@ksefnik/http 0.0.1

package/dist/invoices.js

@@ -0,0 +1,130 @@
+import { PATHS } from './endpoints.js';
+import { KsefApiError } from './errors.js';
+import { parseInvoiceXml } from './xml.js';
+function toIsoDate(date) {
+    if (date.includes('T'))
+        return date;
+    return new Date(`${date}T00:00:00.000Z`).toISOString();
+}
+function toIsoDateEnd(date) {
+    if (date.includes('T'))
+        return date;
+    return new Date(`${date}T23:59:59.999Z`).toISOString();
+}
+function toGroszeInt(amount) {
+    if (amount === undefined || amount === null)
+        return undefined;
+    if (!Number.isFinite(amount))
+        return undefined;
+    return Math.round(amount * 100);
+}
+export async function mapWithConcurrency(items, concurrency, mapper) {
+    const results = new Array(items.length);
+    let cursor = 0;
+    const workers = Array.from({ length: Math.min(concurrency, items.length) || 1 }, async () => {
+        while (cursor < items.length) {
+            const index = cursor++;
+            const item = items[index];
+            results[index] = await mapper(item, index);
+        }
+    });
+    await Promise.all(workers);
+    return results;
+}
+export async function queryInvoiceMetadataPage(http, accessToken, body, pageSize, pageOffset) {
+    return http.request({
+        method: 'POST',
+        path: PATHS.queryMetadata,
+        headers: { Authorization: `Bearer ${accessToken}` },
+        query: { pageSize, pageOffset },
+        body,
+    });
+}
+export async function fetchInvoiceXml(http, accessToken, ksefNumber) {
+    return http.request({
+        method: 'GET',
+        path: PATHS.invoiceByKsefNumber(ksefNumber),
+        headers: {
+            Authorization: `Bearer ${accessToken}`,
+            Accept: 'application/xml',
+        },
+        responseType: 'text',
+    });
+}
+function nullish(value) {
+    return value ?? undefined;
+}
+function mapMetadataToRaw(meta) {
+    const invoicingDate = nullish(meta.invoicingDate);
+    const issueDate = nullish(meta.issueDate);
+    const permanentStorageDate = nullish(meta.permanentStorageDate);
+    const dateValue = invoicingDate?.slice(0, 10) ?? issueDate ?? permanentStorageDate ?? '';
+    return {
+        ksefReferenceNumber: meta.ksefNumber,
+        invoiceNumber: meta.invoiceNumber,
+        subjectNip: nullish(meta.seller?.nip) ?? '',
+        subjectName: nullish(meta.seller?.name),
+        invoicingDate: dateValue,
+        xml: '',
+        grossAmountGrosze: toGroszeInt(meta.grossAmount ?? undefined),
+        currency: nullish(meta.currency) ?? 'PLN',
+        buyerNip: nullish(meta.buyer?.identifier?.value),
+        buyerName: nullish(meta.buyer?.name),
+    };
+}
+export async function fetchInvoices(http, params) {
+    const pageSize = params.pageSize ?? 100;
+    const pageOffset = params.pageOffset ?? 0;
+    const concurrency = params.concurrency ?? 5;
+    const body = {
+        subjectType: params.subjectType ?? 'Subject2',
+        dateRange: {
+            dateType: params.dateType ?? 'Invoicing',
+            from: toIsoDate(params.dateFrom),
+            to: toIsoDateEnd(params.dateTo),
+        },
+    };
+    const all = [];
+    let currentOffset = pageOffset;
+    // Termination rules per KSeF 2.0 spec (/invoices/query/metadata description):
+    //  - hasMore === false               → done
+    //  - hasMore === true, isTruncated=false → increment pageOffset
+    //  - hasMore === true, isTruncated=true  → hit the 10k technical limit;
+    //    caller must narrow the dateRange and reset pageOffset. We surface
+    //    this as a typed error so reconciliation callers can handle it.
+    const MAX_PAGES = 10_000;
+    for (let page = 0; page < MAX_PAGES; page++) {
+        const response = await queryInvoiceMetadataPage(http, params.accessToken, body, pageSize, currentOffset);
+        const items = response.invoices ?? [];
+        all.push(...items);
+        if (response.hasMore !== true)
+            break;
+        if (items.length === 0)
+            break;
+        if (response.isTruncated === true) {
+            throw new KsefApiError('KSeF metadata query hit the 10000-record technical limit (isTruncated=true). ' +
+                'Narrow the dateRange to a shorter window and re-issue the query.', undefined, undefined, 'QUERY_TRUNCATED', { collected: all.length, lastDate: items.at(-1)?.invoicingDate ?? undefined });
+        }
+        currentOffset += pageSize;
+    }
+    const mapped = all.map(mapMetadataToRaw);
+    if (params.includeXml === true && mapped.length > 0) {
+        const enriched = await mapWithConcurrency(mapped, concurrency, async (raw) => {
+            try {
+                const xml = await fetchInvoiceXml(http, params.accessToken, raw.ksefReferenceNumber);
+                const parsed = parseInvoiceXml(xml);
+                return {
+                    ...raw,
+                    xml,
+                    grossAmountGrosze: raw.grossAmountGrosze ?? parsed.grossAmountGrosze,
+                };
+            }
+            catch {
+                return raw;
+            }
+        });
+        return { invoices: enriched, total: enriched.length };
+    }
+    return { invoices: mapped, total: mapped.length };
+}
+//# sourceMappingURL=invoices.js.map

