npm - @open-mercato/core - Versions diffs - 0.4.7-develop-0a657b411f → 0.4.7-develop-11728c8558 - Mend

@open-mercato/core 0.4.7-develop-0a657b411f → 0.4.7-develop-11728c8558

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (275) hide show

package/dist/modules/payment_gateways/api/refund/route.js ADDED Viewed

@@ -0,0 +1,56 @@
+import { NextResponse } from "next/server";
+import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { readJsonSafe } from "@open-mercato/shared/lib/http/readJsonSafe";
+import { refundSchema } from "../../data/validators.js";
+import { paymentGatewaysTag } from "../openapi.js";
+const metadata = {
+  path: "/payment_gateways/refund",
+  POST: { requireAuth: true, requireFeatures: ["payment_gateways.refund"] }
+};
+async function POST(req) {
+  const auth = await getAuthFromRequest(req);
+  if (!auth?.tenantId || !auth.orgId) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  const payload = await readJsonSafe(req);
+  const parsed = refundSchema.safeParse(payload);
+  if (!parsed.success) {
+    return NextResponse.json({ error: "Invalid payload", details: parsed.error.flatten() }, { status: 422 });
+  }
+  const container = await createRequestContainer();
+  const service = container.resolve("paymentGatewayService");
+  try {
+    const result = await service.refundPayment(
+      parsed.data.transactionId,
+      parsed.data.amount,
+      parsed.data.reason,
+      { organizationId: auth.orgId, tenantId: auth.tenantId }
+    );
+    return NextResponse.json(result);
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Refund failed";
+    return NextResponse.json({ error: message }, { status: 502 });
+  }
+}
+const openApi = {
+  tags: [paymentGatewaysTag],
+  summary: "Refund a captured payment",
+  methods: {
+    POST: {
+      summary: "Refund payment",
+      tags: [paymentGatewaysTag],
+      responses: [
+        { status: 200, description: "Payment refunded" },
+        { status: 422, description: "Invalid payload" },
+        { status: 502, description: "Gateway provider error" }
+      ]
+    }
+  }
+};
+export {
+  POST,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=route.js.map

package/dist/modules/payment_gateways/api/refund/route.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/modules/payment_gateways/api/refund/route.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { readJsonSafe } from '@open-mercato/shared/lib/http/readJsonSafe'\nimport { refundSchema } from '../../data/validators'\nimport type { PaymentGatewayService } from '../../lib/gateway-service'\nimport { paymentGatewaysTag } from '../openapi'\n\nexport const metadata = {\n  path: '/payment_gateways/refund',\n  POST: { requireAuth: true, requireFeatures: ['payment_gateways.refund'] },\n}\n\nexport async function POST(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.tenantId || !auth.orgId) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const payload = await readJsonSafe<unknown>(req)\n  const parsed = refundSchema.safeParse(payload)\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid payload', details: parsed.error.flatten() }, { status: 422 })\n  }\n\n  const container = await createRequestContainer()\n  const service = container.resolve('paymentGatewayService') as PaymentGatewayService\n\n  try {\n    const result = await service.refundPayment(\n      parsed.data.transactionId,\n      parsed.data.amount,\n      parsed.data.reason,\n      { organizationId: auth.orgId as string, tenantId: auth.tenantId },\n    )\n    return NextResponse.json(result)\n  } catch (err: unknown) {\n    const message = err instanceof Error ? err.message : 'Refund failed'\n    return NextResponse.json({ error: message }, { status: 502 })\n  }\n}\n\nexport const openApi = {\n  tags: [paymentGatewaysTag],\n  summary: 'Refund a captured payment',\n  methods: {\n    POST: {\n      summary: 'Refund payment',\n      tags: [paymentGatewaysTag],\n      responses: [\n        { status: 200, description: 'Payment refunded' },\n        { status: 422, description: 'Invalid payload' },\n        { status: 502, description: 'Gateway provider error' },\n      ],\n    },\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,oBAAoB;AAC7B,SAAS,oBAAoB;AAE7B,SAAS,0BAA0B;AAE5B,MAAM,WAAW;AAAA,EACtB,MAAM;AAAA,EACN,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,yBAAyB,EAAE;AAC1E;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,YAAY,CAAC,KAAK,OAAO;AAClC,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,UAAU,MAAM,aAAsB,GAAG;AAC/C,QAAM,SAAS,aAAa,UAAU,OAAO;AAC7C,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,mBAAmB,SAAS,OAAO,MAAM,QAAQ,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACzG;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,UAAU,UAAU,QAAQ,uBAAuB;AAEzD,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ;AAAA,MAC3B,OAAO,KAAK;AAAA,MACZ,OAAO,KAAK;AAAA,MACZ,OAAO,KAAK;AAAA,MACZ,EAAE,gBAAgB,KAAK,OAAiB,UAAU,KAAK,SAAS;AAAA,IAClE;AACA,WAAO,aAAa,KAAK,MAAM;AAAA,EACjC,SAAS,KAAc;AACrB,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;AACrD,WAAO,aAAa,KAAK,EAAE,OAAO,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9D;AACF;AAEO,MAAM,UAAU;AAAA,EACrB,MAAM,CAAC,kBAAkB;AAAA,EACzB,SAAS;AAAA,EACT,SAAS;AAAA,IACP,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,MAAM,CAAC,kBAAkB;AAAA,MACzB,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,mBAAmB;AAAA,QAC/C,EAAE,QAAQ,KAAK,aAAa,kBAAkB;AAAA,QAC9C,EAAE,QAAQ,KAAK,aAAa,yBAAyB;AAAA,MACvD;AAAA,IACF;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/modules/payment_gateways/api/sessions/route.js ADDED Viewed

