@sakeetech/viva-payments-core 0.2.1

package/dist/payments/client.js

@@ -0,0 +1,488 @@
+/**
+ * Payments — Viva Payment API methods (mode-aware).
+ *
+ * The class is parameterised by `mode: 'merchant' | 'isv'`. URL paths and
+ * query-string contracts switch per mode:
+ *
+ *   createOrder
+ *     merchant → POST /checkout/v2/orders                       (OAuth2)
+ *     isv      → POST /checkout/v2/isv/orders?merchantId={uuid} (OAuth2)
+ *   retrieveTransaction
+ *     merchant → GET /checkout/v2/transactions/{transactionId}                (OAuth2)
+ *     isv      → GET /checkout/v2/isv/transactions/{transactionId}?merchantId={uuid} (OAuth2)
+ *   cancelOrder
+ *     merchant → DELETE /checkout/v2/orders/{orderCode}                       (OAuth2)
+ *     isv      → DELETE /checkout/v2/orders/{orderCode}?merchantId={uuid}     (OAuth2)
+ *   refundPayment
+ *     both     → POST /api/transactions/{transactionId}                       (Legacy/Basic)
+ *
+ * In merchant mode `opts.merchantId` (if passed) is silently ignored — never
+ * added to the query string. In ISV mode `merchantId` is required and a
+ * VivaValidationError is thrown if absent.
+ *
+ * `CreateOrderRequest.isvAmount` is stripped from the wire body when
+ * `mode === 'merchant'` — only forwarded on the ISV `/isv/orders` path.
+ *
+ * All methods validate inputs locally before making HTTP calls.
+ * Amounts are in integer minor units (bigint) per plan P15.
+ *
+ * Idempotency: createOrder and refundPayment are non-idempotent (idempotent: false).
+ * retrieveTransaction and cancelOrder are idempotent.
+ *
+ * --- Refund path (F1 — probe-verified 2026-04-25) ---
+ * Viva returns 405 on `POST /checkout/v2/transactions/{id}` (v2/OAuth2 path).
+ * The ONLY working refund path is `POST /api/transactions/{transactionId}` on the
+ * LEGACY HOST (`demo.vivapayments.com` / `www.vivapayments.com`) with Basic auth
+ * (MerchantId + ApiKey). The 401-fallback design is NOT applicable here — Viva
+ * returns 405 (not 401) on the v2 path, so no fallback would ever trigger.
+ * refundPayment now calls `legacyClient` DIRECTLY without any v2 attempt.
+ *
+ * @see references/viva-docs/md/tut-create-recurring-payment.txt:288 (legacy refund endpoint)
+ *
+ * --- retrieveTransaction / cancelOrder fallback (D15 — kept defensive) ---
+ *   The optional `secondaryClient` is a fallback for retrieveTransaction and
+ *   cancelOrder. When the primary OAuth2 client returns 401 (after force-refresh),
+ *   the call retries once with the secondary client. A 401 from secondary surfaces
+ *   as VivaAuthError — no further retry.
+ *   Note: cancelOrder is unverified against live sandbox as of 2026-04-25 probe;
+ *   kept on OAuth2 + 401-fallback path defensively.
+ *
+ * --- Idempotency-Key header (F2 — probe-verified 2026-04-25) ---
+ *   The `Idempotency-Key` header is sent on createOrder but Viva does NOT appear
+ *   to deduplicate server-side (same key returned two different orderCodes in probe).
+ *   Local dedup via `viva_transaction` row is the authoritative dedup mechanism.
+ *   Header is retained for forward-compat (zero cost, may be honoured in future).
+ *
+ * @see references/viva-docs/md/payment-isv-api.txt:1
+ * @see references/viva-docs/md/webhooks-for-payments.txt:248 (retrieve before update)
+ * @see references/viva-docs/md/isv-partner-program.txt:104 (ISV overview)
+ * @see references/viva-docs/md/isv-credentials.txt:107 (reseller credentials)
+ * @see docs/plans/vendure-plugin-v0.md §D15 (reseller fallback scope)
+ */
+import { VivaValidationError, VivaAuthError } from '../errors/index.js';
+import { resolveCardType } from '../types/card-types.js';
+// ---------------------------------------------------------------------------
+// Validation helpers
+// ---------------------------------------------------------------------------
+/**
+ * Validates an ISO 4217 numeric currency code (3-digit numeric string).