package/dist/invoices.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"invoices.js","sourceRoot":"","sources":["../src/invoices.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AACtC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAE1C,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAkC1C,SAAS,SAAS,CAAC,IAAY;IAC7B,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAA;IACnC,OAAO,IAAI,IAAI,CAAC,GAAG,IAAI,gBAAgB,CAAC,CAAC,WAAW,EAAE,CAAA;AACxD,CAAC;AAED,SAAS,YAAY,CAAC,IAAY;IAChC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAA;IACnC,OAAO,IAAI,IAAI,CAAC,GAAG,IAAI,gBAAgB,CAAC,CAAC,WAAW,EAAE,CAAA;AACxD,CAAC;AAED,SAAS,WAAW,CAAC,MAAiC;IACpD,IAAI,MAAM,KAAK,SAAS,IAAI,MAAM,KAAK,IAAI;QAAE,OAAO,SAAS,CAAA;IAC7D,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,SAAS,CAAA;IAC9C,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,GAAG,CAAC,CAAA;AACjC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,KAAmB,EACnB,WAAmB,EACnB,MAA8C;IAE9C,MAAM,OAAO,GAAQ,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IAC5C,IAAI,MAAM,GAAG,CAAC,CAAA;IACd,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,IAAI,EAAE;QAC1F,OAAO,MAAM,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;YAC7B,MAAM,KAAK,GAAG,MAAM,EAAE,CAAA;YACtB,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAM,CAAA;YAC9B,OAAO,CAAC,KAAK,CAAC,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC,CAAC,CAAA;IACF,MAAM,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;IAC1B,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,IAAgB,EAChB,WAAmB,EACnB,IAAsB,EACtB,QAAgB,EAChB,UAAkB;IAElB,OAAO,IAAI,CAAC,OAAO,CAA+B;QAChD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,KAAK,CAAC,aAAa;QACzB,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;QACnD,KAAK,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;QAC/B,IAAI;KACL,CAAC,CAAA;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAgB,EAChB,WAAmB,EACnB,UAAkB;IAElB,OAAO,IAAI,CAAC,OAAO,CAAS;QAC1B,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,KAAK,CAAC,mBAAmB,CAAC,UAAU,CAAC;QAC3C,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,WAAW,EAAE;YACtC,MAAM,EAAE,iBAAiB;SAC1B;QACD,YAAY,EAAE,MAAM;KACrB,CAAC,CAAA;AACJ,CAAC;AAED,SAAS,OAAO,CAAI,KAA2B;IAC7C,OAAO,KAAK,IAAI,SAAS,CAAA;AAC3B,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAyB;IACjD,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;IACjD,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACzC,MAAM,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAA;IAC/D,MAAM,SAAS,GACb,aAAa,EAAE,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,SAAS,IAAI,oBAAoB,IAAI,EAAE,CAAA;IACxE,OAAO;QACL,mBAAmB,EAAE,IAAI,CAAC,UAAU;QACpC,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,EAAE;QAC3C,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC;QACvC,aAAa,EAAE,SAAS;QACxB,GAAG,EAAE,EAAE;QACP,iBAAiB,EAAE,WAAW,CAAC,IAAI,CAAC,WAAW,IAAI,SAAS,CAAC;QAC7D,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK;QACzC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC;QAChD,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC;KACrC,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,IAAgB,EAChB,MAA+B;IAE/B,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,GAAG,CAAA;IACvC,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,CAAC,CAAA;IACzC,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,CAAC,CAAA;IAE3C,MAAM,IAAI,GAAqB;QAC7B,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,UAAU;QAC7C,SAAS,EAAE;YACT,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,WAAW;YACxC,IAAI,EAAE,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC;YAChC,EAAE,EAAE,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC;SAChC;KACF,CAAA;IAED,MAAM,GAAG,GAA0B,EAAE,CAAA;IACrC,IAAI,aAAa,GAAG,UAAU,CAAA;IAE9B,8EAA8E;IAC9E,4CAA4C;IAC5C,gEAAgE;IAChE,wEAAwE;IACxE,uEAAuE;IACvE,oEAAoE;IACpE,MAAM,SAAS,GAAG,MAAM,CAAA;IACxB,KAAK,IAAI,IAAI,GAAG,CAAC,EAAE,IAAI,GAAG,SAAS,EAAE,IAAI,EAAE,EAAE,CAAC;QAC5C,MAAM,QAAQ,GAAG,MAAM,wBAAwB,CAC7C,IAAI,EACJ,MAAM,CAAC,WAAW,EAClB,IAAI,EACJ,QAAQ,EACR,aAAa,CACd,CAAA;QACD,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAA;QACrC,GAAG,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAA;QAClB,IAAI,QAAQ,CAAC,OAAO,KAAK,IAAI;YAAE,MAAK;QACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,MAAK;QAC7B,IAAI,QAAQ,CAAC,WAAW,KAAK,IAAI,EAAE,CAAC;YAClC,MAAM,IAAI,YAAY,CACpB,+EAA+E;gBAC7E,kEAAkE,EACpE,SAAS,EACT,SAAS,EACT,iBAAiB,EACjB,EAAE,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,aAAa,IAAI,SAAS,EAAE,CAC9E,CAAA;QACH,CAAC;QACD,aAAa,IAAI,QAAQ,CAAA;IAC3B,CAAC;IAED,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAA;IAExC,IAAI,MAAM,CAAC,UAAU,KAAK,IAAI,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpD,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;YAC3E,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,IAAI,EAAE,MAAM,CAAC,WAAW,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAA;gBACpF,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAA;gBACnC,OAAO;oBACL,GAAG,GAAG;oBACN,GAAG;oBACH,iBAAiB,EAAE,GAAG,CAAC,iBAAiB,IAAI,MAAM,CAAC,iBAAiB;iBACrE,CAAA;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,GAAG,CAAA;YACZ,CAAC;QACH,CAAC,CAAC,CAAA;QACF,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAA;IACvD,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,CAAA;AACnD,CAAC"}

