@mft/moneyhub-api-client 4.12.1 → 4.15.0

package/.github/workflows/main.yml

@@ -0,0 +1,24 @@
+name: npm audit
+
+on:
+  pull_request:
+  push:
+    branches:
+  schedule:
+    - cron: '0 10 * * *'
+
+jobs:
+  scan:
+    name: npm audit
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: install dependencies
+        run: npm ci
+      - uses: oke-py/npm-audit-action@v1.8.4
+        with:
+          audit_level: moderate
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          issue_assignees: oke-py
+          issue_labels: vulnerability,test
+          dedupe_issues: true

package/CHANGELOG.md

@@ -1,3 +1,11 @@
+4.13.0 / 2022-01-05
+==================
+
+**Features**
+
+* Add getRentalRecords
+* Add createRentalRecord
+* Add deleteRentalRecord
 
 4.0.0 / 2021-01-11
 ==================

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mft/moneyhub-api-client",
-  "version": "4.12.1",
+  "version": "4.15.0",
   "description": "Node.JS client for the Moneyhub API",
   "main": "src/index.js",
   "scripts": {
@@ -22,7 +22,7 @@
   "license": "ISC",
   "dependencies": {
     "form-data": "^3.0.0",
-    "got": "^11.8.1",
+    "got": "^11.8.3",
     "jose": "^2.0.5",
     "openid-client": "^4.2.2",
     "ramda": "^0.27.1"
@@ -37,8 +37,8 @@
     "eslint": "^7.32.0",
     "express": "^4.17.1",
     "husky": "^7.0.2",
-    "mocha": "^9.1.2",
-    "mocha-junit-reporter": "^2.0.0"
+    "mocha": "^9.2.0",
+    "mocha-junit-reporter": "^2.0.2"
   },
   "husky": {
     "hooks": {

package/readme.md

@@ -289,7 +289,7 @@ Creates a request object
 const tokens = await moneyhub.requestObject({
   scope: "the-required-scope",
   state: "state",
-  nonce: "nonce,
+  nonce: "nonce",
   claims: claimsObject,
 })
 ```
@@ -322,7 +322,7 @@ Creates a connection auth request
 
 ```javascript
 const tokens = await moneyhub.createAuthRequest({
-  redirectUri: "redirect-uri,
+  redirectUri: "redirect-uri",
   userId: "user-id",
   scope:"openid 1ffe704d39629a929c8e293880fb449a", // replace bank id with the bank you want to connect to
   categorisationType: "personal", // optional - defaults to personal
@@ -334,7 +334,7 @@ Creates a reauth auth request
 
 ```javascript
 const tokens = await moneyhub.createAuthRequest({
-  redirectUri: "redirect-uri,
+  redirectUri: "redirect-uri",
   userId: "user-id",
   connectionId: "connection-id",
   scope:"openid reauth",
@@ -345,7 +345,7 @@ Creates a refresh auth request
 
 ```javascript
 const tokens = await moneyhub.createAuthRequest({
-  redirectUri: "redirect-uri,
+  redirectUri: "redirect-uri",
   userId: "user-id",
   connectionId: "connection-id",
   scope:"openid refresh",
@@ -356,14 +356,14 @@ Creates a payment auth request
 
 ```javascript
 const tokens = await moneyhub.createAuthRequest({
-  redirectUri: "redirect-uri,
+  redirectUri: "redirect-uri",
   userId: "user-id",
   connectionId: "connection-id",
   scope:"openid payment",
   payment: {
     payeeId: "payee-id",
     amount: 200,
-    payeeRef: "Payee ref,
+    payeeRef: "Payee ref",
     payerRef: "Payer ref"
   },
 })
@@ -373,7 +373,7 @@ Creates a reverse payment auth request
 
 ```javascript
 const tokens = await moneyhub.createAuthRequest({
-  redirectUri: "redirect-uri,
+  redirectUri: "redirect-uri",
   userId: "user-id",
   connectionId: "connection-id",
   scope:"openid reverse_payment",
@@ -438,7 +438,7 @@ Helper method that gets the correct client credentials access token and then reg
 
 ```javascript
 const user = await moneyhub.registerUser({
-  clientUserId: "your user id" /* optional */
+  clientUserId: "your user id" // optional
 })
 ```
 
