@orcarail/node 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +235 -0
- package/dist/index.cjs +398 -0
- package/dist/index.cjs.map +1 -0
- package/dist/index.d.mts +519 -0
- package/dist/index.d.ts +521 -0
- package/dist/index.js +389 -0
- package/dist/index.js.map +1 -0
- package/package.json +82 -0
package/dist/index.js
ADDED
|
@@ -0,0 +1,389 @@
|
|
|
1
|
+
import { createHmac, timingSafeEqual } from 'crypto';
|
|
2
|
+
|
|
3
|
+
// src/errors.ts
|
|
4
|
+
var OrcaRailError = class extends Error {
|
|
5
|
+
constructor(message) {
|
|
6
|
+
super(message);
|
|
7
|
+
this.name = "OrcaRailError";
|
|
8
|
+
Error.captureStackTrace(this, this.constructor);
|
|
9
|
+
}
|
|
10
|
+
};
|
|
11
|
+
var OrcaRailAPIError = class extends OrcaRailError {
|
|
12
|
+
/**
|
|
13
|
+
* HTTP status code
|
|
14
|
+
*/
|
|
15
|
+
statusCode;
|
|
16
|
+
/**
|
|
17
|
+
* Error type from the API response
|
|
18
|
+
*/
|
|
19
|
+
type;
|
|
20
|
+
/**
|
|
21
|
+
* Additional error details from the API
|
|
22
|
+
*/
|
|
23
|
+
details;
|
|
24
|
+
constructor(message, statusCode, type, details) {
|
|
25
|
+
super(message);
|
|
26
|
+
this.name = "OrcaRailAPIError";
|
|
27
|
+
this.statusCode = statusCode;
|
|
28
|
+
this.type = type;
|
|
29
|
+
this.details = details;
|
|
30
|
+
}
|
|
31
|
+
};
|
|
32
|
+
var OrcaRailAuthenticationError = class extends OrcaRailAPIError {
|
|
33
|
+
constructor(message = "Authentication failed. Please check your API key and secret.") {
|
|
34
|
+
super(message, 401, "authentication_error");
|
|
35
|
+
this.name = "OrcaRailAuthenticationError";
|
|
36
|
+
}
|
|
37
|
+
};
|
|
38
|
+
var OrcaRailSignatureVerificationError = class extends OrcaRailError {
|
|
39
|
+
/**
|
|
40
|
+
* The signature that was provided
|
|
41
|
+
*/
|
|
42
|
+
signature;
|
|
43
|
+
constructor(message = "Webhook signature verification failed", signature) {
|
|
44
|
+
super(message);
|
|
45
|
+
this.name = "OrcaRailSignatureVerificationError";
|
|
46
|
+
this.signature = signature || "";
|
|
47
|
+
}
|
|
48
|
+
};
|
|
49
|
+
|
|
50
|
+
// src/client.ts
|
|
51
|
+
var DEFAULT_BASE_URL = "https://api.orcarail.com/api/v1";
|
|
52
|
+
var DEFAULT_TIMEOUT = 3e4;
|
|
53
|
+
var SDK_VERSION = "1.0.0";
|
|
54
|
+
var HttpClient = class {
|
|
55
|
+
apiKey;
|
|
56
|
+
apiSecret;
|
|
57
|
+
baseUrl;
|
|
58
|
+
timeout;
|
|
59
|
+
constructor(apiKey, apiSecret, config) {
|
|
60
|
+
if (!apiKey || !apiSecret) {
|
|
61
|
+
throw new OrcaRailError("API key and secret are required");
|
|
62
|
+
}
|
|
63
|
+
this.apiKey = apiKey;
|
|
64
|
+
this.apiSecret = apiSecret;
|
|
65
|
+
this.baseUrl = config?.baseUrl || DEFAULT_BASE_URL;
|
|
66
|
+
this.timeout = config?.timeout || DEFAULT_TIMEOUT;
|
|
67
|
+
}
|
|
68
|
+
/**
|
|
69
|
+
* Create Basic Auth header from API key and secret
|
|
70
|
+
*/
|
|
71
|
+
getAuthHeader() {
|
|
72
|
+
const credentials = Buffer.from(`${this.apiKey}:${this.apiSecret}`).toString(
|
|
73
|
+
"base64"
|
|
74
|
+
);
|
|
75
|
+
return `Basic ${credentials}`;
|
|
76
|
+
}
|
|
77
|
+
/**
|
|
78
|
+
* Build full URL from path
|
|
79
|
+
*/
|
|
80
|
+
buildUrl(path) {
|
|
81
|
+
const cleanPath = path.startsWith("/") ? path.slice(1) : path;
|
|
82
|
+
return `${this.baseUrl}/${cleanPath}`;
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Make an HTTP request with timeout and error handling
|
|
86
|
+
*/
|
|
87
|
+
async request(method, path, body, requireAuth = true) {
|
|
88
|
+
const url = this.buildUrl(path);
|
|
89
|
+
const headers = {
|
|
90
|
+
"Content-Type": "application/json",
|
|
91
|
+
"User-Agent": `orcarail-node/${SDK_VERSION}`
|
|
92
|
+
};
|
|
93
|
+
if (requireAuth) {
|
|
94
|
+
headers["Authorization"] = this.getAuthHeader();
|
|
95
|
+
}
|
|
96
|
+
const options = {
|
|
97
|
+
method,
|
|
98
|
+
headers
|
|
99
|
+
};
|
|
100
|
+
if (body) {
|
|
101
|
+
options.body = JSON.stringify(body);
|
|
102
|
+
}
|
|
103
|
+
const controller = new AbortController();
|
|
104
|
+
const timeoutId = setTimeout(() => controller.abort(), this.timeout);
|
|
105
|
+
options.signal = controller.signal;
|
|
106
|
+
try {
|
|
107
|
+
const response = await fetch(url, options);
|
|
108
|
+
clearTimeout(timeoutId);
|
|
109
|
+
let responseData;
|
|
110
|
+
const contentType = response.headers.get("content-type");
|
|
111
|
+
if (contentType && contentType.includes("application/json")) {
|
|
112
|
+
responseData = await response.json();
|
|
113
|
+
} else {
|
|
114
|
+
responseData = await response.text();
|
|
115
|
+
}
|
|
116
|
+
if (!response.ok) {
|
|
117
|
+
const errorMessage = typeof responseData === "object" && responseData !== null && "message" in responseData ? String(responseData.message) : `API request failed with status ${response.status}`;
|
|
118
|
+
const errorType = typeof responseData === "object" && responseData !== null && "error" in responseData ? String(responseData.error) : void 0;
|
|
119
|
+
if (response.status === 401) {
|
|
120
|
+
throw new OrcaRailAuthenticationError(errorMessage);
|
|
121
|
+
}
|
|
122
|
+
throw new OrcaRailAPIError(
|
|
123
|
+
errorMessage,
|
|
124
|
+
response.status,
|
|
125
|
+
errorType,
|
|
126
|
+
responseData
|
|
127
|
+
);
|
|
128
|
+
}
|
|
129
|
+
return responseData;
|
|
130
|
+
} catch (error) {
|
|
131
|
+
clearTimeout(timeoutId);
|
|
132
|
+
if (error instanceof OrcaRailError) {
|
|
133
|
+
throw error;
|
|
134
|
+
}
|
|
135
|
+
if (error instanceof Error) {
|
|
136