+ *
+ * Per plan P15: currencyCode must be a valid 3-digit numeric string.
+ * Examples: '978' (EUR), '826' (GBP), '840' (USD).
+ *
+ * @see references/viva-docs/md/webhooks-for-payments.txt:487
+ */
+function isValidCurrencyCode(code) {
+    return /^\d{3}$/.test(code);
+}
+/**
+ * Build the path + query for `POST /checkout/v2/(isv/)orders`.
+ *
+ * In ISV mode `merchantId` is REQUIRED — throws VivaValidationError if absent.
+ * In merchant mode `merchantId` is ignored entirely.
+ */
+function buildOrderCreateUrl(mode, merchantId) {
+    switch (mode) {
+        case 'merchant':
+            return { path: '/checkout/v2/orders', query: {} };
+        case 'isv':
+            if (!merchantId) {
+                throw new VivaValidationError({
+                    message: "createOrder: merchantId is required when mode='isv'",
+                });
+            }
+            return { path: '/checkout/v2/isv/orders', query: { merchantId } };
+    }
+}
+/**
+ * Build the path + query for `GET /checkout/v2/(isv/)transactions/{id}`.
+ *
+ * In ISV mode `merchantId` is REQUIRED — throws VivaValidationError if absent.
+ * In merchant mode `merchantId` is ignored entirely.
+ */
+function buildTransactionRetrieveUrl(mode, transactionId, merchantId) {
+    switch (mode) {
+        case 'merchant':
+            return { path: `/checkout/v2/transactions/${transactionId}`, query: {} };
+        case 'isv':
+            if (!merchantId) {
+                throw new VivaValidationError({
+                    message: "retrieveTransaction: merchantId is required when mode='isv'",
+                });
+            }
+            return {
+                path: `/checkout/v2/isv/transactions/${transactionId}`,
+                query: { merchantId },
+            };
+    }
+}
+/**
+ * Build the path + query for `DELETE /checkout/v2/orders/{orderCode}`.
+ *
+ * Both modes share the same path template; only ISV mode appends the
+ * `merchantId` query parameter (and requires it).
+ */
+function buildOrderCancelUrl(mode, orderCode, merchantId) {
+    const path = `/checkout/v2/orders/${orderCode}`;
+    switch (mode) {
+        case 'merchant':
+            return { path, query: {} };
+        case 'isv':
+            if (!merchantId) {
+                throw new VivaValidationError({
+                    message: "cancelOrder: merchantId is required when mode='isv'",
+                });
+            }
+            return { path, query: { merchantId } };
+    }
+}
+// ---------------------------------------------------------------------------
+// Payments
+// ---------------------------------------------------------------------------
+/**
+ * Viva Payment API client (mode-aware).
+ *
+ * Constructed with a {@link PaymentsConfig}. The `mode` field determines URL
+ * paths and query-string contract per slice 2 of the multi-mode refactor.
+ *
+ * - `mode`: `'merchant'` or `'isv'`. Required.
+ * - `client`: primary OAuth2 client for createOrder, retrieveTransaction, cancelOrder.
+ * - `secondaryClient`: optional 401-fallback for retrieveTransaction and cancelOrder.
+ *   When undefined, 401 errors propagate normally.
+ * - `legacyClient`: REQUIRED for refundPayment. Calls `POST /api/transactions/{id}`
+ *   on the legacy host with Basic auth (MerchantId + ApiKey). If absent, refundPayment
+ *   throws `VIVA_REFUND_REJECTED` with a config-missing message.
+ *
+ * Probe-verified 2026-04-25: refund MUST go through legacy client — v2/OAuth2 path
+ * returns 405. cancelOrder is unverified but kept on v2/OAuth2 + 401-fallback defensively.