@@ -1113,7 +1113,7 @@ const url = await moneyhub.getPaymentAuthorizeUrl({
   state: "your state value",
   nonce: "your nonce value", // optional
   context: "Payment context [Other,BillPayment,PartyToParty]", // optional - defaults to PartyToParty
-  userId: "Moneyhub API User ID you wish to attach to the payment" // optional
+  userId: "Moneyhub API User ID you wish to attach to the payment", // optional
   claims: claimsObject, // optional
 })
 
@@ -1153,6 +1153,7 @@ const url = await moneyhub.getReversePaymentAuthorizeUrl({
   bankId: "Bank id to authorise payment from",
   paymentId: "Id of payment to reverse",
   state: "your state value",
+  amount: "reverse payment amount" // optional
   nonce: "your nonce value", // optional
   claims: claimsObject, // optional
 })
@@ -1332,6 +1333,122 @@ const standingOrder = await moneyhub.getStandingOrder({
 })
 ```
 
+### Recurring Payments (VRP)
+
+#### `getRecurringPaymentAuthorizeUrl`
+
+This is a helper function that returns an authorize url to authorize a recurring payment with the selected bank. This function uses the following scope with the value of the bankId provided `recurring_payment:create openid id:${bankId}`. It also requires the authentication to be `client_secret_jwt` or `private_key_jwt`.
+
+```javascript
+const url = await moneyhub.getRecurringPaymentAuthorizeUrl({
+  bankId: "Bank id to authorise payment from",
+  payeeId: "Id of payee",
+  payeeType: "Payee type [api-payee|mh-user-account]", // optional - defaults to api-payee
+  payerId: "Id of payer", // requird only if payerType is defined
+  payerType: "Payer type [mh-user-account]", // required only if payerId is used
+  reference: "The reference for recurring payment",
+  validFromDate: "The date from which the authorisation is effective" , // should be in an international format, e.g. 15-MAR-2021 or ISO date
+  validToDate: "The date to which the authorisation is effective", // should be in an international format, e.g. 15-MAR-2021 or ISO date
+  maximumIndividualAmount: "The maimum single amount that will be allowed", // the valid in whole minor units (i.e. pence)
+  currency: "The currency code for the maxiumum recurring payment amount [GBP]",
+  periodicLimits: [
+    {
+      amount: "The maximum amount for this recurring payment limit", // the valid in whole minor units (i.e. pence)
+      currency: "The currency code for this recurring payment limit [GBP]",
+      periodType: "The period over which the limit is effective [Day, Week, Fortnight, Month, Half-year, Year]",
+      periodAlignment: "Specifies whether the period starts on the date of consent creation or lines up with a calendar [Consent, Calendar]",   
+    }
+  ],
+  type: [ 
+    "Sweeping", // Specifies that the recurring payment is for the purpose of sweeping payments
+    "Other" // Specifies that the recurring payment is for other payments of another purpose
+  ],
+  context: "Payment context [Other,BillPayment,PartyToParty]", // optional - defaults to PartyToParty
+  state: "your state value",
+  nonce: "your nonce value", // optional
+  claims: claimsObject, // optional
+})
+
+// Scope used with the bankId provided
+const scope = `recurring_payment:create openid id:${bankId}`
+
+// Default claims if none are provided
+const defaultClaims = {
+  id_token: {
+    "mh:con_id": {
+      essential: true,
+    },
+    "mh:recurring_payment": {
+      essential: true,
+      value: {
+        payeeId,
+        payeeType,
+        payerId,
+        payerType,
+        reference,
+        validFromDate,
+        validToDate,
+        maximumIndividualAmount,
+        currency,
+        periodicLimits,
+        context,
+      },
+    },
+  },
+}
+```
+
+#### `getRecurringPayments`
+
+This method returns a list of initiated recurring payment consents. This function uses the scope `recurring_payment:read`
+
+```javascript
+const recurringPayments = await moneyhub.getRecurringPayments({
+  limit: "limit", // optional
+  offset: "offset", // optional
+  userId: "user-id", // optional
+  payeeId: "payee-id", // optional
+  startDate: "2020-01-01", // optional
+  endDate: "2020-12-31", // optional
+})
+```
+
+#### `getRecurringPayment`
+
+This method gets a recurring payment consent. This function uses the scope `recurring_payment:create`
+
+```javascript
+const recurringPayment = await moneyhub.getRecurringPayment({
+  recurringPaymentId: "Id of the recurring payment consent"
+})
+```
+
+#### `makeRecurringPayment`
+
+This method creates a payment using the recurring payment consent. This function uses the scope `recurring_payment:create`
+
+```javascript
+const recurringPayments = await moneyhub.getRecurringPayments({
+  recurringPaymentId: "Id of the recurring payment consent",
+  payment: {
+    payeeId: "payee-id", // optional
+    amount: 200,
+    payeeRef: "Payee ref",
+    payerRef: "Payer ref"
+  }
+})
+```
+
+#### `revokeRecurringPayment`
+
+This method revokes a recurring payment consent. This function uses the scope `recurring_payment:create`
+
+```javascript
+const revokedRecurringPayment = await moneyhub.revokeRecurringPayment({
+  recurringPaymentId: "Id of the recurring payment consent"
+})
+```
+
 #### `getRegularTransactions`
 
 Get all the regular transactions for a user, there is an option to pass an account ID as a parameter as a filter. This function uses the scope `accounts:read`, `transactions:read:all` and `regular_transactions:read`
@@ -1344,6 +1461,57 @@ const regulartransactions = await moneyhub.getRegularTransactions({
 })
 ```
 
