@ozura/elements 1.2.0 → 1.2.3

package/dist/vue/types/index.d.ts

@@ -0,0 +1,667 @@
+export interface ElementStyle {
+    color?: string;
+    fontSize?: string;
+    fontFamily?: string;
+    fontWeight?: string;
+    fontStyle?: string;
+    fontVariant?: string;
+    fontSmoothing?: string;
+    webkitFontSmoothing?: string;
+    mozOsxFontSmoothing?: string;
+    letterSpacing?: string;
+    lineHeight?: string;
+    textAlign?: string;
+    textDecoration?: string;
+    textShadow?: string;
+    textTransform?: string;
+    padding?: string;
+    paddingTop?: string;
+    paddingRight?: string;
+    paddingBottom?: string;
+    paddingLeft?: string;
+    backgroundColor?: string;
+    opacity?: string;
+    border?: string;
+    borderColor?: string;
+    borderWidth?: string;
+    borderStyle?: string;
+    borderRadius?: string;
+    borderTop?: string;
+    borderRight?: string;
+    borderBottom?: string;
+    borderLeft?: string;
+    borderTopColor?: string;
+    borderRightColor?: string;
+    borderBottomColor?: string;
+    borderLeftColor?: string;
+    borderTopWidth?: string;
+    borderRightWidth?: string;
+    borderBottomWidth?: string;
+    borderLeftWidth?: string;
+    borderTopStyle?: string;
+    borderRightStyle?: string;
+    borderBottomStyle?: string;
+    borderLeftStyle?: string;
+    borderTopLeftRadius?: string;
+    borderTopRightRadius?: string;
+    borderBottomLeftRadius?: string;
+    borderBottomRightRadius?: string;
+    boxShadow?: string;
+    outline?: string;
+    outlineColor?: string;
+    outlineWidth?: string;
+    outlineStyle?: string;
+    outlineOffset?: string;
+    cursor?: string;
+    caretColor?: string;
+    height?: string;
+    minHeight?: string;
+    maxHeight?: string;
+    transition?: string;
+}
+export interface ElementStyleConfig {
+    /** Default styles applied to the input. */
+    base?: ElementStyle;
+    /** Styles applied when the input is focused. Merges on top of `base`. */
+    focus?: ElementStyle;
+    /** Styles applied when the input contains an invalid value (on blur). Merges on top of `base`. */
+    invalid?: ElementStyle;
+    /** Styles applied when the input contains a valid, complete value (on blur). Merges on top of `base`. */
+    complete?: ElementStyle;
+    /** Styles applied to the input's placeholder text (::placeholder pseudo-element). */
+    placeholder?: ElementStyle;
+}
+export interface ElementOptions {
+    style?: ElementStyleConfig;
+    placeholder?: string;
+    disabled?: boolean;
+    /** How long to wait (ms) for the iframe to load before emitting `loaderror`. Default: 10 000.
+     * Only takes effect when this element's `onLoadError` option is provided or when `VaultOptions.onLoadError` is set. */
+    loadTimeoutMs?: number;
+}
+export interface ElementChangeEvent {
+    empty: boolean;
+    complete: boolean;
+    valid: boolean;
+    /** Card brand — only present on cardNumber elements */
+    cardBrand?: string;
+    /** Parsed month (01-12) — only present on expirationDate elements */
+    month?: string;
+    /** Parsed 2-digit year — only present on expirationDate elements */
+    year?: string;
+    /** Human-readable error when valid is false and the field has been touched */
+    error?: string;
+}
+export type ElementType = 'cardNumber' | 'cvv' | 'expirationDate';
+/** Bank account element types. */
+export type BankElementType = 'accountNumber' | 'routingNumber';
+/** Load a font from a CSS stylesheet URL (e.g. Google Fonts). Must be HTTPS. */
+export interface CssFontSource {
+    cssSrc: string;
+}
+/** Load a custom font via @font-face. `src` must be a `url(https://...)` value. */
+export interface CustomFontSource {
+    family: string;
+    src: string;
+    weight?: string;
+    style?: string;
+    display?: string;
+    unicodeRange?: string;
+}
+export type FontSource = CssFontSource | CustomFontSource;
+export type OzTheme = 'default' | 'night' | 'flat';
+/**
+ * CSS variable-style overrides. Each key maps to a specific style property
+ * across all style states, so merchants can theme with a single flat object
+ * instead of manually building full `ElementStyleConfig` objects.