|
+
if (error.name === "AbortError") {
|
|
137
|
+
throw new OrcaRailError(
|
|
138
|
+
`Request timeout after ${this.timeout}ms`
|
|
139
|
+
);
|
|
140
|
+
}
|
|
141
|
+
throw new OrcaRailError(`Request failed: ${error.message}`);
|
|
142
|
+
}
|
|
143
|
+
throw new OrcaRailError("An unknown error occurred");
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
/**
|
|
147
|
+
* GET request
|
|
148
|
+
*/
|
|
149
|
+
async get(path, requireAuth = true) {
|
|
150
|
+
return this.request("GET", path, void 0, requireAuth);
|
|
151
|
+
}
|
|
152
|
+
/**
|
|
153
|
+
* POST request
|
|
154
|
+
*/
|
|
155
|
+
async post(path, body, requireAuth = true) {
|
|
156
|
+
return this.request("POST", path, body, requireAuth);
|
|
157
|
+
}
|
|
158
|
+
/**
|
|
159
|
+
* PATCH request
|
|
160
|
+
*/
|
|
161
|
+
async patch(path, body, requireAuth = true) {
|
|
162
|
+
return this.request("PATCH", path, body, requireAuth);
|
|
163
|
+
}
|
|
164
|
+
/**
|
|
165
|
+
* PUT request
|
|
166
|
+
*/
|
|
167
|
+
async put(path, body, requireAuth = true) {
|
|
168
|
+
return this.request("PUT", path, body, requireAuth);
|
|
169
|
+
}
|
|
170
|
+
/**
|
|
171
|
+
* DELETE request
|
|
172
|
+
*/
|
|
173
|
+
async delete(path, requireAuth = true) {
|
|
174
|
+
return this.request("DELETE", path, void 0, requireAuth);
|
|
175
|
+
}
|
|
176
|
+
};
|
|
177
|
+
|
|
178
|
+
// src/resources/checkout.ts
|
|
179
|
+
var Checkout = class {
|
|
180
|
+
client;
|
|
181
|
+
constructor(client) {
|
|
182
|
+
this.client = client;
|
|
183
|
+
}
|
|
184
|
+
/**
|
|
185
|
+
* Get checkout details by slug
|
|
186
|
+
*
|
|
187
|
+
* @param slug - Checkout slug from the payment link URL
|
|
188
|
+
* @returns Checkout details including payment intent
|
|
189
|
+
*/
|
|
190
|
+
async get(slug) {
|
|
191
|
+
const path = `checkout/${encodeURIComponent(slug)}`;
|
|
192
|
+
return this.client.get(path, true);
|
|
193
|
+
}
|
|
194
|
+
/**
|
|
195
|
+
* Cancel payment intent by checkout slug
|
|
196
|
+
*
|
|
197
|
+
* @param slug - Checkout slug from the payment link URL
|
|
198
|
+
* @returns The canceled payment intent and optional cancel_url for redirect
|
|
199
|
+
*/
|
|
200
|
+
async cancel(slug) {
|
|
201
|
+
const path = `checkout/${encodeURIComponent(slug)}/cancel`;
|
|
202
|
+
return this.client.post(path, {}, true);
|
|
203
|
+
}
|
|
204
|
+
};
|
|
205
|
+
|
|
206
|
+
// src/resources/payment-intents.ts
|
|
207
|
+
var PaymentIntents = class {
|
|
208
|
+
client;
|
|
209
|
+
constructor(client) {
|
|
210
|
+
this.client = client;
|
|
211
|
+
}
|
|
212
|
+
/**
|
|
213
|
+
* Create a new Payment Intent
|
|
214
|
+
*
|
|
215
|
+
* @param params - Payment Intent creation parameters
|
|
216
|
+
* @returns The created Payment Intent
|
|
217
|
+
*/
|
|
218
|
+
async create(params) {
|
|
219
|
+
const requestBody = {
|
|
220
|
+
...params,
|
|
221
|
+
payment_method_types: params.payment_method_types && params.payment_method_types.length > 0 ? params.payment_method_types : ["crypto"]
|
|
222
|
+
};
|
|
223
|
+
return this.client.post(
|
|
224
|
+
"payment_intents",
|
|
225
|
+
requestBody,
|
|
226
|
+
true
|
|
227
|
+
);
|
|
228
|
+
}
|
|
229
|
+
/**
|
|
230
|
+
* Retrieve a Payment Intent by ID
|
|
231
|
+
*
|
|
232
|
+
* @param id - Payment Intent ID (e.g., "pi_1234567890")
|
|
233
|
+
* @returns The Payment Intent
|
|
234
|
+
*/
|
|
235
|
+
async retrieve(id) {
|
|
236
|
+
const cleanId = id.startsWith("pi_") ? id : `pi_${id}`;
|
|
237
|
+
const path = `payment_intents/${cleanId}`;
|
|
238
|
+
return this.client.get(path, true);
|
|
239
|
+
}
|
|
240
|
+
/**
|
|
241
|
+
* Cancel a Payment Intent (API: POST /payment_intents/:id/cancel).
|
|
242
|
+
* Use when the user is redirected to your cancel_url (e.g. https://yourapp.com/cancel?payment_intent=pi_20)
|
|
243
|
+
* and you want to mark the intent as canceled on the backend.
|
|
244
|
+
*
|
|
245
|
+
* @param id - Payment Intent ID (e.g. "pi_20" or "20")
|
|
246
|
+
* @returns The canceled Payment Intent
|
|
247
|
+
*
|
|
248
|
+
* @example
|
|
249
|
+
* // When user lands on https://localhost:3001/cancel?payment_intent=pi_20
|
|
250
|
+
* const intent = await orcarail.paymentIntents.cancel('pi_20');
|
|
251
|
+
*/
|
|
252
|
+
async cancel(id) {
|
|
253
|
+
const cleanId = id.startsWith("pi_") ? id : `pi_${id}`;
|
|
254
|
+
const path = `payment_intents/${cleanId}/cancel`;
|
|
255
|
+
return this.client.post(path, {}, true);
|
|
256
|
+
}
|
|
257
|
+
/**
|
|
258
|
+
* Confirm a Payment Intent (API: POST /payment_intents/:id/confirm).
|
|
259
|
+
* Redirects the customer to the hosted checkout page.
|
|
260
|
+
*
|
|
261
|
+
* @param id - Payment Intent ID (e.g. "pi_20" or "20")
|
|
262
|
+
* @param params - Confirmation parameters including client_secret and return_url
|
|
263
|
+
* @returns The confirmed Payment Intent
|
|
264
|
+
*
|
|
265
|
+
* @example
|
|
266
|
+
* const intent = await orcarail.paymentIntents.confirm('pi_20', {
|
|
267
|
+
* client_secret: intent.client_secret,
|
|
268
|
+
* return_url: 'https://yourapp.com/return',
|
|
269
|
+
* });
|
|
270
|
+
*/
|
|
271
|
+
async confirm(id, params) {
|
|
272
|
+
const cleanId = id.startsWith("pi_") ? id : `pi_${id}`;
|
|
273
|
+
const path = `payment_intents/${cleanId}/confirm`;
|
|
274
|
+
return this.client.post(path, params, false);
|
|
275
|
+
}
|
|
276
|
+
/**
|
|
277
|
+
* Complete a Payment Intent (API: POST /payment_intents/:id/complete).
