
+    };
+  }
+
+  _fail(reason) {
+    console.error(`[PawaPay License] ${reason}`);
+    return { valid: false, reason };
+  }
+}
+
+module.exports = new LicenseValidator();

package/src/utils/validator.js

@@ -0,0 +1,317 @@
+/**
+ * D:\pawapay\pawapay-node-sdk\src\utils\validator.js
+ *
+ * A surgical, idiomatic Node.js translation of the original PHP Validator class
+ * from Katorymnd\PawaPayIntegration\Utils, updated to use Joi for amount validation,
+ * mirroring Symfony's role in the original PHP code.
+ *
+ * Notes:
+ *  - Joi is used specifically for joiValidateAmount to provide a concise, robust
+ *    schema-based validation, while preserving the original error messages and behavior.
+ *  - The rest of the file keeps the lightweight, dependency-free constraint handling
+ *    for other small validators, but joiValidateAmount now relies on Joi.
+ *
+ * Exported functions:
+ *  - validateAlphanumeric(input)
+ *  - validateLength(input, maxLength)
+ *  - validateStatementDescription(input, maxLength = 22)
+ *  - joiValidateAmount(amount)
+ *  - joiValidate(data, constraints)
+ *  - validateMetadataItemCount(metadata)
+ *  - validateMetadataField(fieldName, fieldValue)
+ */
+
+"use strict";
+
+const Joi = require("joi");
+
+const Validator = {
+  /**
+   * Validate that the input has only alphanumeric characters and spaces
+   *
+   * @param {string} input
+   * @returns {string} input if valid
+   * @throws {Error} with suggested correction when invalid characters are present
+   */
+  validateAlphanumeric(input) {
+    if (typeof input !== "string") {
+      throw new Error("Input must be a string.");
+    }
+
+    const invalidCharPattern = /[^a-zA-Z0-9 ]/;
+    if (invalidCharPattern.test(input)) {
+      const suggestedInput = input.replace(/[^a-zA-Z0-9 ]/g, "");
+      throw new Error(
+        `The statement description contains invalid characters. Only alphanumeric characters and spaces are allowed. Suggested correction: '${suggestedInput}'`
+      );
+    }
+
+    return input;
+  },
+
+  /**
+   * Validate that the length of the input does not exceed the specified max length
+   *
+   * @param {string} input
+   * @param {number} maxLength
+   * @returns {string} input if valid
+   * @throws {Error} with suggested truncation when too long
+   */
+  validateLength(input, maxLength) {
+    if (typeof input !== "string") {
+      throw new Error("Input must be a string.");
+    }
+    if (typeof maxLength !== "number" || maxLength < 0) {
+      throw new Error("maxLength must be a non-negative number.");
+    }
+
+    if (input.length > maxLength) {
+      const suggestedInput = input.slice(0, maxLength);
+      throw new Error(
+        `The statement description exceeds the allowed length of ${maxLength} characters. Suggested correction: '${suggestedInput}'`
+      );
+    }
+
+    return input;
+  },
+
+  /**
+   * Full validation function: length + alphanumeric characters
+   *
+   * @param {string} input
+   * @param {number} [maxLength=22]
+   * @returns {string} input if validation passes
+   * @throws {Error}
+   */
+  validateStatementDescription(input, maxLength = 22) {
+    // Step 1: Ensure input has only alphanumeric characters and spaces
+    this.validateAlphanumeric(input);
+
+    // Step 2: Ensure length doesn't exceed the limit
+    this.validateLength(input, maxLength);
+
+    return input; // If validation passes, return the input
+  },
+
+  /**
+   * Combined regex and logical validation for amount, updated to use Joi.
+   *
+   * Mirrors the PHP behavior:
+   *  - First checks regex: /^([0]|([1-9][0-9]{0,17}))([.][0-9]{0,2})?$/
+   *    (up to 18 digits before decimal, up to 2 decimal places)
+   *  - Then enforces "NotBlank" and "Positive" semantics: not blank, > 0
+   *
+   * Implementation notes:
+   *  - Joi is used to validate the string pattern and presence.
+   *  - Additional numeric positivity check is performed after Joi validation
+   *    to ensure the behavior matches Symfony's Positive (which disallows zero).
+   *
+   * @param {string|number} amount
+   * @returns {string} the original amount string (trimmed)
+   * @throws {Error} with descriptive message when invalid
+   */
+  joiValidateAmount(amount) {
+    // Normalize input, preserve trimmed string for messages
+    const amountStr =
+      amount === null || amount === undefined ? "" : String(amount).trim();
+
+    // pawaPay's pattern: up to 18 digits before decimal, optional decimal with up to 2 places
+    const pattern = /^([0]|([1-9][0-9]{0,17}))([.][0-9]{0,2})?$/;
+
+    // Joi schema validates presence and regex pattern
+    const schema = Joi.string()
+      .required()
+      .pattern(pattern)
+      .messages({
+        "string.pattern.base": `The amount '${amountStr}' is invalid. The amount must be a number with up to 18 digits before the decimal point and up to 2 decimal places.`,
+        "any.required": "This value should not be blank.",
+        "string.empty": "This value should not be blank."