+ */
+export interface AppearanceVariables {
+    /** Input text color. Maps to `base.color`. */
+    colorText?: string;
+    /** Input background color. Maps to `base.backgroundColor`. */
+    colorBackground?: string;
+    /** Primary accent color. Maps to `focus.caretColor` and `base.caretColor`. */
+    colorPrimary?: string;
+    /** Error/invalid state text color. Maps to `invalid.color`. */
+    colorDanger?: string;
+    /** Success/complete state text color. Maps to `complete.color`. */
+    colorSuccess?: string;
+    /** Placeholder text color. Maps to `placeholder.color`. */
+    colorPlaceholder?: string;
+    /** Font family. Maps to `base.fontFamily`. */
+    fontFamily?: string;
+    /** Font size. Maps to `base.fontSize`. */
+    fontSize?: string;
+    /** Font weight. Maps to `base.fontWeight`. */
+    fontWeight?: string;
+    /** Letter spacing. Maps to `base.letterSpacing`. */
+    letterSpacing?: string;
+    /** Line height. Maps to `base.lineHeight`. */
+    lineHeight?: string;
+    /** Inner padding. Maps to `base.padding`. */
+    padding?: string;
+}
+/**
+ * Global appearance configuration. Applied to all elements created by this vault.
+ * Per-element `style` overrides take precedence over appearance settings.
+ */
+export interface Appearance {
+    /** Preset theme. Applies a complete set of default styles. */
+    theme?: OzTheme;
+    /** Variable overrides. Merged on top of the theme defaults. */
+    variables?: AppearanceVariables;
+}
+export interface VaultOptions {
+    /** System pub key required for tokenization. Obtain from Ozura admin.
+     *  Sent as the `X-Pub-Key` header on tokenize requests. */
+    pubKey: string;
+    /**
+     * URL of your backend session endpoint. The simplest way to connect the SDK
+     * to your server — just pass the path and the SDK handles everything else.
+     *
+     * The endpoint should be created with `createSessionMiddleware` or
+     * `createSessionHandler` from `@ozura/elements/server`.
+     *
+     * @example
+     * // Backend (Express)
+     * app.post('/api/oz-session', createSessionMiddleware(ozura));
+     *
+     * // Frontend
+     * OzVault.create({ pubKey: 'pk_live_...', sessionUrl: '/api/oz-session' })
+     */
+    sessionUrl?: string;
+    /**
+     * Custom async function to obtain a session key from your backend.
+     * Use this when you need custom headers, auth tokens, or request logic that
+     * `sessionUrl` cannot provide.
+     *
+     * Receives an SDK-generated session UUID; your implementation passes it to
+     * your backend, which calls `ozura.createSession()` and returns the key.
+     *
+     * For the common case, prefer `sessionUrl` — it wraps this automatically.
+     *
+     * @example
+     * getSessionKey: async (sessionId) => {
+     *   const res = await fetch('/api/oz-session', {
+     *     method: 'POST',
+     *     headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${token}` },
+     *     body: JSON.stringify({ sessionId }),
+     *   });
+     *   const { sessionKey } = await res.json();
+     *   return sessionKey;
+     * }
+     */
+    getSessionKey?: (sessionId: string) => Promise<string>;
+    /**
+     * @deprecated Use `sessionUrl` or `getSessionKey` instead.
+     *
+     * Legacy callback name. Equivalent to `getSessionKey` — both are supported
+     * and work identically. `fetchWaxKey` will be removed in a future major version.
+     */
+    fetchWaxKey?: (tokenizationSessionId: string) => Promise<string>;
+    /** Base URL where the Ozura frame HTML/JS assets are served from.
+     *  Defaults to the production CDN. Override for local development. */
+    frameBaseUrl?: string;
+    /**
+     * Custom fonts to inject into element iframes. Accepts Google Fonts URLs
+     * or @font-face declarations. Fonts are loaded inside each iframe so they
+     * render in the card input fields.
