@nokinc-flur/sdk 2.2.0 → 2.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +145 -8
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +265 -7
- package/dist/index.d.ts +265 -7
- package/dist/index.js +136 -8
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.d.ts
CHANGED
|
@@ -2891,7 +2891,78 @@ declare function createAccountsClient(opts: AccountsClientOptions): AccountsClie
|
|
|
2891
2891
|
* Schemas mirror `flur-backend/src/offline-consumer/types.ts`.
|
|
2892
2892
|
*/
|
|
2893
2893
|
|
|
2894
|
+
/**
|
|
2895
|
+
* Hard upper bound on an account-funded OAC's validity window (24h). The OAC
|
|
2896
|
+
* is a *rolling* 24h credential: a device that comes online at any point
|
|
2897
|
+
* proactively reissues a fresh 24h window, while a device that stays offline
|
|
2898
|
+
* beyond 24h loses spend authority (short TTL is the revocation-propagation
|
|
2899
|
+
* mechanism). The offline verifier rejects any window longer than this.
|
|
2900
|
+
*/
|
|
2894
2901
|
declare const ACCOUNT_FUNDED_OAC_MAX_TTL_MS: number;
|
|
2902
|
+
/**
|
|
2903
|
+
* Pinned issuer trust-bundle entry returned by `GET /v1/issuer/keys`. Devices
|
|
2904
|
+
* pin these public keys and verify unified OACs OFFLINE against them — never
|
|
2905
|
+
* against the key embedded in the credential. The shape is a superset of
|
|
2906
|
+
* `TrustedIssuerKey` so it can be passed straight to `verifyOacOffline`.
|
|
2907
|
+
*/
|
|
2908
|
+
declare const IssuerTrustKeySchema: z.ZodObject<{
|
|
2909
|
+
issuerId: z.ZodString;
|
|
2910
|
+
alg: z.ZodLiteral<"p256">;
|
|
2911
|
+
publicKeySpkiB64: z.ZodString;
|
|
2912
|
+
notBeforeMs: z.ZodOptional<z.ZodNumber>;
|
|
2913
|
+
notAfterMs: z.ZodOptional<z.ZodNumber>;
|
|
2914
|
+
}, "strip", z.ZodTypeAny, {
|
|
2915
|
+
issuerId: string;
|
|
2916
|
+
alg: "p256";
|
|
2917
|
+
publicKeySpkiB64: string;
|
|
2918
|
+
notBeforeMs?: number | undefined;
|
|
2919
|
+
notAfterMs?: number | undefined;
|
|
2920
|
+
}, {
|
|
2921
|
+
issuerId: string;
|
|
2922
|
+
alg: "p256";
|
|
2923
|
+
publicKeySpkiB64: string;
|
|
2924
|
+
notBeforeMs?: number | undefined;
|
|
2925
|
+
notAfterMs?: number | undefined;
|
|
2926
|
+
}>;
|
|
2927
|
+
type IssuerTrustKey = z.infer<typeof IssuerTrustKeySchema>;
|
|
2928
|
+
declare const IssuerTrustBundleSchema: z.ZodObject<{
|
|
2929
|
+
keys: z.ZodArray<z.ZodObject<{
|
|
2930
|
+
issuerId: z.ZodString;
|
|
2931
|
+
alg: z.ZodLiteral<"p256">;
|
|
2932
|
+
publicKeySpkiB64: z.ZodString;
|
|
2933
|
+
notBeforeMs: z.ZodOptional<z.ZodNumber>;
|
|
2934
|
+
notAfterMs: z.ZodOptional<z.ZodNumber>;
|
|
2935
|
+
}, "strip", z.ZodTypeAny, {
|
|
2936
|
+
issuerId: string;
|
|
2937
|
+
alg: "p256";
|
|
2938
|
+
publicKeySpkiB64: string;
|
|
2939
|
+
notBeforeMs?: number | undefined;
|
|
2940
|
+
notAfterMs?: number | undefined;
|
|
2941
|
+
}, {
|
|
2942
|
+
issuerId: string;
|
|
2943
|
+
alg: "p256";
|
|
2944
|
+
publicKeySpkiB64: string;
|
|
2945
|
+
notBeforeMs?: number | undefined;
|
|
2946
|
+
notAfterMs?: number | undefined;
|
|
2947
|
+
}>, "many">;
|
|
2948
|
+
}, "strip", z.ZodTypeAny, {
|
|
2949
|
+
keys: {
|
|
2950
|
+
issuerId: string;
|
|
2951
|
+
alg: "p256";
|
|
2952
|
+
publicKeySpkiB64: string;
|
|
2953
|
+
notBeforeMs?: number | undefined;
|
|
2954
|
+
notAfterMs?: number | undefined;
|
|
2955
|
+
}[];
|
|
2956
|
+
}, {
|
|
2957
|
+
keys: {
|
|
2958
|
+
issuerId: string;
|
|
2959
|
+
alg: "p256";
|
|
2960
|
+
publicKeySpkiB64: string;
|
|
2961
|
+
notBeforeMs?: number | undefined;
|
|
2962
|
+
notAfterMs?: number | undefined;
|
|
2963
|
+
}[];
|
|
2964
|
+
}>;
|
|
2965
|
+
type IssuerTrustBundle = z.infer<typeof IssuerTrustBundleSchema>;
|
|
2895
2966
|
/**
|
|
2896
2967
|
* Counterparty claim-submission grace after `oac.validUntilMs`. Claims
|
|
2897
2968
|
* signed while the OAC was valid may still be relayed within this window
|
|
@@ -2969,9 +3040,9 @@ declare const DeviceKeyRecordSchema: z.ZodObject<{
|
|
|
2969
3040
|
id: string;
|
|
2970
3041
|
createdAtMs: number;
|
|
2971
3042
|
revokedAtMs: number | null;
|
|
3043
|
+
alg: "p256";
|
|
2972
3044
|
publicKeySpkiB64: string | null;
|
|
2973
3045
|
securityLevel: "STRONGBOX" | "TEE" | "SECURE_ENCLAVE" | "SOFTWARE" | null;
|
|
2974
|
-
alg: "p256";
|
|
2975
3046
|
hardwareBacked: boolean;
|
|
2976
3047
|
attestedAtMs: number | null;
|
|
2977
3048
|
}, {
|
|
@@ -2980,9 +3051,9 @@ declare const DeviceKeyRecordSchema: z.ZodObject<{
|
|
|
2980
3051
|
id: string;
|
|
2981
3052
|
createdAtMs: number;
|
|
2982
3053
|
revokedAtMs: number | null;
|
|
3054
|
+
alg?: "p256" | undefined;
|
|
2983
3055
|
publicKeySpkiB64?: string | null | undefined;
|
|
2984
3056
|
securityLevel?: "STRONGBOX" | "TEE" | "SECURE_ENCLAVE" | "SOFTWARE" | null | undefined;
|
|
2985
|
-
alg?: "p256" | undefined;
|
|
2986
3057
|
hardwareBacked?: boolean | undefined;
|
|
2987
3058
|
attestedAtMs?: number | null | undefined;
|
|
2988
3059
|
}>;
|
|
@@ -3001,6 +3072,13 @@ declare const ConsumerOACSchema: z.ZodObject<{
|
|
|
3001
3072
|
alg: z.ZodLiteral<"p256">;
|
|
3002
3073
|
/** P-256 SubjectPublicKeyInfo DER, base64. */
|
|
3003
3074
|
devicePubkeySpkiB64: z.ZodString;
|
|
3075
|
+
/**
|
|
3076
|
+
* Per-transaction / cumulative offline spend ceilings. Zero is valid and
|
|
3077
|
+
* denotes an identity-only OAC: the credential proves who the holder is and
|
|
3078
|
+
* binds their device key for offline-verifiable first contact, but carries
|
|
3079
|
+
* no offline spend authority (every claim against it routes to REVIEW).
