@nhost/stripe-graphql-js 0.0.1 → 0.0.3

package/dist/schema/tax-rate.js

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const builder_1 = require("../builder");
+builder_1.builder.objectType('StripeTaxRate', {
+    description: 'Tax rates can be applied to [invoices](https://stripe.com/docs/billing/invoices/tax-rates), [subscriptions](https://stripe.com/docs/billing/subscriptions/taxes) and [Checkout Sessions](https://stripe.com/docs/payments/checkout/set-up-a-subscription#tax-rates) to collect tax.',
+    fields: (t) => ({
+        id: t.exposeString('id', {
+            description: 'Unique identifier for the object.'
+        }),
+        object: t.exposeString('object', {
+            description: `String representing the object's type. Objects of the same type share the same value.`
+        }),
+        active: t.exposeBoolean('active', {
+            description: 'Defaults to `true`. When set to `false`, this tax rate cannot be used with new applications or Checkout Sessions, but will still work for subscriptions and invoices that already have it set.'
+        }),
+        country: t.exposeString('country', {
+            description: 'Two-letter country code ([ISO 3166-1 alpha-2](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)).',
+            nullable: true
+        }),
+        created: t.exposeInt('created', {
+            description: 'Time at which the object was created. Measured in seconds since the Unix epoch.'
+        }),
+        description: t.exposeString('description', {
+            description: 'An arbitrary string attached to the tax rate for your internal use only. It will not be visible to your customers.',
+            nullable: true
+        }),
+        displayName: t.exposeString('display_name', {
+            description: 'The display name of the tax rates as it will appear to your customer on their receipt email, PDF, and the hosted invoice page.'
+        }),
+        inclusive: t.exposeBoolean('inclusive', {
+            description: 'This specifies if the tax rate is inclusive or exclusive.'
+        }),
+        jurisdiction: t.exposeString('jurisdiction', {
+            description: 'The jurisdiction for the tax rate. You can use this label field for tax reporting purposes. It also appears on your customer’s invoice.',
+            nullable: true
+        }),
+        livemode: t.exposeBoolean('livemode', {
+            description: 'Has the value `true` if the object exists in live mode or the value `false` if the object exists in test mode.'
+        }),
+        metadata: t.expose('metadata', {
+            description: 'Set of [key-value pairs](https://stripe.com/docs/api/metadata) that you can attach to an object. This can be useful for storing additional information about the object in a structured format.',
+            type: 'JSON',
+            nullable: true
+        }),
+        percentage: t.exposeFloat('percentage', {
+            description: 'This represents the tax rate percent out of 100.'
+        }),
+        state: t.exposeString('state', {
+            description: '[ISO 3166-2 subdivision code](https://en.wikipedia.org/wiki/ISO_3166-2:US), without country prefix. For example, "NY" for New York, United States.',
+            nullable: true
+        }),
+        taxType: t.exposeString('tax_type', {
+            description: 'The high-level tax type, such as `vat` or `sales_tax`.',
+            nullable: true
+        })
+    })
+});
+//# sourceMappingURL=tax-rate.js.map