@@ -0,0 +1,74 @@
+import { NextResponse } from "next/server";
+import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { readJsonSafe } from "@open-mercato/shared/lib/http/readJsonSafe";
+import { createSessionSchema } from "../../data/validators.js";
+import { paymentGatewaysTag } from "../openapi.js";
+const metadata = {
+  path: "/payment_gateways/sessions",
+  POST: { requireAuth: true, requireFeatures: ["payment_gateways.manage"] }
+};
+async function POST(req) {
+  const auth = await getAuthFromRequest(req);
+  if (!auth?.tenantId || !auth.orgId) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  const payload = await readJsonSafe(req);
+  const parsed = createSessionSchema.safeParse(payload);
+  if (!parsed.success) {
+    return NextResponse.json({ error: "Invalid payload", details: parsed.error.flatten() }, { status: 422 });
+  }
+  const container = await createRequestContainer();
+  const service = container.resolve("paymentGatewayService");
+  try {
+    const { transaction, session } = await service.createPaymentSession({
+      providerKey: parsed.data.providerKey,
+      paymentId: crypto.randomUUID(),
+      orderId: parsed.data.orderId,
+      amount: parsed.data.amount,
+      currencyCode: parsed.data.currencyCode,
+      captureMethod: parsed.data.captureMethod,
+      description: parsed.data.description,
+      successUrl: parsed.data.successUrl,
+      cancelUrl: parsed.data.cancelUrl,
+      metadata: parsed.data.metadata,
+      organizationId: auth.orgId,
+      tenantId: auth.tenantId
+    });
+    return NextResponse.json({
+      transactionId: transaction.id,
+      sessionId: session.sessionId,
+      providerKey: transaction.providerKey,
+      clientSecret: session.clientSecret,
+      redirectUrl: session.redirectUrl,
+      providerData: session.providerData ?? null,
+      status: session.status,
+      paymentId: transaction.paymentId
+    }, { status: 201 });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Failed to create payment session";
+    const status = message.includes("No gateway adapter") ? 422 : 502;
+    return NextResponse.json({ error: message }, { status });
+  }
+}
+const openApi = {
+  tags: [paymentGatewaysTag],
+  summary: "Create a payment session via a gateway provider",
+  methods: {
+    POST: {
+      summary: "Create payment session",
+      tags: [paymentGatewaysTag],
+      responses: [
+        { status: 201, description: "Payment session created" },
+        { status: 422, description: "Invalid payload or unknown provider" },
+        { status: 502, description: "Gateway provider error" }
+      ]
+    }
+  }
+};
+export {
+  POST,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=route.js.map

package/dist/modules/payment_gateways/api/sessions/route.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/modules/payment_gateways/api/sessions/route.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { readJsonSafe } from '@open-mercato/shared/lib/http/readJsonSafe'\nimport { createSessionSchema } from '../../data/validators'\nimport type { PaymentGatewayService } from '../../lib/gateway-service'\nimport { paymentGatewaysTag } from '../openapi'\n\nexport const metadata = {\n  path: '/payment_gateways/sessions',\n  POST: { requireAuth: true, requireFeatures: ['payment_gateways.manage'] },\n}\n\nexport async function POST(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.tenantId || !auth.orgId) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const payload = await readJsonSafe<unknown>(req)\n  const parsed = createSessionSchema.safeParse(payload)\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid payload', details: parsed.error.flatten() }, { status: 422 })\n  }\n\n  const container = await createRequestContainer()\n  const service = container.resolve('paymentGatewayService') as PaymentGatewayService\n\n  try {\n    const { transaction, session } = await service.createPaymentSession({\n      providerKey: parsed.data.providerKey,\n      paymentId: crypto.randomUUID(),\n      orderId: parsed.data.orderId,\n      amount: parsed.data.amount,\n      currencyCode: parsed.data.currencyCode,\n      captureMethod: parsed.data.captureMethod,\n      description: parsed.data.description,\n      successUrl: parsed.data.successUrl,\n      cancelUrl: parsed.data.cancelUrl,\n      metadata: parsed.data.metadata,\n      organizationId: auth.orgId as string,\n      tenantId: auth.tenantId,\n    })\n\n    return NextResponse.json({\n      transactionId: transaction.id,\n      sessionId: session.sessionId,\n      providerKey: transaction.providerKey,\n      clientSecret: session.clientSecret,\n      redirectUrl: session.redirectUrl,\n      providerData: session.providerData ?? null,\n      status: session.status,\n      paymentId: transaction.paymentId,\n    }, { status: 201 })\n  } catch (err: unknown) {\n    const message = err instanceof Error ? err.message : 'Failed to create payment session'\n    const status = message.includes('No gateway adapter') ? 422 : 502\n    return NextResponse.json({ error: message }, { status })\n  }\n}\n\nexport const openApi = {\n  tags: [paymentGatewaysTag],\n  summary: 'Create a payment session via a gateway provider',\n  methods: {\n    POST: {\n      summary: 'Create payment session',\n      tags: [paymentGatewaysTag],\n      responses: [\n        { status: 201, description: 'Payment session created' },\n        { status: 422, description: 'Invalid payload or unknown provider' },\n        { status: 502, description: 'Gateway provider error' },\n      ],\n    },\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,oBAAoB;AAC7B,SAAS,2BAA2B;AAEpC,SAAS,0BAA0B;AAE5B,MAAM,WAAW;AAAA,EACtB,MAAM;AAAA,EACN,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,yBAAyB,EAAE;AAC1E;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,YAAY,CAAC,KAAK,OAAO;AAClC,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,UAAU,MAAM,aAAsB,GAAG;AAC/C,QAAM,SAAS,oBAAoB,UAAU,OAAO;AACpD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,mBAAmB,SAAS,OAAO,MAAM,QAAQ,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACzG;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,UAAU,UAAU,QAAQ,uBAAuB;AAEzD,MAAI;AACF,UAAM,EAAE,aAAa,QAAQ,IAAI,MAAM,QAAQ,qBAAqB;AAAA,MAClE,aAAa,OAAO,KAAK;AAAA,MACzB,WAAW,OAAO,WAAW;AAAA,MAC7B,SAAS,OAAO,KAAK;AAAA,MACrB,QAAQ,OAAO,KAAK;AAAA,MACpB,cAAc,OAAO,KAAK;AAAA,MAC1B,eAAe,OAAO,KAAK;AAAA,MAC3B,aAAa,OAAO,KAAK;AAAA,MACzB,YAAY,OAAO,KAAK;AAAA,MACxB,WAAW,OAAO,KAAK;AAAA,MACvB,UAAU,OAAO,KAAK;AAAA,MACtB,gBAAgB,KAAK;AAAA,MACrB,UAAU,KAAK;AAAA,IACjB,CAAC;AAED,WAAO,aAAa,KAAK;AAAA,MACvB,eAAe,YAAY;AAAA,MAC3B,WAAW,QAAQ;AAAA,MACnB,aAAa,YAAY;AAAA,MACzB,cAAc,QAAQ;AAAA,MACtB,aAAa,QAAQ;AAAA,MACrB,cAAc,QAAQ,gBAAgB;AAAA,MACtC,QAAQ,QAAQ;AAAA,MAChB,WAAW,YAAY;AAAA,IACzB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB,SAAS,KAAc;AACrB,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;AACrD,UAAM,SAAS,QAAQ,SAAS,oBAAoB,IAAI,MAAM;AAC9D,WAAO,aAAa,KAAK,EAAE,OAAO,QAAQ,GAAG,EAAE,OAAO,CAAC;AAAA,EACzD;AACF;AAEO,MAAM,UAAU;AAAA,EACrB,MAAM,CAAC,kBAAkB;AAAA,EACzB,SAAS;AAAA,EACT,SAAS;AAAA,IACP,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,MAAM,CAAC,kBAAkB;AAAA,MACzB,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,0BAA0B;AAAA,QACtD,EAAE,QAAQ,KAAK,aAAa,sCAAsC;AAAA,QAClE,EAAE,QAAQ,KAAK,aAAa,yBAAyB;AAAA,MACvD;AAAA,IACF;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/modules/payment_gateways/api/status/route.js ADDED Viewed

