@lightspeed/online-payments-sdk 1.4.1 → 1.5.0

package/dist/cjs/v1/session.js

@@ -5,7 +5,9 @@ exports.isTokenValid = isTokenValid;
 var error_1 = require("./error");
 function decodePaymentSessionToContext(paymentSession) {
     try {
-        var decoded = atob(paymentSession);
+        var binary = atob(paymentSession);
+        var bytes = Uint8Array.from(binary, function (c) { return c.charCodeAt(0); });
+        var decoded = new TextDecoder('utf-8', { fatal: true }).decode(bytes);
         var jsonToken = JSON.parse(decoded);
         if (jsonToken && isTokenValid(jsonToken)) {
             return jsonToken;

package/dist/cjs/v1/stripe/shared.js

@@ -92,10 +92,11 @@ function initStripe(context, theme) {
  * @param defaultValues - Default values for the payment element
  * @param theme - Theme configuration
  * @param hideNameField - Whether to hide the billing details name field (used when address element is present to avoid duplicates with ACH)
+ * @param businessName - Overrides the merchant name Stripe renders in mandate text (passed to `business.name`)
  */
-function createPaymentElementOptions(defaultValues, theme, hideNameField) {
+function createPaymentElementOptions(defaultValues, theme, hideNameField, businessName) {
     if (hideNameField === void 0) { hideNameField = false; }
-    var options = __assign(__assign({ wallets: {
+    var options = __assign(__assign(__assign({ wallets: {
             applePay: 'never',
             googlePay: 'never',
             link: 'never',
@@ -107,7 +108,7 @@ function createPaymentElementOptions(defaultValues, theme, hideNameField) {
         },
     })), { terms: {
             usBankAccount: 'never', // Hide Stripe's default T&Cs (shown for ACH payments)
-        } });
+        } }), (businessName && { business: { name: businessName } }));
     if (defaultValues) {
         options.defaultValues = {
             billingDetails: {
@@ -163,11 +164,13 @@ function createCustomTermsElement() {
     var stripeTermsLink = "<a href=\"".concat(terms_1.ACH_TERMS_URL.STRIPE_ACH_AUTHORIZATION, "\" target=\"_blank\" rel=\"noopener noreferrer\">").concat(terms_1.ACH_TERMS_TEXT.STRIPE_TERMS_LINK_TEXT, "</a>");
     var expandableToggle = "<span class=\"stripe-expandable-terms-toggle\" role=\"button\" tabindex=\"0\" aria-expanded=\"false\">".concat(terms_1.ACH_TERMS_TEXT.EXPANDABLE_TERMS_LINK_TEXT, " ").concat(CHEVRON_DOWN_SVG, "</span>");
     termsText.innerHTML = "".concat(terms_1.ACH_TERMS_TEXT.TERMS_PREFIX, " ").concat(stripeTermsLink, " ").concat(terms_1.ACH_TERMS_TEXT.TERMS_CONJUNCTION, " ").concat(expandableToggle);
-    // Create expandable terms content
+    // Create expandable terms content from plain-text paragraphs
     var expandableContent = document.createElement('div');
     expandableContent.className = 'stripe-expandable-terms-content';
     expandableContent.style.display = 'none';
-    expandableContent.innerHTML = "<p>".concat(terms_1.ACH_TERMS_TEXT.EXPANDED_TERMS_CONTENT, "</p>");
+    var paragraphs = terms_1.ACH_TERMS_TEXT.EXPANDED_TERMS_PARAGRAPHS.map(function (text) { return "<p>".concat(text, "</p>"); }).join('');
+    var privacyLink = "<a href=\"".concat(terms_1.ACH_TERMS_URL.PRIVACY_POLICY, "\" target=\"_blank\" rel=\"noopener noreferrer\">").concat(terms_1.ACH_TERMS_TEXT.PRIVACY_POLICY_LINK_TEXT, "</a>");
+    expandableContent.innerHTML = "".concat(paragraphs, "<p>").concat(terms_1.ACH_TERMS_TEXT.EXPANDED_TERMS_PRIVACY_PREFIX, " ").concat(privacyLink, ".</p>");
     termsContainer.appendChild(termsText);
     termsContainer.appendChild(expandableContent);
     // Add click handler for expandable toggle