package/dist/schema/tax-rate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tax-rate.js","sourceRoot":"","sources":["../../src/schema/tax-rate.ts"],"names":[],"mappings":";;AAAA,wCAAoC;AAEpC,iBAAO,CAAC,UAAU,CAAC,eAAe,EAAE;IAClC,WAAW,EACT,qRAAqR;IACvR,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACd,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,IAAI,EAAE;YACvB,WAAW,EAAE,mCAAmC;SACjD,CAAC;QACF,MAAM,EAAE,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE;YAC/B,WAAW,EAAE,uFAAuF;SACrG,CAAC;QACF,MAAM,EAAE,CAAC,CAAC,aAAa,CAAC,QAAQ,EAAE;YAChC,WAAW,EACT,gMAAgM;SACnM,CAAC;QACF,OAAO,EAAE,CAAC,CAAC,YAAY,CAAC,SAAS,EAAE;YACjC,WAAW,EACT,mGAAmG;YACrG,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,OAAO,EAAE,CAAC,CAAC,SAAS,CAAC,SAAS,EAAE;YAC9B,WAAW,EAAE,iFAAiF;SAC/F,CAAC;QACF,WAAW,EAAE,CAAC,CAAC,YAAY,CAAC,aAAa,EAAE;YACzC,WAAW,EACT,oHAAoH;YACtH,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,WAAW,EAAE,CAAC,CAAC,YAAY,CAAC,cAAc,EAAE;YAC1C,WAAW,EACT,gIAAgI;SACnI,CAAC;QACF,SAAS,EAAE,CAAC,CAAC,aAAa,CAAC,WAAW,EAAE;YACtC,WAAW,EAAE,2DAA2D;SACzE,CAAC;QACF,YAAY,EAAE,CAAC,CAAC,YAAY,CAAC,cAAc,EAAE;YAC3C,WAAW,EACT,yIAAyI;YAC3I,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,QAAQ,EAAE,CAAC,CAAC,aAAa,CAAC,UAAU,EAAE;YACpC,WAAW,EACT,gHAAgH;SACnH,CAAC;QACF,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,UAAU,EAAE;YAC7B,WAAW,EACT,iMAAiM;YACnM,IAAI,EAAE,MAAM;YACZ,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,UAAU,EAAE,CAAC,CAAC,WAAW,CAAC,YAAY,EAAE;YACtC,WAAW,EAAE,kDAAkD;SAChE,CAAC;QACF,KAAK,EAAE,CAAC,CAAC,YAAY,CAAC,OAAO,EAAE;YAC7B,WAAW,EACT,oJAAoJ;YACtJ,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,OAAO,EAAE,CAAC,CAAC,YAAY,CAAC,UAAU,EAAE;YAClC,WAAW,EAAE,wDAAwD;YACrE,QAAQ,EAAE,IAAI;SACf,CAAC;KACH,CAAC;CACH,CAAC,CAAA"}

package/dist/schema/test-clock.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=test-clock.d.ts.map

package/dist/schema/test-clock.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"test-clock.d.ts","sourceRoot":"","sources":["../../src/schema/test-clock.ts"],"names":[],"mappings":""}

package/dist/schema/test-clock.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const builder_1 = require("../builder");
+builder_1.builder.objectType('StripeTestClock', {
+    description: '',
+    fields: (t) => ({
+        id: t.exposeString('id'),
+        object: t.exposeString('object'),
+        created: t.exposeInt('created'),
+        deletesAfter: t.exposeInt('deletes_after'),
+        frozenTime: t.exposeInt('frozen_time'),
+        livemode: t.exposeBoolean('livemode'),
+        name: t.exposeString('name', {
+            nullable: true
+        }),
+        status: t.exposeString('status')
+    })
+});
+//# sourceMappingURL=test-clock.js.map

package/dist/schema/test-clock.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"test-clock.js","sourceRoot":"","sources":["../../src/schema/test-clock.ts"],"names":[],"mappings":";;AAAA,wCAAoC;AAEpC,iBAAO,CAAC,UAAU,CAAC,iBAAiB,EAAE;IACpC,WAAW,EAAE,EAAE;IACf,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACd,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC;QACxB,MAAM,EAAE,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC;QAChC,OAAO,EAAE,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC;QAC/B,YAAY,EAAE,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC;QAC1C,UAAU,EAAE,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC;QACtC,QAAQ,EAAE,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC;QACrC,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM,EAAE;YAC3B,QAAQ,EAAE,IAAI;SACf,CAAC;QACF,MAAM,EAAE,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC;KACjC,CAAC;CACH,CAAC,CAAA"}

package/dist/server.d.ts

@@ -0,0 +1,9 @@
+/// <reference types="node" />
+import { schema } from './schema';
+import { Context, CreateServerProps } from './types';
+declare const createStripeGraphQLServer: (params?: CreateServerProps) => import("@graphql-yoga/node").YogaNodeServerInstance<{
+    req: import("http").IncomingMessage;
+    res: import("http").ServerResponse;
+}, Context, {}>;
+export { createStripeGraphQLServer, schema };
+//# sourceMappingURL=server.d.ts.map

