@ozura/elements 1.2.4-next.56 → 1.2.4-next.58

package/dist/react/index.esm.js

@@ -1035,7 +1035,7 @@ const DEFAULT_FRAME_BASE_URL = "https://lively-hill-097170c0f.4.azurestaticapps.
  * @example
  * // Recommended — pass sessionUrl and let the SDK call your backend automatically
  * const vault = await OzVault.create({
- *   pubKey: 'pk_prod_...',  // or 'pk_test_...' for test mode
+ *   pubKey: 'pk_prod_...',  // omit for test vault keys; required for production
  *   sessionUrl: '/api/oz-session',  // backend endpoint that calls ozura.createSession()
  * });
  * const cardNum = vault.createElement('cardNumber');
@@ -1143,8 +1143,15 @@ class OzVault {
      * @throws {OzError} if the session fetch fails, times out, or returns an empty string.
      */
     static async create(options, signal) {
-        if (!options.pubKey || !options.pubKey.trim()) {
-            throw new OzError('pubKey is required in options. Obtain your public key from the Ozura admin.');
+        // pubKey is optional — test vault keys (from a Test project on the vault)
+        // do not require a pub key. Production keys do. If provided, it must be
+        // non-empty after trimming; if omitted entirely, warn but continue.
+        if (options.pubKey !== undefined && !options.pubKey.trim()) {
+            throw new OzError('pubKey must be a non-empty string. Omit the option entirely to use a test vault key.');
+        }
+        if (options.pubKey === undefined) {
+            console.warn('[OzVault] pubKey not provided — this only works with a test vault key from a Test project on the vault. ' +
+                'For production, set pubKey to your pk_live_... or pk_prod_... value.');
         }
         // Normalize the session callback. Priority: sessionUrl > getSessionKey > fetchWaxKey (deprecated).
         // This allows merchants to use the clean new API without touching legacy code.
@@ -1353,6 +1360,7 @@ class OzVault {
         const requestId = `req-${uuid()}`;
         this.log('createBankToken() called');
         return new Promise((resolve, reject) => {
+            var _a;
             const resetCountAtStart = this._resetCount;
             const cleanup = () => {
                 if (this._resetCount === resetCountAtStart)
@@ -1373,7 +1381,7 @@ class OzVault {
                     type: 'OZ_BANK_TOKENIZE',
                     requestId,
                     tokenizationSessionId: this.tokenizationSessionId,
-                    pubKey: this.pubKey,
+                    pubKey: (_a = this.pubKey) !== null && _a !== void 0 ? _a : '',
                     firstName: options.firstName.trim(),
                     lastName: options.lastName.trim(),
                     fieldCount: readyBankElements.length,
@@ -1472,6 +1480,7 @@ class OzVault {
             billingPresent: Boolean(options.billing),
         });
         return new Promise((resolve, reject) => {
+            var _a;
             // Capture the reset generation so cleanup() only zeros _tokenizing when it
             // still belongs to this invocation — not a newer one that started after a reset.
             const resetCountAtStart = this._resetCount;
@@ -1496,7 +1505,7 @@ class OzVault {
                     type: 'OZ_TOKENIZE',
                     requestId,
                     tokenizationSessionId: this.tokenizationSessionId,
-                    pubKey: this.pubKey,
+                    pubKey: (_a = this.pubKey) !== null && _a !== void 0 ? _a : '',
                     firstName,
                     lastName,
                     fieldCount: readyElements.length,
@@ -1944,6 +1953,7 @@ class OzVault {
                     if (willRefresh) {
                         const resetCountAtRetry = this._resetCount;
                         this.refreshWaxKey().then(() => {
+                            var _a;
                             if (this._destroyed) {
                                 pending.reject(new OzError('Vault destroyed during wax key refresh.'));
                                 return;
@@ -1976,7 +1986,7 @@ class OzVault {
                                     type: 'OZ_TOKENIZE',
                                     requestId: newRequestId,
                                     tokenizationSessionId: this.tokenizationSessionId,
-                                    pubKey: this.pubKey,
+                                    pubKey: (_a = this.pubKey) !== null && _a !== void 0 ? _a : '',
                                     firstName: pending.firstName,
                                     lastName: pending.lastName,
                                     fieldCount: pending.fieldCount,
@@ -2020,6 +2030,7 @@ class OzVault {
                         if (this.isRefreshableAuthError(errorCode, raw) && !bankPending.retried && this._storedFetchWaxKey) {
                             const resetCountAtRetry = this._resetCount;
                             this.refreshWaxKey().then(() => {
+                                var _a;
                                 if (this._destroyed) {
                                     bankPending.reject(new OzError('Vault destroyed during wax key refresh.'));
                                     return;
@@ -2042,7 +2053,7 @@ class OzVault {
                                         type: 'OZ_BANK_TOKENIZE',
                                         requestId: newRequestId,
                                         tokenizationSessionId: this.tokenizationSessionId,
-                                        pubKey: this.pubKey,
+                                        pubKey: (_a = this.pubKey) !== null && _a !== void 0 ? _a : '',
                                         firstName: bankPending.firstName,
                                         lastName: bankPending.lastName,
                                         fieldCount: bankPending.fieldCount,