package/dist/cjs/v1/stripe/terms.js

@@ -20,10 +20,24 @@ exports.ACH_TERMS_TEXT = {
     EXPANDABLE_TERMS_LINK_TEXT: 'these terms',
     /**
      * Expanded terms content for ACH authorization.
-     * This is the detailed legal text shown when user expands "these terms".
+     * Each entry is a separate paragraph rendered when the user expands
+     * "these terms". Kept as plain text — HTML structure is built in code.
      */
-    EXPANDED_TERMS_CONTENT: 'By providing your bank account details and confirming this payment, you authorize the merchant to debit your account for the amount shown. If you choose to save your bank account for future payments, this authorization will also apply to any future amounts owed for products or services provided by the merchant, until you cancel it. You also authorize the merchant to credit your account as necessary to correct any erroneous debits. You may revoke authorization at any time by contacting the merchant, allowing up to thirty (30) days for processing. You confirm that you are an authorized signer on the account and that sufficient funds will be available for each payment. ACH payments may take up to five (5) business days to complete, and you may be responsible for fees if a payment is returned.',
+    EXPANDED_TERMS_PARAGRAPHS: [
+        'By providing your bank account details and confirming this payment, you authorize the merchant to debit your account for the amount shown.',
+        'If you choose to save your bank account for future payments, this authorization will also apply to any amounts now or hereafter due and payable, including amounts previously invoiced, accrued, outstanding, or otherwise payable, in addition to current, and future payment obligations owed for products or services provided by the merchant, until you cancel it.',
+        'You also authorize the merchant to credit your account as necessary to correct any erroneous debits.',
+        'You may revoke authorization at any time by contacting the merchant, allowing up to thirty (30) days for processing.\nYou confirm that you are an authorized signer on the account and that sufficient funds will be available for each payment.\nACH payments may take up to five (5) business days to complete, and you may be responsible for fees if a payment is returned.',
+    ],
+    /**
+     * Final paragraph containing a link to the Privacy Policy.
+     * The link text and URL are defined separately so translators only
+     * localize the surrounding copy, not the URL.
+     */
+    EXPANDED_TERMS_PRIVACY_PREFIX: 'Lightspeed may collect or access certain payment-related information as described in the platform agreement and',
+    PRIVACY_POLICY_LINK_TEXT: 'Privacy Policy',
 };
 exports.ACH_TERMS_URL = {
     STRIPE_ACH_AUTHORIZATION: 'https://stripe.com/legal/ach-payments/authorization',
+    PRIVACY_POLICY: 'https://www.lightspeedhq.com/legal/privacy-policy/',
 };

package/dist/cjs/v1/stripe/widgets/moto.js

@@ -50,7 +50,7 @@ function mountMotoWidget(mountElement, session, eventBroadcaster, defaultValues,
                 case 0: return [4 /*yield*/, (0, shared_1.initStripe)(session.context, theme)];
                 case 1:
                     _a = _c.sent(), stripe = _a.stripe, elements = _a.elements;
-                    paymentOptions = (0, shared_1.createPaymentElementOptions)(defaultValues, theme);
+                    paymentOptions = (0, shared_1.createPaymentElementOptions)(defaultValues, theme, false, session.context.businessName);
                     _b = (0, shared_1.createPaymentElement)(elements, paymentOptions, mountElement, eventBroadcaster), paymentElement = _b.element, paymentContainer = _b.container, customTermsContainer = _b.customTermsContainer;
                     // Setup change handler for payment element only (MOTO forms don't have address element)
                     (0, shared_1.setupChangeEventHandler)(paymentElement, eventBroadcaster);

package/dist/cjs/v1/stripe/widgets/payment.js

@@ -51,7 +51,7 @@ function mountPaymentWidget(mountElement, session, eventBroadcaster, defaultValu
                     _a = _d.sent(), stripe = _a.stripe, elements = _a.elements;
                     addressOptions = (0, shared_1.createAddressElementOptions)(defaultValues);
                     _b = (0, shared_1.createAddressElement)(elements, addressOptions, mountElement), addressElement = _b.element, addressContainer = _b.container;
-                    paymentOptions = (0, shared_1.createPaymentElementOptions)(defaultValues, theme, true);
+                    paymentOptions = (0, shared_1.createPaymentElementOptions)(defaultValues, theme, true, session.context.businessName);
                     _c = (0, shared_1.createPaymentElement)(elements, paymentOptions, mountElement, eventBroadcaster), paymentElement = _c.element, paymentContainer = _c.container, customTermsContainer = _c.customTermsContainer;
                     // Setup change handler that emits Complete only when both elements are complete
                     (0, shared_1.setupChangeEventHandler)(paymentElement, eventBroadcaster, addressElement);

package/dist/cjs/version.js

@@ -3,4 +3,4 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.SDK_VERSION = void 0;
 // This file is auto-generated during the build process
 // DO NOT EDIT MANUALLY - Version is extracted from package.json
-exports.SDK_VERSION = '1.4.1';
+exports.SDK_VERSION = '1.5.0';