package/dist/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAA;AAGpD,QAAA,MAAM,yBAAyB,YAAa,iBAAiB;;;eA+C5D,CAAA;AAED,OAAO,EAAE,yBAAyB,EAAE,MAAM,EAAE,CAAA"}

package/dist/server.js

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.schema = exports.createStripeGraphQLServer = void 0;
+const node_1 = require("@graphql-yoga/node");
+const schema_1 = require("./schema");
+Object.defineProperty(exports, "schema", { enumerable: true, get: function () { return schema_1.schema; } });
+const utils_1 = require("./utils");
+const createStripeGraphQLServer = (params) => {
+    const cors = params === null || params === void 0 ? void 0 : params.cors;
+    const isAllowed = params === null || params === void 0 ? void 0 : params.isAllowed;
+    const graphiql = params === null || params === void 0 ? void 0 : params.graphiql;
+    const context = (context) => {
+        const { request } = context;
+        // user id
+        const userClaims = (0, utils_1.getUserClaims)(request);
+        // check if using correct `x-hasura-admin-secret` header
+        const adminSecretFromHeader = request.headers.get('x-hasura-admin-secret');
+        const adminSecret = process.env.NHOST_ADMIN_SECRET;
+        // check if the request is from Hasura
+        const nhostWebhookSecretFromHeader = request.headers.get('x-nhost-webhook-secret');
+        const nhostWebhookSecret = process.env.NHOST_WEBHOOK_SECRET;
+        const role = request.headers.get('x-hasura-role');
+        // variables
+        const isAdmin = adminSecretFromHeader === adminSecret ||
+            (role === 'admin' && nhostWebhookSecretFromHeader === nhostWebhookSecret);
+        // if no isAllowed function is provided, we will allow admin requests
+        const isAllowedFunction = isAllowed ||
+            ((_stripeCustomerId, context) => {
+                return context.isAdmin;
+            });
+        // return
+        return Object.assign(Object.assign({}, context), { isAllowed: isAllowedFunction, userClaims,
+            isAdmin });
+    };
+    return (0, node_1.createServer)({
+        cors,
+        graphiql,
+        context,
+        schema: schema_1.schema
+    });
+};
+exports.createStripeGraphQLServer = createStripeGraphQLServer;
+//# sourceMappingURL=server.js.map

package/dist/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;;AAAA,6CAAqE;AAErE,qCAAiC;AAqDG,uFArD3B,eAAM,OAqD2B;AAnD1C,mCAAuC;AAEvC,MAAM,yBAAyB,GAAG,CAAC,MAA0B,EAAE,EAAE;IAC/D,MAAM,IAAI,GAAG,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,IAAI,CAAA;IACzB,MAAM,SAAS,GAAG,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA;IACnC,MAAM,QAAQ,GAAG,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,QAAQ,CAAA;IAEjC,MAAM,OAAO,GAAG,CAAC,OAA2B,EAAW,EAAE;QACvD,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;QAE3B,UAAU;QACV,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,OAAO,CAAC,CAAA;QAEzC,wDAAwD;QACxD,MAAM,qBAAqB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAA;QAC1E,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAA;QAElD,sCAAsC;QACtC,MAAM,4BAA4B,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAA;QAClF,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAA;QAC3D,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAA;QAEjD,YAAY;QACZ,MAAM,OAAO,GACX,qBAAqB,KAAK,WAAW;YACrC,CAAC,IAAI,KAAK,OAAO,IAAI,4BAA4B,KAAK,kBAAkB,CAAC,CAAA;QAE3E,qEAAqE;QACrE,MAAM,iBAAiB,GACrB,SAAS;YACT,CAAC,CAAC,iBAAyB,EAAE,OAAgB,EAAE,EAAE;gBAC/C,OAAO,OAAO,CAAC,OAAO,CAAA;YACxB,CAAC,CAAC,CAAA;QAEJ,SAAS;QACT,uCACK,OAAO,KACV,SAAS,EAAE,iBAAiB,EAC5B,UAAU;YACV,OAAO,IACR;IACH,CAAC,CAAA;IAED,OAAO,IAAA,mBAAY,EAAC;QAClB,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,MAAM,EAAN,eAAM;KACP,CAAC,CAAA;AACJ,CAAC,CAAA;AAEQ,8DAAyB"}