@@ -0,0 +1,66 @@
+import { NextResponse } from "next/server";
+import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { paymentGatewaysTag } from "../openapi.js";
+const metadata = {
+  path: "/payment_gateways/status",
+  GET: { requireAuth: true, requireFeatures: ["payment_gateways.view"] }
+};
+async function GET(req) {
+  const auth = await getAuthFromRequest(req);
+  if (!auth?.tenantId || !auth.orgId) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  const url = new URL(req.url);
+  const transactionId = url.searchParams.get("transactionId");
+  if (!transactionId) {
+    return NextResponse.json({ error: "transactionId is required" }, { status: 400 });
+  }
+  const container = await createRequestContainer();
+  const service = container.resolve("paymentGatewayService");
+  try {
+    const scope = { organizationId: auth.orgId, tenantId: auth.tenantId };
+    const transaction = await service.findTransaction(transactionId, scope);
+    if (!transaction) {
+      return NextResponse.json({ error: "Transaction not found" }, { status: 404 });
+    }
+    const status = await service.getPaymentStatus(transactionId, scope);
+    return NextResponse.json({
+      transactionId: transaction.id,
+      paymentId: transaction.paymentId,
+      providerKey: transaction.providerKey,
+      sessionId: transaction.providerSessionId,
+      status: status.status,
+      gatewayStatus: transaction.gatewayStatus,
+      amount: status.amount,
+      amountReceived: status.amountReceived,
+      currencyCode: status.currencyCode,
+      redirectUrl: transaction.redirectUrl,
+      createdAt: transaction.createdAt.toISOString(),
+      updatedAt: transaction.updatedAt.toISOString()
+    });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Failed to get status";
+    return NextResponse.json({ error: message }, { status: 500 });
+  }
+}
+const openApi = {
+  tags: [paymentGatewaysTag],
+  summary: "Get payment transaction status",
+  methods: {
+    GET: {
+      summary: "Get transaction status",
+      tags: [paymentGatewaysTag],
+      responses: [
+        { status: 200, description: "Transaction status" },
+        { status: 404, description: "Transaction not found" }
+      ]
+    }
+  }
+};
+export {
+  GET,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=route.js.map

package/dist/modules/payment_gateways/api/status/route.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/modules/payment_gateways/api/status/route.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport type { PaymentGatewayService } from '../../lib/gateway-service'\nimport { paymentGatewaysTag } from '../openapi'\n\nexport const metadata = {\n  path: '/payment_gateways/status',\n  GET: { requireAuth: true, requireFeatures: ['payment_gateways.view'] },\n}\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.tenantId || !auth.orgId) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const transactionId = url.searchParams.get('transactionId')\n  if (!transactionId) {\n    return NextResponse.json({ error: 'transactionId is required' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const service = container.resolve('paymentGatewayService') as PaymentGatewayService\n\n  try {\n    const scope = { organizationId: auth.orgId as string, tenantId: auth.tenantId }\n    const transaction = await service.findTransaction(transactionId, scope)\n    if (!transaction) {\n      return NextResponse.json({ error: 'Transaction not found' }, { status: 404 })\n    }\n\n    const status = await service.getPaymentStatus(transactionId, scope)\n\n    return NextResponse.json({\n      transactionId: transaction.id,\n      paymentId: transaction.paymentId,\n      providerKey: transaction.providerKey,\n      sessionId: transaction.providerSessionId,\n      status: status.status,\n      gatewayStatus: transaction.gatewayStatus,\n      amount: status.amount,\n      amountReceived: status.amountReceived,\n      currencyCode: status.currencyCode,\n      redirectUrl: transaction.redirectUrl,\n      createdAt: transaction.createdAt.toISOString(),\n      updatedAt: transaction.updatedAt.toISOString(),\n    })\n  } catch (err: unknown) {\n    const message = err instanceof Error ? err.message : 'Failed to get status'\n    return NextResponse.json({ error: message }, { status: 500 })\n  }\n}\n\nexport const openApi = {\n  tags: [paymentGatewaysTag],\n  summary: 'Get payment transaction status',\n  methods: {\n    GET: {\n      summary: 'Get transaction status',\n      tags: [paymentGatewaysTag],\n      responses: [\n        { status: 200, description: 'Transaction status' },\n        { status: 404, description: 'Transaction not found' },\n      ],\n    },\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AAEvC,SAAS,0BAA0B;AAE5B,MAAM,WAAW;AAAA,EACtB,MAAM;AAAA,EACN,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,uBAAuB,EAAE;AACvE;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,YAAY,CAAC,KAAK,OAAO;AAClC,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,gBAAgB,IAAI,aAAa,IAAI,eAAe;AAC1D,MAAI,CAAC,eAAe;AAClB,WAAO,aAAa,KAAK,EAAE,OAAO,4BAA4B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,UAAU,UAAU,QAAQ,uBAAuB;AAEzD,MAAI;AACF,UAAM,QAAQ,EAAE,gBAAgB,KAAK,OAAiB,UAAU,KAAK,SAAS;AAC9E,UAAM,cAAc,MAAM,QAAQ,gBAAgB,eAAe,KAAK;AACtE,QAAI,CAAC,aAAa;AAChB,aAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC9E;AAEA,UAAM,SAAS,MAAM,QAAQ,iBAAiB,eAAe,KAAK;AAElE,WAAO,aAAa,KAAK;AAAA,MACvB,eAAe,YAAY;AAAA,MAC3B,WAAW,YAAY;AAAA,MACvB,aAAa,YAAY;AAAA,MACzB,WAAW,YAAY;AAAA,MACvB,QAAQ,OAAO;AAAA,MACf,eAAe,YAAY;AAAA,MAC3B,QAAQ,OAAO;AAAA,MACf,gBAAgB,OAAO;AAAA,MACvB,cAAc,OAAO;AAAA,MACrB,aAAa,YAAY;AAAA,MACzB,WAAW,YAAY,UAAU,YAAY;AAAA,MAC7C,WAAW,YAAY,UAAU,YAAY;AAAA,IAC/C,CAAC;AAAA,EACH,SAAS,KAAc;AACrB,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;AACrD,WAAO,aAAa,KAAK,EAAE,OAAO,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9D;AACF;AAEO,MAAM,UAAU;AAAA,EACrB,MAAM,CAAC,kBAAkB;AAAA,EACzB,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,MAAM,CAAC,kBAAkB;AAAA,MACzB,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,qBAAqB;AAAA,QACjD,EAAE,QAAQ,KAAK,aAAa,wBAAwB;AAAA,MACtD;AAAA,IACF;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/modules/payment_gateways/api/transactions/[id]/route.js ADDED Viewed