+ *
+ * @see docs/plans/multi-mode-v0.md §8.1
+ * @see references/viva-docs/md/tut-create-recurring-payment.txt:288 (legacy refund path)
+ * @see references/viva-docs/md/payment-isv-api.txt:1
+ * @see references/viva-docs/md/isv-partner-program.txt:61 (P1: merchant scoping)
+ * @see references/viva-docs/md/isv-credentials.txt:107 (reseller credentials)
+ * @see docs/plans/vendure-plugin-v0.md §D15 (reseller fallback)
+ */
+export class Payments {
+    mode;
+    client;
+    secondaryClient;
+    legacyClient;
+    constructor(config) {
+        this.mode = config.mode;
+        this.client = config.client;
+        this.secondaryClient = config.secondaryClient;
+        this.legacyClient = config.legacyClient;
+    }
+    /**
+     * Create a payment order for a specific ISV merchant.
+     *
+     * Sends a POST /checkout/v2/orders?merchantId={merchantId} request.
+     * The `Idempotency-Key` header is sent on every call but Viva does NOT appear
+     * to deduplicate server-side as of 2026-04-25 (probe: same key → two different
+     * orderCodes). Local dedup via `viva_transaction` row is the authoritative
+     * dedup mechanism. Header retained for forward-compat only.
+     *
+     * Input validation (throws VivaValidationError before HTTP call):
+     *   - amountMinor must be > 0 (per plan P15)
+     *   - currencyCode must be a valid 3-digit numeric string (per plan P15)
+     *
+     * Non-idempotent: does not retry on 4xx/5xx (only connection-level errors).
+     *
+     * @see references/viva-docs/md/payment-isv-api.txt:1
+     * @see references/viva-docs/md/isv-partner-program.txt:61 (P14 idempotency)
+     * @see references/viva-docs/md/isv-partner-program.txt:83 (P15 amounts)
+     */
+    async createOrder(req, opts) {
+        // Local validation per P14 and P15
+        if (req.amount <= 0n) {
+            throw new VivaValidationError({
+                message: `createOrder: amountMinor must be > 0, got ${req.amount}`,
+            });
+        }
+        if (!isValidCurrencyCode(req.currencyCode)) {
+            throw new VivaValidationError({
+                message: `createOrder: currencyCode must be a 3-digit numeric string (ISO 4217), got "${req.currencyCode}"`,
+            });
+        }
+        // Resolve URL per mode. Throws VivaValidationError in ISV mode if
+        // merchantId is missing. In merchant mode `opts.merchantId` is silently
+        // ignored — back-compat for adapters that still pass it.
+        const { path, query } = buildOrderCreateUrl(this.mode, opts.merchantId);
+        // Build wire body: convert bigint amount to number for JSON.
+        // Amount in minor units is always within safe integer range for real payments.
+        const wireBody = {
+            amount: req.amount, // bigintSafeStringify in client handles this
+            currencyCode: Number(req.currencyCode), // Viva expects numeric currency code as number
+        };
+        if (req.merchantTrns !== undefined)
+            wireBody['merchantTrns'] = req.merchantTrns;
+        if (req.customerTrns !== undefined)
+            wireBody['customerTrns'] = req.customerTrns;
+        if (req.customerEmail !== undefined)
+            wireBody['email'] = req.customerEmail;
+        if (req.customerPhone !== undefined)
+            wireBody['phone'] = req.customerPhone;
+        if (req.customerFullName !== undefined)
+            wireBody['fullName'] = req.customerFullName;
+        if (req.successUrl !== undefined)
+            wireBody['successUrl'] = req.successUrl;
+        if (req.failureUrl !== undefined)
+            wireBody['failureUrl'] = req.failureUrl;
+        if (req.tags !== undefined)
+            wireBody['tags'] = req.tags;
+        if (req.sourceCode !== undefined)
+            wireBody['sourceCode'] = req.sourceCode;
+        if (req.paymentTimeoutSeconds !== undefined)
+            wireBody['paymentTimeout'] = req.paymentTimeoutSeconds;
+        if (req.preselectedPaymentMethod !== undefined)
+            wireBody['preselectedPaymentMethod'] = req.preselectedPaymentMethod;
+        // ISV-only: `isvAmount` only emitted in ISV mode. Strip in merchant mode
+        // even if caller passed it (forward-compat shim for shared adapter code).