package/dist/public-key.d.ts

@@ -0,0 +1,6 @@
+import type { HttpClient } from './http.js';
+import type { KsefPublicKeyCertificate } from './generated/index.js';
+export type PublicKeyCertificate = KsefPublicKeyCertificate;
+export declare function fetchPublicKeyCertificates(http: HttpClient): Promise<PublicKeyCertificate[]>;
+export declare function fetchKsefTokenEncryptionKey(http: HttpClient): Promise<string>;
+//# sourceMappingURL=public-key.d.ts.map

package/dist/public-key.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"public-key.d.ts","sourceRoot":"","sources":["../src/public-key.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,WAAW,CAAA;AAC3C,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,sBAAsB,CAAA;AAEpE,MAAM,MAAM,oBAAoB,GAAG,wBAAwB,CAAA;AAe3D,wBAAsB,0BAA0B,CAC9C,IAAI,EAAE,UAAU,GACf,OAAO,CAAC,oBAAoB,EAAE,CAAC,CASjC;AAED,wBAAsB,2BAA2B,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CA0BnF"}

package/dist/public-key.js

@@ -0,0 +1,37 @@
+import { PATHS } from './endpoints.js';
+import { KsefApiError } from './errors.js';
+function base64ToCertPem(base64) {
+    const normalized = base64.replace(/\s+/g, '');
+    const chunks = normalized.match(/.{1,64}/g) ?? [normalized];
+    return `-----BEGIN CERTIFICATE-----\n${chunks.join('\n')}\n-----END CERTIFICATE-----\n`;
+}
+function isActive(cert, now = new Date()) {
+    const from = new Date(cert.validFrom);
+    const to = new Date(cert.validTo);
+    if (Number.isNaN(from.getTime()) || Number.isNaN(to.getTime()))
+        return false;
+    return from <= now && now <= to;
+}
+export async function fetchPublicKeyCertificates(http) {
+    const response = await http.request({
+        method: 'GET',
+        path: PATHS.publicKeyCertificates,
+    });
+    if (Array.isArray(response))
+        return response;
+    return response.items ?? [];
+}
+export async function fetchKsefTokenEncryptionKey(http) {
+    const certs = await fetchPublicKeyCertificates(http);
+    if (certs.length === 0) {
+        throw new KsefApiError('KSeF public-key-certificates endpoint returned no certificates', undefined, undefined, 'NO_PUBLIC_KEY');
+    }
+    const now = new Date();
+    const candidate = certs.find((c) => c.usage.includes('KsefTokenEncryption') && isActive(c, now)) ??
+        certs.find((c) => c.usage.includes('KsefTokenEncryption'));
+    if (!candidate) {
+        throw new KsefApiError('No KsefTokenEncryption certificate available from KSeF public-key-certificates endpoint', undefined, undefined, 'NO_TOKEN_ENCRYPTION_KEY');
+    }
+    return base64ToCertPem(candidate.certificate);
+}
+//# sourceMappingURL=public-key.js.map

package/dist/public-key.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"public-key.js","sourceRoot":"","sources":["../src/public-key.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AACtC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAM1C,SAAS,eAAe,CAAC,MAAc;IACrC,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;IAC7C,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC3D,OAAO,gCAAgC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,+BAA+B,CAAA;AACzF,CAAC;AAED,SAAS,QAAQ,CAAC,IAA0B,EAAE,MAAY,IAAI,IAAI,EAAE;IAClE,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACrC,MAAM,EAAE,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACjC,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC;QAAE,OAAO,KAAK,CAAA;IAC5E,OAAO,IAAI,IAAI,GAAG,IAAI,GAAG,IAAI,EAAE,CAAA;AACjC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,IAAgB;IAEhB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CACjC;QACE,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,KAAK,CAAC,qBAAqB;KAClC,CACF,CAAA;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAA;IAC5C,OAAO,QAAQ,CAAC,KAAK,IAAI,EAAE,CAAA;AAC7B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAAC,IAAgB;IAChE,MAAM,KAAK,GAAG,MAAM,0BAA0B,CAAC,IAAI,CAAC,CAAA;IACpD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,YAAY,CACpB,gEAAgE,EAChE,SAAS,EACT,SAAS,EACT,eAAe,CAChB,CAAA;IACH,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IACtB,MAAM,SAAS,GACb,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,qBAAqB,CAAC,IAAI,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAC9E,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC,CAAA;IAE5D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,YAAY,CACpB,yFAAyF,EACzF,SAAS,EACT,SAAS,EACT,yBAAyB,CAC1B,CAAA;IACH,CAAC;IAED,OAAO,eAAe,CAAC,SAAS,CAAC,WAAW,CAAC,CAAA;AAC/C,CAAC"}

package/dist/retry.d.ts

@@ -0,0 +1,19 @@
+export interface HttpRetryOptions {
+    maxAttempts?: number;
+    baseDelayMs?: number;
+    maxDelayMs?: number;
+    maxRetryAfterMs?: number;
+}
+/**
+ * Retry wrapper that honours `Retry-After` on rate-limit errors.
+ *
+ * - `KsefRateLimitError` (HTTP 429): waits `retryAfter * 1000` ms, clamped
+ *   to `maxRetryAfterMs`. This is critical for `/invoices/query/metadata`
+ *   (8 req/s, 16 req/min) where fixed exponential backoff would burst
+ *   straight back into another 429.
+ * - `KsefApiError` 5xx or undefined status (network error): exponential
+ *   backoff with jitter.
+ * - Anything else (4xx except 429, unknown errors): thrown immediately.
+ */
+export declare function withHttpRetry<T>(fn: () => Promise<T>, opts?: HttpRetryOptions): Promise<T>;
+//# sourceMappingURL=retry.d.ts.map