|
|
3080
|
+
* Issued to zero-balance wallets so they can still be paid offline.
|
|
3081
|
+
*/
|
|
3004
3082
|
perTxCapKobo: z.ZodNumber;
|
|
3005
3083
|
cumulativeCapKobo: z.ZodNumber;
|
|
3006
3084
|
currency: z.ZodString;
|
|
@@ -3008,9 +3086,19 @@ declare const ConsumerOACSchema: z.ZodObject<{
|
|
|
3008
3086
|
validUntilMs: z.ZodNumber;
|
|
3009
3087
|
counterSeed: z.ZodNumber;
|
|
3010
3088
|
issuedAtMs: z.ZodNumber;
|
|
3089
|
+
/**
|
|
3090
|
+
* Issuer-attested identity folded into the OAC so a single signed
|
|
3091
|
+
* credential serves both Tier B offline-verifiable identity and offline
|
|
3092
|
+
* spend authority. Verified offline against a pinned issuer key; the
|
|
3093
|
+
* backend remains authoritative at settlement.
|
|
3094
|
+
*/
|
|
3095
|
+
phoneE164: z.ZodString;
|
|
3096
|
+
displayName: z.ZodString;
|
|
3011
3097
|
}, "strip", z.ZodTypeAny, {
|
|
3098
|
+
phoneE164: string;
|
|
3012
3099
|
userId: string;
|
|
3013
3100
|
deviceId: string;
|
|
3101
|
+
displayName: string;
|
|
3014
3102
|
currency: string;
|
|
3015
3103
|
perTxCapKobo: number;
|
|
3016
3104
|
cumulativeCapKobo: number;
|
|
@@ -3023,8 +3111,10 @@ declare const ConsumerOACSchema: z.ZodObject<{
|
|
|
3023
3111
|
oacId: string;
|
|
3024
3112
|
devicePubkeySpkiB64: string;
|
|
3025
3113
|
}, {
|
|
3114
|
+
phoneE164: string;
|
|
3026
3115
|
userId: string;
|
|
3027
3116
|
deviceId: string;
|
|
3117
|
+
displayName: string;
|
|
3028
3118
|
currency: string;
|
|
3029
3119
|
perTxCapKobo: number;
|
|
3030
3120
|
cumulativeCapKobo: number;
|
|
@@ -3053,6 +3143,13 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
|
|
|
3053
3143
|
alg: z.ZodLiteral<"p256">;
|
|
3054
3144
|
/** P-256 SubjectPublicKeyInfo DER, base64. */
|
|
3055
3145
|
devicePubkeySpkiB64: z.ZodString;
|
|
3146
|
+
/**
|
|
3147
|
+
* Per-transaction / cumulative offline spend ceilings. Zero is valid and
|
|
3148
|
+
* denotes an identity-only OAC: the credential proves who the holder is and
|
|
3149
|
+
* binds their device key for offline-verifiable first contact, but carries
|
|
3150
|
+
* no offline spend authority (every claim against it routes to REVIEW).
|
|
3151
|
+
* Issued to zero-balance wallets so they can still be paid offline.
|
|
3152
|
+
*/
|
|
3056
3153
|
perTxCapKobo: z.ZodNumber;
|
|
3057
3154
|
cumulativeCapKobo: z.ZodNumber;
|
|
3058
3155
|
currency: z.ZodString;
|
|
@@ -3060,9 +3157,19 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
|
|
|
3060
3157
|
validUntilMs: z.ZodNumber;
|
|
3061
3158
|
counterSeed: z.ZodNumber;
|
|
3062
3159
|
issuedAtMs: z.ZodNumber;
|
|
3160
|
+
/**
|
|
3161
|
+
* Issuer-attested identity folded into the OAC so a single signed
|
|
3162
|
+
* credential serves both Tier B offline-verifiable identity and offline
|
|
3163
|
+
* spend authority. Verified offline against a pinned issuer key; the
|
|
3164
|
+
* backend remains authoritative at settlement.
|
|
3165
|
+
*/
|
|
3166
|
+
phoneE164: z.ZodString;
|
|
3167
|
+
displayName: z.ZodString;
|
|
3063
3168
|
}, "strip", z.ZodTypeAny, {
|
|
3169
|
+
phoneE164: string;
|
|
3064
3170
|
userId: string;
|
|
3065
3171
|
deviceId: string;
|
|
3172
|
+
displayName: string;
|
|
3066
3173
|
currency: string;
|
|
3067
3174
|
perTxCapKobo: number;
|
|
3068
3175
|
cumulativeCapKobo: number;
|
|
@@ -3075,8 +3182,10 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
|
|
|
3075
3182
|
oacId: string;
|
|
3076
3183
|
devicePubkeySpkiB64: string;
|
|
3077
3184
|
}, {
|
|
3185
|
+
phoneE164: string;
|
|
3078
3186
|
userId: string;
|
|
3079
3187
|
deviceId: string;
|
|
3188
|
+
displayName: string;
|
|
3080
3189
|
currency: string;
|
|
3081
3190
|
perTxCapKobo: number;
|
|
3082
3191
|
cumulativeCapKobo: number;
|
|
@@ -3096,8 +3205,10 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
|
|
|
3096
3205
|
}, "strip", z.ZodTypeAny, {
|
|
3097
3206
|
issuerSig: string;
|
|
3098
3207
|
oac: {
|
|
3208
|
+
phoneE164: string;
|
|
3099
3209
|
userId: string;
|
|
3100
3210
|
deviceId: string;
|
|
3211
|
+
displayName: string;
|
|
3101
3212
|
currency: string;
|
|
3102
3213
|
perTxCapKobo: number;
|
|
3103
3214
|
cumulativeCapKobo: number;
|
|
@@ -3114,8 +3225,10 @@ declare const SignedConsumerOACSchema: z.ZodObject<{
|
|
|
3114
3225
|
}, {
|
|
3115
3226
|
issuerSig: string;
|
|
3116
3227
|
oac: {
|
|
3228
|
+
phoneE164: string;
|
|
3117
3229
|
userId: string;
|
|
3118
3230
|
deviceId: string;
|
|
3231
|
+
displayName: string;
|
|
3119
3232
|
currency: string;
|
|
3120
3233
|
perTxCapKobo: number;
|
|
3121
3234
|
cumulativeCapKobo: number;
|
|
@@ -3146,6 +3259,13 @@ declare const OACRecordSchema: z.ZodObject<{
|
|
|
3146
3259
|
alg: z.ZodLiteral<"p256">;
|
|
3147
3260
|
/** P-256 SubjectPublicKeyInfo DER, base64. */
|
|
3148
3261
|
devicePubkeySpkiB64: z.ZodString;
|
|
3262
|
+
/**
|
|
3263
|
+
* Per-transaction / cumulative offline spend ceilings. Zero is valid and
|
|
3264
|
+
* denotes an identity-only OAC: the credential proves who the holder is and
|
|
3265
|
+
* binds their device key for offline-verifiable first contact, but carries
|
|
3266
|
+
* no offline spend authority (every claim against it routes to REVIEW).
|
|
3267
|
+
* Issued to zero-balance wallets so they can still be paid offline.