@@ -0,0 +1,118 @@
+import { NextResponse } from "next/server";
+import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { findOneWithDecryption } from "@open-mercato/shared/lib/encryption/find";
+import { GatewayTransaction } from "../../../data/entities.js";
+import { paymentGatewaysTag } from "../../openapi.js";
+const metadata = {
+  path: "/payment_gateways/transactions/[id]",
+  GET: { requireAuth: true, requireFeatures: ["payment_gateways.view"] }
+};
+function toIsoString(value) {
+  if (!value) return null;
+  if (value instanceof Date) return value.toISOString();
+  if (typeof value === "string") {
+    const parsed2 = new Date(value);
+    if (!Number.isNaN(parsed2.getTime())) return parsed2.toISOString();
+    return value;
+  }
+  const parsed = new Date(value);
+  return Number.isNaN(parsed.getTime()) ? null : parsed.toISOString();
+}
+async function GET(req, { params }) {
+  const auth = await getAuthFromRequest(req);
+  if (!auth?.tenantId || !auth.orgId) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  const resolvedParams = await params;
+  const transactionId = resolvedParams?.id;
+  if (!transactionId) {
+    return NextResponse.json({ error: "Transaction id is required" }, { status: 400 });
+  }
+  const { resolve } = await createRequestContainer();
+  const scope = { organizationId: auth.orgId, tenantId: auth.tenantId };
+  const em = resolve("em");
+  const integrationLogService = resolve("integrationLogService");
+  const transaction = await findOneWithDecryption(
+    em,
+    GatewayTransaction,
+    {
+      id: transactionId,
+      organizationId: scope.organizationId,
+      tenantId: scope.tenantId,
+      deletedAt: null
+    },
+    void 0,
+    scope
+  );
+  if (!transaction) {
+    return NextResponse.json({ error: "Transaction not found" }, { status: 404 });
+  }
+  const integrationId = `gateway_${transaction.providerKey}`;
+  const { items: logRows } = await integrationLogService.query(
+    {
+      integrationId,
+      entityType: "payment_transaction",
+      entityId: transactionId,
+      page: 1,
+      pageSize: 100
+    },
+    scope
+  );
+  return NextResponse.json({
+    transaction: {
+      id: transaction.id,
+      paymentId: transaction.paymentId,
+      providerKey: transaction.providerKey,
+      providerSessionId: transaction.providerSessionId ?? null,
+      gatewayPaymentId: transaction.gatewayPaymentId ?? null,
+      gatewayRefundId: transaction.gatewayRefundId ?? null,
+      unifiedStatus: transaction.unifiedStatus,
+      gatewayStatus: transaction.gatewayStatus ?? null,
+      redirectUrl: transaction.redirectUrl ?? null,
+      amount: transaction.amount,
+      currencyCode: transaction.currencyCode,
+      gatewayMetadata: transaction.gatewayMetadata ?? null,
+      webhookLog: Array.isArray(transaction.webhookLog) ? transaction.webhookLog : [],
+      lastWebhookAt: toIsoString(transaction.lastWebhookAt),
+      lastPolledAt: toIsoString(transaction.lastPolledAt),
+      expiresAt: toIsoString(transaction.expiresAt),
+      createdAt: toIsoString(transaction.createdAt),
+      updatedAt: toIsoString(transaction.updatedAt)
+    },
+    logs: logRows.map((row) => ({
+      id: row.id,
+      integrationId: row.integrationId,
+      runId: row.runId ?? null,
+      scopeEntityType: row.scopeEntityType ?? null,
+      scopeEntityId: row.scopeEntityId ?? null,
+      level: row.level,
+      message: row.message,
+      code: row.code ?? null,
+      payload: row.payload ?? null,
+      createdAt: toIsoString(row.createdAt)
+    }))
+  });
+}
+const openApi = {
+  tags: [paymentGatewaysTag],
+  summary: "Get payment transaction details",
+  methods: {
+    GET: {
+      summary: "Get payment transaction details",
+      tags: [paymentGatewaysTag],
+      responses: [
+        { status: 200, description: "Payment transaction details" },
+        { status: 404, description: "Transaction not found" }
+      ]
+    }
+  }
+};
+var route_default = GET;
+export {
+  GET,
+  route_default as default,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=route.js.map

