@nehorai/payments 0.1.0

package/dist/utils/index.d.cts

@@ -0,0 +1,102 @@
+import { k as PaymentProvider } from '../payment-types-68W-PlGg.cjs';
+
+/**
+ * @nehorai/payments - Idempotency Utilities
+ *
+ * Generates and validates idempotency keys to prevent duplicate charges.
+ * Framework-agnostic utility that can be used anywhere.
+ */
+/**
+ * Generate a unique internal payment ID
+ * Format: pay_{uuid}
+ */
+declare function generateInternalPaymentId(): string;
+/**
+ * Generate an idempotency key for API calls
+ * Format: idem_{uuid}
+ */
+declare function generateIdempotencyKey(): string;
+/**
+ * Generate a deterministic idempotency key based on inputs
+ * Useful when you need the same key for retries
+ *
+ * @param components - Array of values to hash together
+ */
+declare function generateDeterministicKey(...components: (string | number)[]): string;
+/**
+ * Generate idempotency key for a specific operation
+ *
+ * @param operation - Type of operation (e.g., 'capture', 'refund')
+ * @param transactionId - Associated transaction ID
+ */
+declare function generateOperationKey(operation: string, transactionId: string): string;
+/**
+ * Validate idempotency key format
+ */
+declare function isValidIdempotencyKey(key: string): boolean;
+/**
+ * Validate internal payment ID format
+ */
+declare function isValidInternalPaymentId(id: string): boolean;
+/**
+ * Extract UUID from payment ID or idempotency key
+ */
+declare function extractUuid(key: string): string | null;
+
+/**
+ * @nehorai/payments - Webhook Signature Verification
+ *
+ * Verifies HMAC signatures from payment providers to prevent spoofing.
+ * Provides generic verification functions plus a registry pattern
+ * for provider-specific verification strategies.
+ */
+
+interface SignatureVerificationParams {
+    provider: PaymentProvider;
+    payload: string;
+    signature: string;
+    secret: string;
+    /** Tolerance in seconds for timestamp validation (default: 300) */
+    tolerance?: number;
+}
+interface SignatureVerificationResult {
+    valid: boolean;
+    error?: string;
+}
+/**
+ * A function that verifies a webhook signature for a specific provider
+ */
+type SignatureVerifier = (payload: string, signature: string, secret: string, tolerance: number) => SignatureVerificationResult;
+/**
+ * Verify a Stripe-style webhook signature
+ * Stripe uses: t={timestamp},v1={signature}
+ */
+declare function verifyStripeStyleSignature(payload: string, signature: string, secret: string, tolerance: number): SignatureVerificationResult;
+/**
+ * Verify an HMAC-SHA256 signature of sorted payload fields
+ */
+declare function verifySortedFieldsHmacSignature(payload: string, signature: string, secret: string, _tolerance: number): SignatureVerificationResult;
+/**
+ * Verify a simple HMAC-SHA256 signature of the raw payload
+ */
+declare function verifyHmacSha256Signature(payload: string, signature: string, secret: string, _tolerance: number): SignatureVerificationResult;
+/**
+ * Register a custom signature verifier for a provider
+ */
+declare function registerSignatureVerifier(provider: PaymentProvider, verifier: SignatureVerifier): void;
+/**
+ * Get the registered verifier for a provider
+ */
+declare function getSignatureVerifier(provider: PaymentProvider): SignatureVerifier | undefined;
+/**
+ * Verify webhook signature based on provider.
+ * Uses registered verifiers. Falls back to HMAC-SHA256 if no verifier is registered.
+ */
+declare function verifyWebhookSignature(params: SignatureVerificationParams): SignatureVerificationResult;
+/**
+ * Get signature header name for a provider.
+ * Returns a generic default; override per provider if needed.
+ */
+declare function getSignatureHeaderName(provider: PaymentProvider): string;
+
+export { type SignatureVerificationParams, type SignatureVerificationResult, type SignatureVerifier, extractUuid, generateDeterministicKey, generateIdempotencyKey, generateInternalPaymentId, generateOperationKey, getSignatureHeaderName, getSignatureVerifier, isValidIdempotencyKey, isValidInternalPaymentId, registerSignatureVerifier, verifyHmacSha256Signature, verifySortedFieldsHmacSignature, verifyStripeStyleSignature, verifyWebhookSignature };

package/dist/utils/index.d.ts

@@ -0,0 +1,102 @@
+import { k as PaymentProvider } from '../payment-types-68W-PlGg.js';
+
+/**
+ * @nehorai/payments - Idempotency Utilities
+ *
+ * Generates and validates idempotency keys to prevent duplicate charges.