|
|
3268
|
+
*/
|
|
3149
3269
|
perTxCapKobo: z.ZodNumber;
|
|
3150
3270
|
cumulativeCapKobo: z.ZodNumber;
|
|
3151
3271
|
currency: z.ZodString;
|
|
@@ -3153,9 +3273,19 @@ declare const OACRecordSchema: z.ZodObject<{
|
|
|
3153
3273
|
validUntilMs: z.ZodNumber;
|
|
3154
3274
|
counterSeed: z.ZodNumber;
|
|
3155
3275
|
issuedAtMs: z.ZodNumber;
|
|
3276
|
+
/**
|
|
3277
|
+
* Issuer-attested identity folded into the OAC so a single signed
|
|
3278
|
+
* credential serves both Tier B offline-verifiable identity and offline
|
|
3279
|
+
* spend authority. Verified offline against a pinned issuer key; the
|
|
3280
|
+
* backend remains authoritative at settlement.
|
|
3281
|
+
*/
|
|
3282
|
+
phoneE164: z.ZodString;
|
|
3283
|
+
displayName: z.ZodString;
|
|
3156
3284
|
}, "strip", z.ZodTypeAny, {
|
|
3285
|
+
phoneE164: string;
|
|
3157
3286
|
userId: string;
|
|
3158
3287
|
deviceId: string;
|
|
3288
|
+
displayName: string;
|
|
3159
3289
|
currency: string;
|
|
3160
3290
|
perTxCapKobo: number;
|
|
3161
3291
|
cumulativeCapKobo: number;
|
|
@@ -3168,8 +3298,10 @@ declare const OACRecordSchema: z.ZodObject<{
|
|
|
3168
3298
|
oacId: string;
|
|
3169
3299
|
devicePubkeySpkiB64: string;
|
|
3170
3300
|
}, {
|
|
3301
|
+
phoneE164: string;
|
|
3171
3302
|
userId: string;
|
|
3172
3303
|
deviceId: string;
|
|
3304
|
+
displayName: string;
|
|
3173
3305
|
currency: string;
|
|
3174
3306
|
perTxCapKobo: number;
|
|
3175
3307
|
cumulativeCapKobo: number;
|
|
@@ -3196,8 +3328,10 @@ declare const OACRecordSchema: z.ZodObject<{
|
|
|
3196
3328
|
issuerSig: string;
|
|
3197
3329
|
revokedAtMs: number | null;
|
|
3198
3330
|
oac: {
|
|
3331
|
+
phoneE164: string;
|
|
3199
3332
|
userId: string;
|
|
3200
3333
|
deviceId: string;
|
|
3334
|
+
displayName: string;
|
|
3201
3335
|
currency: string;
|
|
3202
3336
|
perTxCapKobo: number;
|
|
3203
3337
|
cumulativeCapKobo: number;
|
|
@@ -3218,8 +3352,10 @@ declare const OACRecordSchema: z.ZodObject<{
|
|
|
3218
3352
|
issuerSig: string;
|
|
3219
3353
|
revokedAtMs: number | null;
|
|
3220
3354
|
oac: {
|
|
3355
|
+
phoneE164: string;
|
|
3221
3356
|
userId: string;
|
|
3222
3357
|
deviceId: string;
|
|
3358
|
+
displayName: string;
|
|
3223
3359
|
currency: string;
|
|
3224
3360
|
perTxCapKobo: number;
|
|
3225
3361
|
cumulativeCapKobo: number;
|
|
@@ -3279,6 +3415,13 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
|
|
|
3279
3415
|
alg: z.ZodLiteral<"p256">;
|
|
3280
3416
|
/** P-256 SubjectPublicKeyInfo DER, base64. */
|
|
3281
3417
|
devicePubkeySpkiB64: z.ZodString;
|
|
3418
|
+
/**
|
|
3419
|
+
* Per-transaction / cumulative offline spend ceilings. Zero is valid and
|
|
3420
|
+
* denotes an identity-only OAC: the credential proves who the holder is and
|
|
3421
|
+
* binds their device key for offline-verifiable first contact, but carries
|
|
3422
|
+
* no offline spend authority (every claim against it routes to REVIEW).
|
|
3423
|
+
* Issued to zero-balance wallets so they can still be paid offline.
|
|
3424
|
+
*/
|
|
3282
3425
|
perTxCapKobo: z.ZodNumber;
|
|
3283
3426
|
cumulativeCapKobo: z.ZodNumber;
|
|
3284
3427
|
currency: z.ZodString;
|
|
@@ -3286,9 +3429,19 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
|
|
|
3286
3429
|
validUntilMs: z.ZodNumber;
|
|
3287
3430
|
counterSeed: z.ZodNumber;
|
|
3288
3431
|
issuedAtMs: z.ZodNumber;
|
|
3432
|
+
/**
|
|
3433
|
+
* Issuer-attested identity folded into the OAC so a single signed
|
|
3434
|
+
* credential serves both Tier B offline-verifiable identity and offline
|
|
3435
|
+
* spend authority. Verified offline against a pinned issuer key; the
|
|
3436
|
+
* backend remains authoritative at settlement.
|
|
3437
|
+
*/
|
|
3438
|
+
phoneE164: z.ZodString;
|
|
3439
|
+
displayName: z.ZodString;
|
|
3289
3440
|
}, "strip", z.ZodTypeAny, {
|
|
3441
|
+
phoneE164: string;
|
|
3290
3442
|
userId: string;
|
|
3291
3443
|
deviceId: string;
|
|
3444
|
+
displayName: string;
|
|
3292
3445
|
currency: string;
|
|
3293
3446
|
perTxCapKobo: number;
|
|
3294
3447
|
cumulativeCapKobo: number;
|
|
@@ -3301,8 +3454,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
|
|
|
3301
3454
|
oacId: string;
|
|
3302
3455
|
devicePubkeySpkiB64: string;
|
|
3303
3456
|
}, {
|
|
3457
|
+
phoneE164: string;
|
|
3304
3458
|
userId: string;
|
|
3305
3459
|
deviceId: string;
|
|
3460
|
+
displayName: string;
|
|
3306
3461
|
currency: string;
|
|
3307
3462
|
perTxCapKobo: number;
|
|
3308
3463
|
cumulativeCapKobo: number;
|
|
@@ -3329,8 +3484,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
|
|
|
3329
3484
|
issuerSig: string;
|
|
3330
3485
|
revokedAtMs: number | null;
|
|
3331
3486
|
oac: {
|
|
3487
|
+
phoneE164: string;
|
|
3332
3488
|
userId: string;
|
|
3333
3489
|
deviceId: string;
|
|
3490
|
+
displayName: string;
|
|
3334
3491
|
currency: string;
|
|
3335
3492
|
perTxCapKobo: number;
|
|
3336
3493
|
cumulativeCapKobo: number;
|
|
@@ -3351,8 +3508,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
|
|
|
3351
3508
|
issuerSig: string;
|
|
3352
3509
|
revokedAtMs: number | null;
|
|
3353
3510
|
oac: {
|
|
3511
|
+
phoneE164: string;
|
|
3354
3512
|
userId: string;
|
|
3355
3513
|
deviceId: string;
|
|
3514
|
+
displayName: string;
|
|
3356
3515
|
currency: string;
|
|
3357
3516
|
perTxCapKobo: number;
|
|
3358
3517
|
cumulativeCapKobo: number;
|
|
@@ -3375,8 +3534,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
|
|
|
3375
3534
|
issuerSig: string;
|
|
3376
3535
|
revokedAtMs: number | null;
|
|
3377
3536
|
oac: {
|
|
3537
|
+
phoneE164: string;
|
|
3378
3538
|
userId: string;
|
|
3379
3539
|
deviceId: string;
|
|
3540
|
+
displayName: string;
|
|
3380
3541
|
currency: string;
|
|
3381
3542
|
perTxCapKobo: number;
|
|
3382
3543
|
cumulativeCapKobo: number;
|
|
@@ -3399,8 +3560,10 @@ declare const OfflineStatusResultSchema: z.ZodObject<{
|
|
|
3399
3560
|
issuerSig: string;
|
|
3400
3561
|
revokedAtMs: number | null;
|
|
3401
3562
|
oac: {
|
|
3563
|
+
phoneE164: string;
|
|
3402
3564
|
userId: string;
|
|
3403
3565
|
deviceId: string;
|
|
3566
|
+
displayName: string;
|
|
3404
3567
|
currency: string;
|
|
3405
3568
|
perTxCapKobo: number;
|
|
3406
3569
|
cumulativeCapKobo: number;
|
|
@@ -3683,6 +3846,8 @@ type MeOfflineClient = {
|
|
|
3683
3846
|
getStatus: (deviceId?: string) => Promise<OfflineStatusResult>;
|
|
3684
3847
|
submitClaim: (claim: ConsumerPaymentClaim) => Promise<ConsumerSettleResult>;
|
|
3685
3848
|
getSettlement: (idOrKey: string) => Promise<ConsumerSettlement>;
|
|
3849
|
+
/** Fetch the public pinned issuer trust bundle (`GET /v1/issuer/keys`). */
|
|
3850
|
+
getIssuerKeys: () => Promise<IssuerTrustBundle>;
|
|
3686
3851
|
};
|
|
3687
3852
|
declare function createMeOfflineClient(opts: MeOfflineClientOptions): MeOfflineClient;
|
|
3688
3853
|
|
|
@@ -3939,6 +4104,99 @@ declare function verifyConsumerSettlementReceiptQR(value: string, issuerPublicKe
|
|
|
3939
4104
|
declare function decodeConsumerSettlementReceiptQR(value: string): ConsumerSettlement;
|
|
3940
4105
|
declare function decodeConsumerSettlementReceiptQR(value: string, issuerPublicKeySpkiB64: string): ConsumerSettlement;
|
|
3941
4106
|
|
|
4107
|
+
/**
|
|
4108
|
+
* Domain tag bound into the OAC issuer signature. MUST match
|
|
4109
|
+
* `OAC_DOMAIN` in `flur-backend/src/offline-consumer/service.ts`.