package/dist/modules/payment_gateways/api/transactions/[id]/route.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../../src/modules/payment_gateways/api/transactions/%5Bid%5D/route.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { findOneWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport type { IntegrationLogService } from '../../../../integrations/lib/log-service'\nimport { GatewayTransaction } from '../../../data/entities'\nimport { paymentGatewaysTag } from '../../openapi'\n\nexport const metadata = {\n  path: '/payment_gateways/transactions/[id]',\n  GET: { requireAuth: true, requireFeatures: ['payment_gateways.view'] },\n}\n\nfunction toIsoString(value: unknown): string | null {\n  if (!value) return null\n  if (value instanceof Date) return value.toISOString()\n  if (typeof value === 'string') {\n    const parsed = new Date(value)\n    if (!Number.isNaN(parsed.getTime())) return parsed.toISOString()\n    return value\n  }\n  const parsed = new Date(value as string | number)\n  return Number.isNaN(parsed.getTime()) ? null : parsed.toISOString()\n}\n\nexport async function GET(req: Request, { params }: { params: Promise<{ id: string }> | { id: string } }) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.tenantId || !auth.orgId) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const resolvedParams = await params\n  const transactionId = resolvedParams?.id\n  if (!transactionId) {\n    return NextResponse.json({ error: 'Transaction id is required' }, { status: 400 })\n  }\n\n  const { resolve } = await createRequestContainer()\n  const scope = { organizationId: auth.orgId as string, tenantId: auth.tenantId }\n  const em = resolve('em') as EntityManager\n  const integrationLogService = resolve('integrationLogService') as IntegrationLogService\n  const transaction = await findOneWithDecryption(\n    em,\n    GatewayTransaction,\n    {\n      id: transactionId,\n      organizationId: scope.organizationId,\n      tenantId: scope.tenantId,\n      deletedAt: null,\n    },\n    undefined,\n    scope,\n  )\n\n  if (!transaction) {\n    return NextResponse.json({ error: 'Transaction not found' }, { status: 404 })\n  }\n\n  const integrationId = `gateway_${transaction.providerKey}`\n  const { items: logRows } = await integrationLogService.query(\n    {\n      integrationId,\n      entityType: 'payment_transaction',\n      entityId: transactionId,\n      page: 1,\n      pageSize: 100,\n    },\n    scope,\n  )\n\n  return NextResponse.json({\n    transaction: {\n      id: transaction.id,\n      paymentId: transaction.paymentId,\n      providerKey: transaction.providerKey,\n      providerSessionId: transaction.providerSessionId ?? null,\n      gatewayPaymentId: transaction.gatewayPaymentId ?? null,\n      gatewayRefundId: transaction.gatewayRefundId ?? null,\n      unifiedStatus: transaction.unifiedStatus,\n      gatewayStatus: transaction.gatewayStatus ?? null,\n      redirectUrl: transaction.redirectUrl ?? null,\n      amount: transaction.amount,\n      currencyCode: transaction.currencyCode,\n      gatewayMetadata: transaction.gatewayMetadata ?? null,\n      webhookLog: Array.isArray(transaction.webhookLog) ? transaction.webhookLog : [],\n      lastWebhookAt: toIsoString(transaction.lastWebhookAt),\n      lastPolledAt: toIsoString(transaction.lastPolledAt),\n      expiresAt: toIsoString(transaction.expiresAt),\n      createdAt: toIsoString(transaction.createdAt),\n      updatedAt: toIsoString(transaction.updatedAt),\n    },\n    logs: logRows.map((row) => ({\n      id: row.id,\n      integrationId: row.integrationId,\n      runId: row.runId ?? null,\n      scopeEntityType: row.scopeEntityType ?? null,\n      scopeEntityId: row.scopeEntityId ?? null,\n      level: row.level,\n      message: row.message,\n      code: row.code ?? null,\n      payload: row.payload ?? null,\n      createdAt: toIsoString(row.createdAt),\n    })),\n  })\n}\n\nexport const openApi = {\n  tags: [paymentGatewaysTag],\n  summary: 'Get payment transaction details',\n  methods: {\n    GET: {\n      summary: 'Get payment transaction details',\n      tags: [paymentGatewaysTag],\n      responses: [\n        { status: 200, description: 'Payment transaction details' },\n        { status: 404, description: 'Transaction not found' },\n      ],\n    },\n  },\n}\n\nexport default GET\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAE7B,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,6BAA6B;AAEtC,SAAS,0BAA0B;AACnC,SAAS,0BAA0B;AAE5B,MAAM,WAAW;AAAA,EACtB,MAAM;AAAA,EACN,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,uBAAuB,EAAE;AACvE;AAEA,SAAS,YAAY,OAA+B;AAClD,MAAI,CAAC,MAAO,QAAO;AACnB,MAAI,iBAAiB,KAAM,QAAO,MAAM,YAAY;AACpD,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAMA,UAAS,IAAI,KAAK,KAAK;AAC7B,QAAI,CAAC,OAAO,MAAMA,QAAO,QAAQ,CAAC,EAAG,QAAOA,QAAO,YAAY;AAC/D,WAAO;AAAA,EACT;AACA,QAAM,SAAS,IAAI,KAAK,KAAwB;AAChD,SAAO,OAAO,MAAM,OAAO,QAAQ,CAAC,IAAI,OAAO,OAAO,YAAY;AACpE;AAEA,eAAsB,IAAI,KAAc,EAAE,OAAO,GAAyD;AACxG,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,YAAY,CAAC,KAAK,OAAO;AAClC,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,iBAAiB,MAAM;AAC7B,QAAM,gBAAgB,gBAAgB;AACtC,MAAI,CAAC,eAAe;AAClB,WAAO,aAAa,KAAK,EAAE,OAAO,6BAA6B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACnF;AAEA,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,QAAQ,EAAE,gBAAgB,KAAK,OAAiB,UAAU,KAAK,SAAS;AAC9E,QAAM,KAAK,QAAQ,IAAI;AACvB,QAAM,wBAAwB,QAAQ,uBAAuB;AAC7D,QAAM,cAAc,MAAM;AAAA,IACxB;AAAA,IACA;AAAA,IACA;AAAA,MACE,IAAI;AAAA,MACJ,gBAAgB,MAAM;AAAA,MACtB,UAAU,MAAM;AAAA,MAChB,WAAW;AAAA,IACb;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,MAAI,CAAC,aAAa;AAChB,WAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9E;AAEA,QAAM,gBAAgB,WAAW,YAAY,WAAW;AACxD,QAAM,EAAE,OAAO,QAAQ,IAAI,MAAM,sBAAsB;AAAA,IACrD;AAAA,MACE;AAAA,MACA,YAAY;AAAA,MACZ,UAAU;AAAA,MACV,MAAM;AAAA,MACN,UAAU;AAAA,IACZ;AAAA,IACA;AAAA,EACF;AAEA,SAAO,aAAa,KAAK;AAAA,IACvB,aAAa;AAAA,MACX,IAAI,YAAY;AAAA,MAChB,WAAW,YAAY;AAAA,MACvB,aAAa,YAAY;AAAA,MACzB,mBAAmB,YAAY,qBAAqB;AAAA,MACpD,kBAAkB,YAAY,oBAAoB;AAAA,MAClD,iBAAiB,YAAY,mBAAmB;AAAA,MAChD,eAAe,YAAY;AAAA,MAC3B,eAAe,YAAY,iBAAiB;AAAA,MAC5C,aAAa,YAAY,eAAe;AAAA,MACxC,QAAQ,YAAY;AAAA,MACpB,cAAc,YAAY;AAAA,MAC1B,iBAAiB,YAAY,mBAAmB;AAAA,MAChD,YAAY,MAAM,QAAQ,YAAY,UAAU,IAAI,YAAY,aAAa,CAAC;AAAA,MAC9E,eAAe,YAAY,YAAY,aAAa;AAAA,MACpD,cAAc,YAAY,YAAY,YAAY;AAAA,MAClD,WAAW,YAAY,YAAY,SAAS;AAAA,MAC5C,WAAW,YAAY,YAAY,SAAS;AAAA,MAC5C,WAAW,YAAY,YAAY,SAAS;AAAA,IAC9C;AAAA,IACA,MAAM,QAAQ,IAAI,CAAC,SAAS;AAAA,MAC1B,IAAI,IAAI;AAAA,MACR,eAAe,IAAI;AAAA,MACnB,OAAO,IAAI,SAAS;AAAA,MACpB,iBAAiB,IAAI,mBAAmB;AAAA,MACxC,eAAe,IAAI,iBAAiB;AAAA,MACpC,OAAO,IAAI;AAAA,MACX,SAAS,IAAI;AAAA,MACb,MAAM,IAAI,QAAQ;AAAA,MAClB,SAAS,IAAI,WAAW;AAAA,MACxB,WAAW,YAAY,IAAI,SAAS;AAAA,IACtC,EAAE;AAAA,EACJ,CAAC;AACH;AAEO,MAAM,UAAU;AAAA,EACrB,MAAM,CAAC,kBAAkB;AAAA,EACzB,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,MAAM,CAAC,kBAAkB;AAAA,MACzB,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,8BAA8B;AAAA,QAC1D,EAAE,QAAQ,KAAK,aAAa,wBAAwB;AAAA,MACtD;AAAA,IACF;AAAA,EACF;AACF;AAEA,IAAO,gBAAQ;",
+  "names": ["parsed"]
+}