+### Rental records
+
+#### `getRentalRecords`
+
+This method will return the rental record for the user. Requires the scope `rental_records:read`.
+
+```javascript
+const getRentalRecordResponse = await moneyhub.getRentalRecords({
+  userId: "user-id"
+})
+const rentalRecord = getRentalRecordResponse.data[0]
+```
+
+#### `createRentalRecord`
+
+This method will create a rental record for the user. Requires the scope `rental_records:write`. Please note only one rental record can exist for a user.
+
+```javascript
+const createRentalRecordResponse = await moneyhub.createRentalRecord({
+  userId: "user-id",
+  rentalData: {
+    title: "Title",
+    firstName: "firstName",
+    lastName: "lastName",
+    birthdate: "2000-11-19",
+    addressLine1: "First address line",
+    addressLine2: "Second address line", // optional
+    addressLine3: "Third address line", // optional
+    addressLine4: "Fourth address line", // optional
+    postalCode: "CA12345",
+    tenancyStartDate: "2020-11-19",
+    rentalAmount: {
+      value: 10000
+    },
+    rentalFrequency: "monthly",
+  }
+})
+const createdRentalRecord = createRentalRecordResponse.data
+```
+
+#### `deleteRentalRecord`
+
+This method deletes the rental record for a user.
+
+```javascript
+await moneyhub.deleteRentalRecord({
+  userId: "user-id",
+  rentalId: "rental-id"
+})
+```
+
 ### Financial Connections
 
 #### `listConnections`

package/src/__tests__/index.js

@@ -89,6 +89,13 @@ describe("API client", () => {
         "getStandingOrder",
         "getStandingOrders",
         "getRegularTransactions",
+        "getRentalRecords",
+        "createRentalRecord",
+        "deleteRentalRecord",
+        "getRecurringPayments",
+        "getRecurringPayment",
+        "makeRecurringPayment",
+        "revokeRecurringPayment",
         "getAuthorizeUrl",
         "getAuthorizeUrlFromRequestUri",
         "requestObject",
@@ -98,6 +105,7 @@ describe("API client", () => {
         "getRefreshAuthorizeUrlForCreatedUser",
         "getPaymentAuthorizeUrl",
         "getReversePaymentAuthorizeUrl",
+        "getRecurringPaymentAuthorizeUrl",
         "getStandingOrderAuthorizeUrl",
         "exchangeCodeForTokensLegacy",
         "exchangeCodeForTokens",