+     *
+     * @example
+     * // Google Fonts
+     * fonts: [{ cssSrc: 'https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap' }]
+     *
+     * @example
+     * // Custom @font-face
+     * fonts: [{ family: 'MyFont', src: 'url(https://cdn.example.com/myfont.woff2)', weight: '400' }]
+     */
+    fonts?: FontSource[];
+    /**
+     * Called if the tokenizer iframe fails to signal ready within `loadTimeoutMs`.
+     * Use this to show a fallback UI (e.g. "Unable to load payment fields").
+     */
+    onLoadError?: () => void;
+    /** How long to wait (ms) for the tokenizer iframe before calling `onLoadError`. Default: 10 000.
+     * Only takes effect when `onLoadError` is also provided — setting this without `onLoadError` has no effect. */
+    loadTimeoutMs?: number;
+    /**
+     * Called when the SDK silently refreshes the payment session mid-checkout
+     * (e.g. after the session is consumed or expires). The `createToken()` /
+     * `createBankToken()` promise stays pending until the refresh completes.
+     * Use this to show a loading indicator while the refresh is in progress.
+     */
+    onSessionRefresh?: () => void;
+    /**
+     * @deprecated Use `onSessionRefresh` instead.
+     */
+    onWaxRefresh?: () => void;
+    /**
+     * Maximum number of card submissions allowed per session before the SDK
+     * automatically refreshes the session in the background. Defaults to `3`.
+     *
+     * Must match the `sessionLimit` (or `maxTokenizeCalls`) passed to
+     * `ozura.createSession()` on your server. Both default to `3` so you only
+     * need this if you override the server-side value.
+     *
+     * Pass `null` to disable the proactive refresh cap entirely (unlimited
+     * tokenizations per session). Only use this when your server-side
+     * `createSession()` also passes `sessionLimit: null`.
+     *
+     * @default 3
+     */
+    sessionLimit?: number | null;
+    /**
+     * @deprecated Use `sessionLimit` instead.
+     * Maximum number of tokenize calls per session. Equivalent to `sessionLimit`.
+     * @default 3
+     */
+    maxTokenizeCalls?: number;
+    /**
+     * Called once when the tokenizer iframe has loaded and is ready to accept
+     * tokenization requests. Useful in vanilla JS to re-evaluate submit-button
+     * readiness when the tokenizer becomes ready after all element iframes have
+     * already loaded.
+     *
+     * In React, use `useOzElements().ready` instead — it combines both tokenizer
+     * and element readiness automatically.
+     */
+    onReady?: () => void;
+    /**
+     * Global appearance configuration. Applies preset themes and/or variable
+     * overrides to all elements created by this vault. Per-element `style`
+     * overrides take precedence.
+     *
+     * @example
+     * appearance: { theme: 'night' }
+     *
+     * @example
+     * appearance: {
+     *   theme: 'flat',
+     *   variables: { colorPrimary: '#6366f1', fontFamily: '"Inter", sans-serif' },
+     * }
+     */
+    appearance?: Appearance;
+    /**
+     * Enables structured debug logging to the browser console.
+     *
+     * When `true`, the vault emits a `[OzVault]`-prefixed `console.log` entry at
+     * every meaningful lifecycle event: vault creation, tokenizer readiness, element
+     * readiness, field changes, tokenization start/result/error, wax key refresh,
+     * tab-visibility refreshes, `reset()`, and `destroy()`.
+     *
+     * **No sensitive data is ever logged.** Wax keys, tokens, CVC sessions, and
+     * billing fields are represented only as boolean presence flags. Frame IDs and
+     * request IDs are truncated. Output is safe to paste directly into bug reports.
+     *
+     * Use `vault.debugState()` to capture a full snapshot of internal state at any
+     * point, regardless of whether `debug` is enabled.
+     *
+     * @default false
+     */
+    debug?: boolean;
+}
+/** Billing address. All string fields are validated to 1–50 characters. */
+export interface BillingAddress {
+    line1: string;
+    /** Optional. Omitted entirely from cardSale if blank (schema enforces minLength 1 if present). */
+    line2?: string;
+    city: string;
+    /** For US and CA: normalized to the 2-letter abbreviation (e.g. "California" → "CA"). */
+    state: string;
+    zip: string;
+    /** ISO 3166-1 alpha-2, e.g. "US", "CA", "GB". */
+    country: string;
+}
+/**
+ * Cardholder billing details validated against the Ozura cardSale API schema.