package/dist/retry.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"retry.d.ts","sourceRoot":"","sources":["../src/retry.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,gBAAgB;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB;AAmBD;;;;;;;;;;GAUG;AACH,wBAAsB,aAAa,CAAC,CAAC,EACnC,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACpB,IAAI,CAAC,EAAE,gBAAgB,GACtB,OAAO,CAAC,CAAC,CAAC,CA8BZ"}

package/dist/retry.js

@@ -0,0 +1,59 @@
+import { KsefApiError, KsefRateLimitError } from './errors.js';
+const DEFAULTS = {
+    maxAttempts: 3,
+    baseDelayMs: 1000,
+    maxDelayMs: 10_000,
+    maxRetryAfterMs: 30_000,
+};
+function isRetryableStatus(status) {
+    if (status === undefined)
+        return true;
+    if (status === 429)
+        return true;
+    return status >= 500 && status <= 599;
+}
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+/**
+ * Retry wrapper that honours `Retry-After` on rate-limit errors.
+ *
+ * - `KsefRateLimitError` (HTTP 429): waits `retryAfter * 1000` ms, clamped
+ *   to `maxRetryAfterMs`. This is critical for `/invoices/query/metadata`
+ *   (8 req/s, 16 req/min) where fixed exponential backoff would burst
+ *   straight back into another 429.
+ * - `KsefApiError` 5xx or undefined status (network error): exponential
+ *   backoff with jitter.
+ * - Anything else (4xx except 429, unknown errors): thrown immediately.
+ */
+export async function withHttpRetry(fn, opts) {
+    const cfg = { ...DEFAULTS, ...opts };
+    let lastError;
+    for (let attempt = 1; attempt <= cfg.maxAttempts; attempt++) {
+        try {
+            return await fn();
+        }
+        catch (error) {
+            lastError = error;
+            const isLastAttempt = attempt === cfg.maxAttempts;
+            if (error instanceof KsefRateLimitError) {
+                if (isLastAttempt)
+                    throw error;
+                const waitMs = Math.min(error.retryAfter * 1000, cfg.maxRetryAfterMs);
+                await sleep(Math.max(waitMs, cfg.baseDelayMs));
+                continue;
+            }
+            if (error instanceof KsefApiError) {
+                if (!isRetryableStatus(error.statusCode) || isLastAttempt)
+                    throw error;
+                const expo = cfg.baseDelayMs * Math.pow(2, attempt - 1);
+                const jitter = Math.random() * cfg.baseDelayMs * 0.1;
+                await sleep(Math.min(expo + jitter, cfg.maxDelayMs));
+                continue;
+            }
+            throw error;
+        }
+    }
+    throw lastError;
+}
+//# sourceMappingURL=retry.js.map

package/dist/retry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"retry.js","sourceRoot":"","sources":["../src/retry.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAA;AAS9D,MAAM,QAAQ,GAA+B;IAC3C,WAAW,EAAE,CAAC;IACd,WAAW,EAAE,IAAI;IACjB,UAAU,EAAE,MAAM;IAClB,eAAe,EAAE,MAAM;CACxB,CAAA;AAED,SAAS,iBAAiB,CAAC,MAA0B;IACnD,IAAI,MAAM,KAAK,SAAS;QAAE,OAAO,IAAI,CAAA;IACrC,IAAI,MAAM,KAAK,GAAG;QAAE,OAAO,IAAI,CAAA;IAC/B,OAAO,MAAM,IAAI,GAAG,IAAI,MAAM,IAAI,GAAG,CAAA;AACvC,CAAC;AAED,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAA;AAC1D,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,EAAoB,EACpB,IAAuB;IAEvB,MAAM,GAAG,GAAG,EAAE,GAAG,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAA;IACpC,IAAI,SAAkB,CAAA;IAEtB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,GAAG,CAAC,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;QAC5D,IAAI,CAAC;YACH,OAAO,MAAM,EAAE,EAAE,CAAA;QACnB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,SAAS,GAAG,KAAK,CAAA;YACjB,MAAM,aAAa,GAAG,OAAO,KAAK,GAAG,CAAC,WAAW,CAAA;YAEjD,IAAI,KAAK,YAAY,kBAAkB,EAAE,CAAC;gBACxC,IAAI,aAAa;oBAAE,MAAM,KAAK,CAAA;gBAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,GAAG,IAAI,EAAE,GAAG,CAAC,eAAe,CAAC,CAAA;gBACrE,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;gBAC9C,SAAQ;YACV,CAAC;YAED,IAAI,KAAK,YAAY,YAAY,EAAE,CAAC;gBAClC,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,aAAa;oBAAE,MAAM,KAAK,CAAA;gBACtE,MAAM,IAAI,GAAG,GAAG,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC,CAAA;gBACvD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,WAAW,GAAG,GAAG,CAAA;gBACpD,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,MAAM,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC,CAAA;gBACpD,SAAQ;YACV,CAAC;YAED,MAAM,KAAK,CAAA;QACb,CAAC;IACH,CAAC;IACD,MAAM,SAAS,CAAA;AACjB,CAAC"}