|
|
4110
|
+
*/
|
|
4111
|
+
declare const CONSUMER_OAC_DOMAIN: "flur:consumer-offline:v1:oac";
|
|
4112
|
+
/**
|
|
4113
|
+
* A pinned issuer key the device trusts for offline OAC verification.
|
|
4114
|
+
* Sourced from the backend Trust Bundle (`GET /v1/issuer/keys`) and cached
|
|
4115
|
+
* on-device. `notBeforeMs` / `notAfterMs` bound the key's own validity so a
|
|
4116
|
+
* rotated-out key cannot be used to verify a freshly minted credential.
|
|
4117
|
+
*/
|
|
4118
|
+
interface TrustedIssuerKey {
|
|
4119
|
+
issuerId: string;
|
|
4120
|
+
/** Issuer P-256 public key as SubjectPublicKeyInfo DER, base64. */
|
|
4121
|
+
publicKeySpkiB64: string;
|
|
4122
|
+
notBeforeMs?: number;
|
|
4123
|
+
notAfterMs?: number;
|
|
4124
|
+
}
|
|
4125
|
+
/** Identity surfaced to the caller after a successful offline verify. */
|
|
4126
|
+
interface OacOfflineIdentity {
|
|
4127
|
+
oacId: string;
|
|
4128
|
+
issuerId: string;
|
|
4129
|
+
userId: string;
|
|
4130
|
+
phoneE164: string;
|
|
4131
|
+
displayName: string;
|
|
4132
|
+
/** Holder's bound device key; lets the caller verify receipts offline. */
|
|
4133
|
+
devicePubkeySpkiB64: string;
|
|
4134
|
+
}
|
|
4135
|
+
type VerifyOacOfflineResult = {
|
|
4136
|
+
ok: true;
|
|
4137
|
+
oac: ConsumerOAC;
|
|
4138
|
+
identity: OacOfflineIdentity;
|
|
4139
|
+
} | {
|
|
4140
|
+
ok: false;
|
|
4141
|
+
reason: 'malformed' | 'untrusted_issuer' | 'signature_invalid' | 'window_too_long' | 'not_yet_valid' | 'expired';
|
|
4142
|
+
};
|
|
4143
|
+
interface VerifyOacOfflineOptions {
|
|
4144
|
+
/** Override the wall clock; defaults to `Date.now()`. */
|
|
4145
|
+
nowMs?: number;
|
|
4146
|
+
}
|
|
4147
|
+
/** Canonical OAC payload (domain-bound) the backend issuer signs. */
|
|
4148
|
+
declare function consumerOacSigningPayload(oac: ConsumerOAC): {
|
|
4149
|
+
phoneE164: string;
|
|
4150
|
+
userId: string;
|
|
4151
|
+
deviceId: string;
|
|
4152
|
+
displayName: string;
|
|
4153
|
+
currency: string;
|
|
4154
|
+
perTxCapKobo: number;
|
|
4155
|
+
cumulativeCapKobo: number;
|
|
4156
|
+
validFromMs: number;
|
|
4157
|
+
validUntilMs: number;
|
|
4158
|
+
counterSeed: number;
|
|
4159
|
+
issuedAtMs: number;
|
|
4160
|
+
issuerId: string;
|
|
4161
|
+
alg: "p256";
|
|
4162
|
+
oacId: string;
|
|
4163
|
+
devicePubkeySpkiB64: string;
|
|
4164
|
+
domain: "flur:consumer-offline:v1:oac";
|
|
4165
|
+
};
|
|
4166
|
+
/**
|
|
4167
|
+
* Verify a signed OAC offline against a pinned set of trusted issuer keys.
|
|
4168
|
+
*
|
|
4169
|
+
* Security invariants:
|
|
4170
|
+
* - The signature is checked against the PINNED key for `oac.issuerId`,
|
|
4171
|
+
* never the credential-embedded `issuerPublicKeySpkiB64`. An attacker who
|
|
4172
|
+
* forges an OAC with their own key (and a matching embedded key) fails
|
|
4173
|
+
* because their key is not pinned.
|
|
4174
|
+
* - The pinned key's own validity window is enforced.
|
|
4175
|
+
* - The OAC validity window is enforced (`validFromMs <= now < validUntilMs`).
|
|
4176
|
+
*/
|
|
4177
|
+
declare function verifyOacOffline(signed: SignedConsumerOAC, trustedKeys: readonly TrustedIssuerKey[], options?: VerifyOacOfflineOptions): VerifyOacOfflineResult;
|
|
4178
|
+
/**
|
|
4179
|
+
* QR prefix for a presented unified OAC. A holder shows this QR to be paid
|
|
4180
|
+
* and/or identified offline; the scanner decodes it and calls
|
|
4181
|
+
* `verifyOacOffline` against its pinned trust bundle. Distinct from the
|
|
4182
|
+
* settlement-receipt (`FLURSR1.`) and pay-card prefixes so the scanner can
|
|
4183
|
+
* dispatch by prefix without ambiguity.
|
|
4184
|
+
*/
|
|
4185
|
+
declare const CONSUMER_OAC_QR_PREFIX: "FLUROAC1.";
|
|
4186
|
+
/** True iff `value` looks like a presented OAC QR payload. */
|
|
4187
|
+
declare function isConsumerOacQR(value: string): boolean;
|
|
4188
|
+
/**
|
|
4189
|
+
* Encode a signed OAC as a scannable QR payload. The envelope is validated
|
|
4190
|
+
* before encoding so a malformed credential can never be presented.