|
|
278
|
+
* Sets the intent to processing and fires the payment_intent.processing webhook.
|
|
279
|
+
* Use when the user is redirected to your success/return URL (e.g. https://yourapp.com/success?payment_intent=pi_34).
|
|
280
|
+
*
|
|
281
|
+
* @param id - Payment Intent ID (e.g. "pi_34" or "34")
|
|
282
|
+
* @returns The updated Payment Intent (status processing)
|
|
283
|
+
*
|
|
284
|
+
* @example
|
|
285
|
+
* // When user lands on https://localhost:3001/success?payment_intent=pi_34
|
|
286
|
+
* const intent = await orcarail.paymentIntents.complete('pi_34');
|
|
287
|
+
*/
|
|
288
|
+
async complete(id) {
|
|
289
|
+
const cleanId = id.startsWith("pi_") ? id : `pi_${id}`;
|
|
290
|
+
const path = `payment_intents/${cleanId}/complete`;
|
|
291
|
+
return this.client.post(path, {}, true);
|
|
292
|
+
}
|
|
293
|
+
/**
|
|
294
|
+
* Update a Payment Intent
|
|
295
|
+
*
|
|
296
|
+
* @param id - Payment Intent ID
|
|
297
|
+
* @param params - Update parameters (all optional)
|
|
298
|
+
* @returns The updated Payment Intent
|
|
299
|
+
*/
|
|
300
|
+
async update(id, params) {
|
|
301
|
+
const cleanId = id.startsWith("pi_") ? id : `pi_${id}`;
|
|
302
|
+
const path = `payment_intents/${cleanId}`;
|
|
303
|
+
return this.client.patch(path, params, true);
|
|
304
|
+
}
|
|
305
|
+
};
|
|
306
|
+
var Webhooks = class {
|
|
307
|
+
/**
|
|
308
|
+
* Verify webhook signature
|
|
309
|
+
*
|
|
310
|
+
* @param rawBody - Raw request body (string or Buffer)
|
|
311
|
+
* @param signature - Signature from x-webhook-signature header
|
|
312
|
+
* @param secret - Webhook secret (API key's secretHash)
|
|
313
|
+
* @returns True if signature is valid, false otherwise
|
|
314
|
+
*/
|
|
315
|
+
verifySignature(rawBody, signature, secret) {
|
|
316
|
+
if (!signature || !secret) {
|
|
317
|
+
return false;
|
|
318
|
+
}
|
|
319
|
+
const bodyString = typeof rawBody === "string" ? rawBody : rawBody.toString("utf8");
|
|
320
|
+
const expectedSignature = createHmac("sha256", secret).update(bodyString).digest("hex");
|
|
321
|
+
const signatureBuffer = Buffer.from(signature, "hex");
|
|
322
|
+
const expectedBuffer = Buffer.from(expectedSignature, "hex");
|
|
323
|
+
if (signatureBuffer.length !== expectedBuffer.length) {
|
|
324
|
+
return false;
|
|
325
|
+
}
|
|
326
|
+
return timingSafeEqual(signatureBuffer, expectedBuffer);
|
|
327
|
+
}
|
|
328
|
+
/**
|
|
329
|
+
* Construct and verify a webhook event from raw body and signature
|
|
330
|
+
*
|
|
331
|
+
* @param rawBody - Raw request body (string or Buffer)
|
|
332
|
+
* @param signature - Signature from x-webhook-signature header
|
|
333
|
+
* @param secret - Webhook secret (API key's secretHash)
|
|
334
|
+
* @returns Parsed webhook event
|
|
335
|
+
* @throws OrcaRailSignatureVerificationError if signature is invalid
|
|
336
|
+
*/
|
|
337
|
+
constructEvent(rawBody, signature, secret) {
|
|
338
|
+
if (!this.verifySignature(rawBody, signature, secret)) {
|
|
339
|
+
throw new OrcaRailSignatureVerificationError(
|
|
340
|
+
"Webhook signature verification failed. The signature does not match the expected signature.",
|
|
341
|
+
signature
|
|
342
|
+
);
|
|
343
|
+
}
|
|
344
|
+
const bodyString = typeof rawBody === "string" ? rawBody : rawBody.toString("utf8");
|
|
345
|
+
try {
|
|
346
|
+
const event = JSON.parse(bodyString);
|
|
347
|
+
return event;
|
|
348
|
+
} catch (error) {
|
|
349
|
+
throw new OrcaRailSignatureVerificationError(
|
|
350
|
+
`Failed to parse webhook body: ${error instanceof Error ? error.message : "Unknown error"}`
|
|
351
|
+
);
|
|
352
|
+
}
|
|
353
|
+
}
|
|
354
|
+
};
|
|
355
|
+
|
|
356
|
+
// src/index.ts
|
|
357
|
+
var OrcaRail = class {
|
|
358
|
+
/**
|
|
359
|
+
* Payment Intents resource
|
|
360
|
+
*/
|
|
361
|
+
paymentIntents;
|
|
362
|
+
/**
|
|
363
|
+
* Checkout resource (slug-based get/cancel)
|
|
364
|
+
*/
|
|
365
|
+
checkout;
|
|
366
|
+
/**
|
|
367
|
+
* Webhooks utilities
|
|
368
|
+
*/
|
|
369
|
+
webhooks;
|
|
370
|
+
client;
|
|
371
|
+
/**
|
|
372
|
+
* Create a new OrcaRail client instance
|
|
373
|
+
*
|
|
374
|
+
* @param apiKey - Your OrcaRail API key (e.g., "ak_live_xxx")
|
|
375
|
+
* @param apiSecret - Your OrcaRail API secret (e.g., "sk_live_xxx")
|
|
376
|
+
* @param config - Optional configuration
|
|
377
|
+
*/
|
|
378
|
+
constructor(apiKey, apiSecret, config) {
|
|
379
|
+
this.client = new HttpClient(apiKey, apiSecret, config);
|
|
380
|
+
this.paymentIntents = new PaymentIntents(this.client);
|
|
381
|
+
this.checkout = new Checkout(this.client);
|
|
382
|
+
this.webhooks = new Webhooks();
|
|
383
|
+
}
|
|
384
|
+
};
|
|
385
|
+
var index_default = OrcaRail;
|
|
386
|
+
|
|
387
|
+
export { OrcaRail, OrcaRailAPIError, OrcaRailAuthenticationError, OrcaRailError, OrcaRailSignatureVerificationError, index_default as default };
|
|
388
|
+
//# sourceMappingURL=index.js.map
|
|
389