package/dist/session.d.ts

@@ -0,0 +1,29 @@
+import type { HttpClient } from './http.js';
+import type { KsefAuthenticationChallengeResponse, KsefAuthenticationInitResponse, KsefAuthenticationOperationStatusResponse, KsefAuthenticationTokenRefreshResponse, KsefAuthenticationTokensResponse } from './generated/index.js';
+export type ChallengeResponse = KsefAuthenticationChallengeResponse;
+export type AuthenticationTokenResponse = KsefAuthenticationInitResponse;
+export type AuthenticationOperationStatusResponse = KsefAuthenticationOperationStatusResponse;
+export type RedeemedTokens = KsefAuthenticationTokensResponse;
+export type RefreshTokenResponse = KsefAuthenticationTokenRefreshResponse;
+export interface ActiveSession {
+    accessToken: string;
+    refreshToken: string;
+    accessExpiresAt: Date;
+    referenceNumber: string;
+}
+export interface InitSessionInput {
+    nip: string;
+    ksefToken: string;
+    publicKeyPem: string;
+}
+export declare function initKsefSession(http: HttpClient, input: InitSessionInput): Promise<ActiveSession>;
+export declare function refreshAccessToken(http: HttpClient, session: ActiveSession): Promise<ActiveSession>;
+export declare function shouldRefresh(session: ActiveSession, now?: Date, bufferMs?: number): boolean;
+/**
+ * Best-effort session revocation. Swallows all errors — revocation failures
+ * are never user-actionable and must not mask the real result of the
+ * preceding operation (e.g. a successful `fetchInvoices()` should not be
+ * turned into a failure because teardown hit a 429 or network blip).
+ */
+export declare function revokeCurrentSession(http: HttpClient, session: ActiveSession): Promise<void>;
+//# sourceMappingURL=session.d.ts.map

package/dist/session.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,WAAW,CAAA;AAC3C,OAAO,KAAK,EACV,mCAAmC,EACnC,8BAA8B,EAC9B,yCAAyC,EACzC,sCAAsC,EACtC,gCAAgC,EAEjC,MAAM,sBAAsB,CAAA;AAI7B,MAAM,MAAM,iBAAiB,GAAG,mCAAmC,CAAA;AACnE,MAAM,MAAM,2BAA2B,GAAG,8BAA8B,CAAA;AACxE,MAAM,MAAM,qCAAqC,GAAG,yCAAyC,CAAA;AAC7F,MAAM,MAAM,cAAc,GAAG,gCAAgC,CAAA;AAC7D,MAAM,MAAM,oBAAoB,GAAG,sCAAsC,CAAA;AAEzE,MAAM,WAAW,aAAa;IAC5B,WAAW,EAAE,MAAM,CAAA;IACnB,YAAY,EAAE,MAAM,CAAA;IACpB,eAAe,EAAE,IAAI,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;CACxB;AAED,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,MAAM,CAAA;IACX,SAAS,EAAE,MAAM,CAAA;IACjB,YAAY,EAAE,MAAM,CAAA;CACrB;AAwDD,wBAAsB,eAAe,CACnC,IAAI,EAAE,UAAU,EAChB,KAAK,EAAE,gBAAgB,GACtB,OAAO,CAAC,aAAa,CAAC,CAmExB;AAED,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,UAAU,EAChB,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,aAAa,CAAC,CAYxB;AAED,wBAAgB,aAAa,CAC3B,OAAO,EAAE,aAAa,EACtB,GAAG,GAAE,IAAiB,EACtB,QAAQ,GAAE,MAAkC,GAC3C,OAAO,CAET;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACxC,IAAI,EAAE,UAAU,EAChB,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,IAAI,CAAC,CAUf"}