package/src/__tests__/rental-records.js

@@ -0,0 +1,90 @@
+/* eslint-disable max-nested-callbacks */
+const Moneyhub = require("..")
+const config = require("../../test/test-client-config")
+const {expect, assert} = require("chai")
+
+const testRentalData = {
+  title: "Title",
+  firstName: "firstName",
+  lastName: "lastName",
+  birthdate: "2000-11-19",
+  addressLine1: "First address line",
+  addressLine2: "Second address line",
+  addressLine3: "Third address line",
+  addressLine4: "Fourth address line",
+  postalCode: "CA12345",
+  tenancyStartDate: "2020-11-19",
+  rentalAmount: {
+    value: 10000
+  },
+  rentalFrequency: "monthly",
+}
+
+describe("Rental records", () => {
+  let moneyhub
+  let seriesId
+  let rentalId
+  const userId = config.testUserIdWithconnection
+
+  before(async () => {
+    moneyhub = await Moneyhub(config)
+    const {data: regularTransactions} = await moneyhub.getRegularTransactions({userId})
+    seriesId = regularTransactions[0].seriesId
+    const {data: rentals} = await moneyhub.getRentalRecords({userId})
+    if (rentals.length) {
+      const existingRentalId = rentals[0].id
+      await moneyhub.deleteRentalRecord({userId, rentalId: existingRentalId})
+    }
+  })
+
+  beforeEach(async () => {
+    const {data} = await moneyhub.createRentalRecord({rentalData: {...testRentalData, seriesId}, userId})
+    rentalId = data.id
+  })
+
+  afterEach(async () => {
+    try {
+      await moneyhub.deleteRentalRecord({userId, rentalId})
+    } catch (e) {
+      if (!e.message.includes("404")) {
+        throw e
+      }
+    }
+
+  })
+
+  it("get rental record", async () => {
+    const {data} = await moneyhub.getRentalRecords({userId})
+    expect(data.length).to.be.above(0)
+    expect(data[0]).to.have.property("seriesId")
+  })
+
+  it("create rental record", async () => {
+    const {data} = await moneyhub.getRentalRecords({userId})
+    expect(data.length).to.be.above(0)
+    assert.containsAllKeys(data[0], {
+      title: "Title",
+      firstName: "firstName",
+      lastName: "lastName",
+      birthdate: "2000-11-19",
+      addressLine1: "First address line",
+      addressLine2: "Second address line",
+      addressLine3: "Third address line",
+      addressLine4: "Fourth address line",
+      postalCode: "CA12345",
+      tenancyStartDate: "2020-11-19",
+      rentalAmount: {
+        value: 10000,
+        currency: "GBP"
+      },
+      rentalFrequency: "monthly",
+    })
+  })
+
+  it("delete rental record", async () => {
+    await moneyhub.deleteRentalRecord({userId, rentalId})
+    const {data} = await moneyhub.getRentalRecords({userId})
+    expect(data.length).to.eql(0)
+  })
+
+})

package/src/get-auth-urls.js

@@ -281,6 +281,7 @@ module.exports = ({client, config}) => {
       paymentId,
       state,
       nonce,
+      amount,
       claims = {},
     }) => {
       if (!state) {
@@ -303,6 +304,7 @@ module.exports = ({client, config}) => {
             essential: true,
             value: {
               paymentId,
+              amount,
             },
           },
           "mh:payment": {
@@ -327,6 +329,77 @@ module.exports = ({client, config}) => {
       return url
     },
 