+ * Framework-agnostic utility that can be used anywhere.
+ */
+/**
+ * Generate a unique internal payment ID
+ * Format: pay_{uuid}
+ */
+declare function generateInternalPaymentId(): string;
+/**
+ * Generate an idempotency key for API calls
+ * Format: idem_{uuid}
+ */
+declare function generateIdempotencyKey(): string;
+/**
+ * Generate a deterministic idempotency key based on inputs
+ * Useful when you need the same key for retries
+ *
+ * @param components - Array of values to hash together
+ */
+declare function generateDeterministicKey(...components: (string | number)[]): string;
+/**
+ * Generate idempotency key for a specific operation
+ *
+ * @param operation - Type of operation (e.g., 'capture', 'refund')
+ * @param transactionId - Associated transaction ID
+ */
+declare function generateOperationKey(operation: string, transactionId: string): string;
+/**
+ * Validate idempotency key format
+ */
+declare function isValidIdempotencyKey(key: string): boolean;
+/**
+ * Validate internal payment ID format
+ */
+declare function isValidInternalPaymentId(id: string): boolean;
+/**
+ * Extract UUID from payment ID or idempotency key
+ */
+declare function extractUuid(key: string): string | null;
+
+/**
+ * @nehorai/payments - Webhook Signature Verification
+ *
+ * Verifies HMAC signatures from payment providers to prevent spoofing.
+ * Provides generic verification functions plus a registry pattern
+ * for provider-specific verification strategies.
+ */
+
+interface SignatureVerificationParams {
+    provider: PaymentProvider;
+    payload: string;
+    signature: string;
+    secret: string;
+    /** Tolerance in seconds for timestamp validation (default: 300) */
+    tolerance?: number;
+}
+interface SignatureVerificationResult {
+    valid: boolean;
+    error?: string;
+}
+/**
+ * A function that verifies a webhook signature for a specific provider
+ */
+type SignatureVerifier = (payload: string, signature: string, secret: string, tolerance: number) => SignatureVerificationResult;
+/**
+ * Verify a Stripe-style webhook signature
+ * Stripe uses: t={timestamp},v1={signature}
+ */
+declare function verifyStripeStyleSignature(payload: string, signature: string, secret: string, tolerance: number): SignatureVerificationResult;
+/**
+ * Verify an HMAC-SHA256 signature of sorted payload fields
+ */
+declare function verifySortedFieldsHmacSignature(payload: string, signature: string, secret: string, _tolerance: number): SignatureVerificationResult;
+/**
+ * Verify a simple HMAC-SHA256 signature of the raw payload
+ */
+declare function verifyHmacSha256Signature(payload: string, signature: string, secret: string, _tolerance: number): SignatureVerificationResult;
+/**
+ * Register a custom signature verifier for a provider
+ */
+declare function registerSignatureVerifier(provider: PaymentProvider, verifier: SignatureVerifier): void;
+/**
+ * Get the registered verifier for a provider
+ */
+declare function getSignatureVerifier(provider: PaymentProvider): SignatureVerifier | undefined;
+/**
+ * Verify webhook signature based on provider.
+ * Uses registered verifiers. Falls back to HMAC-SHA256 if no verifier is registered.
+ */
+declare function verifyWebhookSignature(params: SignatureVerificationParams): SignatureVerificationResult;
+/**
+ * Get signature header name for a provider.
+ * Returns a generic default; override per provider if needed.