package/dist/modules/payment_gateways/api/transactions/route.js ADDED Viewed

@@ -0,0 +1,113 @@
+import { NextResponse } from "next/server";
+import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { GatewayTransaction } from "../../data/entities.js";
+import { listTransactionsQuerySchema } from "../../data/validators.js";
+import { paymentGatewaysTag } from "../openapi.js";
+const metadata = {
+  path: "/payment_gateways/transactions",
+  GET: { requireAuth: true, requireFeatures: ["payment_gateways.view"] }
+};
+function escapeLikePattern(value) {
+  return value.replace(/[\\%_]/g, "\\$&");
+}
+function formatDateValue(value) {
+  if (!value) return null;
+  if (value instanceof Date) return value.toISOString();
+  if (typeof value === "string") {
+    const parsed = new Date(value);
+    if (!Number.isNaN(parsed.getTime())) return parsed.toISOString();
+    return value;
+  }
+  const fallback = new Date(value);
+  return Number.isNaN(fallback.getTime()) ? null : fallback.toISOString();
+}
+async function GET(req) {
+  const auth = await getAuthFromRequest(req);
+  if (!auth?.tenantId || !auth.orgId) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  const url = new URL(req.url);
+  const parsed = listTransactionsQuerySchema.safeParse(Object.fromEntries(url.searchParams.entries()));
+  if (!parsed.success) {
+    return NextResponse.json({ error: "Invalid query", details: parsed.error.flatten() }, { status: 400 });
+  }
+  const { page, pageSize, search, providerKey, status } = parsed.data;
+  const offset = (page - 1) * pageSize;
+  const { resolve } = await createRequestContainer();
+  const em = resolve("em");
+  const qb = em.createQueryBuilder(GatewayTransaction, "gt");
+  qb.where({
+    organizationId: auth.orgId,
+    tenantId: auth.tenantId,
+    deletedAt: null
+  });
+  if (providerKey) {
+    qb.andWhere({ providerKey });
+  }
+  if (status) {
+    qb.andWhere({ unifiedStatus: status });
+  }
+  if (search) {
+    const pattern = `%${escapeLikePattern(search)}%`;
+    qb.andWhere(`(
+      cast(gt.id as text) ilike ?
+      or cast(gt.payment_id as text) ilike ?
+      or coalesce(gt.provider_key, '') ilike ?
+      or coalesce(gt.provider_session_id, '') ilike ?
+      or coalesce(gt.gateway_payment_id, '') ilike ?
+      or coalesce(gt.gateway_refund_id, '') ilike ?
+    ) escape '\\'`, [pattern, pattern, pattern, pattern, pattern, pattern]);
+  }
+  const countQb = qb.clone();
+  qb.orderBy({ createdAt: "desc" });
+  qb.limit(pageSize).offset(offset);
+  const [items, total] = await Promise.all([
+    qb.getResultList(),
+    countQb.count("gt.id", true)
+  ]);
+  return NextResponse.json({
+    items: items.map((item) => ({
+      id: item.id,
+      paymentId: item.paymentId,
+      providerKey: item.providerKey,
+      providerSessionId: item.providerSessionId ?? null,
+      gatewayPaymentId: item.gatewayPaymentId ?? null,
+      gatewayRefundId: item.gatewayRefundId ?? null,
+      unifiedStatus: item.unifiedStatus,
+      gatewayStatus: item.gatewayStatus ?? null,
+      amount: item.amount,
+      currencyCode: item.currencyCode,
+      redirectUrl: item.redirectUrl ?? null,
+      lastWebhookAt: formatDateValue(item.lastWebhookAt),
+      lastPolledAt: formatDateValue(item.lastPolledAt),
+      createdAt: formatDateValue(item.createdAt),
+      updatedAt: formatDateValue(item.updatedAt)
+    })),
+    total,
+    page,
+    pageSize,
+    totalPages: Math.max(1, Math.ceil(total / pageSize))
+  });
+}
+const openApi = {
+  tags: [paymentGatewaysTag],
+  summary: "List payment transactions",
+  methods: {
+    GET: {
+      summary: "List payment transactions",
+      tags: [paymentGatewaysTag],
+      responses: [
+        { status: 200, description: "Payment transaction list" }
+      ]
+    }
+  }
+};
+var route_default = GET;
+export {
+  GET,
+  route_default as default,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=route.js.map