+    getRecurringPaymentAuthorizeUrl: async ({
+      bankId,
+      payeeId,
+      payeeType,
+      payerId,
+      payerType,
+      reference,
+      validFromDate,
+      validToDate,
+      maximumIndividualAmount,
+      currency,
+      periodicLimits,
+      type,
+      context,
+      state,
+      nonce,
+      userId,
+      claims = {},
+    }) => {
+      if (!state) {
+        console.error("State is required")
+        throw new Error("Missing parameters")
+      }
+
+      const scope = `recurring_payment:create openid id:${bankId}`
+      const defaultClaims = {
+        id_token: {
+          "mh:con_id": {
+            essential: true,
+          },
+          "mh:recurring_payment": {
+            essential: true,
+            value: {
+              payeeId,
+              payeeType,
+              payerId,
+              payerType,
+              reference,
+              validFromDate,
+              validToDate,
+              maximumIndividualAmount,
+              currency,
+              periodicLimits,
+              type,
+              context,
+            },
+          },
+          ...userId && {
+            sub: {
+              value: userId
+            }
+          }
+        },
+      }
+
+      const _claims = R.mergeDeepRight(defaultClaims, claims)
+
+      const request = await requestObject({
+        scope,
+        state,
+        claims: _claims,
+        nonce,
+      })
+
+      const requestUri = await getRequestUri(request)
+      const url = getAuthorizeUrlFromRequestUri({
+        requestUri,
+      })
+      return url
+    },
+
     getStandingOrderAuthorizeUrl: async ({
       bankId,
       payeeId,

package/src/index.js

@@ -20,6 +20,8 @@ const requestFactories = [
   require("./requests/categories"),
   require("./requests/standing-orders"),
   require("./requests/regular-transactions"),
+  require("./requests/rental-records"),
+  require("./requests/recurring-payments"),
 ]
 const DEFAULT_TIMEOUT = 60000
 
@@ -51,8 +53,6 @@ module.exports = async (apiClientConfig) => {
     timeout,
   })
 
-  Issuer.defaultHttpOptions = {timeout}
-
   const moneyhubIssuer = await Issuer.discover(identityServiceUrl + "/oidc")
 
   const client = new moneyhubIssuer.Client(

package/src/requests/recurring-payments.js

@@ -0,0 +1,37 @@
+module.exports = ({config, request}) => {
+  const {identityServiceUrl} = config
+
+  return {
+    getRecurringPayments: async (params = {}) =>
+      request(`${identityServiceUrl}/recurring-payments`, {
+        searchParams: params,
+        cc: {
+          scope: "recurring_payment:read",
+        },
+      }),
+
+    getRecurringPayment: async ({recurringPaymentId}) =>
+      request(`${identityServiceUrl}/recurring-payments/${recurringPaymentId}`, {
+        cc: {
+          scope: "recurring_payment:read",
+        },
+      }),
+
+    makeRecurringPayment: async ({recurringPaymentId, payment}) =>
+      request(`${identityServiceUrl}/recurring-payments/${recurringPaymentId}/pay`, {
+        method: "POST",
+        body: payment,
+        cc: {
+          scope: "recurring_payment:create",
+        },
+      }),
+
+    revokeRecurringPayment: async ({recurringPaymentId}) =>
+      request(`${identityServiceUrl}/recurring-payments/${recurringPaymentId}`, {
+        method: "DELETE",
+        cc: {
+          scope: "recurring_payment:create",
+        },
+      }),
+  }
+}

package/src/requests/rental-records.js

@@ -0,0 +1,41 @@
+module.exports = ({config, request}) => {
+  const {resourceServerUrl} = config
+
+  return {
+    getRentalRecords: async ({userId}) =>
+      request(
+        `${resourceServerUrl}/rental-records`,
+        {
+          cc: {
+            scope: "rental_records:read",
+            sub: userId,
+          },
+        },
+      ),
+    createRentalRecord: async ({userId, rentalData}) => {
+      return await request(
+        `${resourceServerUrl}/rental-records`,
+        {
+          method: "POST",
+          cc: {
+            scope: "rental_records:write",
+            sub: userId,
+          },
+          body: rentalData,
+        },
+      )
+    },
+    deleteRentalRecord: async ({userId, rentalId}) => {
+      return await request(
+        `${resourceServerUrl}/rental-records/${rentalId}`,
+        {
+          method: "DELETE",
+          cc: {
+            scope: "rental_records:write",
+            sub: userId,
+          },
+        },
+      )
+    },
+  }
+}