package/dist/types.d.ts

@@ -0,0 +1,33 @@
+import type Stripe from 'stripe';
+import type { CORSOptions, YogaInitialContext } from '@graphql-yoga/node';
+export declare type StripeGraphQLContext = {
+    isAllowed: (stripeCustomerId: string, context: Context) => boolean;
+    userClaims?: UserHasuraClaims;
+    isAdmin: boolean;
+};
+export declare type Context = YogaInitialContext & StripeGraphQLContext;
+export declare type CreateServerProps = {
+    cors?: CORSOptions;
+    isAllowed?: (stripeCustomerId: string, context: Context) => boolean;
+    graphiql?: boolean;
+};
+export declare type StripePaymentMethod = Stripe.PaymentMethod & {
+    customer: string | null;
+};
+export declare type StripeSubscription = Stripe.Subscription & {
+    customer: string;
+    test_clock: string | null;
+};
+export declare type StripeInvoice = Stripe.Invoice & {
+    id: string;
+    customer: string;
+    default_payment_method: StripePaymentMethod | null;
+};
+export declare type UserHasuraClaims = {
+    'x-hasura-user-id': string;
+    'x-hasura-default-role': string;
+    'x-hasura-allowed-roles': string[];
+} & {
+    [key: string]: string;
+};
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAA;AAEhC,OAAO,KAAK,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAA;AAEzE,oBAAY,oBAAoB,GAAG;IACjC,SAAS,EAAE,CAAC,gBAAgB,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,KAAK,OAAO,CAAA;IAClE,UAAU,CAAC,EAAE,gBAAgB,CAAA;IAC7B,OAAO,EAAE,OAAO,CAAA;CACjB,CAAA;AAED,oBAAY,OAAO,GAAG,kBAAkB,GAAG,oBAAoB,CAAA;AAE/D,oBAAY,iBAAiB,GAAG;IAC9B,IAAI,CAAC,EAAE,WAAW,CAAA;IAClB,SAAS,CAAC,EAAE,CAAC,gBAAgB,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,KAAK,OAAO,CAAA;IACnE,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB,CAAA;AAID,oBAAY,mBAAmB,GAAG,MAAM,CAAC,aAAa,GAAG;IACvD,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;CACxB,CAAA;AAED,oBAAY,kBAAkB,GAAG,MAAM,CAAC,YAAY,GAAG;IACrD,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAA;CAC1B,CAAA;AAED,oBAAY,aAAa,GAAG,MAAM,CAAC,OAAO,GAAG;IAC3C,EAAE,EAAE,MAAM,CAAA;IACV,QAAQ,EAAE,MAAM,CAAA;IAChB,sBAAsB,EAAE,mBAAmB,GAAG,IAAI,CAAA;CACnD,CAAA;AAED,oBAAY,gBAAgB,GAAG;IAC7B,kBAAkB,EAAE,MAAM,CAAA;IAC1B,uBAAuB,EAAE,MAAM,CAAA;IAC/B,wBAAwB,EAAE,MAAM,EAAE,CAAA;CACnC,GAAG;IACF,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CACtB,CAAA"}

package/dist/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}

package/dist/utils.d.ts

@@ -0,0 +1,5 @@
+import Stripe from 'stripe';
+import { UserHasuraClaims } from './types';
+export declare const stripe: Stripe;
+export declare const getUserClaims: (req: Request) => UserHasuraClaims | undefined;
+//# sourceMappingURL=utils.d.ts.map

package/dist/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AACA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAE3B,OAAO,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAA;AAM1C,eAAO,MAAM,MAAM,QAEjB,CAAA;AAEF,eAAO,MAAM,aAAa,QAAS,OAAO,KAAG,gBAAgB,GAAG,SAqB/D,CAAA"}