+ */
+declare function getSignatureHeaderName(provider: PaymentProvider): string;
+
+export { type SignatureVerificationParams, type SignatureVerificationResult, type SignatureVerifier, extractUuid, generateDeterministicKey, generateIdempotencyKey, generateInternalPaymentId, generateOperationKey, getSignatureHeaderName, getSignatureVerifier, isValidIdempotencyKey, isValidInternalPaymentId, registerSignatureVerifier, verifyHmacSha256Signature, verifySortedFieldsHmacSignature, verifyStripeStyleSignature, verifyWebhookSignature };

package/dist/utils/index.js

@@ -0,0 +1,127 @@
+// src/utils/idempotency.ts
+import { randomUUID, createHash } from "crypto";
+function generateInternalPaymentId() {
+  return `pay_${randomUUID()}`;
+}
+function generateIdempotencyKey() {
+  return `idem_${randomUUID()}`;
+}
+function generateDeterministicKey(...components) {
+  const data = components.join(":");
+  const hash = createHash("sha256").update(data).digest("hex");
+  return `idem_${hash.substring(0, 32)}`;
+}
+function generateOperationKey(operation, transactionId) {
+  return `${operation}_${transactionId}`;
+}
+function isValidIdempotencyKey(key) {
+  return /^idem_[a-f0-9-]{32,36}$/.test(key);
+}
+function isValidInternalPaymentId(id) {
+  return /^pay_[a-f0-9-]{36}$/.test(id);
+}
+function extractUuid(key) {
+  const match = key.match(/^(?:pay|idem)_([a-f0-9-]+)$/);
+  return match ? match[1] : null;
+}
+
+// src/utils/signature-verification.ts
+import { createHmac, timingSafeEqual } from "crypto";
+function verifyStripeStyleSignature(payload, signature, secret, tolerance) {
+  try {
+    const elements = signature.split(",");
+    const timestamp = elements.find((e) => e.startsWith("t="))?.slice(2);
+    const sig = elements.find((e) => e.startsWith("v1="))?.slice(3);
+    if (!timestamp || !sig) {
+      return { valid: false, error: "Invalid signature format" };
+    }
+    const timestampNum = parseInt(timestamp, 10);
+    const now = Math.floor(Date.now() / 1e3);
+    if (Math.abs(now - timestampNum) > tolerance) {
+      return { valid: false, error: "Timestamp outside tolerance" };
+    }
+    const signedPayload = `${timestamp}.${payload}`;
+    const expectedSig = createHmac("sha256", secret).update(signedPayload).digest("hex");
+    const valid = timingSafeEqual(
+      Buffer.from(sig),
+      Buffer.from(expectedSig)
+    );
+    return { valid };
+  } catch (error) {
+    return {
+      valid: false,
+      error: error instanceof Error ? error.message : "Verification failed"
+    };
+  }
+}
+function verifySortedFieldsHmacSignature(payload, signature, secret, _tolerance) {
+  try {
+    const data = JSON.parse(payload);
+    const sortedKeys = Object.keys(data).sort();
+    const sortedPayload = sortedKeys.map((k) => `${k}=${data[k]}`).join("&");
+    const expectedSig = createHmac("sha256", secret).update(sortedPayload).digest("hex");
+    const valid = timingSafeEqual(
+      Buffer.from(signature.toLowerCase()),
+      Buffer.from(expectedSig)
+    );
+    return { valid };
+  } catch (error) {
+    return {
+      valid: false,
+      error: error instanceof Error ? error.message : "Verification failed"
+    };
+  }
+}
+function verifyHmacSha256Signature(payload, signature, secret, _tolerance) {
+  try {
+    const expectedSig = createHmac("sha256", secret).update(payload).digest("hex");
+    const valid = timingSafeEqual(
+      Buffer.from(signature.toLowerCase()),
+      Buffer.from(expectedSig.toLowerCase())
+    );
+    return { valid };
+  } catch (error) {
+    return {