package/dist/session.js

@@ -0,0 +1,109 @@
+import { buildEncryptedToken } from './crypto.js';
+import { PATHS } from './endpoints.js';
+import { KsefApiError } from './errors.js';
+const DEFAULT_REFRESH_BUFFER_MS = 60_000;
+const AUTH_POLL_MAX_ATTEMPTS = 30;
+const AUTH_POLL_DELAY_MS = 1000;
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+async function waitForAuthSuccess(http, referenceNumber, authenticationToken) {
+    for (let attempt = 0; attempt < AUTH_POLL_MAX_ATTEMPTS; attempt++) {
+        const status = await http.request({
+            method: 'GET',
+            path: PATHS.authStatus(referenceNumber),
+            headers: { Authorization: `Bearer ${authenticationToken}` },
+        });
+        const code = status.status?.code;
+        if (code === 200)
+            return;
+        if (typeof code === 'number' && code >= 400) {
+            throw new KsefApiError(`Authentication failed: ${status.status.description}${status.status.details ? ` — ${status.status.details.join('; ')}` : ''}`, code, undefined, 'AUTH_FAILED');
+        }
+        await sleep(AUTH_POLL_DELAY_MS);
+    }
+    throw new KsefApiError(`Authentication polling timed out after ${AUTH_POLL_MAX_ATTEMPTS} attempts`, undefined, undefined, 'AUTH_POLL_TIMEOUT');
+}
+function parseValidUntil(validUntil) {
+    const d = new Date(validUntil);
+    if (Number.isNaN(d.getTime())) {
+        throw new KsefApiError(`Invalid validUntil timestamp: ${validUntil}`, undefined, undefined, 'INVALID_TOKEN_EXPIRY');
+    }
+    return d;
+}
+export async function initKsefSession(http, input) {
+    // NOTE: `/auth/challenge` takes no request body in KSeF 2.0 PR. The endpoint
+    // is unauthenticated and returns a challenge bound to the caller's IP.
+    const challenge = await http.request({
+        method: 'POST',
+        path: PATHS.authChallenge,
+    });
+    if (!challenge.challenge || typeof challenge.challenge !== 'string') {
+        throw new KsefApiError('Invalid challenge response: missing challenge field', undefined, undefined, 'INVALID_CHALLENGE');
+    }
+    if (typeof challenge.timestampMs !== 'number' ||
+        !Number.isFinite(challenge.timestampMs) ||
+        challenge.timestampMs <= 0) {
+        throw new KsefApiError(`Invalid challenge timestampMs: ${JSON.stringify(challenge.timestampMs)}`, undefined, undefined, 'INVALID_CHALLENGE_TIMESTAMP');
+    }
+    // Per KSeF 2.0 spec: RSA-OAEP(SHA-256) over `"{ksefToken}|{timestampMs}"`,
+    // where `timestampMs` is the exact integer returned by `/auth/challenge`.
+    const encryptedToken = buildEncryptedToken(input.ksefToken, String(challenge.timestampMs), input.publicKeyPem);
+    const authRequestBody = {
+        challenge: challenge.challenge,
+        contextIdentifier: { type: 'Nip', value: input.nip },
+        encryptedToken,
+    };
+    const authResponse = await http.request({
+        method: 'POST',
+        path: PATHS.authKsefToken,
+        body: authRequestBody,
+    });
+    // Poll until server-side authentication completes (OCSP/CRL verification).
+    await waitForAuthSuccess(http, authResponse.referenceNumber, authResponse.authenticationToken.token);
+    const redeemed = await http.request({
+        method: 'POST',
+        path: PATHS.authRedeem,
+        headers: { Authorization: `Bearer ${authResponse.authenticationToken.token}` },
+    });
+    return {
+        accessToken: redeemed.accessToken.token,
+        refreshToken: redeemed.refreshToken.token,
+        accessExpiresAt: parseValidUntil(redeemed.accessToken.validUntil),
+        referenceNumber: authResponse.referenceNumber,
+    };
+}
+export async function refreshAccessToken(http, session) {
+    const refreshed = await http.request({
+        method: 'POST',
+        path: PATHS.authRefresh,
+        headers: { Authorization: `Bearer ${session.refreshToken}` },
+    });
+    return {
+        ...session,
+        accessToken: refreshed.accessToken.token,
+        accessExpiresAt: parseValidUntil(refreshed.accessToken.validUntil),
+    };
+}
+export function shouldRefresh(session, now = new Date(), bufferMs = DEFAULT_REFRESH_BUFFER_MS) {
+    return session.accessExpiresAt.getTime() - now.getTime() <= bufferMs;
+}
+/**
+ * Best-effort session revocation. Swallows all errors — revocation failures
+ * are never user-actionable and must not mask the real result of the
+ * preceding operation (e.g. a successful `fetchInvoices()` should not be
+ * turned into a failure because teardown hit a 429 or network blip).
+ */
+export async function revokeCurrentSession(http, session) {
+    try {
+        await http.request({
+            method: 'DELETE',
+            path: PATHS.sessionRevokeCurrent,
+            headers: { Authorization: `Bearer ${session.accessToken}` },
+        });
+    }
+    catch {
+        // intentionally swallowed
+    }
+}
+//# sourceMappingURL=session.js.map