+ * Mirrors the `billing_details` object in Stripe's createPaymentMethod API.
+ *
+ * Pass to `vault.createToken({ billing })` — the SDK validates all fields and
+ * returns normalized values in `TokenResponse.billing` ready for the cardSale call.
+ */
+export interface BillingDetails {
+    /** 1–50 characters. Required for cardSale. */
+    firstName: string;
+    /** 1–50 characters. Required for cardSale. Must be non-empty. */
+    lastName: string;
+    /** Valid email address, max 50 characters. */
+    email?: string;
+    /** E.164 format, e.g. "+15551234567". Max 50 characters. */
+    phone?: string;
+    address?: BillingAddress;
+}
+export interface TokenizeOptions {
+    /**
+     * Billing details — validated, normalized, and returned in TokenResponse.billing
+     * ready to be passed directly to the cardSale API.
+     *
+     * If provided, firstName and lastName inside billing take precedence over
+     * the top-level firstName/lastName params below.
+     */
+    billing?: BillingDetails;
+    /** @deprecated Pass firstName inside `billing` instead. */
+    firstName?: string;
+    /** @deprecated Pass lastName inside `billing` instead. */
+    lastName?: string;
+}
+/** Options for `vault.createBankToken()`. */
+export interface BankTokenizeOptions {
+    /** Account holder first name. Required. */
+    firstName: string;
+    /** Account holder last name. Required. */
+    lastName: string;
+}
+/** Non-sensitive bank account metadata returned alongside the token. */
+export interface BankAccountMetadata {
+    /** Last 4 digits of the account number. */
+    last4: string;
+    /** Last 4 digits of the routing number — sufficient for display and reconciliation. */
+    routingNumberLast4: string;
+}
+/** Non-sensitive card metadata returned alongside the token. */
+export interface CardMetadata {
+    /** Last 4 digits of the card number. */
+    last4: string;
+    /** Detected card brand (e.g. "visa", "mastercard", "amex"). */
+    brand: string;
+    /** 2-digit expiry month (e.g. "09"). */
+    expMonth: string;
+    /** 4-digit expiry year (e.g. "2027"). */
+    expYear: string;
+}
+export interface TokenResponse {
+    token: string;
+    /**
+     * CVC session token returned by the vault alongside the card token.
+     *
+     * Required by the Ozura Pay API `cardSale` endpoint. The SDK validates this
+     * field before resolving `createToken()` — if it is absent the promise rejects
+     * with `OZ_TOKEN_ERROR`. In practice this field is always present on a
+     * successful tokenization.
+     */
+    cvcSession: string;
+    /**
+     * Non-sensitive card metadata — present on successful tokenization when the
+     * vault returns all four fields (last4, brand, expMonth, expYear). Absent if
+     * the vault response omits any card metadata field.
+     */
+    card?: CardMetadata;
+    /**
+     * Validated, normalized billing details — ready to spread into a cardSale request.
+     * Only present when billing was passed to createToken().
+     */
+    billing?: BillingDetails;
+}
+/**
+ * Returned by `vault.createBankToken()` after successful ACH tokenization.
+ * The token can be passed to any ACH-capable payment processor.
+ * Note: OzuraPay does not currently support bank account payments.
+ */
+export interface BankTokenResponse {
+    /** Vault token representing the bank account. Use with your ACH processor. */
+    token: string;
+    /** Non-sensitive bank account metadata. */
+    bank?: BankAccountMetadata;
+}
+/**
+ * Full request body for the Ozura Pay API cardSale endpoint.
+ * All string fields are 1–50 characters. billingAddress2 is optional (omit if blank).
+ *
+ * Headers required:
+ *   x-api-key: <merchantApiKey>
+ */
+export interface CardSaleRequest {
+    /** Processor to use. If omitted, the Pay API auto-selects (Elavon → Nuvei → Worldpay). */
+    processor?: 'elavon' | 'nuvei' | 'worldpay';
+    merchantId: string;
+    /** Decimal string, e.g. "49.00". */
+    amount: string;
+    /** ISO 4217, e.g. "USD". */
+    currency: string;
+    /**
+     * Who initiated the transaction. Required by the Pay API.