+      valid: false,
+      error: error instanceof Error ? error.message : "Verification failed"
+    };
+  }
+}
+var verifierRegistry = /* @__PURE__ */ new Map();
+function registerSignatureVerifier(provider, verifier) {
+  verifierRegistry.set(provider, verifier);
+}
+function getSignatureVerifier(provider) {
+  return verifierRegistry.get(provider);
+}
+function verifyWebhookSignature(params) {
+  const { provider, payload, signature, secret, tolerance = 300 } = params;
+  if (!signature || !secret) {
+    return { valid: false, error: "Missing signature or secret" };
+  }
+  const verifier = verifierRegistry.get(provider);
+  if (verifier) {
+    return verifier(payload, signature, secret, tolerance);
+  }
+  return verifyHmacSha256Signature(payload, signature, secret, tolerance);
+}
+function getSignatureHeaderName(provider) {
+  return `x-${provider}-signature`;
+}
+export {
+  extractUuid,
+  generateDeterministicKey,
+  generateIdempotencyKey,
+  generateInternalPaymentId,
+  generateOperationKey,
+  getSignatureHeaderName,
+  getSignatureVerifier,
+  isValidIdempotencyKey,
+  isValidInternalPaymentId,
+  registerSignatureVerifier,
+  verifyHmacSha256Signature,
+  verifySortedFieldsHmacSignature,
+  verifyStripeStyleSignature,
+  verifyWebhookSignature
+};
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/utils/idempotency.ts","../../src/utils/signature-verification.ts"],"sourcesContent":["/**\r\n * @nehorai/payments - Idempotency Utilities\r\n *\r\n * Generates and validates idempotency keys to prevent duplicate charges.\r\n * Framework-agnostic utility that can be used anywhere.\r\n */\r\n\r\nimport { randomUUID, createHash } from 'crypto'\r\n\r\n/**\r\n * Generate a unique internal payment ID\r\n * Format: pay_{uuid}\r\n */\r\nexport function generateInternalPaymentId(): string {\r\n  return `pay_${randomUUID()}`\r\n}\r\n\r\n/**\r\n * Generate an idempotency key for API calls\r\n * Format: idem_{uuid}\r\n */\r\nexport function generateIdempotencyKey(): string {\r\n  return `idem_${randomUUID()}`\r\n}\r\n\r\n/**\r\n * Generate a deterministic idempotency key based on inputs\r\n * Useful when you need the same key for retries\r\n *\r\n * @param components - Array of values to hash together\r\n */\r\nexport function generateDeterministicKey(\r\n  ...components: (string | number)[]\r\n): string {\r\n  const data = components.join(':')\r\n  const hash = createHash('sha256').update(data).digest('hex')\r\n  return `idem_${hash.substring(0, 32)}`\r\n}\r\n\r\n/**\r\n * Generate idempotency key for a specific operation\r\n *\r\n * @param operation - Type of operation (e.g., 'capture', 'refund')\r\n * @param transactionId - Associated transaction ID\r\n */\r\nexport function generateOperationKey(\r\n  operation: string,\r\n  transactionId: string\r\n): string {\r\n  return `${operation}_${transactionId}`\r\n}\r\n\r\n/**\r\n * Validate idempotency key format\r\n */\r\nexport function isValidIdempotencyKey(key: string): boolean {\r\n  return /^idem_[a-f0-9-]{32,36}$/.test(key)\r\n}\r\n\r\n/**\r\n * Validate internal payment ID format\r\n */\r\nexport function isValidInternalPaymentId(id: string): boolean {\r\n  return /^pay_[a-f0-9-]{36}$/.test(id)\r\n}\r\n\r\n/**\r\n * Extract UUID from payment ID or idempotency key\r\n */\r\nexport function extractUuid(key: string): string | null {\r\n  const match = key.match(/^(?:pay|idem)_([a-f0-9-]+)$/)\r\n  return match ? match[1] : null\r\n}\r\n","/**\r\n * @nehorai/payments - Webhook Signature Verification\r\n *\r\n * Verifies HMAC signatures from payment providers to prevent spoofing.