|
|
4191
|
+
*/
|
|
4192
|
+
declare function encodeConsumerOacQR(signed: SignedConsumerOAC): string;
|
|
4193
|
+
/**
|
|
4194
|
+
* Decode (WITHOUT verifying) a presented OAC QR back into a signed envelope.
|
|
4195
|
+
* The caller MUST pass the result to `verifyOacOffline` against pinned keys
|
|
4196
|
+
* before trusting any field — decoding proves nothing about authenticity.
|
|
4197
|
+
*/
|
|
4198
|
+
declare function decodeUnverifiedConsumerOacQR(value: string): SignedConsumerOAC;
|
|
4199
|
+
|
|
3942
4200
|
/**
|
|
3943
4201
|
* FLURA1 — single-SMS consumer-offline settle token.
|
|
3944
4202
|
*
|
|
@@ -5436,17 +5694,17 @@ declare const ReversalRecordArtifactSchema: z.ZodObject<{
|
|
|
5436
5694
|
}, "strip", z.ZodTypeAny, {
|
|
5437
5695
|
currency: "NGN";
|
|
5438
5696
|
amountKobo: number;
|
|
5697
|
+
reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
|
|
5439
5698
|
reversalId: string;
|
|
5440
5699
|
originalTxnId: string;
|
|
5441
|
-
reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
|
|
5442
5700
|
reversedAtMs: number;
|
|
5443
5701
|
memo?: string | undefined;
|
|
5444
5702
|
}, {
|
|
5445
5703
|
currency: "NGN";
|
|
5446
5704
|
amountKobo: number;
|
|
5705
|
+
reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
|
|
5447
5706
|
reversalId: string;
|
|
5448
5707
|
originalTxnId: string;
|
|
5449
|
-
reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
|
|
5450
5708
|
reversedAtMs: number;
|
|
5451
5709
|
memo?: string | undefined;
|
|
5452
5710
|
}>;
|
|
@@ -6093,17 +6351,17 @@ declare const ARTIFACT_BODY_SCHEMAS: {
|
|
|
6093
6351
|
}, "strip", z.ZodTypeAny, {
|
|
6094
6352
|
currency: "NGN";
|
|
6095
6353
|
amountKobo: number;
|
|
6354
|
+
reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
|
|
6096
6355
|
reversalId: string;
|
|
6097
6356
|
originalTxnId: string;
|
|
6098
|
-
reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
|
|
6099
6357
|
reversedAtMs: number;
|
|
6100
6358
|
memo?: string | undefined;
|
|
6101
6359
|
}, {
|
|
6102
6360
|
currency: "NGN";
|
|
6103
6361
|
amountKobo: number;
|
|
6362
|
+
reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
|
|
6104
6363
|
reversalId: string;
|
|
6105
6364
|
originalTxnId: string;
|
|
6106
|
-
reason: "user_dispute" | "fraud" | "duplicate" | "admin_correction" | "other";
|
|
6107
6365
|
reversedAtMs: number;
|
|
6108
6366
|
memo?: string | undefined;
|
|
6109
6367
|
}>;
|
|
@@ -6533,4 +6791,4 @@ declare function buildPayCardSigningInput(input: {
|
|
|
6533
6791
|
bodyBytes: Uint8Array;
|
|
6534
6792
|
};
|
|
6535
6793
|
|
|
6536
|
-
export { ACCOUNT_FUNDED_OAC_MAX_TTL_MS, ACCOUNT_STATUSES, ACCOUNT_TYPES, ADDITIONAL_DATA_SUBFIELD, ARTIFACT_BODY_SCHEMAS, ARTIFACT_TYPES, type Account, type AccountActivityItem, type AccountMembership, AccountMembershipSchema, AccountSchema, type AccountStatus, type AccountSummaryResponse, type AccountType, type AccountsClient, type AccountsClientOptions, type AddMemberInput, type AdditionalData, type ApiCredentialPublic, ApiCredentialPublicSchema, type ApiCredentialsAdminClient, type ArtifactBody, type ArtifactHeader, ArtifactHeaderSchema, type ArtifactType, type AtomicRedeemReceiptInput, type AtomicRedeemResponse, type AttestationSecurityLevel, AttestationSecurityLevelSchema, type AuthLogoutInput, type AuthRefreshInput, type AuthRefreshResponse, type AuthorizeSendWithBiometricInput, type AuthorizedOptions, type BiometricSigner, type BuildPassInput, type BuildReceiptInput, type BuildRedemptionInput, CLAIM_DOMAIN_V2, COLLECTION_INTENT_STATUSES, COLLECTION_PAYMENT_STATUSES, CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS, CONSUMER_PAYMENT_REQUEST_DOMAIN, CONSUMER_SETTLEMENT_DOMAIN, CONSUMER_SETTLEMENT_RECEIPT_QR_PREFIX, CUSTODIAL_MODES, type CanonicalClaimInput, type CashNamespace, type ClaimSignature, type CollectionIntent, CollectionIntentSchema, type CollectionPayment, type CollectionPaymentResult, CollectionPaymentResultSchema, CollectionPaymentSchema, type CollectionReportSummary, CollectionReportSummarySchema, type CollectionStatement, CollectionStatementSchema, type CollectionsClient, type CollectionsClientOptions, type ConsumerCollectionsClient, type ConsumerOAC, type OACRecord as ConsumerOACRecord, OACRecordSchema as ConsumerOACRecordSchema, ConsumerOACSchema, type ConsumerPaymentClaim, ConsumerPaymentClaimSchema, type ConsumerPaymentRequestEnvelope, ConsumerPaymentRequestEnvelopeSchema, type ConsumerSettleResult, ConsumerSettleResultSchema, type ConsumerSettlement, ConsumerSettlementSchema, type ConsumerWithdrawalsClient, type ConsumerWithdrawalsClientOptions, type CreateBusinessAccountInput, type CreateCollectionIntentInput, CreateCollectionIntentInputSchema, type CreatePayCardArtifactInput, type CreatePayLinkResponse, type CreatePayoutDestinationInput, CreatePayoutDestinationInputSchema, type CreatePayoutInput, CreatePayoutInputSchema, type CreateTransferOptions, type CreateWithdrawalInput, CreateWithdrawalInputSchema, type CreateWithdrawalResult, CreateWithdrawalResultSchema, type CustodialMode, type DecodedArtifactUri, type DecodedOfflineSmsSettleToken, type DecodedPayCard, type DeviceKeyAlg, DeviceKeyAlgSchema, type DeviceKeyRecord, DeviceKeyRecordSchema, type DeviceTrustState, FIELD, FLUR_ARTIFACT_URI_PREFIX, FLUR_ARTIFACT_URI_SCHEME, FLUR_ARTIFACT_VERSION, FlurApiError, FlurArtifactError, FlurCapExceededError, FlurClient, type FlurClientOptions, FlurError, type FlurErrorCode, FlurExpiredError, type FlurHandle, type FlurInitOptions, type FlurOfflineSettlementsClient, type FlurPartnerClient, type FlurPaymentEvent, FlurReplayError, HARDENED_ARTIFACT_TYPES, type HmacFetchOptions, IdentityArtifactSchema, type IngestFundingResult, IngestFundingResultSchema, type IssueAccountOacInput, IssueAccountOacInputSchema, type IssueOfflineTokenInput, type IssuePassInput, type IssueReceiptInput, LedgerJournalEntryArtifactSchema, type ListPassesInput, type ListPassesResponse, type ListPayoutDestinationsResult, ListPayoutDestinationsResultSchema, type ListReceiptsInput, type ListReceiptsResponse, type ListTransactionsOptions, MEMBERSHIP_ROLES, MERCHANT_PAYOUT_STATUSES, MERCHANT_PROFILE_STATUSES, type MeOfflineClient, type