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/errors.ts","../src/client.ts","../src/resources/checkout.ts","../src/resources/payment-intents.ts","../src/webhooks.ts","../src/index.ts"],"names":[],"mappings":";;;AAGO,IAAM,aAAA,GAAN,cAA4B,KAAA,CAAM;AAAA,EACvC,YAAY,OAAA,EAAiB;AAC3B,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,eAAA;AACZ,IAAA,KAAA,CAAM,iBAAA,CAAkB,IAAA,EAAM,IAAA,CAAK,WAAW,CAAA;AAAA,EAChD;AACF;AAKO,IAAM,gBAAA,GAAN,cAA+B,aAAA,CAAc;AAAA;AAAA;AAAA;AAAA,EAIlC,UAAA;AAAA;AAAA;AAAA;AAAA,EAKA,IAAA;AAAA;AAAA;AAAA;AAAA,EAKA,OAAA;AAAA,EAEhB,WAAA,CACE,OAAA,EACA,UAAA,EACA,IAAA,EACA,OAAA,EACA;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,kBAAA;AACZ,IAAA,IAAA,CAAK,UAAA,GAAa,UAAA;AAClB,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AACZ,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AAAA,EACjB;AACF;AAKO,IAAM,2BAAA,GAAN,cAA0C,gBAAA,CAAiB;AAAA,EAChE,WAAA,CAAY,UAAkB,8DAAA,EAAgE;AAC5F,IAAA,KAAA,CAAM,OAAA,EAAS,KAAK,sBAAsB,CAAA;AAC1C,IAAA,IAAA,CAAK,IAAA,GAAO,6BAAA;AAAA,EACd;AACF;AAKO,IAAM,kCAAA,GAAN,cAAiD,aAAA,CAAc;AAAA;AAAA;AAAA;AAAA,EAIpD,SAAA;AAAA,EAEhB,WAAA,CACE,OAAA,GAAkB,uCAAA,EAClB,SAAA,EACA;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,oCAAA;AACZ,IAAA,IAAA,CAAK,YAAY,SAAA,IAAa,EAAA;AAAA,EAChC;AACF;;;AChEA,IAAM,gBAAA,GAAmB,iCAAA;AACzB,IAAM,eAAA,GAAkB,GAAA;AACxB,IAAM,WAAA,GAAc,OAAA;AAKb,IAAM,aAAN,MAAiB;AAAA,EACL,MAAA;AAAA,EACA,SAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EAEjB,WAAA,CAAY,MAAA,EAAgB,SAAA,EAAmB,MAAA,EAAyB;AACtE,IAAA,IAAI,CAAC,MAAA,IAAU,CAAC,SAAA,EAAW;AACzB,MAAA,MAAM,IAAI,cAAc,iCAAiC,CAAA;AAAA,IAC3D;AAEA,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AACd,IAAA,IAAA,CAAK,SAAA,GAAY,SAAA;AACjB,IAAA,IAAA,CAAK,OAAA,GAAU,QAAQ,OAAA,IAAW,gBAAA;AAClC,IAAA,IAAA,CAAK,OAAA,GAAU,QAAQ,OAAA,IAAW,eAAA;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA,EAKQ,aAAA,GAAwB;AAC9B,IAAA,MAAM,WAAA,GAAc,MAAA,CAAO,IAAA,CAAK,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,CAAA,EAAI,IAAA,CAAK,SAAS,CAAA,CAAE,CAAA,CAAE,QAAA;AAAA,MAClE;AAAA,KACF;AACA,IAAA,OAAO,SAAS,WAAW,CAAA,CAAA;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKQ,SAAS,IAAA,EAAsB;AAErC,IAAA,MAAM,SAAA,GAAY,KAAK,UAAA,CAAW,GAAG,IAAI,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AACzD,IAAA,OAAO,CAAA,EAAG,IAAA,CAAK,OAAO,CAAA,CAAA,EAAI,SAAS,CAAA,CAAA;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,OAAA,CACZ,MAAA,EACA,IAAA,EACA,IAAA,EACA,cAAuB,IAAA,EACX;AACZ,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAC9B,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,cAAA,EAAgB,kBAAA;AAAA,MAChB,YAAA,EAAc,iBAAiB,WAAW,CAAA;AAAA,KAC5C;AAEA,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,IAAA,CAAK,aAAA,EAAc;AAAA,IAChD;AAEA,IAAA,MAAM,OAAA,GAAuB;AAAA,MAC3B,MAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,IAAI,IAAA,EAAM;AACR,MAAA,OAAA,CAAQ,IAAA,GAAO,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA;AAAA,IACpC;AAGA,IAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,IAAA,MAAM,YAAY,UAAA,CAAW,MAAM,WAAW,KAAA,EAAM,EAAG,KAAK,OAAO,CAAA;AACnE,IAAA,OAAA,CAAQ,SAAS,UAAA,CAAW,MAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,GAAA,EAAK,OAAO,CAAA;AACzC,MAAA,YAAA,CAAa,SAAS,CAAA;AAGtB,MAAA,IAAI,YAAA;AACJ,MAAA,MAAM,WAAA,GAAc,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA;AACvD,MAAA,IAAI,WAAA,IAAe,WAAA,CAAY,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAC3D,QAAA,YAAA,GAAe,MAAM,SAAS,IAAA,EAAK;AAAA,MACrC,CAAA,MAAO;AACL,QAAA,YAAA,GAAe,MAAM,SAAS,IAAA,EAAK;AAAA,MACrC;AAGA,MAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,QAAA,MAAM,YAAA,GACJ,OAAO,YAAA,KAAiB,QAAA,IACxB,iBAAiB,IAAA,IACjB,SAAA,IAAa,YAAA,GACT,MAAA,CAAQ,YAAA,CAAsC,OAAO,CAAA,GACrD,CAAA,+BAAA,EAAkC,SAAS,MAAM,CAAA,CAAA;AAEvD,QAAA,MAAM,SAAA,GACJ,OAAO,YAAA,KAAiB,QAAA,IACxB,YAAA,KAAiB,IAAA,IACjB,OAAA,IAAW,YAAA,GACP,MAAA,CAAQ,YAAA,CAAoC,KAAK,CAAA,GACjD,KAAA,CAAA;AAEN,QAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,UAAA,MAAM,IAAI,4BAA4B,YAAY,CAAA;AAAA,QACpD;AAEA,QAAA,MAAM,IAAI,gBAAA;AAAA,UACR,YAAA;AAAA,UACA,QAAA,CAAS,MAAA;AAAA,UACT,SAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF;AAEA,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,YAAA,CAAa,SAAS,CAAA;AAEtB,MAAA,IAAI,iBAAiB,aAAA,EAAe;AAClC,QAAA,MAAM,KAAA;AAAA,MACR;AAEA,MAAA,IAAI,iBAAiB,KAAA,EAAO;AAC1B,QAAA,IAAI,KAAA,CAAM,SAAS,YAAA,EAAc;AAC/B,UAAA,MAAM,IAAI,aAAA;AAAA,YACR,CAAA,sBAAA,EAAyB,KAAK,OAAO,CAAA,EAAA;AAAA,WACvC;AAAA,QACF;AACA,QAAA,MAAM,IAAI,aAAA,CAAc,CAAA,gBAAA,EAAmB,KAAA,CAAM,OAAO,CAAA,CAAE,CAAA;AAAA,MAC5D;AAEA,MAAA,MAAM,IAAI,cAAc,2BAA2B,CAAA;AAAA,IACrD;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAa,GAAA,CAAO,IAAA,EAAc,WAAA,GAAuB,IAAA,EAAkB;AACzE,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,QAAW,WAAW,CAAA;AAAA,EAC5D;AAAA;AAAA;AAAA;AAAA,EAKA,MAAa,IAAA,CACX,IAAA,EACA,IAAA,EACA,cAAuB,IAAA,EACX;AACZ,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,MAAA,EAAQ,IAAA,EAAM,MAAM,WAAW,CAAA;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAa,KAAA,CACX,IAAA,EACA,IAAA,EACA,cAAuB,IAAA,EACX;AACZ,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,OAAA,EAAS,IAAA,EAAM,MAAM,WAAW,CAAA;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAa,GAAA,CACX,IAAA,EACA,IAAA,EACA,cAAuB,IAAA,EACX;AACZ,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,MAAM,WAAW,CAAA;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAa,MAAA,CACX,IAAA,EACA,WAAA,GAAuB,IAAA,EACX;AACZ,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,QAAA,EAAU,IAAA,EAAM,QAAW,WAAW,CAAA;AAAA,EAC/D;AACF,CAAA;;;AC5LO,IAAM,WAAN,MAAe;AAAA,EACH,MAAA;AAAA,EAEjB,YAAY,MAAA,EAAoB;AAC9B,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAa,IAAI,IAAA,EAAgE;AAC/E,IAAA,MAAM,IAAA,GAAO,CAAA,SAAA,EAAY,kBAAA,CAAmB,IAAI,CAAC,CAAA,CAAA;AACjD,IAAA,OAAO,IAAA,CAAK,MAAA,CAAO,GAAA,CAA6C,IAAA,EAAM,IAAI,CAAA;AAAA,EAC5E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAa,OAAO,IAAA,EAAgE;AAClF,IAAA,MAAM,IAAA,GAAO,CAAA,SAAA,EAAY,kBAAA,CAAmB,IAAI,CAAC,CAAA,OAAA,CAAA;AACjD,IAAA,OAAO,KAAK,MAAA,CAAO,IAAA,CAA8C,IAAA,EAAM,IAAI,IAAI,CAAA;AAAA,EACjF;AACF,CAAA;;;ACvBO,IAAM,iBAAN,MAAqB;AAAA,EACT,MAAA;AAAA,EAEjB,YAAY,MAAA,EAAoB;AAC9B,