+      });
+
+    const { error } = schema.validate(amountStr);
+
+    if (error) {
+      // Joi message already tailored above, but ensure consistent message format
+      // If Joi provides a message, use it; otherwise fallback
+      throw new Error(error.message || `The amount '${amountStr}' is invalid.`);
+    }
+
+    // Convert to number and enforce Positive (Symfony's Positive disallows zero)
+    const numeric = Number(amountStr);
+    if (!Number.isFinite(numeric)) {
+      throw new Error(`The amount '${amountStr}' is not a valid number.`);
+    }
+    if (numeric <= 0) {
+      // Keep Symfony-like message
+      throw new Error("This value should be positive.");
+    }
+
+    return amountStr;
+  },
+
+  /**
+   * General lightweight validator to mimic Symfony behavior for simple constraints.
+   *
+   * Constraint descriptor examples:
+   *  { type: 'NotBlank', message: '...' }
+   *  { type: 'Length', max: 50, maxMessage: '...' }
+   *  { type: 'Regex', pattern: /^[a-z]+$/, message: '...' }
+   *  { type: 'Positive', message: '...' }
+   *
+   * The function throws the first encountered violation as an Error.
+   *
+   * Note: This function intentionally remains dependency-free and simple.
+   * For richer schema-based validation across many fields, consider building
+   * Joi schemas for each DTO and using Joi.validate instead.
+   *
+   * @param {any} data
+   * @param {Array<Object>} constraints
+   * @returns {any} data when valid
+   * @throws {Error} first violation message
+   */
+  joiValidate(data, constraints) {
+    for (let i = 0; i < constraints.length; i++) {
+      const c = constraints[i];
+      if (!c || typeof c.type !== "string") {
+        continue; // skip unknown descriptors
+      }
+
+      switch (c.type) {
+      case "NotBlank":
+        if (
+          data === null ||
+            data === undefined ||
+            (typeof data === "string" && data.trim() === "")
+        ) {
+          throw new Error(c.message || "This value should not be blank.");
+        }
+        break;
+
+      case "Positive":
+        {
+          const numeric = Number(data);
+          if (!Number.isFinite(numeric) || numeric <= 0) {
+            throw new Error(c.message || "This value should be positive.");
+          }
+        }
+        break;
+
+      case "Length":
+        if (typeof data === "string") {
+          if (typeof c.max === "number" && data.length > c.max) {
+            // use maxMessage if provided, otherwise a default that uses {{ limit }}
+            const msg = c.maxMessage
+              ? c.maxMessage.replace("{{ limit }}", String(c.max))
+              : `This value is too long. It should have ${c.max} characters or less.`;
+            throw new Error(msg);
+          }
+          if (typeof c.min === "number" && data.length < c.min) {
+            const msg = c.minMessage
+              ? c.minMessage.replace("{{ limit }}", String(c.min))
+              : `This value is too short. It should have ${c.min} characters or more.`;
+            throw new Error(msg);
+          }
+        } else {
+          // If not a string, skip length checks
+        }
+        break;
+
+      case "Regex":
+        {
+          if (typeof c.pattern === "undefined") {
+            break;
+          }
+          let regex = c.pattern;
+          // allow passing pattern as string or RegExp
+          if (typeof regex === "string") {
+            regex = new RegExp(regex);
+          }
+          if (typeof data !== "string" || !regex.test(data)) {
+            throw new Error(c.message || "This value is not valid.");
+          }
+        }
+        break;
+
+      default:
+        // unknown constraint, skip
+        break;
+      }
+    }
+
+    return data;
+  },
+
+  /**
+   * Validate that the number of metadata items does not exceed 10
+   *
+   * @param {Array} metadata
+   * @returns {Array} metadata if valid
+   * @throws {Error} when count > 10
+   */
+  validateMetadataItemCount(metadata) {
+    if (!Array.isArray(metadata)) {
+      throw new Error("Metadata must be an array.");
+    }
+    if (metadata.length > 10) {
+      throw new Error(
+        `Number of metadata items must not be more than 10. You provided ${metadata.length} items.`
+      );
+    }
+    return metadata;
+  },
+
+  /**
+   * Validate individual metadata fields: fieldName and fieldValue
+   *
+   * @param {string} fieldName
+   * @param {string} fieldValue
+   * @returns {{fieldName: string, fieldValue: string}} validated pair
+   * @throws {Error} if validation fails
+   */
+  validateMetadataField(fieldName, fieldValue) {
+    // Define constraints for fieldName
+    const fieldNameConstraints = [
+      { type: "NotBlank", message: "Metadata field name cannot be blank." },
+      {
+        type: "Length",
+        max: 50,
+        maxMessage: "Metadata field name cannot exceed {{ limit }} characters."
+      },
+      {
+        type: "Regex",
+        pattern: /^[a-zA-Z0-9_ ]+$/,
+        message:
+          "Metadata field name can only contain alphanumeric characters, underscores, and spaces."
+      }
+    ];
+
+    // Define constraints for fieldValue
+    const fieldValueConstraints = [
+      { type: "NotBlank", message: "Metadata field value cannot be blank." },
+      {
+        type: "Length",
+        max: 100,
+        maxMessage: "Metadata field value cannot exceed {{ limit }} characters."
+      },
+      {
+        type: "Regex",
+        pattern: /^[a-zA-Z0-9_\-., ]+$/,
+        message:
+          "Metadata field value can only contain alphanumeric characters, underscores, hyphens, periods, commas, and spaces."
+      }
+    ];
+
+    // Validate fieldName
+    this.joiValidate(fieldName, fieldNameConstraints);
+
+    // Validate fieldValue
+    this.joiValidate(fieldValue, fieldValueConstraints);
+
+    return {
+      fieldName,
+      fieldValue
+    };
+  }
+};
+
+module.exports = Validator;