+        if (this.mode === 'isv' && req.isvAmount !== undefined) {
+            wireBody['isvAmount'] = req.isvAmount;
+        }
+        const raw = await this.client.request({
+            method: 'POST',
+            path,
+            query,
+            body: wireBody,
+            idempotencyKey: opts.idempotencyKey,
+            idempotent: false, // per plan Auth Flow line 319
+            endpoint: `POST ${path}`,
+        });
+        return { orderCode: raw.OrderCode };
+    }
+    /**
+     * Retrieve transaction details for a specific ISV merchant transaction.
+     *
+     * Per Viva docs, this SHOULD be called before updating any local transaction
+     * status on receipt of a webhook. Validates orderCode and statusId from Viva.
+     *
+     * Idempotent: safe to retry on 429 and 5xx.
+     *
+     * Path + auth verified 2026-04-25 (F3):
+     *   `GET /checkout/v2/transactions/{transactionId}` with OAuth2 Bearer → correct.
+     *   404 error envelope shape: `{"status": 404, "message": null, "eventId": "0"}`.
+     *   Note: `message` can be null — handle defensively.
+     *
+     * 401 → reseller fallback (D15) — kept DEFENSIVE:
+     *   If the primary OAuth2 client receives a 401 and secondaryClient is configured,
+     *   the request is retried once with the secondary (Reseller basic-auth) client.
+     *   A 401 from the secondary surfaces immediately as VivaAuthError — no further retry.
+     *   The primary path is verified working; fallback is defensive for edge-case tenants.
+     *
+     * @see references/viva-docs/md/webhooks-for-payments.txt:248 (retrieve before update)
+     * @see references/viva-docs/md/payment-isv-api.txt:1
+     * @see references/viva-docs/md/isv-credentials.txt:107 (reseller basic-auth)
+     * @see docs/plans/vendure-plugin-v0.md §D15 (reseller fallback scope)
+     */
+    async retrieveTransaction(transactionId, opts = {}) {
+        // Resolve URL per mode. In merchant mode `opts.merchantId` is silently
+        // ignored. In ISV mode it is required.
+        const { path, query } = buildTransactionRetrieveUrl(this.mode, transactionId, opts.merchantId);
+        const endpointTemplate = this.mode === 'isv'
+            ? 'GET /checkout/v2/isv/transactions/{transactionId}'
+            : 'GET /checkout/v2/transactions/{transactionId}';
+        const requestOpts = {
+            method: 'GET',
+            path,
+            query,
+            idempotent: true,
+            endpoint: endpointTemplate,
+        };
+        // Viva API returns PascalCase field names (e.g. OrderCode, StatusId).
+        // We normalize to camelCase matching RetrieveTransactionResponse.
+        // The bigint-safe parser in IsvHttpClient already converts OrderCode to bigint.
+        let raw;
+        try {
+            raw = await this.client.request(requestOpts);
+        }
+        catch (err) {
+            // 401 → reseller fallback (D15). Only attempt if secondaryClient is present.
+            // A 401 from the secondary surfaces immediately — no further retry.
+            // @see docs/plans/vendure-plugin-v0.md §D15
+            // @see references/viva-docs/md/isv-credentials.txt:107
+            if (err instanceof VivaAuthError && err.httpStatus === 401 && this.secondaryClient) {
+                raw = await this.secondaryClient.request(requestOpts);
+            }
+            else {
+                throw err;
+            }
+        }
+        // Normalize: accept both PascalCase (wire) and camelCase (normalized) field names.
+        // @see references/viva-docs/md/account-api.txt:1584 (OrderCode: long)
+        const orderCode = (raw['orderCode'] ?? raw['OrderCode']);
+        const cardNumber = raw['cardNumber'] ?? raw['CardNumber'];
+        const cardTypeId = raw['cardTypeId'] ?? raw['CardTypeId'];
+        const email = raw['email'] ?? raw['Email'];
+        const fullName = raw['fullName'] ?? raw['FullName'];
+        const merchantTrns = raw['merchantTrns'] ?? raw['MerchantTrns'];
+        const customerTrns = raw['customerTrns'] ?? raw['CustomerTrns'];
+        const connectedAccountId = raw['connectedAccountId'] ?? raw['ConnectedAccountId'];
+        // Derive cardType (string scheme name) from Viva's numeric cardTypeId.