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAa,OACX,MAAA,EACwB;AAExB,IAAA,MAAM,WAAA,GAAc;AAAA,MAClB,GAAG,MAAA;AAAA,MACH,oBAAA,EACE,MAAA,CAAO,oBAAA,IAAwB,MAAA,CAAO,oBAAA,CAAqB,SAAS,CAAA,GAChE,MAAA,CAAO,oBAAA,GACP,CAAC,QAAQ;AAAA,KACjB;AAEA,IAAA,OAAO,KAAK,MAAA,CAAO,IAAA;AAAA,MACjB,iBAAA;AAAA,MACA,WAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAa,SAAS,EAAA,EAAoC;AACxD,IAAA,MAAM,UAAU,EAAA,CAAG,UAAA,CAAW,KAAK,CAAA,GAAI,EAAA,GAAK,MAAM,EAAE,CAAA,CAAA;AACpD,IAAA,MAAM,IAAA,GAAO,mBAAmB,OAAO,CAAA,CAAA;AAEvC,IAAA,OAAO,IAAA,CAAK,MAAA,CAAO,GAAA,CAAmB,IAAA,EAAM,IAAI,CAAA;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAa,OAAO,EAAA,EAAoC;AACtD,IAAA,MAAM,UAAU,EAAA,CAAG,UAAA,CAAW,KAAK,CAAA,GAAI,EAAA,GAAK,MAAM,EAAE,CAAA,CAAA;AACpD,IAAA,MAAM,IAAA,GAAO,mBAAmB,OAAO,CAAA,OAAA,CAAA;AAEvC,IAAA,OAAO,KAAK,MAAA,CAAO,IAAA,CAAoB,IAAA,EAAM,IAAI,IAAI,CAAA;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBA,MAAa,OAAA,CACX,EAAA,EACA,MAAA,EACwB;AACxB,IAAA,MAAM,UAAU,EAAA,CAAG,UAAA,CAAW,KAAK,CAAA,GAAI,EAAA,GAAK,MAAM,EAAE,CAAA,CAAA;AACpD,IAAA,MAAM,IAAA,GAAO,mBAAmB,OAAO,CAAA,QAAA,CAAA;AAEvC,IAAA,OAAO,IAAA,CAAK,MAAA,CAAO,IAAA,CAAoB,IAAA,EAAM,QAAQ,KAAK,CAAA;AAAA,EAC5D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAa,SAAS,EAAA,EAAoC;AACxD,IAAA,MAAM,UAAU,EAAA,CAAG,UAAA,CAAW,KAAK,CAAA,GAAI,EAAA,GAAK,MAAM,EAAE,CAAA,CAAA;AACpD,IAAA,MAAM,IAAA,GAAO,mBAAmB,OAAO,CAAA,SAAA,CAAA;AAEvC,IAAA,OAAO,KAAK,MAAA,CAAO,IAAA,CAAoB,IAAA,EAAM,IAAI,IAAI,CAAA;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAa,MAAA,CACX,EAAA,EACA,MAAA,EACwB;AACxB,IAAA,MAAM,UAAU,EAAA,CAAG,UAAA,CAAW,KAAK,CAAA,GAAI,EAAA,GAAK,MAAM,EAAE,CAAA,CAAA;AACpD,IAAA,MAAM,IAAA,GAAO,mBAAmB,OAAO,CAAA,CAAA;AAEvC,IAAA,OAAO,IAAA,CAAK,MAAA,CAAO,KAAA,CAAqB,IAAA,EAAM,QAAQ,IAAI,CAAA;AAAA,EAC5D;AACF,CAAA;AC/HO,IAAM,WAAN,MAAe;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASb,eAAA,CACL,OAAA,EACA,SAAA,EACA,MAAA,EACS;AACT,IAAA,IAAI,CAAC,SAAA,IAAa,CAAC,MAAA,EAAQ;AACzB,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,MAAM,aACJ,OAAO,OAAA,KAAY,WAAW,OAAA,GAAU,OAAA,CAAQ,SAAS,MAAM,CAAA;AAGjE,IAAA,MAAM,iBAAA,GAAoB,WAAW,QAAA,EAAU,MAAM,EAClD,MAAA,CAAO,UAAU,CAAA,CACjB,MAAA,CAAO,KAAK,CAAA;AAGf,IAAA,MAAM,eAAA,GAAkB,MAAA,CAAO,IAAA,CAAK,SAAA,EAAW,KAAK,CAAA;AACpD,IAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,IAAA,CAAK,iBAAA,EAAmB,KAAK,CAAA;AAG3D,IAAA,IAAI,eAAA,CAAgB,MAAA,KAAW,cAAA,CAAe,MAAA,EAAQ;AACpD,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,OAAO,eAAA,CAAgB,iBAAiB,cAAc,CAAA;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWO,cAAA,CACL,OAAA,EACA,SAAA,EACA,MAAA,EACc;AACd,IAAA,IAAI,CAAC,IAAA,CAAK,eAAA,CAAgB,OAAA,EAAS,SAAA,EAAW,MAAM,CAAA,EAAG;AACrD,MAAA,MAAM,IAAI,kCAAA;AAAA,QACR,6FAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AAGA,IAAA,MAAM,aACJ,OAAO,OAAA,KAAY,WAAW,OAAA,GAAU,OAAA,CAAQ,SAAS,MAAM,CAAA;AAEjE,IAAA,IAAI;AACF,MAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,UAAU,CAAA;AACnC,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAM,IAAI,kCAAA;AAAA,QACR,CAAA,8BAAA,EAAiC,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAAA,OAC3F;AAAA,IACF;AAAA,EACF;AACF,CAAA;;;AChCO,IAAM,WAAN,MAAe;AAAA;AAAA;AAAA;AAAA,EAIJ,cAAA;AAAA;AAAA;AAAA;AAAA,EAKA,QAAA;AAAA;AAAA;AAAA;AAAA,EAKA,QAAA;AAAA,EAEC,MAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASjB,WAAA,CACE,MAAA,EACA,SAAA,EACA,MAAA,EACA;AACA,IAAA,IAAA,CAAK,MAAA,GAAS,IAAI,UAAA,CAAW,MAAA,EAAQ,WAAW,MAAM,CAAA;AACtD,IAAA,IAAA,CAAK,cAAA,GAAiB,IAAI,cAAA,CAAe,IAAA,CAAK,MAAM,CAAA;AACpD,IAAA,IAAA,CAAK,QAAA,GAAW,IAAI,QAAA,CAAS,IAAA,CAAK,MAAM,CAAA;AACxC,IAAA,IAAA,CAAK,QAAA,GAAW,IAAI,QAAA,EAAS;AAAA,EAC/B;AACF;AAEA,IAAO,aAAA,GAAQ","file":"index.js","sourcesContent":["/**\n * Base error class for all OrcaRail errors\n */\nexport class OrcaRailError extends Error {\n constructor(message: string) {\n super(message);\n this.name = 'OrcaRailError';\n Error.captureStackTrace(this, this.constructor);\n }\n}\n\n/**\n * Error thrown when the API returns a non-2xx status code\n */\nexport class OrcaRailAPIError extends OrcaRailError {\n /**\n * HTTP status code\n */\n public readonly statusCode: number;\n\n /**\n * Error type from the API response\n */\n public readonly type?: string;\n\n /**\n * Additional error details from the API\n */\n public readonly details?: unknown;\n\n constructor(\n message: string,\n statusCode: number,\n type?: string,\n details?: unknown\n ) {\n super(message);\n this.name = 'OrcaRailAPIError';\n this.statusCode = statusCode;\n this.type = type;\n this.details = details;\n }\n}\n\n/**\n * Error thrown when authentication fails (401)\n */\nexport class OrcaRailAuthenticationError extends OrcaRailAPIError {\n constructor(message: string = 'Authentication failed. Please check your API key and secret.') {\n super(message, 401, 'authentication_error');\n this.name = 'OrcaRailAuthenticationError';\n }\n}\n\n/**\n * Error thrown when webhook signature verification fails\n */\nexport class OrcaRailSignatureVerificationError extends OrcaRailError {\n /**\n * The signature that was provided\n */\n public readonly signature: string;\n\n constructor(\n message: string = 'Webhook signature verification failed',\n signature?: string\n ) {\n super(message);\n this.name = 'OrcaRailSignatureVerificationError';\n this.signature = signature || '';\n }\n}\n","import {\n OrcaRailAPIError,\n OrcaRailAuthenticationError,\n OrcaRailError,\n} from './errors';\nimport type { OrcaRailConfig } from './types';\n\nconst DEFAULT_BASE_URL = 'https://api.orcarail.com/api/v1';\nconst DEFAULT_TIMEOUT = 30000;\nconst SDK_VERSION = '1.0.0';\n\n/**\n * HTTP client for making requests to the OrcaRail API\n */\nexport class HttpClient {\n private readonly apiKey: string;\n private readonly apiSecret: string;\n private readonly baseUrl: string;\n private readonly timeout: number;\n\n constructor(apiKey: string, apiSecret: string, config?: OrcaRailConfig) {\n if (!apiKey || !apiSecret) {\n throw new OrcaRailError('API key and secret are required');\n }\n\n this.apiKey = apiKey;\n this.apiSecret = apiSecret;\n this.baseUrl = config?.baseUrl || DEFAULT_BASE_URL;\n this.timeout = config?.timeout || DEFAULT_TIMEOUT;\n }\n\n /**\n * Create Basic Auth header from API key and secret\n */\n private getAuthHeader(): string {\n const credentials = Buffer.from(`${this.apiKey}:${this.apiSecret}`).toString(\n 'base64'\n );\n return `Basic ${credentials}`;\n }\n\n /**\n * Build full URL from path\n */\n private buildUrl(path: string): string {\n // Remove leading slash if present\n const cleanPath = path.startsWith('/') ? path.slice(1) : path;\n return `${this.baseUrl}/${cleanPath}`;\n }\n\n /**\n * Make an HTTP request with timeout and error handling\n */\n private async request<T>(\n method: string,\n path: string,\n body?: unknown,\n requireAuth: boolean = true\n ): Promise<T> {\n const url = this.buildUrl(path);\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'User-Agent': `orcarail-node/${SDK_VERSION}`,\n };\n\n if (requireAuth) {\n headers['Authorization'] = this.getAuthHeader();\n }\n\n const options: RequestInit = {\n method,\n headers,\n };\n\n if (body) {\n options.body = JSON.stringify(body);\n }\n\n // Create AbortController for timeout\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n options.signal = controller.signal;\n\n try {\n const response = await fetch(url, options);\n clearTimeout(timeoutId);\n\n // Parse response body\n let responseData: unknown;\n const contentType = response.headers.get('content-type');\n if (contentType && contentType.includes('application/json')) {\n responseData = await response.json();\n } else {\n responseData = await response.text();\n }\n\n // Handle non-2xx responses\n if (!response.ok) {\n const errorMessage =\n typeof responseData === 'object' &&\n responseData !== null &&\n 'message' in responseData\n ? String((responseData as { message: unknown }).message)\n : `API request failed with status ${response.status}`;\n\n const errorType =\n typeof responseData === 'object' &&\n responseData !== null &&\n 'error' in responseData\n ? String((responseData as { error: unknown }).error)\n : undefined;\n\n if (response.status === 401) {\n throw new OrcaRailAuthenticationError(errorMessage);\n }\n\n throw new OrcaRailAPIError(\n errorMessage,\n response.status,\n errorType,\n responseData\n );\n }\n\n return responseData as T;\n } catch (error) {\n clearTimeout(timeoutId);\n\n if (error instanceof OrcaRailError) {\n throw error;\n }\n\n if (error instanceof Error) {\n if (error.name === 'AbortError') {\n throw new OrcaRailError(\n `Request timeout after ${this.timeout}ms`\n );\n }\n throw new OrcaRailError(`Request failed: ${error.message}`);\n }\n\n throw new OrcaRailError('An unknown error occurred');\n }\n }\n\n /**\n * GET request\n */\n public async get<T>(path: string, requireAuth: boolean = true): Promise<T> {\n return this.request<T>('GET', path, undefined, requireAuth);\n }\n\n /**\n * POST request\n */\n public async post<T>(\n path: string,\n body?: unknown,\n requireAuth: boolean = true\n ): Promise<T> {\n return this.request<T>('POST', path, body, requireAuth);\n }\n\n /**\n * PATCH request\n */\n public async patch<T>(\n path: string,\n body?: unknown,\n requireAuth: boolean = true\n ): Promise<T> {\n return this.request<T>('PATCH', path, body, requireAuth);\n }\n\n /**\n * PUT request\n */\n public async put<T>(\n path: string,\n body?: unknown,\n requireAuth: boolean = true\n ): Promise<T> {\n return this.request<T>('PUT', path, body, requireAuth);\n }\n\n /**\n * DELETE request\n */\n public async delete<T>(\n path: string,\n requireAuth: boolean = true\n ): Promise<T> {\n return this.request<T>('DELETE', path, undefined, requireAuth);\n }\n}\n","import { HttpClient } from '../client';\nimport type { PaymentIntent } from '../types';\n\n/**\n * Checkout resource for slug-based checkout flows (public endpoints)\n */\nexport class Checkout {\n private readonly client: HttpClient;\n\n constructor(client: HttpClient) {\n this.client = client;\n }\n\n /**\n * Get checkout details by slug\n *\n * @param slug - Checkout slug from the payment link URL\n * @returns Checkout details including payment intent\n */\n public async get(slug: string): Promise<PaymentIntent & Record<string, unknown>> {\n const path = `checkout/${encodeURIComponent(slug)}`;\n return this.client.get<PaymentIntent & Record<string, unknown>>(path, true);\n }\n\n /**\n * Cancel payment intent by checkout slug\n *\n * @param slug - Checkout slug from the payment link URL\n * @returns The canceled payment intent and optional cancel_url for redirect\n */\n public async cancel(slug: string): Promise<PaymentIntent & { cancel_url?: string }> {\n const path = `checkout/${encodeURIComponent(slug)}/cancel`;\n return this.client.post<PaymentIntent & { cancel_url?: string }>(path, {}, true);\n }\n}\n","import { HttpClient } from '../client';\nimport type {\n PaymentIntent,\n PaymentIntentConfirmParams,\n PaymentIntentCreateParams,\n PaymentIntentUpdateParams,\n} from '../types';\n\n/**\n * Payment Intents resource