\r\n * Provides generic verification functions plus a registry pattern\r\n * for provider-specific verification strategies.\r\n */\r\n\r\nimport { createHmac, createHash, timingSafeEqual } from 'crypto'\r\nimport type { PaymentProvider } from '../types/index.js'\r\n\r\n// ============================================================================\r\n// Types\r\n// ============================================================================\r\n\r\nexport interface SignatureVerificationParams {\r\n  provider: PaymentProvider\r\n  payload: string\r\n  signature: string\r\n  secret: string\r\n  /** Tolerance in seconds for timestamp validation (default: 300) */\r\n  tolerance?: number\r\n}\r\n\r\nexport interface SignatureVerificationResult {\r\n  valid: boolean\r\n  error?: string\r\n}\r\n\r\n/**\r\n * A function that verifies a webhook signature for a specific provider\r\n */\r\nexport type SignatureVerifier = (\r\n  payload: string,\r\n  signature: string,\r\n  secret: string,\r\n  tolerance: number\r\n) => SignatureVerificationResult\r\n\r\n// ============================================================================\r\n// Built-in Verification Strategies\r\n// ============================================================================\r\n\r\n/**\r\n * Verify a Stripe-style webhook signature\r\n * Stripe uses: t={timestamp},v1={signature}\r\n */\r\nexport function verifyStripeStyleSignature(\r\n  payload: string,\r\n  signature: string,\r\n  secret: string,\r\n  tolerance: number\r\n): SignatureVerificationResult {\r\n  try {\r\n    const elements = signature.split(',')\r\n    const timestamp = elements.find((e) => e.startsWith('t='))?.slice(2)\r\n    const sig = elements.find((e) => e.startsWith('v1='))?.slice(3)\r\n\r\n    if (!timestamp || !sig) {\r\n      return { valid: false, error: 'Invalid signature format' }\r\n    }\r\n\r\n    const timestampNum = parseInt(timestamp, 10)\r\n    const now = Math.floor(Date.now() / 1000)\r\n    if (Math.abs(now - timestampNum) > tolerance) {\r\n      return { valid: false, error: 'Timestamp outside tolerance' }\r\n    }\r\n\r\n    const signedPayload = `${timestamp}.${payload}`\r\n    const expectedSig = createHmac('sha256', secret)\r\n      .update(signedPayload)\r\n      .digest('hex')\r\n\r\n    const valid = timingSafeEqual(\r\n      Buffer.from(sig),\r\n      Buffer.from(expectedSig)\r\n    )\r\n\r\n    return { valid }\r\n  } catch (error) {\r\n    return {\r\n      valid: false,\r\n      error: error instanceof Error ? error.message : 'Verification failed',\r\n    }\r\n  }\r\n}\r\n\r\n/**\r\n * Verify an HMAC-SHA256 signature of sorted payload fields\r\n */\r\nexport function verifySortedFieldsHmacSignature(\r\n  payload: string,\r\n  signature: string,\r\n  secret: string,\r\n  _tolerance: number\r\n): SignatureVerificationResult {\r\n  try {\r\n    const data = JSON.parse(payload)\r\n    const sortedKeys = Object.keys(data).sort()\r\n    const sortedPayload = sortedKeys.map((k) => `${k}=${data[k]}`).join('&')\r\n\r\n    const expectedSig = createHmac('sha256', secret)\r\n      .update(sortedPayload)\r\n      .digest('hex')\r\n\r\n    const valid = timingSafeEqual(\r\n      Buffer.from(signature.toLowerCase()),\r\n      Buffer.from(expectedSig)\r\n    )\r\n\r\n    return { valid }\r\n  } catch (error) {\r\n    return {\r\n      valid: false,\r\n      error: error instanceof Error ? error.message : 'Verification failed',\r\n    }\r\n  }\r\n}\r\n\r\n/**\r\n * Verify a simple