MeOfflineClientOptions, type MembershipRole, type MerchantAccountInfo, type MerchantPayout, MerchantPayoutSchema, type MerchantProfile, MerchantProfileSchema, type MintedApiCredential, MintedApiCredentialSchema, type Money, NGN_CURRENCY_CODE, NG_COUNTRY_CODE, NQRParseError, type NQRPayloadInput, NqrPaymentRequestArtifactSchema, type OAC, OACSchema, OAC_DEFAULT_CUMULATIVE_KOBO, OAC_DEFAULT_PER_TX_KOBO, OAC_DEFAULT_VALIDITY_MS, OFFLINE_CLAIM_SMS_PREFIX, OFFLINE_SMS_SETTLE_DOMAIN, OFFLINE_SMS_SETTLE_HEADER_BYTES, OFFLINE_SMS_SETTLE_PREFIX, OFFLINE_SMS_SETTLE_SIGNATURE_BYTES, OFFLINE_SMS_SETTLE_TOKEN_BYTES, OFFLINE_SMS_SETTLE_VERSION, type OfflineClaimAlgorithm, OfflineClaimArtifactSchema, type OfflineClaimSigner, type OfflinePaymentAuthorization, type OfflinePaymentAuthorizationArtifact, OfflinePaymentAuthorizationArtifactSchema, OfflinePaymentAuthorizationSchema, type OfflinePaymentRequest, OfflinePaymentRequestSchema, type OfflineSmsSettleInput, type OfflineSmsSettleSigner, type OfflineStatusResult, OfflineStatusResultSchema, type OfflineToken, OfflineTokenSchema, type OnboardingCompleteInput, type OnboardingCompleteResponse, type OnboardingFallback, type OnboardingRiskReason, type OnboardingStartInput, type OnboardingStartResponse, type P256EnrollmentChallengeInput, P256EnrollmentChallengeInputSchema, type P256EnrollmentChallengeResult, P256EnrollmentChallengeResultSchema, PARTNER_FUNDING_DIRECTIONS, PARTNER_FUNDING_STATUSES, PARTNER_KINDS, PARTNER_PROFILE_STATUSES, PARTNER_SCOPES, PASS_KINDS, PASS_STATES, PAYLOAD_FORMAT_INDICATOR_VALUE, PAYOUT_DESTINATION_STATUSES, PAY_CARD_DEFAULT_TTL_MS, PAY_CARD_REFRESH_THRESHOLD_MS, PAY_CARD_URI_PREFIX, POINT_OF_INITIATION, type ParsedNQR, type PartnerClientOptions, type PartnerCollectionsClient, type PartnerFunding, type PartnerFundingClient, type PartnerFundingDirection, type PartnerFundingEventInput, PartnerFundingEventInputSchema, PartnerFundingSchema, type PartnerFundingStatus, type PartnerKind, type PartnerProfile, type PartnerProfileAdminClient, type PartnerProfileAdminClientOptions, PartnerProfileSchema, type PartnerProfileStatus, type PartnerScope, type PartnerSignResult, type Pass, PassArtifactSchema, type PassKind, type PassMetadata, PassMetadataSchema, PassSchema, type PassState, type PassesClient, type PassesClientOptions, type PayCardArtifact, PayCardArtifactSchema, type PayCardFreshness, type PayCollectionInput, PayCollectionInputSchema, type PayCollectionOptions, type PayCollectionResponse, type PaymentClaim, PaymentClaimSchema, PaymentIntentArtifactSchema, type PayoutDestination, PayoutDestinationSchema, type PayoutDestinationStatus, type PayoutEventInput, PayoutEventInputSchema, type PinSetInput, type PinVerifyInput, type ProviderEventInput, ProviderEventInputSchema, type ProviderEventRecord, ProviderEventRecordSchema, type PublicCollectionIntent, PublicCollectionIntentSchema, type PushPlatform, type PushRegisterInput, RECEIPT_CHANNELS, RECEIPT_KINDS, REPLAY_WINDOW_MS, type Receipt, type ReceiptArtifact, ReceiptArtifactSchema, type ReceiptChannel, type ReceiptKind, type ReceiptPayload, ReceiptPayloadSchema, ReceiptSchema, type ReceiptsClient, type ReceiptsClientOptions, type RecipientResolveInput, type RecipientResolveResponse, type ReconciliationReport, ReconciliationReportSchema, type RecordPayoutEventResult, RecordPayoutEventResultSchema, type RedeemPassResponse, type Redemption, RedemptionSchema, type RegisterDeviceInput, type RegisterDeviceKeyP256Input, RegisterDeviceKeyP256InputSchema, type RegisterDeviceResponse, type RegisterSendDeviceKeyInput, type ResolveCollectionOptions, type ResolveCollectionResponse, type ResolvePayLinkResponse, ReversalRecordArtifactSchema, RevokeDeviceKeyInputSchema, type RevokePassInput, type RoutingHint, SETTLEMENT_SCHEDULES, type SendChallengeInput, type SendChallengeResponse, type SendMoneyInput, type SendMoneyOptions, type SendVerifyInput, type SendVerifyResponse, type SettleResponse, SettleResponseSchema, type Settlement, SettlementRecordArtifactSchema, SettlementSchema, type SignedArtifact, type SignedConsumerOAC, SignedConsumerOACSchema, type SignerPublicKey, StatementArtifactSchema, type SubscribeOptions, type TLVField, type TransactionDetailResponse, type TransactionDirection, type TransactionsListResponse, type TransferInput, type TransferResponse, type TransferStatus, type UnsignedConsumerPaymentRequest, type UnsignedOAC, type UnsignedOfflinePaymentAuthorization, type UnsignedOfflinePaymentRequest, type UnsignedPass, type UnsignedReceipt, type UnsignedRedemption, type UpsertMerchantProfileInput, UpsertMerchantProfileInputSchema, type UpsertPartnerProfileInput, UpsertPartnerProfileInputSchema, type VerifiedArtifact, type VerifyArtifactOptions, type VerifyClaimSignatureInput, WITHDRAWAL_STATES, type Withdrawal, WithdrawalSchema, type WithdrawalState, base64UrlDecode, base64UrlEncode, bodySha256Hex, buildArtifactBody, buildAuthorization, buildConsumerPaymentRequest, buildOAC, buildPass, buildPayCardSigningInput, buildPaymentRequest, buildReceipt, buildRedemption, buildSmsSettleHeader, domainTag as buildSmsSettleSignedBytes, canonicalClaimSigningBytes, canonicalClaimSigningPayload, canonicalJSONBytes, canonicalJSONStringify, canonicalRequestString, computeConsumerClaimEncounterId, computeEncounterId, constantTimeEqual, consumerPaymentRequestSigningBytes, consumerPaymentRequestSigningPayload, consumerSettlementSigningPayload, crc16ccitt, crc16ccittHex, createAccountsClient, createApiCredentialsAdminClient, createArtifactUri, createCollectionsClient, createConsumerCollectionsClient, createConsumerWithdrawalsClient, createFlurPartnerClient, createHmacFetch, createMeOfflineClient, createOfflinePaymentAuthorizationArtifactUri, createOfflineSettlementsClient, createPartnerCollectionsClient, createPartnerFundingClient, createPartnerProfileAdminClient, createPassesClient, createPayCardArtifactUri, createReceiptArtifactUri, createReceiptsClient, createSoftwareP256Signer, decodeArtifactUri, decodeAuthorizationQR, decodeBase45, decodeConsumerSettlementReceiptQR, decodeOfflineClaimSmsMessage, decodeOfflineSmsSettleToken, decodePayCardArtifact, decodePaymentRequestQR, decodeUnverifiedConsumerSettlementReceiptQR, derToRawP256Signature, encodeArtifactUri, encodeAuthorizationQR, encodeBase45, encodeConsumerSettlementReceiptQR, encodeNQR, encodeOfflineClaimSmsMessage, encodeOfflineSmsSettleToken, encodePaymentRequestQR, extractOfflineClaimSmsToken, extractOfflineSmsSettleToken, formatAmount, generateDynamicQR, generateStaticQR, init, inspectPayCardFreshness, isConsumerPaymentRequestExpired, isHardenedArtifactType, isKnownArtifactType, isPassWithinValidity, isPayCardArtifactUri, moneyMinorToNumber, normalizeE164, parseAmountInput, parseNQR, parseQR, readTLV, routingHint, signArtifact, signAuthorization, signConsumerPaymentRequest, signOAC, signPartnerRequest, signPass, signPaymentRequest, signReceipt, signRedemption, signRequestHMAC, verifyArtifactSignature, verifyArtifactUri, verifyAuthorization, verifyClaimSignature, verifyConsumerPaymentRequest, verifyConsumerSettlement, verifyConsumerSettlementReceiptQR, verifyOAC, verifyOfflineSmsSettleToken, verifyPass, verifyPayCardArtifact, verifyPaymentRequest, verifyReceipt, verifyRedemption, verifyRequestHMAC, writeTLV };
|
|
6794
|
+
export { ACCOUNT_FUNDED_OAC_MAX_TTL_MS, ACCOUNT_STATUSES, ACCOUNT_TYPES, ADDITIONAL_DATA_SUBFIELD, ARTIFACT_BODY_SCHEMAS, ARTIFACT_TYPES, type Account, type AccountActivityItem, type AccountMembership, AccountMembershipSchema, AccountSchema, type AccountStatus, type AccountSummaryResponse, type AccountType, type AccountsClient, type AccountsClientOptions, type AddMemberInput, type AdditionalData, type ApiCredentialPublic, ApiCredentialPublicSchema, type ApiCredentialsAdminClient, type ArtifactBody, type ArtifactHeader, ArtifactHeaderSchema, type ArtifactType, type AtomicRedeemReceiptInput, type AtomicRedeemResponse, type AttestationSecurityLevel, AttestationSecurityLevelSchema, type AuthLogoutInput, type AuthRefreshInput, type AuthRefreshResponse, type AuthorizeSendWithBiometricInput, type AuthorizedOptions, type BiometricSigner, type BuildPassInput, type BuildReceiptInput, type BuildRedemptionInput, CLAIM_DOMAIN_V2, COLLECTION_INTENT_STATUSES, COLLECTION_PAYMENT_STATUSES, CONSUMER_OAC_DOMAIN, CONSUMER_OAC_QR_PREFIX, CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS, CONSUMER_PAYMENT_REQUEST_DOMAIN, CONSUMER_SETTLEMENT_DOMAIN, CONSUMER_SETTLEMENT_RECEIPT_QR_PREFIX, CUSTODIAL_MODES, type CanonicalClaimInput, type CashNamespace, type ClaimSignature, type CollectionIntent, CollectionIntentSchema, type CollectionPayment, type CollectionPaymentResult, CollectionPaymentResultSchema, CollectionPaymentSchema, type CollectionReportSummary, CollectionReportSummarySchema, type CollectionStatement, CollectionStatementSchema, type CollectionsClient, type CollectionsClientOptions, type ConsumerCollectionsClient, type ConsumerOAC, type OACRecord as ConsumerOACRecord, OACRecordSchema as ConsumerOACRecordSchema, ConsumerOACSchema, type ConsumerPaymentClaim, ConsumerPaymentClaimSchema, type ConsumerPaymentRequestEnvelope, ConsumerPaymentRequestEnvelopeSchema, type ConsumerSettleResult, ConsumerSettleResultSchema, type ConsumerSettlement, ConsumerSettlementSchema, type ConsumerWithdrawalsClient, type ConsumerWithdrawalsClientOptions, type CreateBusinessAccountInput, type CreateCollectionIntentInput, CreateCollectionIntentInputSchema, type CreatePayCardArtifactInput, type CreatePayLinkResponse, type CreatePayoutDestinationInput, CreatePayoutDestinationInputSchema, type CreatePayoutInput, CreatePayoutInputSchema, type CreateTransferOptions, type CreateWithdrawalInput, CreateWithdrawalInputSchema, type CreateWithdrawalResult, CreateWithdrawalResultSchema, type CustodialMode, type DecodedArtifactUri, type DecodedOfflineSmsSettleToken, type DecodedPayCard, type DeviceKeyAlg, DeviceKeyAlgSchema, type DeviceKeyRecord, DeviceKeyRecordSchema, type DeviceTrustState, FIELD, FLUR_ARTIFACT_URI_PREFIX, FLUR_ARTIFACT_URI_SCHEME, FLUR_ARTIFACT_VERSION, FlurApiError, FlurArtifactError, FlurCapExceededError, FlurClient, type FlurClientOptions, FlurError, type FlurErrorCode, FlurExpiredError, type FlurHandle, type FlurInitOptions, type FlurOfflineSettlementsClient, type FlurPartnerClient, type FlurPaymentEvent, FlurReplayError, HARDENED_ARTIFACT_TYPES, type HmacFetchOptions, IdentityArtifactSchema, type IngestFundingResult, IngestFundingResultSchema, type IssueAccountOacInput, IssueAccountOacInputSchema, type IssueOfflineTokenInput, type IssuePassInput, type IssueReceiptInput, type IssuerTrustBundle, IssuerTrustBundleSchema, type IssuerTrustKey, IssuerTrustKeySchema, LedgerJournalEntryArtifactSchema, type ListPassesInput, type ListPassesResponse, type ListPayoutDestinationsResult, ListPayoutDestinationsResultSchema, type ListReceiptsInput, type ListReceiptsResponse, type ListTransactionsOptions, MEMBERSHIP_ROLES, MERCHANT_PAYOUT_STATUSES, MERCHANT_PROFILE_STATUSES, type MeOfflineClient, type MeOfflineClientOptions, type MembershipRole, type MerchantAccountInfo, type MerchantPayout, MerchantPayoutSchema, type MerchantProfile, MerchantProfileSchema, type MintedApiCredential, MintedApiCredentialSchema, type Money, NGN_CURRENCY_CODE, NG_COUNTRY_CODE, NQRParseError, type NQRPayloadInput, NqrPaymentRequestArtifactSchema, type OAC, OACSchema, OAC_DEFAULT_CUMULATIVE_KOBO, OAC_DEFAULT_PER_TX_KOBO, OAC_DEFAULT_VALIDITY_MS, OFFLINE_CLAIM_SMS_PREFIX, OFFLINE_SMS_SETTLE_DOMAIN, OFFLINE_SMS_SETTLE_HEADER_BYTES, OFFLINE_SMS_SETTLE_PREFIX, OFFLINE_SMS_SETTLE_SIGNATURE_BYTES, OFFLINE_SMS_SETTLE_TOKEN_BYTES, OFFLINE_SMS_SETTLE_VERSION, type OacOfflineIdentity, type OfflineClaimAlgorithm, OfflineClaimArtifactSchema, type OfflineClaimSigner, type OfflinePaymentAuthorization, type OfflinePaymentAuthorizationArtifact, OfflinePaymentAuthorizationArtifactSchema, OfflinePaymentAuthorizationSchema, type OfflinePaymentRequest, OfflinePaymentRequestSchema, type OfflineSmsSettleInput, type OfflineSmsSettleSigner, type OfflineStatusResult, OfflineStatusResultSchema, type OfflineToken, OfflineTokenSchema, type OnboardingCompleteInput, type OnboardingCompleteResponse, type OnboardingFallback, type OnboardingRiskReason, type OnboardingStartInput, type OnboardingStartResponse, type P256EnrollmentChallengeInput, P256EnrollmentChallengeInputSchema, type