for managing payment intents\n */\nexport class PaymentIntents {\n private readonly client: HttpClient;\n\n constructor(client: HttpClient) {\n this.client = client;\n }\n\n /**\n * Create a new Payment Intent\n *\n * @param params - Payment Intent creation parameters\n * @returns The created Payment Intent\n */\n public async create(\n params: PaymentIntentCreateParams\n ): Promise<PaymentIntent> {\n // Ensure payment_method_types defaults to ['crypto'] if empty\n const requestBody = {\n ...params,\n payment_method_types:\n params.payment_method_types && params.payment_method_types.length > 0\n ? params.payment_method_types\n : ['crypto'],\n };\n\n return this.client.post<PaymentIntent>(\n 'payment_intents',\n requestBody,\n true\n );\n }\n\n /**\n * Retrieve a Payment Intent by ID\n *\n * @param id - Payment Intent ID (e.g., \"pi_1234567890\")\n * @returns The Payment Intent\n */\n public async retrieve(id: string): Promise<PaymentIntent> {\n const cleanId = id.startsWith('pi_') ? id : `pi_${id}`;\n const path = `payment_intents/${cleanId}`;\n\n return this.client.get<PaymentIntent>(path, true);\n }\n\n /**\n * Cancel a Payment Intent (API: POST /payment_intents/:id/cancel).\n * Use when the user is redirected to your cancel_url (e.g. https://yourapp.com/cancel?payment_intent=pi_20)\n * and you want to mark the intent as canceled on the backend.\n *\n * @param id - Payment Intent ID (e.g. \"pi_20\" or \"20\")\n * @returns The canceled Payment Intent\n *\n * @example\n * // When user lands on https://localhost:3001/cancel?payment_intent=pi_20\n * const intent = await orcarail.paymentIntents.cancel('pi_20');\n */\n public async cancel(id: string): Promise<PaymentIntent> {\n const cleanId = id.startsWith('pi_') ? id : `pi_${id}`;\n const path = `payment_intents/${cleanId}/cancel`;\n\n return this.client.post<PaymentIntent>(path, {}, true);\n }\n\n /**\n * Confirm a Payment Intent (API: POST /payment_intents/:id/confirm).\n * Redirects the customer to the hosted checkout page.\n *\n * @param id - Payment Intent ID (e.g. \"pi_20\" or \"20\")\n * @param params - Confirmation parameters including client_secret and return_url\n * @returns The confirmed Payment Intent\n *\n * @example\n * const intent = await orcarail.paymentIntents.confirm('pi_20', {\n * client_secret: intent.client_secret,\n * return_url: 'https://yourapp.com/return',\n * });\n */\n public async confirm(\n id: string,\n params: PaymentIntentConfirmParams\n ): Promise<PaymentIntent> {\n const cleanId = id.startsWith('pi_') ? id : `pi_${id}`;\n const path = `payment_intents/${cleanId}/confirm`;\n\n return this.client.post<PaymentIntent>(path, params, false);\n }\n\n /**\n * Complete a Payment Intent (API: POST /payment_intents/:id/complete).\n * Sets the intent to processing and fires the payment_intent.processing webhook.\n * Use when the user is redirected to your success/return URL (e.g. https://yourapp.com/success?payment_intent=pi_34).\n *\n * @param id - Payment Intent ID (e.g. \"pi_34\" or \"34\")\n * @returns The updated Payment Intent (status processing)\n *\n * @example\n * // When user lands on https://localhost:3001/success?payment_intent=pi_34\n * const intent = await orcarail.paymentIntents.complete('pi_34');\n */\n public async complete(id: string): Promise<PaymentIntent> {\n const cleanId = id.startsWith('pi_') ? id : `pi_${id}`;\n const path = `payment_intents/${cleanId}/complete`;\n\n return this.client.post<PaymentIntent>(path, {}, true);\n }\n\n /**\n * Update a Payment Intent\n *\n * @param id - Payment Intent ID\n * @param params - Update parameters (all optional)\n * @returns The updated Payment Intent\n */\n public async update(\n id: string,\n params: PaymentIntentUpdateParams\n ): Promise<PaymentIntent> {\n const cleanId = id.startsWith('pi_') ? id : `pi_${id}`;\n const path = `payment_intents/${cleanId}`;\n\n return this.client.patch<PaymentIntent>(path, params, true);\n }\n}\n","import { createHmac, timingSafeEqual } from 'crypto';\nimport { OrcaRailSignatureVerificationError } from './errors';\nimport type { WebhookEvent } from './types';\n\n/**\n * Webhook utilities for verifying webhook signatures\n */\nexport class Webhooks {\n /**\n * Verify webhook signature\n *\n * @param rawBody - Raw request body (string or Buffer)\n * @param signature - Signature from x-webhook-signature header\n * @param secret - Webhook secret (API key's secretHash)\n * @returns True if signature is valid, false otherwise\n */\n public verifySignature(\n rawBody: string | Buffer,\n signature: string,\n secret: string\n ): boolean {\n if (!signature || !secret) {\n return false;\n }\n\n // Convert rawBody to string if it's a Buffer\n const bodyString =\n typeof rawBody === 'string' ? rawBody : rawBody.toString('utf8');\n\n // Compute expected signature\n const expectedSignature = createHmac('sha256', secret)\n .update(bodyString)\n .digest('hex');\n\n // Compare signatures using timing-safe comparison\n const signatureBuffer = Buffer.from(signature, 'hex');\n const expectedBuffer = Buffer.from(expectedSignature, 'hex');\n\n // Length check first (prevents timing attacks)\n if (signatureBuffer.length !