package/dist/session.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAA;AACjD,OAAO,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AACtC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAgC1C,MAAM,yBAAyB,GAAG,MAAM,CAAA;AACxC,MAAM,sBAAsB,GAAG,EAAE,CAAA;AACjC,MAAM,kBAAkB,GAAG,IAAI,CAAA;AAE/B,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAA;AAC1D,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,IAAgB,EAChB,eAAuB,EACvB,mBAA2B;IAE3B,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,sBAAsB,EAAE,OAAO,EAAE,EAAE,CAAC;QAClE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAwC;YACvE,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC;YACvC,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,mBAAmB,EAAE,EAAE;SAC5D,CAAC,CAAA;QACF,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,IAAI,CAAA;QAChC,IAAI,IAAI,KAAK,GAAG;YAAE,OAAM;QACxB,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,IAAI,GAAG,EAAE,CAAC;YAC5C,MAAM,IAAI,YAAY,CACpB,0BAA0B,MAAM,CAAC,MAAM,CAAC,WAAW,GACjD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EACrE,EAAE,EACF,IAAI,EACJ,SAAS,EACT,aAAa,CACd,CAAA;QACH,CAAC;QACD,MAAM,KAAK,CAAC,kBAAkB,CAAC,CAAA;IACjC,CAAC;IACD,MAAM,IAAI,YAAY,CACpB,0CAA0C,sBAAsB,WAAW,EAC3E,SAAS,EACT,SAAS,EACT,mBAAmB,CACpB,CAAA;AACH,CAAC;AAED,SAAS,eAAe,CAAC,UAAkB;IACzC,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,CAAA;IAC9B,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,YAAY,CACpB,iCAAiC,UAAU,EAAE,EAC7C,SAAS,EACT,SAAS,EACT,sBAAsB,CACvB,CAAA;IACH,CAAC;IACD,OAAO,CAAC,CAAA;AACV,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAgB,EAChB,KAAuB;IAEvB,6EAA6E;IAC7E,uEAAuE;IACvE,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAoB;QACtD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,KAAK,CAAC,aAAa;KAC1B,CAAC,CAAA;IAEF,IAAI,CAAC,SAAS,CAAC,SAAS,IAAI,OAAO,SAAS,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;QACpE,MAAM,IAAI,YAAY,CACpB,qDAAqD,EACrD,SAAS,EACT,SAAS,EACT,mBAAmB,CACpB,CAAA;IACH,CAAC;IACD,IACE,OAAO,SAAS,CAAC,WAAW,KAAK,QAAQ;QACzC,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,CAAC;QACvC,SAAS,CAAC,WAAW,IAAI,CAAC,EAC1B,CAAC;QACD,MAAM,IAAI,YAAY,CACpB,kCAAkC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,EACzE,SAAS,EACT,SAAS,EACT,6BAA6B,CAC9B,CAAA;IACH,CAAC;IAED,2EAA2E;IAC3E,0EAA0E;IAC1E,MAAM,cAAc,GAAG,mBAAmB,CACxC,KAAK,CAAC,SAAS,EACf,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,EAC7B,KAAK,CAAC,YAAY,CACnB,CAAA;IAED,MAAM,eAAe,GAAuC;QAC1D,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,iBAAiB,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,GAAG,EAAE;QACpD,cAAc;KACf,CAAA;IACD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,CAA8B;QACnE,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,KAAK,CAAC,aAAa;QACzB,IAAI,EAAE,eAAe;KACtB,CAAC,CAAA;IAEF,2EAA2E;IAC3E,MAAM,kBAAkB,CACtB,IAAI,EACJ,YAAY,CAAC,eAAe,EAC5B,YAAY,CAAC,mBAAmB,CAAC,KAAK,CACvC,CAAA;IAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAiB;QAClD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,KAAK,CAAC,UAAU;QACtB,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,YAAY,CAAC,mBAAmB,CAAC,KAAK,EAAE,EAAE;KAC/E,CAAC,CAAA;IAEF,OAAO;QACL,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,KAAK;QACvC,YAAY,EAAE,QAAQ,CAAC,YAAY,CAAC,KAAK;QACzC,eAAe,EAAE,eAAe,CAAC,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC;QACjE,eAAe,EAAE,YAAY,CAAC,eAAe;KAC9C,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,IAAgB,EAChB,OAAsB;IAEtB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAuB;QACzD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,KAAK,CAAC,WAAW;QACvB,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,YAAY,EAAE,EAAE;KAC7D,CAAC,CAAA;IAEF,OAAO;QACL,GAAG,OAAO;QACV,WAAW,EAAE,SAAS,CAAC,WAAW,CAAC,KAAK;QACxC,eAAe,EAAE,eAAe,CAAC,SAAS,CAAC,WAAW,CAAC,UAAU,CAAC;KACnE,CAAA;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAC3B,OAAsB,EACtB,MAAY,IAAI,IAAI,EAAE,EACtB,WAAmB,yBAAyB;IAE5C,OAAO,OAAO,CAAC,eAAe,CAAC,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,IAAI,QAAQ,CAAA;AACtE,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,IAAgB,EAChB,OAAsB;IAEtB,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,OAAO,CAAU;YAC1B,MAAM,EAAE,QAAQ;YAChB,IAAI,EAAE,KAAK,CAAC,oBAAoB;YAChC,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE,EAAE;SAC5D,CAAC,CAAA;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,0BAA0B;IAC5B,CAAC;AACH,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,8 @@
+import type { KsefRawInvoice } from '@ksefnik/core';
+export interface KsefRawInvoiceExt extends KsefRawInvoice {
+    grossAmountGrosze?: number;
+    currency?: string;
+    buyerNip?: string;
+    buyerName?: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,eAAe,CAAA;AAEnD,MAAM,WAAW,iBAAkB,SAAQ,cAAc;IACvD,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB"}

package/dist/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}

package/dist/xml.d.ts

@@ -0,0 +1,12 @@
+export interface ParsedInvoiceFields {
+    invoiceNumber: string;
+    sellerNip: string;
+    sellerName?: string;
+    buyerNip: string;
+    buyerName?: string;
+    invoicingDate: string;
+    grossAmountGrosze: number;
+    currency: string;
+}
+export declare function parseInvoiceXml(xml: string): ParsedInvoiceFields;
+//# sourceMappingURL=xml.d.ts.map

package/dist/xml.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"xml.d.ts","sourceRoot":"","sources":["../src/xml.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,mBAAmB;IAClC,aAAa,EAAE,MAAM,CAAA;IACrB,SAAS,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,aAAa,EAAE,MAAM,CAAA;IACrB,iBAAiB,EAAE,MAAM,CAAA;IACzB,QAAQ,EAAE,MAAM,CAAA;CACjB;AAgED,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,mBAAmB,CA0BhE"}

package/dist/xml.js

@@ -0,0 +1,65 @@
+import { XMLParser } from 'fast-xml-parser';
+const MAX_INVOICE_XML_BYTES = 5 * 1024 * 1024;
+const parser = new XMLParser({
+    ignoreAttributes: true,
+    parseTagValue: false,
+    removeNSPrefix: true,
+    trimValues: true,
+});
+function pickFakturaRoot(doc) {
+    if (!doc || typeof doc !== 'object')
+        return undefined;
+    const keys = Object.keys(doc);
+    for (const key of keys) {
+        if (key === 'Faktura' || key.endsWith(':Faktura')) {
+            return doc[key];
+        }
+    }
+    return undefined;
+}
+function toGrosze(value) {
+    if (value === undefined || value === null)
+        return 0;
+    const raw = typeof value === 'string' ? value.replace(/\s+/g, '').replace(',', '.') : String(value);
+    const asNumber = Number(raw);
+    if (!Number.isFinite(asNumber))
+        return 0;
+    return Math.round(asNumber * 100);
+}
+function displayName(dane) {
+    if (!dane)
+        return undefined;
+    if (dane.Nazwa)
+        return dane.Nazwa;
+    const person = [dane.ImiePierwsze, dane.Nazwisko].filter(Boolean).join(' ').trim();
+    return person.length > 0 ? person : undefined;
+}
+function extractNip(dane) {
+    if (!dane || dane.NIP === undefined || dane.NIP === null)
+        return '';
+    return String(dane.NIP).replace(/\D/g, '');
+}
+export function parseInvoiceXml(xml) {
+    if (xml.length > MAX_INVOICE_XML_BYTES) {
+        throw new Error(`Invoice XML exceeds ${MAX_INVOICE_XML_BYTES} byte limit (${xml.length} bytes)`);
+    }
+    const parsed = parser.parse(xml);
+    const faktura = pickFakturaRoot(parsed);
+    if (!faktura) {
+        throw new Error('Invalid invoice XML: missing Faktura root element');
+    }
+    const fa = faktura.Fa ?? {};
+    const seller = faktura.Podmiot1?.DaneIdentyfikacyjne;
+    const buyer = faktura.Podmiot2?.DaneIdentyfikacyjne;
+    return {
+        invoiceNumber: fa.P_2 ?? '',
+        invoicingDate: fa.P_1 ?? '',
+        sellerNip: extractNip(seller),
+        sellerName: displayName(seller),
+        buyerNip: extractNip(buyer),
+        buyerName: displayName(buyer),
+        grossAmountGrosze: toGrosze(fa.P_15),
+        currency: fa.KodWaluty ?? 'PLN',
+    };
+}
+//# sourceMappingURL=xml.js.map