P256EnrollmentChallengeResult, P256EnrollmentChallengeResultSchema, PARTNER_FUNDING_DIRECTIONS, PARTNER_FUNDING_STATUSES, PARTNER_KINDS, PARTNER_PROFILE_STATUSES, PARTNER_SCOPES, PASS_KINDS, PASS_STATES, PAYLOAD_FORMAT_INDICATOR_VALUE, PAYOUT_DESTINATION_STATUSES, PAY_CARD_DEFAULT_TTL_MS, PAY_CARD_REFRESH_THRESHOLD_MS, PAY_CARD_URI_PREFIX, POINT_OF_INITIATION, type ParsedNQR, type PartnerClientOptions, type PartnerCollectionsClient, type PartnerFunding, type PartnerFundingClient, type PartnerFundingDirection, type PartnerFundingEventInput, PartnerFundingEventInputSchema, PartnerFundingSchema, type PartnerFundingStatus, type PartnerKind, type PartnerProfile, type PartnerProfileAdminClient, type PartnerProfileAdminClientOptions, PartnerProfileSchema, type PartnerProfileStatus, type PartnerScope, type PartnerSignResult, type Pass, PassArtifactSchema, type PassKind, type PassMetadata, PassMetadataSchema, PassSchema, type PassState, type PassesClient, type PassesClientOptions, type PayCardArtifact, PayCardArtifactSchema, type PayCardFreshness, type PayCollectionInput, PayCollectionInputSchema, type PayCollectionOptions, type PayCollectionResponse, type PaymentClaim, PaymentClaimSchema, PaymentIntentArtifactSchema, type PayoutDestination, PayoutDestinationSchema, type PayoutDestinationStatus, type PayoutEventInput, PayoutEventInputSchema, type PinSetInput, type PinVerifyInput, type ProviderEventInput, ProviderEventInputSchema, type ProviderEventRecord, ProviderEventRecordSchema, type PublicCollectionIntent, PublicCollectionIntentSchema, type PushPlatform, type PushRegisterInput, RECEIPT_CHANNELS, RECEIPT_KINDS, REPLAY_WINDOW_MS, type Receipt, type ReceiptArtifact, ReceiptArtifactSchema, type ReceiptChannel, type ReceiptKind, type ReceiptPayload, ReceiptPayloadSchema, ReceiptSchema, type ReceiptsClient, type ReceiptsClientOptions, type RecipientResolveInput, type RecipientResolveResponse, type ReconciliationReport, ReconciliationReportSchema, type RecordPayoutEventResult, RecordPayoutEventResultSchema, type RedeemPassResponse, type Redemption, RedemptionSchema, type RegisterDeviceInput, type RegisterDeviceKeyP256Input, RegisterDeviceKeyP256InputSchema, type RegisterDeviceResponse, type RegisterSendDeviceKeyInput, type ResolveCollectionOptions, type ResolveCollectionResponse, type ResolvePayLinkResponse, ReversalRecordArtifactSchema, RevokeDeviceKeyInputSchema, type RevokePassInput, type RoutingHint, SETTLEMENT_SCHEDULES, type SendChallengeInput, type SendChallengeResponse, type SendMoneyInput, type SendMoneyOptions, type SendVerifyInput, type SendVerifyResponse, type SettleResponse, SettleResponseSchema, type Settlement, SettlementRecordArtifactSchema, SettlementSchema, type SignedArtifact, type SignedConsumerOAC, SignedConsumerOACSchema, type SignerPublicKey, StatementArtifactSchema, type SubscribeOptions, type TLVField, type TransactionDetailResponse, type TransactionDirection, type TransactionsListResponse, type TransferInput, type TransferResponse, type TransferStatus, type TrustedIssuerKey, type UnsignedConsumerPaymentRequest, type UnsignedOAC, type UnsignedOfflinePaymentAuthorization, type UnsignedOfflinePaymentRequest, type UnsignedPass, type UnsignedReceipt, type UnsignedRedemption, type UpsertMerchantProfileInput, UpsertMerchantProfileInputSchema, type UpsertPartnerProfileInput, UpsertPartnerProfileInputSchema, type VerifiedArtifact, type VerifyArtifactOptions, type VerifyClaimSignatureInput, type VerifyOacOfflineOptions, type VerifyOacOfflineResult, WITHDRAWAL_STATES, type Withdrawal, WithdrawalSchema, type WithdrawalState, base64UrlDecode, base64UrlEncode, bodySha256Hex, buildArtifactBody, buildAuthorization, buildConsumerPaymentRequest, buildOAC, buildPass, buildPayCardSigningInput, buildPaymentRequest, buildReceipt, buildRedemption, buildSmsSettleHeader, domainTag as buildSmsSettleSignedBytes, canonicalClaimSigningBytes, canonicalClaimSigningPayload, canonicalJSONBytes, canonicalJSONStringify, canonicalRequestString, computeConsumerClaimEncounterId, computeEncounterId, constantTimeEqual, consumerOacSigningPayload, consumerPaymentRequestSigningBytes, consumerPaymentRequestSigningPayload, consumerSettlementSigningPayload, crc16ccitt, crc16ccittHex, createAccountsClient, createApiCredentialsAdminClient, createArtifactUri, createCollectionsClient, createConsumerCollectionsClient, createConsumerWithdrawalsClient, createFlurPartnerClient, createHmacFetch, createMeOfflineClient, createOfflinePaymentAuthorizationArtifactUri, createOfflineSettlementsClient, createPartnerCollectionsClient, createPartnerFundingClient, createPartnerProfileAdminClient, createPassesClient, createPayCardArtifactUri, createReceiptArtifactUri, createReceiptsClient, createSoftwareP256Signer, decodeArtifactUri, decodeAuthorizationQR, decodeBase45, decodeConsumerSettlementReceiptQR, decodeOfflineClaimSmsMessage, decodeOfflineSmsSettleToken, decodePayCardArtifact, decodePaymentRequestQR, decodeUnverifiedConsumerOacQR, decodeUnverifiedConsumerSettlementReceiptQR, derToRawP256Signature, encodeArtifactUri, encodeAuthorizationQR, encodeBase45, encodeConsumerOacQR, encodeConsumerSettlementReceiptQR, encodeNQR, encodeOfflineClaimSmsMessage, encodeOfflineSmsSettleToken, encodePaymentRequestQR, extractOfflineClaimSmsToken, extractOfflineSmsSettleToken, formatAmount, generateDynamicQR, generateStaticQR, init, inspectPayCardFreshness, isConsumerOacQR, isConsumerPaymentRequestExpired, isHardenedArtifactType, isKnownArtifactType, isPassWithinValidity, isPayCardArtifactUri, moneyMinorToNumber, normalizeE164, parseAmountInput, parseNQR, parseQR, readTLV, routingHint, signArtifact, signAuthorization, signConsumerPaymentRequest, signOAC, signPartnerRequest, signPass, signPaymentRequest, signReceipt, signRedemption, signRequestHMAC, verifyArtifactSignature, verifyArtifactUri, verifyAuthorization, verifyClaimSignature, verifyConsumerPaymentRequest, verifyConsumerSettlement, verifyConsumerSettlementReceiptQR, verifyOAC, verifyOacOffline, verifyOfflineSmsSettleToken, verifyPass, verifyPayCardArtifact, verifyPaymentRequest, verifyReceipt, verifyRedemption, verifyRequestHMAC, writeTLV };
|