+     * - `'cit'`  — Customer-Initiated Transaction (default for web checkouts).
+     * - `'mit'`  — Merchant-Initiated (scheduled recurring charge, customer not present).
+     * - `'ucof'` — Unscheduled Credential-on-File (threshold billing, account-updater, etc.).
+     * - `'refund'` — Voids, returns, reversals (not a stored-credential use).
+     */
+    transactionInitiationType: 'cit' | 'mit' | 'ucof' | 'refund';
+    /**
+     * Channel through which the transaction is processed. Required by the Pay API.
+     * - `'ecommerce'`  — Online, customer self-serve (default for web checkouts).
+     * - `'moto'`       — Mail order / telephone order.
+     * - `'cardPresent'`— POS / in-person.
+     * - `'recurring'`  — Scheduled MIT charge; never the initial CIT charge.
+     */
+    transactionChannel: 'cardPresent' | 'ecommerce' | 'moto' | 'recurring';
+    /** From TokenResponse.token. The vault token representing the stored card. */
+    ozuraVaultToken: string;
+    /** From TokenResponse.cvcSession */
+    ozuraCvcSession: string;
+    billingFirstName: string;
+    billingLastName: string;
+    /**
+     * Required by the Pay API (minLength 1). Optional here so merchants can omit it
+     * in rare server-side-only flows, but the Pay API will reject the request if absent.
+     */
+    billingEmail?: string;
+    /** E.164 format, max 50 chars. Required by the Pay API; optional here for flexibility. */
+    billingPhone?: string;
+    /** Required by the Pay API; optional here for flexibility. Must be non-empty if provided. */
+    billingAddress1?: string;
+    /** Omit entirely if blank — Pay API schema enforces minLength 1 if present. */
+    billingAddress2?: string;
+    /** Required by the Pay API; optional here for flexibility. Must be non-empty if provided. */
+    billingCity?: string;
+    /** 2-letter state/province code. Required by the Pay API; optional here for flexibility. */
+    billingState?: string;
+    /** Required by the Pay API; optional here for flexibility. Must be non-empty if provided. */
+    billingZipcode?: string;
+    /** ISO 3166-1 alpha-2. Required by the Pay API. Defaults to 'US' in `Ozura.cardSale()`. */
+    billingCountry?: string;
+    /** Fetch from your server — use an internal route, not api.ipify.org (ad-blockers block it). */
+    clientIpAddress: string;
+    salesTaxExempt: boolean;
+    /** Defaults to "0.00". Range 0–3. */
+    surchargePercent?: string;
+    /** Defaults to "0.00". */
+    tipAmount?: string;
+}
+/**
+ * The `data` object inside a successful cardSale API response.
+ *
+ * Store `transactionId` in your database immediately after receiving this —
+ * it is required for refunds and idempotency checks.
+ */
+export interface CardSaleResponseData {
+    /** Unique transaction reference — store this in your database. */
+    transactionId: string;
+    /** Amount charged, decimal string, e.g. "49.00". */
+    amount: string;
+    /** ISO 4217 currency code, e.g. "USD". */
+    currency: string;
+    /** Surcharge amount applied, e.g. "1.50". Absent when no surcharge was configured. */
+    surchargeAmount?: string;
+    /** Sales tax calculated by the Pay API based on billing address. */
+    salesTaxAmount?: string;
+    /** Tip amount applied, e.g. "5.00". Absent when no tip was included in the request. */
+    tipAmount?: string;
+    /** Last four digits of the card number. */
+    cardLastFour: string;
+    /** First six digits of the card number (BIN). */
+    cardBin?: string;
+    /** Expiry month as 2-digit string, e.g. "09". */
+    cardExpMonth: string;
+    /** Expiry year as 4-digit string, e.g. "2027". */
+    cardExpYear: string;
+    /** Card brand returned by processor, e.g. "visa", "mastercard", "amex". */
+    cardBrand: string;
+    /** Whether the card is a credit card (vs debit). */
+    isCreditCard?: boolean;
+    /** ISO 8601 transaction timestamp. */
+    transDate: string;
+    /** Merchant ID echoed back from the request. */
+    ozuraMerchantId: string;
+    /** Client IP address echoed back. */
+    clientIpAddress?: string;
+    /** Billing fields echoed back — useful for receipts. */
+    billingFirstName: string;
+    billingLastName: string;
+    billingEmail: string;
+    billingPhone: string;
+    billingAddress1: string;
+    billingAddress2?: string;
+    billingCity: string;
+    billingState: string;
+    billingZipcode: string;
+    billingCountry: string;
+}
+/**
+ * Full response envelope from the Ozura Pay API cardSale endpoint.