package/dist/modules/payment_gateways/api/transactions/route.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/modules/payment_gateways/api/transactions/route.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { GatewayTransaction } from '../../data/entities'\nimport { listTransactionsQuerySchema } from '../../data/validators'\nimport { paymentGatewaysTag } from '../openapi'\n\nexport const metadata = {\n  path: '/payment_gateways/transactions',\n  GET: { requireAuth: true, requireFeatures: ['payment_gateways.view'] },\n}\n\nfunction escapeLikePattern(value: string): string {\n  return value.replace(/[\\\\%_]/g, '\\\\$&')\n}\n\nfunction formatDateValue(value: unknown): string | null {\n  if (!value) return null\n  if (value instanceof Date) return value.toISOString()\n  if (typeof value === 'string') {\n    const parsed = new Date(value)\n    if (!Number.isNaN(parsed.getTime())) return parsed.toISOString()\n    return value\n  }\n  const fallback = new Date(value as string | number)\n  return Number.isNaN(fallback.getTime()) ? null : fallback.toISOString()\n}\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.tenantId || !auth.orgId) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const parsed = listTransactionsQuerySchema.safeParse(Object.fromEntries(url.searchParams.entries()))\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid query', details: parsed.error.flatten() }, { status: 400 })\n  }\n\n  const { page, pageSize, search, providerKey, status } = parsed.data\n  const offset = (page - 1) * pageSize\n  const { resolve } = await createRequestContainer()\n  const em = resolve('em') as EntityManager\n  const qb = em.createQueryBuilder(GatewayTransaction, 'gt')\n\n  qb.where({\n    organizationId: auth.orgId,\n    tenantId: auth.tenantId,\n    deletedAt: null,\n  })\n\n  if (providerKey) {\n    qb.andWhere({ providerKey })\n  }\n  if (status) {\n    qb.andWhere({ unifiedStatus: status })\n  }\n  if (search) {\n    const pattern = `%${escapeLikePattern(search)}%`\n    qb.andWhere(`(\n      cast(gt.id as text) ilike ?\n      or cast(gt.payment_id as text) ilike ?\n      or coalesce(gt.provider_key, '') ilike ?\n      or coalesce(gt.provider_session_id, '') ilike ?\n      or coalesce(gt.gateway_payment_id, '') ilike ?\n      or coalesce(gt.gateway_refund_id, '') ilike ?\n    ) escape '\\\\'`, [pattern, pattern, pattern, pattern, pattern, pattern])\n  }\n\n  const countQb = qb.clone()\n  qb.orderBy({ createdAt: 'desc' })\n  qb.limit(pageSize).offset(offset)\n\n  const [items, total] = await Promise.all([\n    qb.getResultList(),\n    countQb.count('gt.id', true),\n  ])\n\n  return NextResponse.json({\n    items: items.map((item) => ({\n      id: item.id,\n      paymentId: item.paymentId,\n      providerKey: item.providerKey,\n      providerSessionId: item.providerSessionId ?? null,\n      gatewayPaymentId: item.gatewayPaymentId ?? null,\n      gatewayRefundId: item.gatewayRefundId ?? null,\n      unifiedStatus: item.unifiedStatus,\n      gatewayStatus: item.gatewayStatus ?? null,\n      amount: item.amount,\n      currencyCode: item.currencyCode,\n      redirectUrl: item.redirectUrl ?? null,\n      lastWebhookAt: formatDateValue(item.lastWebhookAt),\n      lastPolledAt: formatDateValue(item.lastPolledAt),\n      createdAt: formatDateValue(item.createdAt),\n      updatedAt: formatDateValue(item.updatedAt),\n    })),\n    total,\n    page,\n    pageSize,\n    totalPages: Math.max(1, Math.ceil(total / pageSize)),\n  })\n}\n\nexport const openApi = {\n  tags: [paymentGatewaysTag],\n  summary: 'List payment transactions',\n  methods: {\n    GET: {\n      summary: 'List payment transactions',\n      tags: [paymentGatewaysTag],\n      responses: [\n        { status: 200, description: 'Payment transaction list' },\n      ],\n    },\n  },\n}\n\nexport default GET\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAE7B,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,mCAAmC;AAC5C,SAAS,0BAA0B;AAE5B,MAAM,WAAW;AAAA,EACtB,MAAM;AAAA,EACN,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,uBAAuB,EAAE;AACvE;AAEA,SAAS,kBAAkB,OAAuB;AAChD,SAAO,MAAM,QAAQ,WAAW,MAAM;AACxC;AAEA,SAAS,gBAAgB,OAA+B;AACtD,MAAI,CAAC,MAAO,QAAO;AACnB,MAAI,iBAAiB,KAAM,QAAO,MAAM,YAAY;AACpD,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,SAAS,IAAI,KAAK,KAAK;AAC7B,QAAI,CAAC,OAAO,MAAM,OAAO,QAAQ,CAAC,EAAG,QAAO,OAAO,YAAY;AAC/D,WAAO;AAAA,EACT;AACA,QAAM,WAAW,IAAI,KAAK,KAAwB;AAClD,SAAO,OAAO,MAAM,SAAS,QAAQ,CAAC,IAAI,OAAO,SAAS,YAAY;AACxE;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,YAAY,CAAC,KAAK,OAAO;AAClC,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,SAAS,4BAA4B,UAAU,OAAO,YAAY,IAAI,aAAa,QAAQ,CAAC,CAAC;AACnG,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,iBAAiB,SAAS,OAAO,MAAM,QAAQ,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvG;AAEA,QAAM,EAAE,MAAM,UAAU,QAAQ,aAAa,OAAO,IAAI,OAAO;AAC/D,QAAM,UAAU,OAAO,KAAK;AAC5B,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,KAAK,QAAQ,IAAI;AACvB,QAAM,KAAK,GAAG,mBAAmB,oBAAoB,IAAI;AAEzD,KAAG,MAAM;AAAA,IACP,gBAAgB,KAAK;AAAA,IACrB,UAAU,KAAK;AAAA,IACf,WAAW;AAAA,EACb,CAAC;AAED,MAAI,aAAa;AACf,OAAG,SAAS,EAAE,YAAY,CAAC;AAAA,EAC7B;AACA,MAAI,QAAQ;AACV,OAAG,SAAS,EAAE,eAAe,OAAO,CAAC;AAAA,EACvC;AACA,MAAI,QAAQ;AACV,UAAM,UAAU,IAAI,kBAAkB,MAAM,CAAC;AAC7C,OAAG,SAAS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAOI,CAAC,SAAS,SAAS,SAAS,SAAS,SAAS,OAAO,CAAC;AAAA,EACxE;AAEA,QAAM,UAAU,GAAG,MAAM;AACzB,KAAG,QAAQ,EAAE,WAAW,OAAO,CAAC;AAChC,KAAG,MAAM,QAAQ,EAAE,OAAO,MAAM;AAEhC,QAAM,CAAC,OAAO,KAAK,IAAI,MAAM,QAAQ,IAAI;AAAA,IACvC,GAAG,cAAc;AAAA,IACjB,QAAQ,MAAM,SAAS,IAAI;AAAA,EAC7B,CAAC;AAED,SAAO,aAAa,KAAK;AAAA,IACvB,OAAO,MAAM,IAAI,CAAC,UAAU;AAAA,MAC1B,IAAI,KAAK;AAAA,MACT,WAAW,KAAK;AAAA,MAChB,aAAa,KAAK;AAAA,MAClB,mBAAmB,KAAK,qBAAqB;AAAA,MAC7C,kBAAkB,KAAK,oBAAoB;AAAA,MAC3C,iBAAiB,KAAK,mBAAmB;AAAA,MACzC,eAAe,KAAK;AAAA,MACpB,eAAe,KAAK,iBAAiB;AAAA,MACrC,QAAQ,KAAK;AAAA,MACb,cAAc,KAAK;AAAA,MACnB,aAAa,KAAK,eAAe;AAAA,MACjC,eAAe,gBAAgB,KAAK,aAAa;AAAA,MACjD,cAAc,gBAAgB,KAAK,YAAY;AAAA,MAC/C,WAAW,gBAAgB,KAAK,SAAS;AAAA,MACzC,WAAW,gBAAgB,KAAK,SAAS;AAAA,IAC3C,EAAE;AAAA,IACF;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,QAAQ,CAAC;AAAA,EACrD,CAAC;AACH;AAEO,MAAM,UAAU;AAAA,EACrB,MAAM,CAAC,kBAAkB;AAAA,EACzB,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,MAAM,CAAC,kBAAkB;AAAA,MACzB,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,2BAA2B;AAAA,MACzD;AAAA,IACF;AAAA,EACF;AACF;AAEA,IAAO,gBAAQ;",
+  "names": []
+}