package/dist/utils.js

@@ -0,0 +1,34 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getUserClaims = exports.stripe = void 0;
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const stripe_1 = __importDefault(require("stripe"));
+if (!process.env.STRIPE_SECRET_KEY) {
+    throw new Error('STRIPE_SECRET_KEY env var is not set');
+}
+exports.stripe = new stripe_1.default(process.env.STRIPE_SECRET_KEY, {
+    apiVersion: '2022-08-01'
+});
+const getUserClaims = (req) => {
+    try {
+        const authorizationHeader = req.headers.get('authorization');
+        const accessToken = authorizationHeader === null || authorizationHeader === void 0 ? void 0 : authorizationHeader.split(' ')[1];
+        if (!accessToken) {
+            return undefined;
+        }
+        if (!process.env.NHOST_JWT_SECRET) {
+            throw new Error('NHOST_JWT_SECRET env var is not set');
+        }
+        const jwtSecret = JSON.parse(process.env.NHOST_JWT_SECRET);
+        const decodedToken = jsonwebtoken_1.default.verify(accessToken, jwtSecret.key);
+        return decodedToken['https://hasura.io/jwt/claims'];
+    }
+    catch (error) {
+        return undefined;
+    }
+};
+exports.getUserClaims = getUserClaims;
+//# sourceMappingURL=utils.js.map