package/dist/v1/session.js

@@ -1,7 +1,9 @@
 import { InvalidSessionPayloadError, InvalidSessionError } from './error';
 export function decodePaymentSessionToContext(paymentSession) {
     try {
-        var decoded = atob(paymentSession);
+        var binary = atob(paymentSession);
+        var bytes = Uint8Array.from(binary, function (c) { return c.charCodeAt(0); });
+        var decoded = new TextDecoder('utf-8', { fatal: true }).decode(bytes);
         var jsonToken = JSON.parse(decoded);
         if (jsonToken && isTokenValid(jsonToken)) {
             return jsonToken;

package/dist/v1/stripe/session.d.ts

@@ -11,4 +11,5 @@ export type StripeContext = {
     intent: 'save-card' | 'payment';
     locale?: StripeElementLocale;
     redirectUrl?: string;
+    businessName?: string;
 };

package/dist/v1/stripe/shared.d.ts

@@ -21,8 +21,9 @@ export declare function initStripe(context: StripeContext, theme?: PaymentWidget
  * @param defaultValues - Default values for the payment element
  * @param theme - Theme configuration
  * @param hideNameField - Whether to hide the billing details name field (used when address element is present to avoid duplicates with ACH)
+ * @param businessName - Overrides the merchant name Stripe renders in mandate text (passed to `business.name`)
  */
-export declare function createPaymentElementOptions(defaultValues?: DefaultValues, theme?: PaymentWidgetTheme, hideNameField?: boolean): StripePaymentElementOptions;
+export declare function createPaymentElementOptions(defaultValues?: DefaultValues, theme?: PaymentWidgetTheme, hideNameField?: boolean, businessName?: string): StripePaymentElementOptions;
 /**
  * Create address element options
  */

package/dist/v1/stripe/shared.js

@@ -80,10 +80,11 @@ export function initStripe(context, theme) {
  * @param defaultValues - Default values for the payment element
  * @param theme - Theme configuration
  * @param hideNameField - Whether to hide the billing details name field (used when address element is present to avoid duplicates with ACH)
+ * @param businessName - Overrides the merchant name Stripe renders in mandate text (passed to `business.name`)
  */
-export function createPaymentElementOptions(defaultValues, theme, hideNameField) {
+export function createPaymentElementOptions(defaultValues, theme, hideNameField, businessName) {
     if (hideNameField === void 0) { hideNameField = false; }
-    var options = __assign(__assign({ wallets: {
+    var options = __assign(__assign(__assign({ wallets: {
             applePay: 'never',
             googlePay: 'never',
             link: 'never',
@@ -95,7 +96,7 @@ export function createPaymentElementOptions(defaultValues, theme, hideNameField)
         },
     })), { terms: {
             usBankAccount: 'never', // Hide Stripe's default T&Cs (shown for ACH payments)
-        } });
+        } }), (businessName && { business: { name: businessName } }));
     if (defaultValues) {
         options.defaultValues = {
             billingDetails: {
@@ -151,11 +152,13 @@ function createCustomTermsElement() {
     var stripeTermsLink = "<a href=\"".concat(ACH_TERMS_URL.STRIPE_ACH_AUTHORIZATION, "\" target=\"_blank\" rel=\"noopener noreferrer\">").concat(ACH_TERMS_TEXT.STRIPE_TERMS_LINK_TEXT, "</a>");
     var expandableToggle = "<span class=\"stripe-expandable-terms-toggle\" role=\"button\" tabindex=\"0\" aria-expanded=\"false\">".concat(ACH_TERMS_TEXT.EXPANDABLE_TERMS_LINK_TEXT, " ").concat(CHEVRON_DOWN_SVG, "</span>");
     termsText.innerHTML = "".concat(ACH_TERMS_TEXT.TERMS_PREFIX, " ").concat(stripeTermsLink, " ").concat(ACH_TERMS_TEXT.TERMS_CONJUNCTION, " ").concat(expandableToggle);
-    // Create expandable terms content
+    // Create expandable terms content from plain-text paragraphs
     var expandableContent = document.createElement('div');
     expandableContent.className = 'stripe-expandable-terms-content';
     expandableContent.style.display = 'none';
-    expandableContent.innerHTML = "<p>".concat(ACH_TERMS_TEXT.EXPANDED_TERMS_CONTENT, "</p>");
+    var paragraphs = ACH_TERMS_TEXT.EXPANDED_TERMS_PARAGRAPHS.map(function (text) { return "<p>".concat(text, "</p>"); }).join('');
+    var privacyLink = "<a href=\"".concat(ACH_TERMS_URL.PRIVACY_POLICY, "\" target=\"_blank\" rel=\"noopener noreferrer\">").concat(ACH_TERMS_TEXT.PRIVACY_POLICY_LINK_TEXT, "</a>");
+    expandableContent.innerHTML = "".concat(paragraphs, "<p>").concat(ACH_TERMS_TEXT.EXPANDED_TERMS_PRIVACY_PREFIX, " ").concat(privacyLink, ".</p>");
     termsContainer.appendChild(termsText);
     termsContainer.appendChild(expandableContent);
     // Add click handler for expandable toggle