HMAC-SHA256 signature of the raw payload\r\n */\r\nexport function verifyHmacSha256Signature(\r\n  payload: string,\r\n  signature: string,\r\n  secret: string,\r\n  _tolerance: number\r\n): SignatureVerificationResult {\r\n  try {\r\n    const expectedSig = createHmac('sha256', secret)\r\n      .update(payload)\r\n      .digest('hex')\r\n\r\n    const valid = timingSafeEqual(\r\n      Buffer.from(signature.toLowerCase()),\r\n      Buffer.from(expectedSig.toLowerCase())\r\n    )\r\n\r\n    return { valid }\r\n  } catch (error) {\r\n    return {\r\n      valid: false,\r\n      error: error instanceof Error ? error.message : 'Verification failed',\r\n    }\r\n  }\r\n}\r\n\r\n// ============================================================================\r\n// Verifier Registry\r\n// ============================================================================\r\n\r\nconst verifierRegistry = new Map<string, SignatureVerifier>()\r\n\r\n/**\r\n * Register a custom signature verifier for a provider\r\n */\r\nexport function registerSignatureVerifier(\r\n  provider: PaymentProvider,\r\n  verifier: SignatureVerifier\r\n): void {\r\n  verifierRegistry.set(provider, verifier)\r\n}\r\n\r\n/**\r\n * Get the registered verifier for a provider\r\n */\r\nexport function getSignatureVerifier(provider: PaymentProvider): SignatureVerifier | undefined {\r\n  return verifierRegistry.get(provider)\r\n}\r\n\r\n// ============================================================================\r\n// Main Verification Function\r\n// ============================================================================\r\n\r\n/**\r\n * Verify webhook signature based on provider.\r\n * Uses registered verifiers. Falls back to HMAC-SHA256 if no verifier is registered.\r\n */\r\nexport function verifyWebhookSignature(\r\n  params: SignatureVerificationParams\r\n): SignatureVerificationResult {\r\n  const { provider, payload, signature, secret, tolerance = 300 } = params\r\n\r\n  if (!signature || !secret) {\r\n    return { valid: false, error: 'Missing signature or secret' }\r\n  }\r\n\r\n  const verifier = verifierRegistry.get(provider)\r\n  if (verifier) {\r\n    return verifier(payload, signature, secret, tolerance)\r\n  }\r\n\r\n  // Default: simple HMAC-SHA256\r\n  return verifyHmacSha256Signature(payload, signature, secret, tolerance)\r\n}\r\n\r\n/**\r\n * Get signature header name for a provider.\r\n * Returns a generic default; override per provider if needed.\r\n */\r\nexport function getSignatureHeaderName(provider: PaymentProvider): string {\r\n  return `x-${provider}-signature`\r\n}\r\n"],"mappings":";AAOA,SAAS,YAAY,kBAAkB;AAMhC,SAAS,4BAAoC;AAClD,SAAO,OAAO,WAAW,CAAC;AAC5B;AAMO,SAAS,yBAAiC;AAC/C,SAAO,QAAQ,WAAW,CAAC;AAC7B;AAQO,SAAS,4BACX,YACK;AACR,QAAM,OAAO,WAAW,KAAK,GAAG;AAChC,QAAM,OAAO,WAAW,QAAQ,EAAE,OAAO,IAAI,EAAE,OAAO,KAAK;AAC3D,SAAO,QAAQ,KAAK,UAAU,GAAG,EAAE,CAAC;AACtC;AAQO,SAAS,qBACd,WACA,eACQ;AACR,SAAO,GAAG,SAAS,IAAI,aAAa;AACtC;AAKO,SAAS,sBAAsB,KAAsB;AAC1D,SAAO,0BAA0B,KAAK,GAAG;AAC3C;AAKO,SAAS,yBAAyB,IAAqB;AAC5D,SAAO,sBAAsB,KAAK,EAAE;AACtC;AAKO,SAAS,YAAY,KAA4B;AACtD,QAAM,QAAQ,IAAI,MAAM,6BAA6B;AACrD,SAAO,QAAQ,MAAM,CAAC,IAAI;AAC5B;;;AChEA,SAAS,YAAwB,uBAAuB;AAuCjD,SAAS,2BACd,SACA,WACA,QACA,WAC6B;AAC7B,MAAI;AACF,UAAM,WAAW,UAAU,MAAM,GAAG;AACpC,UAAM,YAAY,SAAS,KAAK,CAAC,MAAM,EAAE,WAAW,IAAI,CAAC,GAAG,MAAM,CAAC;AACnE,UAAM,MAAM,SAAS,KAAK,CAAC,MAAM,EAAE,WAAW,KAAK,CAAC,GAAG,MAAM,CAAC;AAE9D,QAAI,CAAC,aAAa,CAAC,KAAK;AACtB,aAAO,EAAE,OAAO,OAAO,OAAO,2BAA2B;AAAA,IAC3D;AAEA,UAAM,eAAe,SAAS,WAAW,EAAE;AAC3C,UAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,QAAI,KAAK,IAAI,MAAM,YAAY,IAAI,WAAW;AAC5C,aAAO,EAAE,OAAO,OAAO,OAAO,8BAA8B;AAAA,IAC9D;AAEA,UAAM,gBAAgB,GAAG,SAAS,IAAI,OAAO;AAC7C,UAAM,cAAc,WAAW,UAAU,MAAM,EAC5C,OAAO,aAAa,EACpB,OAAO,KAAK;AAEf,UAAM,QAAQ;AAAA,MACZ,OAAO,KAAK,GAAG;AAAA,MACf,OAAO,KAAK,WAAW;AAAA,IACzB;AAEA,WAAO,EAAE,MAAM;AAAA,EACjB,SAAS,OAAO;AACd,WAAO;AAAA,MACL,OAAO;AAAA,MACP,OAAO,iBAAiB,QAAQ,MAAM,UAAU;AAAA,IAClD;AAAA,EACF;AACF;AAKO,SAAS,gCACd,SACA,WACA,QACA,YAC6B;AAC7B,MAAI;AACF,UAAM,OAAO,KAAK,MAAM,OAAO;AAC/B,UAAM,aAAa,OAAO,KAAK,IAAI,EAAE,KAAK;AAC1C,UAAM,gBAAgB,WAAW,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,CAAC,EAAE,EAAE,KAAK,GAAG;AAEvE,UAAM,cAAc,WAAW,UAAU,MAAM,EAC5C,OAAO,aAAa,EACpB,OAAO,KAAK;AAEf,UAAM,QAAQ;AAAA,MACZ,OAAO,KAAK,UAAU,YAAY,CAAC;AAAA,MACnC,OAAO,KAAK,WAAW;AAAA,IACzB;AAEA,WAAO,EAAE,MAAM;AAAA,EACjB,SAAS,OAAO;AACd,WAAO;AAAA,MACL,OAAO;AAAA,MACP,OAAO,iBAAiB,QAAQ,MAAM,UAAU;AAAA,IAClD;AAAA,EACF;AACF;AAKO,SAAS,0BACd,SACA,WACA,QACA,YAC6B;AAC7B,MAAI;AACF,UAAM,cAAc,WAAW,UAAU,MAAM,EAC5C,OAAO,OAAO,EACd,OAAO,KAAK;AAEf,UAAM,QAAQ;AAAA,MACZ,OAAO,KAAK,UAAU,YAAY,CAAC;AAAA,MACnC,OAAO,KAAK,YAAY,YAAY,CAAC;AAAA,IACvC;AAEA,WAAO,EAAE,MAAM;AAAA,EACjB,SAAS,OAAO;AACd,WAAO;AAAA,MACL,OAAO;AAAA,MACP,OAAO,iBAAiB,QAAQ,MAAM,UAAU;AAAA,IAClD;AAAA,EACF;AACF;AAMA,IAAM,mBAAmB,oBAAI,IAA+B;AAKrD,SAAS,0BACd,UACA,UACM;AACN,mBAAiB,IAAI,UAAU,QAAQ;AACzC;AAKO,SAAS,qBAAqB,UAA0D;AAC7F,SAAO,iBAAiB,IAAI,QAAQ;AACtC;AAUO,SAAS,uBACd,QAC6B;AAC7B,QAAM,EAAE,UAAU,SAAS,WAAW,QAAQ,YAAY,IAAI,IAAI;AAElE,MAAI,CAAC,aAAa,CAAC,QAAQ;AACzB,WAAO,EAAE,OAAO,OAAO,OAAO,8BAA8B;AAAA,EAC9D;AAEA,QAAM,WAAW,iBAAiB,IAAI,QAAQ;AAC9C,MAAI,UAAU;AACZ,WAAO,SAAS,SAAS,WAAW,QAAQ,SAAS;AAAA,EACvD;AAGA,SAAO,0BAA0B,SAAS,WAAW,QAAQ,SAAS;AACxE;AAMO,SAAS,uBAAuB,UAAmC;AACxE,SAAO,KAAK,QAAQ;AACtB;","names":[]}

package/package.json

@@ -0,0 +1,68 @@
+{
+  "name": "@nehorai/payments",
+  "version": "0.1.0",
+  "description": "Generic payment orchestration library with circuit breaker and multi-provider routing",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    },
+    "./types": {
+      "types": "./dist/types/index.d.ts",
+      "import": "./dist/types/index.js",
+      "require": "./dist/types/index.cjs"
+    },
+    "./providers": {
+      "types": "./dist/providers/interfaces/index.d.ts",
+      "import": "./dist/providers/interfaces/index.js",
+      "require": "./dist/providers/interfaces/index.cjs"
+    },
+    "./repository": {
+      "types": "./dist/repository/interfaces/index.d.ts",
+      "import": "./dist/repository/interfaces/index.js",
+      "require": "./dist/repository/interfaces/index.cjs"
+    },
+    "./services": {
+      "types": "./dist/services/index.d.ts",
+      "import": "./dist/services/index.js",
+      "require": "./dist/services/index.cjs"
+    },
+    "./config": {
+      "types": "./dist/config/index.d.ts",
+      "import": "./dist/config/index.js",
+      "require": "./dist/config/index.cjs"
+    },
+    "./utils": {
+      "types": "./dist/utils/index.d.ts",
+      "import": "./dist/utils/index.js",
+      "require": "./dist/utils/index.cjs"
+    },
+    "./factory": {
+      "types": "./dist/factory.d.ts",
+      "import": "./dist/factory.js",
+      "require": "./dist/factory.cjs"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "license": "MIT",
+  "author": "Nehorai Hadad",
+  "devDependencies": {
+    "typescript": "^5.7.3",
+    "tsup": "^8.0.0",
+    "@types/node": "^22.13.4"
+  },
+  "dependencies": {
+    "uuid": "^11.1.0"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "typecheck": "tsc --noEmit"
+  }
+}