package/dist/modules/payment_gateways/api/webhook/[provider]/route.js ADDED Viewed

@@ -0,0 +1,136 @@
+import { NextResponse } from "next/server";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { findWithDecryption } from "@open-mercato/shared/lib/encryption/find";
+import { readJsonSafe } from "@open-mercato/shared/lib/http/readJsonSafe";
+import { getWebhookHandler } from "@open-mercato/shared/modules/payment_gateways/types";
+import { GatewayTransaction } from "../../../data/entities.js";
+import { getPaymentGatewayQueue } from "../../../lib/queue.js";
+import { processPaymentGatewayWebhookJob } from "../../../lib/webhook-processor.js";
+import { paymentGatewaysTag } from "../../openapi.js";
+const metadata = {
+  path: "/payment_gateways/webhook/[provider]",
+  POST: { requireAuth: false }
+};
+function readScopeFromEventData(data) {
+  const metadata2 = data.metadata;
+  if (!metadata2 || typeof metadata2 !== "object") return null;
+  const metadataRecord = metadata2;
+  const organizationId = typeof metadataRecord.organizationId === "string" ? metadataRecord.organizationId.trim() : "";
+  const tenantId = typeof metadataRecord.tenantId === "string" ? metadataRecord.tenantId.trim() : "";
+  if (!organizationId || !tenantId) return null;
+  return { organizationId, tenantId };
+}
+async function POST(req, { params }) {
+  const resolvedParams = await params;
+  const providerKey = resolvedParams.provider;
+  const container = await createRequestContainer();
+  const registration = getWebhookHandler(providerKey);
+  if (!registration) {
+    return NextResponse.json({ error: `No webhook handler for provider: ${providerKey}` }, { status: 404 });
+  }
+  const rawBody = await req.text();
+  const headers = {};
+  req.headers.forEach((value, key) => {
+    headers[key] = value;
+  });
+  const service = container.resolve("paymentGatewayService");
+  const em = container.resolve("em");
+  const integrationCredentialsService = container.resolve("integrationCredentialsService");
+  const queue = getPaymentGatewayQueue(registration.queue ?? "payment-gateways-webhook");
+  const payload = await readJsonSafe(rawBody);
+  const sessionIdHint = registration.readSessionIdHint?.(payload) ?? null;
+  try {
+    const candidates = sessionIdHint ? await findWithDecryption(
+      em,
+      GatewayTransaction,
+      {
+        providerKey,
+        providerSessionId: sessionIdHint,
+        deletedAt: null
+      },
+      { limit: 10, orderBy: { createdAt: "desc" } }
+    ) : [];
+    let transaction = null;
+    let matchedScope = null;
+    let event = null;
+    let lastVerificationError = null;
+    for (const candidate of candidates) {
+      const candidateScope = { organizationId: candidate.organizationId, tenantId: candidate.tenantId };
+      const credentials = await integrationCredentialsService.resolve(`gateway_${providerKey}`, candidateScope) ?? {};
+      try {
+        event = await registration.handler({ rawBody, headers, credentials });
+        transaction = candidate;
+        matchedScope = candidateScope;
+        break;
+      } catch (error) {
+        lastVerificationError = error;
+      }
+    }
+    if (!event) {
+      try {
+        event = await registration.handler({ rawBody, headers, credentials: {} });
+      } catch (error) {
+        throw lastVerificationError ?? error;
+      }
+    }
+    if (!event) {
+      throw new Error("Webhook verification failed");
+    }
+    if (!transaction && sessionIdHint) {
+      const derivedScope = readScopeFromEventData(event.data);
+      if (derivedScope) {
+        transaction = await service.findTransactionBySessionId(sessionIdHint, derivedScope, providerKey);
+        matchedScope = transaction ? { organizationId: transaction.organizationId, tenantId: transaction.tenantId } : derivedScope;
+      }
+    }
+    const scope = transaction ? { organizationId: transaction.organizationId, tenantId: transaction.tenantId } : matchedScope ?? readScopeFromEventData(event.data);
+    const jobPayload = {
+      providerKey,
+      event,
+      transactionId: transaction?.id ?? null,
+      scope
+    };
+    if (process.env.QUEUE_STRATEGY === "async") {
+      await queue.enqueue({
+        name: "payment-gateway-webhook",
+        payload: jobPayload
+      });
+    } else {
+      await processPaymentGatewayWebhookJob(
+        {
+          em: container.resolve("em"),
+          paymentGatewayService: service,
+          integrationLogService: container.resolve("integrationLogService")
+        },
+        jobPayload
+      );
+    }
+    return NextResponse.json({ received: true, queued: true }, { status: 202 });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Webhook verification failed";
+    return NextResponse.json({ error: message }, { status: 401 });
+  }
+}
+const openApi = {
+  tags: [paymentGatewaysTag],
+  summary: "Receive payment gateway webhook",
+  methods: {
+    POST: {
+      summary: "Process inbound webhook from payment provider",
+      tags: [paymentGatewaysTag],
+      responses: [
+        { status: 202, description: "Webhook accepted for async processing" },
+        { status: 401, description: "Signature verification failed" },
+        { status: 404, description: "Unknown provider" }
+      ]
+    }
+  }
+};
+var route_default = POST;
+export {
+  POST,
+  route_default as default,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=route.js.map