package/dist/v1/stripe/terms.d.ts

@@ -17,10 +17,19 @@ export declare const ACH_TERMS_TEXT: {
     readonly EXPANDABLE_TERMS_LINK_TEXT: "these terms";
     /**
      * Expanded terms content for ACH authorization.
-     * This is the detailed legal text shown when user expands "these terms".
+     * Each entry is a separate paragraph rendered when the user expands
+     * "these terms". Kept as plain text — HTML structure is built in code.
      */
-    readonly EXPANDED_TERMS_CONTENT: "By providing your bank account details and confirming this payment, you authorize the merchant to debit your account for the amount shown. If you choose to save your bank account for future payments, this authorization will also apply to any future amounts owed for products or services provided by the merchant, until you cancel it. You also authorize the merchant to credit your account as necessary to correct any erroneous debits. You may revoke authorization at any time by contacting the merchant, allowing up to thirty (30) days for processing. You confirm that you are an authorized signer on the account and that sufficient funds will be available for each payment. ACH payments may take up to five (5) business days to complete, and you may be responsible for fees if a payment is returned.";
+    readonly EXPANDED_TERMS_PARAGRAPHS: readonly ["By providing your bank account details and confirming this payment, you authorize the merchant to debit your account for the amount shown.", "If you choose to save your bank account for future payments, this authorization will also apply to any amounts now or hereafter due and payable, including amounts previously invoiced, accrued, outstanding, or otherwise payable, in addition to current, and future payment obligations owed for products or services provided by the merchant, until you cancel it.", "You also authorize the merchant to credit your account as necessary to correct any erroneous debits.", "You may revoke authorization at any time by contacting the merchant, allowing up to thirty (30) days for processing.\nYou confirm that you are an authorized signer on the account and that sufficient funds will be available for each payment.\nACH payments may take up to five (5) business days to complete, and you may be responsible for fees if a payment is returned."];
+    /**
+     * Final paragraph containing a link to the Privacy Policy.
+     * The link text and URL are defined separately so translators only
+     * localize the surrounding copy, not the URL.
+     */
+    readonly EXPANDED_TERMS_PRIVACY_PREFIX: "Lightspeed may collect or access certain payment-related information as described in the platform agreement and";
+    readonly PRIVACY_POLICY_LINK_TEXT: "Privacy Policy";
 };
 export declare const ACH_TERMS_URL: {
     readonly STRIPE_ACH_AUTHORIZATION: "https://stripe.com/legal/ach-payments/authorization";
+    readonly PRIVACY_POLICY: "https://www.lightspeedhq.com/legal/privacy-policy/";
 };