package/dist/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";;;;;;AAAA,gEAA8B;AAC9B,oDAA2B;AAI3B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE;IAClC,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;CACxD;AAEY,QAAA,MAAM,GAAG,IAAI,gBAAM,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE;IAC9D,UAAU,EAAE,YAAY;CACzB,CAAC,CAAA;AAEK,MAAM,aAAa,GAAG,CAAC,GAAY,EAAgC,EAAE;IAC1E,IAAI;QACF,MAAM,mBAAmB,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAA;QAE5D,MAAM,WAAW,GAAG,mBAAmB,aAAnB,mBAAmB,uBAAnB,mBAAmB,CAAE,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAA;QAEtD,IAAI,CAAC,WAAW,EAAE;YAChB,OAAO,SAAS,CAAA;SACjB;QAED,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE;YACjC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;SACvD;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAA;QAE1D,MAAM,YAAY,GAAG,sBAAG,CAAC,MAAM,CAAC,WAAW,EAAE,SAAS,CAAC,GAAG,CAAQ,CAAA;QAClE,OAAO,YAAY,CAAC,8BAA8B,CAAqB,CAAA;KACxE;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,SAAS,CAAA;KACjB;AACH,CAAC,CAAA;AArBY,QAAA,aAAa,iBAqBzB"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/stripe-graphql-js",
-  "version": "0.0.1",
+  "version": "0.0.3",
   "description": "Stripe GraphQL API",
   "license": "MIT",
   "keywords": [
@@ -53,5 +53,6 @@
     "lint:fix": "eslint . --ext .ts,.tsx --fix",
     "verify": "run-p prettier lint",
     "verify:fix": "run-p prettier:fix lint:fix"
-  }
+  },
+  "readme": "<h1 align=\"center\">@nhost/stripe-graphql-js</h1>\n<h2 align=\"center\">Stripe GraphQL API</h2>\n\n<p align=\"center\">\n  <img alt=\"npm\" src=\"https://img.shields.io/npm/v/@nhost/stripe-graphql\">\n  <img alt=\"npm\" src=\"https://img.shields.io/npm/dm/@nhost/stripe-graphql\">\n  <a href=\"LICENSE\">\n    <img src=\"https://img.shields.io/badge/license-MIT-yellow.svg\" alt=\"license: MIT\" />\n  </a>\n</p>\n\nThis package creates a Stripe GraphQL API.\n\n```graphql\nquery {\n  stripe {\n    customer(id: \"cus_MVBRpmnBis9v5x\") {\n      id\n      name\n      invoices {\n        data {\n          id\n          created\n          paid\n          hostedInvoiceUrl\n        }\n      }\n    }\n  }\n}\n```\n\nYou can also add the Stripe GraphQL API as a Hasura Remote Schema and connect data from your database and Stripe. This allows you to request data from your database and Stripe in a single GraphQL query:\n\n```graphql\nquery {\n  users {\n    # User in your database\n    id\n    displayName\n    userData {\n      stripeCustomerId # Customer's Stripe Customer Id\n      stripeCustomer {\n        # Data from Stripe\n        id\n        name\n        paymentMethods {\n          id\n          card {\n            brand\n            last4\n          }\n        }\n      }\n    }\n  }\n}\n```\n\n## Install\n\n```bash\nnpm install @nhost/stripe-graphql-js\n```\n\n## Quick Start\n\n### Serverless Function Setup\n\nCreate a new [Serverless Function](https://docs.nhost.io/platform/serverless-functions) `functions/graphql/stripe.ts`:\n\n```js\nimport { createStripeGraphQLServer } from '@nhost/stripe-graphql-js'\n\nconst server = createStripeGraphQLServer()\n\nexport default server\n```\n\n> You can run the Stripe GraphQL API in any JS environment because it's built using [GraphQL Yoga](https://github.com/dotansimha/graphql-yoga).\n\n### Test\n\nTest the Stripe GraphQL API in the browser:\n\n[http://localhost:1337/v1/functions/graphql/stripe](http://localhost:1337/v1/functions/graphql/stripe)\n\n### Remote Schema\n\nAdd the Stripe GraphQL API as a Remote Schema in Hasura.\n\n**URL**\n\n```\n{{NHOST_BACKEND_URL}}/v1/functions/graphql/stripe`\n```\n\n**Headers**\n\n```\nx-nhost-webhook-secret: NHOST_WEBHOOK_SECRET (from env var)\n```\n\n![Hasura Remote Schema](./assets//hasura-remote-schema.png)\n\n## Permissions\n\nHere's a minimal example without any custom permissions. Only requests using the `x-hasura-admin-secret` header will work:\n\n```js\nconst server = createStripeGraphQLServer()\n```\n\nFor more granular permissions, you can pass an `isAllowed` function to the `createStripeGraphQLServer`. The `isAllowed` function takes a `stripeCustomerId` and [`context`](#context) as parameters and runs every time the GraphQL server makes a request to Stripe to get or modify data for a specific Stripe customer.\n\nHere is an example of an `isAllowed` function:\n\n```js\n\nconst isAllowed = (stripeCustomerId: string, context: Context) => {\n  const { isAdmin, userClaims } = context\n\n  // allow requests if it has a valid `x-hasura-admin-secret`\n  if (isAdmin) {\n    return true\n  }\n\n  // get user id\n  const userId = userClaims['x-hasura-user-id']\n\n  // check if user is signed in\n  if (!userId) {\n    return false;\n  }\n\n  // get more user information from the database\n  const { user } = await gqlSDK.getUser({\n    id: userId,\n  });\n\n  if (!user) {\n    return false;\n  }\n\n  // check if the user is part of a workspace with the `stripeCustomerId`\n  return user.workspaceMembers\n    .some((workspaceMember) => {\n      return workspaceMember.workspace.stripeCustomerId === stripeCustomerId;\n    });\n}\n\n```\n\n### Context\n\nThe `context` object contains:\n\n- `userClaims` - verified JWT claims from the user's access token.\n- `isAdmin` - `true` if the request was made using a valid `x-hasura-admin-secret` header.\n- `request` - [Fetch API Request object](https://developer.mozilla.org/en-US/docs/Web/API/Request) that represents the incoming HTTP request in platform-independent way. It can be useful for accessing headers to authenticate a user\n- `query` - the DocumentNode that was parsed from the GraphQL query string\n- `operationName` - the operation name selected from the incoming query\n- `variables` - the variables that were defined in the query\n- `extensions` - the extensions that were received from the client\n\nRead more about the [default context from GraphQL Yoga](https://www.the-guild.dev/graphql/yoga-server/docs/features/context#default-context).\n\n## Development\n\nInstall dependencies:\n\n```bash\npnpm install\n```\n\nStart the development server:\n\n```bash\npnpm dev\n```\n\nThe GraphQL Server will reload every time the code changes.\n\nOpen GraphiQL:\n\n[http://0.0.0.0:4000/graphql](http://0.0.0.0:4000/graphql)\n"
 }