+ *
+ * On success:  `{ success: true,  data: CardSaleResponseData }`
+ * On failure:  HTTP 4xx/5xx with `{ success: false, error: string }` — pass
+ *              `error` to `normalizeCardSaleError()` to get a user-facing message.
+ *
+ * Note: the server SDK `Ozura.cardSale()` throws `OzuraError` on failure rather
+ * than returning this shape. This type is only needed when calling the Pay API
+ * directly via `fetch`.
+ */
+export interface CardSaleApiResponse {
+    success: boolean;
+    data?: CardSaleResponseData;
+    error?: string;
+}
+/**
+ * Transaction types returned by the Pay API transQuery endpoint.
+ * Mirrors the `TransactionType` enum in PayAPI-BE.
+ */
+export type TransactionType = 'CreditCardSale' | 'CreditCardReversal' | 'CreditCardReturn' | 'CreditCardVoid' | 'AchSale' | 'AchReversal' | 'AchReturn' | 'AchVoid' | 'CryptoSale' | 'CryptoReturn' | 'CryptoWithdrawal';
+export type CardTransactionType = 'CreditCardSale' | 'CreditCardReversal' | 'CreditCardReturn' | 'CreditCardVoid';
+export type AchTransactionType = 'AchSale' | 'AchReversal' | 'AchReturn' | 'AchVoid';
+export type CryptoTransactionType = 'CryptoSale' | 'CryptoReturn' | 'CryptoWithdrawal';
+/**
+ * Shared fields returned by transQuery for all transaction types.
+ *
+ * Note: transQuery returns billing fields as `firstName`, `lastName`, etc.
+ * (the MongoDB field names), NOT the `billingFirstName` format used by the
+ * cardSale endpoint response. This is a backend inconsistency — these types
+ * reflect what the API actually returns.
+ */
+export interface TransactionBase {
+    transactionId: string;
+    originalTransactionId?: string;
+    relatedTransactionIds?: string[];
+    transactionType: TransactionType;
+    amount: string;
+    currentAmount?: string;
+    surchargeAmount?: string;
+    tipAmount?: string;
+    currency: string;
+    status: string;
+    createdAt: string;
+    clientIpAddress?: string;
+    isVoided?: boolean;
+    isPartiallyReturned?: boolean;
+    isFullyReturned?: boolean;
+    isReversed?: boolean;
+    ozuraUserDetails?: {
+        ozuraUserId?: string;
+        ozuraMerchantId?: string;
+    };
+    avsResponseCode?: string;
+    cvvResponseCode?: string;
+    salesTaxData?: Record<string, unknown>;
+    firstName?: string;
+    lastName?: string;
+    email?: string;
+    phone?: string;
+    address1?: string;
+    address2?: string;
+    city?: string;
+    state?: string;
+    zipcode?: string;
+    country?: string;
+}
+/** Card transaction returned by transQuery. */
+export interface CardTransactionData extends TransactionBase {
+    transactionType: CardTransactionType;
+    cardLastFour?: string;
+    cardBin?: string;
+    cardExpMonth?: string;
+    cardExpYear?: string;
+    cardBrand?: string;
+    isCreditCard?: boolean;
+}
+/** ACH transaction returned by transQuery. */
+export interface AchTransactionData extends TransactionBase {
+    transactionType: AchTransactionType;
+    ddaAccountType?: string;
+    accountNumber?: string;
+    routingNumber?: string;
+}
+/** Crypto transaction returned by transQuery. */
+export interface CryptoTransactionData extends TransactionBase {
+    transactionType: CryptoTransactionType;
+    originalSourceAddress?: string;
+    originalDepositAddress?: string;
+    network?: string;
+    mintDetails?: {
+        mintTransactionHash?: string;
+    };
+}
+/**
+ * Discriminated union of all transaction types returned by transQuery.