== expectedBuffer.length) {\n return false;\n }\n\n return timingSafeEqual(signatureBuffer, expectedBuffer);\n }\n\n /**\n * Construct and verify a webhook event from raw body and signature\n *\n * @param rawBody - Raw request body (string or Buffer)\n * @param signature - Signature from x-webhook-signature header\n * @param secret - Webhook secret (API key's secretHash)\n * @returns Parsed webhook event\n * @throws OrcaRailSignatureVerificationError if signature is invalid\n */\n public constructEvent(\n rawBody: string | Buffer,\n signature: string,\n secret: string\n ): WebhookEvent {\n if (!this.verifySignature(rawBody, signature, secret)) {\n throw new OrcaRailSignatureVerificationError(\n 'Webhook signature verification failed. The signature does not match the expected signature.',\n signature\n );\n }\n\n // Parse JSON body\n const bodyString =\n typeof rawBody === 'string' ? rawBody : rawBody.toString('utf8');\n\n try {\n const event = JSON.parse(bodyString) as WebhookEvent;\n return event;\n } catch (error) {\n throw new OrcaRailSignatureVerificationError(\n `Failed to parse webhook body: ${error instanceof Error ? error.message : 'Unknown error'}`\n );\n }\n }\n}\n","import { HttpClient } from './client';\nimport { Checkout } from './resources/checkout';\nimport { PaymentIntents } from './resources/payment-intents';\nimport { Webhooks } from './webhooks';\nimport type { OrcaRailConfig } from './types';\n\n// Re-export all types\nexport type {\n OrcaRailConfig,\n PaymentIntent,\n PaymentIntentCreateParams,\n PaymentIntentUpdateParams,\n PaymentIntentConfirmParams,\n PaymentLink,\n LatestTransaction,\n WebhookEvent,\n WebhookEventType,\n WebhookEventData,\n} from './types';\n\n// Re-export all errors\nexport {\n OrcaRailError,\n OrcaRailAPIError,\n OrcaRailAuthenticationError,\n OrcaRailSignatureVerificationError,\n} from './errors';\n\n/**\n * OrcaRail Node.js SDK\n *\n * @example\n * ```typescript\n * import OrcaRail from '@orcarail/node';\n *\n * const orcarail = new OrcaRail('ak_live_xxx', 'sk_live_xxx');\n *\n * // Create a payment intent\n * const intent = await orcarail.paymentIntents.create({\n * amount: '100.00',\n * currency: 'usd',\n * payment_method_types: ['crypto'],\n * tokenId: 1,\n * networkId: 1,\n * return_url: 'https://merchant.example.com/return',\n * });\n * ```\n */\nexport class OrcaRail {\n /**\n * Payment Intents resource\n */\n public readonly paymentIntents: PaymentIntents;\n\n /**\n * Checkout resource (slug-based get/cancel)\n */\n public readonly checkout: Checkout;\n\n /**\n * Webhooks utilities\n */\n public readonly webhooks: Webhooks;\n\n private readonly client: HttpClient;\n\n /**\n * Create a new OrcaRail client instance\n *\n * @param apiKey - Your OrcaRail API key (e.g., \"ak_live_xxx\")\n * @param apiSecret - Your OrcaRail API secret (e.g., \"sk_live_xxx\")\n * @param config - Optional configuration\n */\n constructor(\n apiKey: string,\n apiSecret: string,\n config?: OrcaRailConfig\n ) {\n this.client = new HttpClient(apiKey, apiSecret, config);\n this.paymentIntents = new PaymentIntents(this.client);\n this.checkout = new Checkout(this.client);\n this.webhooks = new Webhooks();\n }\n}\n\nexport default OrcaRail;\n"]}
|
package/package.json
ADDED
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@orcarail/node",
|
|
3
|
+
"version": "1.0.1",
|
|
4
|
+
"description": "Official Node.js SDK for OrcaRail - Accept crypto payments with Payment Intents",
|
|
5
|
+
"main": "./dist/index.cjs",
|
|
6
|
+
"module": "./dist/index.js",
|
|
7
|
+
"types": "./dist/index.d.ts",
|
|
8
|
+
"exports": {
|
|
9
|
+
".": {
|
|
10
|
+
"import": {
|
|
11
|
+
"types": "./dist/index.d.ts",
|
|
12
|
+
"default": "./dist/index.js"
|
|
13
|
+
},
|
|
14
|
+
"require": {
|
|
15
|
+
"types": "./dist/index.d.ts",
|
|
16
|
+
"default": "./dist/index.cjs"
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
},
|
|
20
|
+
"files": [
|
|
21
|
+
"dist",
|
|
22
|
+
"README.md",
|
|
23
|
+
"LICENSE"
|
|
24
|
+
],
|
|
25
|
+
"scripts": {
|
|
26
|
+
"build": "tsup",
|
|
27
|
+
"dev": "tsup --watch",
|
|
28
|
+
"test": "vitest run",
|
|
29
|
+
"test:watch": "vitest",
|
|
30
|
+
"lint": "eslint src tests --ext .ts",
|
|
31
|
+
"format": "prettier --write \"src/**/*.ts\" \"tests/**/*.ts\"",
|
|
32
|
+
"typecheck": "tsc --noEmit",
|
|
33
|
+
"prepublishOnly": "npm run build && npm test"
|
|
34
|
+
},
|
|
35
|
+
"keywords": [
|
|
36
|
+
"orcarail",
|
|
37
|
+
"crypto",
|
|
38
|
+
"payments",
|
|
39
|
+
"payment-intents",
|
|
40
|
+
"webhooks",
|
|
41
|
+
"blockchain",
|
|
42
|
+
"stablecoin"
|
|
43
|
+
],
|
|
44
|
+
"author": "OrcaRail",
|
|
45
|
+
"license": "MIT",
|
|
46
|
+
"publishConfig": {
|
|
47
|
+
"access": "public"
|
|
48
|
+
},
|
|
49
|
+
"repository": {
|
|
50
|
+
"type": "git",
|
|
51
|
+
"url": "https://github.com/orcarail/orcarail-node.git"
|
|
52
|
+
},
|
|
53
|
+
"bugs": {
|
|
54
|
+
"url": "https://github.com/orcarail/orcarail-node/issues"
|
|
55
|
+
},
|
|
56
|
+
"homepage": "https://github.com/orcarail/orcarail-node#readme",
|
|
57
|
+
"engines": {
|
|
58
|
+
"node": ">=18.0.0"
|
|
59
|
+
},
|
|
60
|
+
"devDependencies": {
|
|
61
|
+
"@types/node": "^20.0.0",
|
|
62
|
+
"@typescript-eslint/eslint-plugin": "^6.0.0",
|
|
63
|
+
"@typescript-eslint/parser": "^6.0.0",
|
|
64
|
+
"eslint": "^8.0.0",
|
|
65
|
+
"prettier": "^3.0.0",
|
|
66
|
+
"tsup": "^8.0.0",
|
|
67
|
+
"typescript": "^5.0.0",
|
|
68
|
+
"vitest": "^1.0.0"
|
|
69
|
+
},
|
|
70
|
+
"peerDependencies": {
|
|
71
|
+
"@types/express": "^4.17.0",
|
|
72
|
+
"@types/node": "^18.0.0"
|
|
73
|
+
},
|
|
74
|
+
"peerDependenciesMeta": {
|
|
75
|
+
"@types/express": {
|
|
76
|
+
"optional": true
|
|
77
|
+
},
|
|
78
|
+
"@types/node": {
|
|
79
|
+
"optional": true
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
}
|