package/dist/xml.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"xml.js","sourceRoot":"","sources":["../src/xml.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAE3C,MAAM,qBAAqB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAA;AAqC7C,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,gBAAgB,EAAE,IAAI;IACtB,aAAa,EAAE,KAAK;IACpB,cAAc,EAAE,IAAI;IACpB,UAAU,EAAE,IAAI;CACjB,CAAC,CAAA;AAEF,SAAS,eAAe,CAAC,GAAY;IACnC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAA;IACrD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAA8B,CAAC,CAAA;IACxD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAClD,OAAQ,GAAkC,CAAC,GAAG,CAAC,CAAA;QACjD,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,QAAQ,CAAC,KAAkC;IAClD,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,CAAC,CAAA;IACnD,MAAM,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACnG,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,CAAA;IAC5B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAAE,OAAO,CAAC,CAAA;IACxC,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,GAAG,GAAG,CAAC,CAAA;AACnC,CAAC;AAED,SAAS,WAAW,CAAC,IAA+B;IAClD,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAA;IAC3B,IAAI,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC,KAAK,CAAA;IACjC,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAA;IAClF,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAA;AAC/C,CAAC;AAED,SAAS,UAAU,CAAC,IAA+B;IACjD,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,IAAI,CAAC,GAAG,KAAK,IAAI;QAAE,OAAO,EAAE,CAAA;IACnE,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;AAC5C,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,GAAW;IACzC,IAAI,GAAG,CAAC,MAAM,GAAG,qBAAqB,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CACb,uBAAuB,qBAAqB,gBAAgB,GAAG,CAAC,MAAM,SAAS,CAChF,CAAA;IACH,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAY,CAAA;IAC3C,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,CAAA;IACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;IACtE,CAAC;IAED,MAAM,EAAE,GAAG,OAAO,CAAC,EAAE,IAAI,EAAE,CAAA;IAC3B,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,EAAE,mBAAmB,CAAA;IACpD,MAAM,KAAK,GAAG,OAAO,CAAC,QAAQ,EAAE,mBAAmB,CAAA;IAEnD,OAAO;QACL,aAAa,EAAE,EAAE,CAAC,GAAG,IAAI,EAAE;QAC3B,aAAa,EAAE,EAAE,CAAC,GAAG,IAAI,EAAE;QAC3B,SAAS,EAAE,UAAU,CAAC,MAAM,CAAC;QAC7B,UAAU,EAAE,WAAW,CAAC,MAAM,CAAC;QAC/B,QAAQ,EAAE,UAAU,CAAC,KAAK,CAAC;QAC3B,SAAS,EAAE,WAAW,CAAC,KAAK,CAAC;QAC7B,iBAAiB,EAAE,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC;QACpC,QAAQ,EAAE,EAAE,CAAC,SAAS,IAAI,KAAK;KAChC,CAAA;AACH,CAAC"}

package/package.json

@@ -0,0 +1,47 @@
+{
+  "name": "@ksefnik/http",
+  "version": "0.0.1",
+  "description": "KSeF HTTP adapter — authentication, challenge, sessions, invoice fetch (Polish e-Invoice API v2)",
+  "license": "MIT",
+  "author": "CodeFormers",
+  "homepage": "https://ksefnik.pl",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/CodeFormers-it/ksefnik.git",
+    "directory": "packages/http"
+  },
+  "keywords": ["ksef", "ksefnik", "http", "adapter", "einvoice", "poland", "api"],
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": ["dist", "!dist/**/__tests__", "!dist/**/*.test.*", "README.md", "LICENSE"],
+  "publishConfig": {
+    "access": "public"
+  },
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "scripts": {
+    "build": "tsc --build",
+    "dev": "tsc --build --watch",
+    "test": "vitest run",
+    "typecheck": "tsc --noEmit",
+    "smoke": "node --env-file=../../.env scripts/smoke-test.mjs",
+    "generate": "openapi-typescript https://api.ksef.mf.gov.pl/docs/v2/openapi.json -o src/generated/ksef-api.ts --alphabetize --export-type"
+  },
+  "dependencies": {
+    "@ksefnik/shared": "workspace:^",
+    "@ksefnik/core": "workspace:^",
+    "fast-xml-parser": "^4.5.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22",
+    "typescript": "^5.7",
+    "vitest": "^3.2",
+    "msw": "^2.7.0",
+    "openapi-typescript": "^7.4.4"
+  }
+}