+ * Narrow via `transactionType` to access type-specific fields:
+ *
+ * ```ts
+ * if (tx.transactionType === 'CreditCardSale') {
+ *   console.log(tx.cardLastFour); // TS knows this exists
+ * }
+ * ```
+ */
+export type TransactionData = CardTransactionData | AchTransactionData | CryptoTransactionData;
+/** Query params for GET /api/v1/transQuery. */
+export interface TransactionQueryParams {
+    merchantId: string;
+    /** Fetch a specific transaction. */
+    transactionId?: string;
+    /** Date range start, format "YYYY-MM-DD HH:MM:SS". */
+    dateFrom?: string;
+    /** Date range end, format "YYYY-MM-DD HH:MM:SS". */
+    dateTo?: string;
+    /** Filter by transaction type, e.g. "CreditCardSale", "AchSale". */
+    transactionType?: TransactionType;
+    /** 1-based page number. Default: 1. */
+    page?: number;
+    /** Results per page. Default: 50, max: 100. */
+    limit?: number;
+    /** Comma-separated field names to return. */
+    fields?: string;
+    sortBy?: string;
+    sortOrder?: 'asc' | 'desc';
+}
+export interface TransactionQueryPagination {
+    currentPage: number;
+    totalPages: number;
+    totalCount: number;
+    limit: number;
+    hasNextPage: boolean;
+    hasPrevPage: boolean;
+    nextPage: number | null;
+    prevPage: number | null;
+}
+export interface TransactionQueryResponse {
+    success: boolean;
+    data: TransactionData[];
+    pagination: TransactionQueryPagination;
+}
+export type OzMessageType = 'OZ_FRAME_READY' | 'OZ_INIT' | 'OZ_UPDATE' | 'OZ_CLEAR' | 'OZ_CHANGE' | 'OZ_FOCUS' | 'OZ_BLUR' | 'OZ_RESIZE' | 'OZ_BEGIN_COLLECT' | 'OZ_FIELD_VALUE' | 'OZ_TOKENIZE' | 'OZ_TOKEN_RESULT' | 'OZ_TOKEN_ERROR' | 'OZ_FOCUS_REQUEST' | 'OZ_BLUR_REQUEST' | 'OZ_SET_CVV_LENGTH' | 'OZ_BANK_TOKENIZE' | 'OZ_BANK_TOKEN_RESULT' | 'OZ_TOKENIZE_CANCEL' | 'OZ_DEBUG_LOG';
+export interface OzMessage {
+    __oz: true;
+    /** Protocol version stamped by the frame on OZ_FRAME_READY. Read by the SDK to detect stale CDN frames. */
+    __ozVersion?: number;
+    vaultId: string;
+    type: OzMessageType;
+    [key: string]: unknown;
+}

package/dist/vue/utils/appearance.d.ts

@@ -0,0 +1,22 @@
+import type { Appearance, ElementStyleConfig } from '../types';
+/**
+ * Resolves an `Appearance` config into a flat `ElementStyleConfig`.
+ * Resolution order: theme defaults → variable overrides.
+ * The returned config is then used as the "base appearance" that
+ * per-element `style` overrides merge on top of.
+ *
+ * @remarks
+ * - `appearance: undefined` → no styles injected (element iframes use their
+ *   own minimal built-in defaults).
+ * - `appearance: {}` or `appearance: { variables: {...} }` without an explicit
+ *   `theme` → the `'default'` theme is used as the base. Omitting `theme`
+ *   does NOT mean "no theme" — it means `theme: 'default'`. To opt out of
+ *   the preset themes entirely, use per-element `style` overrides without
+ *   passing an `appearance` prop at all.
+ */
+export declare function resolveAppearance(appearance?: Appearance): ElementStyleConfig | undefined;
+/**
+ * Merges a resolved appearance with per-element style overrides.
+ * Element styles always win over appearance styles.
+ */
+export declare function mergeAppearanceWithElementStyle(appearance: ElementStyleConfig | undefined, elementStyle: ElementStyleConfig | undefined): ElementStyleConfig | undefined;