package/dist/v1/stripe/terms.js

@@ -17,10 +17,24 @@ export var ACH_TERMS_TEXT = {
     EXPANDABLE_TERMS_LINK_TEXT: 'these terms',
     /**
      * Expanded terms content for ACH authorization.
-     * This is the detailed legal text shown when user expands "these terms".
+     * Each entry is a separate paragraph rendered when the user expands
+     * "these terms". Kept as plain text — HTML structure is built in code.
      */
-    EXPANDED_TERMS_CONTENT: 'By providing your bank account details and confirming this payment, you authorize the merchant to debit your account for the amount shown. If you choose to save your bank account for future payments, this authorization will also apply to any future amounts owed for products or services provided by the merchant, until you cancel it. You also authorize the merchant to credit your account as necessary to correct any erroneous debits. You may revoke authorization at any time by contacting the merchant, allowing up to thirty (30) days for processing. You confirm that you are an authorized signer on the account and that sufficient funds will be available for each payment. ACH payments may take up to five (5) business days to complete, and you may be responsible for fees if a payment is returned.',
+    EXPANDED_TERMS_PARAGRAPHS: [
+        'By providing your bank account details and confirming this payment, you authorize the merchant to debit your account for the amount shown.',
+        'If you choose to save your bank account for future payments, this authorization will also apply to any amounts now or hereafter due and payable, including amounts previously invoiced, accrued, outstanding, or otherwise payable, in addition to current, and future payment obligations owed for products or services provided by the merchant, until you cancel it.',
+        'You also authorize the merchant to credit your account as necessary to correct any erroneous debits.',
+        'You may revoke authorization at any time by contacting the merchant, allowing up to thirty (30) days for processing.\nYou confirm that you are an authorized signer on the account and that sufficient funds will be available for each payment.\nACH payments may take up to five (5) business days to complete, and you may be responsible for fees if a payment is returned.',
+    ],
+    /**
+     * Final paragraph containing a link to the Privacy Policy.
+     * The link text and URL are defined separately so translators only
+     * localize the surrounding copy, not the URL.
+     */
+    EXPANDED_TERMS_PRIVACY_PREFIX: 'Lightspeed may collect or access certain payment-related information as described in the platform agreement and',
+    PRIVACY_POLICY_LINK_TEXT: 'Privacy Policy',
 };
 export var ACH_TERMS_URL = {
     STRIPE_ACH_AUTHORIZATION: 'https://stripe.com/legal/ach-payments/authorization',
+    PRIVACY_POLICY: 'https://www.lightspeedhq.com/legal/privacy-policy/',
 };

package/dist/v1/stripe/widgets/moto.js

@@ -47,7 +47,7 @@ export function mountMotoWidget(mountElement, session, eventBroadcaster, default
                 case 0: return [4 /*yield*/, initStripe(session.context, theme)];
                 case 1:
                     _a = _c.sent(), stripe = _a.stripe, elements = _a.elements;
-                    paymentOptions = createPaymentElementOptions(defaultValues, theme);
+                    paymentOptions = createPaymentElementOptions(defaultValues, theme, false, session.context.businessName);
                     _b = createPaymentElement(elements, paymentOptions, mountElement, eventBroadcaster), paymentElement = _b.element, paymentContainer = _b.container, customTermsContainer = _b.customTermsContainer;
                     // Setup change handler for payment element only (MOTO forms don't have address element)
                     setupChangeEventHandler(paymentElement, eventBroadcaster);

package/dist/v1/stripe/widgets/payment.js

@@ -48,7 +48,7 @@ export function mountPaymentWidget(mountElement, session, eventBroadcaster, defa
                     _a = _d.sent(), stripe = _a.stripe, elements = _a.elements;
                     addressOptions = createAddressElementOptions(defaultValues);
                     _b = createAddressElement(elements, addressOptions, mountElement), addressElement = _b.element, addressContainer = _b.container;
-                    paymentOptions = createPaymentElementOptions(defaultValues, theme, true);
+                    paymentOptions = createPaymentElementOptions(defaultValues, theme, true, session.context.businessName);
                     _c = createPaymentElement(elements, paymentOptions, mountElement, eventBroadcaster), paymentElement = _c.element, paymentContainer = _c.container, customTermsContainer = _c.customTermsContainer;
                     // Setup change handler that emits Complete only when both elements are complete
                     setupChangeEventHandler(paymentElement, eventBroadcaster, addressElement);

package/dist/version.d.ts

@@ -1 +1 @@
-export declare const SDK_VERSION = "1.4.1";
+export declare const SDK_VERSION = "1.5.0";

package/dist/version.js

@@ -1,3 +1,3 @@
 // This file is auto-generated during the build process
 // DO NOT EDIT MANUALLY - Version is extracted from package.json
-export var SDK_VERSION = '1.4.1';
+export var SDK_VERSION = '1.5.0';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lightspeed/online-payments-sdk",
-  "version": "1.4.1",
+  "version": "1.5.0",
   "description": "Process online-payments with Lightspeed Payments",
   "author": "Lightspeed Commerce Inc.",
   "license": "SEE LICENSE IN LICENSE.md",

package/styles/lightspeed-global-styles.css

@@ -19,7 +19,8 @@
   color: #30313d;
 }
 
-.stripe-custom-terms-text a {
+.stripe-custom-terms-text a,
+.stripe-expandable-terms-content a {
   color: #635bff;
   text-decoration: underline;
 }
@@ -78,6 +79,7 @@
 }
 
 .lsp-theme-invoicing .stripe-custom-terms-text a,
-.lsp-theme-invoicing .stripe-expandable-terms-toggle {
+.lsp-theme-invoicing .stripe-expandable-terms-toggle,
+.lsp-theme-invoicing .stripe-expandable-terms-content a {
   color: var(--accent-9, #635bff);
 }