+        // Pure mapping via resolveCardType — undefined when id is absent, a
+        // sentinel (Invalid/Unknown), or otherwise unmapped.
+        // @see ../types/card-types.ts
+        // @see ../refunds/strategy.ts (consumer)
+        const cardType = typeof cardTypeId === 'number' ? resolveCardType(cardTypeId) : undefined;
+        // Build with conditional optional fields to satisfy exactOptionalPropertyTypes.
+        // (Cannot assign to readonly Partial<> properties so we use spread.)
+        return {
+            transactionId: (raw['transactionId'] ?? raw['TransactionId']),
+            orderCode,
+            statusId: (raw['statusId'] ?? raw['StatusId']),
+            amount: BigInt((raw['amount'] ?? raw['Amount']) ?? 0),
+            currencyCode: (raw['currencyCode'] ?? raw['CurrencyCode']),
+            merchantId: (raw['merchantId'] ?? raw['MerchantId']),
+            parentId: (raw['parentId'] ?? raw['ParentId']) ?? null,
+            insDate: (raw['insDate'] ?? raw['InsDate'] ?? ''),
+            transactionTypeId: (raw['transactionTypeId'] ?? raw['TransactionTypeId']) ?? 0,
+            ...(typeof cardNumber === 'string' ? { cardNumber } : {}),
+            ...(typeof cardTypeId === 'number' ? { cardTypeId } : {}),
+            ...(cardType !== undefined ? { cardType } : {}),
+            ...(typeof email === 'string' ? { email } : {}),
+            ...(typeof fullName === 'string' ? { fullName } : {}),
+            ...(typeof merchantTrns === 'string' ? { merchantTrns } : {}),
+            ...(typeof customerTrns === 'string' ? { customerTrns } : {}),
+            ...(typeof connectedAccountId === 'string' ? { connectedAccountId } : {}),
+        };
+    }
+    /**
+     * Issue a full or partial refund for a captured transaction.
+     *
+     * IMPORTANT — probe-verified 2026-04-25 (F1):
+     *   Viva returns 405 Method Not Allowed on `POST /checkout/v2/transactions/{id}`
+     *   (the v2/OAuth2 path). The ONLY working refund path is:
+     *     `POST /api/transactions/{transactionId}` on the LEGACY HOST
+     *     (`demo.vivapayments.com` / `www.vivapayments.com`) with Basic auth
+     *     (MerchantId:ApiKey) and form-urlencoded body.
+     *
+     *   This method calls `legacyClient` DIRECTLY. The 401-fallback (D15) does NOT
+     *   apply here — Viva returns 405 (not 401) on the v2 path, so no fallback
+     *   could ever trigger.
+     *
+     *   If `legacyClient` is not configured (absent from constructor), this method
+     *   throws VivaValidationError with code VIVA_REFUND_REJECTED indicating that
+     *   the basic-auth credentials are required and missing.
+     *
+     * Per plan P18:
+     *   - Full refund: omit amountMinor (no Amount in form body per Viva convention).
+     *   - Partial refund: provide amountMinor > 0 (Amount sent in form body).
+     *   - ISV fee reverses automatically on refund (per isv-partner-program.txt:296).
+     *   - Failed refund (4xx) surfaces as VivaApiError; payment NOT marked refunded.
+     *
+     * Non-idempotent: does not retry on 4xx/5xx.
+     *
+     * Viva response fields (PascalCase, mapped to camelCase):
+     *   StatusId → statusId, Amount → amount, TransactionId → transactionId.
+     *
+     * @see references/viva-docs/md/tut-create-recurring-payment.txt:288 (legacy path + basic auth)
+     * @see references/viva-docs/md/isv-partner-program.txt:296 (ISV fee reversal on refund)
+     * @see references/viva-docs/md/merchant-id-and-api-key.txt:1 (basic auth credentials)
+     */
+    async refundPayment(transactionId, opts) {
+        // Local validation per P18
+        if (opts.amountMinor !== undefined && opts.amountMinor <= 0n) {
+            throw new VivaValidationError({
+                message: `refundPayment: amountMinor must be > 0 when specified, got ${opts.amountMinor}`,
+            });
+        }
+        // legacyClient REQUIRED for refund (F1 — probe-verified 2026-04-25).
+        if (!this.legacyClient) {
+            throw new VivaValidationError({
+                message: 'refundPayment requires a legacyClient (Basic auth with MerchantId + ApiKey). ' +
+                    'Configure VIVA_MERCHANT_ID and VIVA_API_KEY in plugin options. ' +
+                    'Viva returns 405 on the v2/OAuth2 refund path (probe-verified 2026-04-25).',
+            });
+        }
+        // Build form-urlencoded body.
+        // - Amount: send only for partial refund; omit for full refund per Viva convention.
+        // - SourceCode: defaults to 'Default'.
+        // @see references/viva-docs/md/tut-create-recurring-payment.txt:288
+        const formBody = {
+            SourceCode: opts.sourceCode ?? 'Default',
+        };
+        if (opts.amountMinor !== undefined) {
+            // Viva legacy endpoint expects amount in minor units as integer.
+            formBody['Amount'] = opts.amountMinor;
+        }
+        const result = await this.legacyClient.request({
+            method: 'POST',
+            path: `/api/transactions/${transactionId}`,
+            formBody,
+            idempotent: false, // non-idempotent POST — no 4xx/5xx retry
+            endpoint: 'POST /api/transactions/{transactionId}',
+        });
+        const raw = result.data;
+        // Map PascalCase → camelCase and return typed RefundResponse.
+        return {
+            transactionId: (raw.TransactionId ?? transactionId),
+            ...(raw.StatusId !== undefined ? { statusId: raw.StatusId } : {}),
+            ...(raw.Amount !== undefined ? { amount: BigInt(raw.Amount) } : {}),
+        };
+    }
+    /**
+     * Cancel an order that has not yet been paid.
+     *
+     * Idempotent per Viva docs: calling cancel on an already-cancelled or
+     * captured order returns the existing Viva response without error.
+     *
+     * Per plan P18: cancellation triggers webhook 4865 (Order Updated).
+     *
+     * Path: `DELETE /checkout/v2/orders/{orderCode}?merchantId={merchantId}` (OAuth2).
+     *
+     * UNVERIFIED against live sandbox as of 2026-04-25 probe. Only
+     * cancel-transaction (refund/reverse) was tested; cancel-order was not.
+     * Kept on v2/OAuth2 + 401-fallback path defensively.
+     *
+     * 401 → reseller fallback (D15) — kept DEFENSIVE:
+     *   If the primary OAuth2 client receives a 401 and secondaryClient is configured,
+     *   the request is retried once with the secondary (Reseller basic-auth) client.
+     *   A 401 from the secondary surfaces immediately as VivaAuthError — no further retry.
+     *
+     * Note: if cancelOrder already succeeded on Viva's side before any 401 is
+     * observed, a 4xx from Viva on a subsequent attempt signals the order is
+     * already cancelled (idempotent). The fallback does NOT apply to non-401
+     * errors — those propagate as VivaApiError unchanged.
+     *
+     * @see references/viva-docs/md/payment-isv-api.txt:1
+     * @see references/viva-docs/md/webhooks-for-payments.txt:205 (4865 Order Updated)
+     * @see references/viva-docs/md/isv-credentials.txt:107 (reseller basic-auth)
+     * @see docs/plans/vendure-plugin-v0.md §D15 (reseller fallback scope)
+     */
+    async cancelOrder(orderCode, opts = {}) {
+        // Resolve URL per mode. In merchant mode `opts.merchantId` is silently
+        // ignored. In ISV mode it is required.
+        const { path, query } = buildOrderCancelUrl(this.mode, orderCode, opts.merchantId);
+        const requestOpts = {
+            method: 'DELETE',
+            path,
+            query,
+            idempotent: true, // idempotent per Viva docs
+            endpoint: 'DELETE /checkout/v2/orders/{orderCode}',
+        };
+        let raw;
+        try {
+            raw = await this.client.request(requestOpts);
+        }
+        catch (err) {
+            // 401 → reseller fallback (D15). Only attempt if secondaryClient is present.
+            // A 401 from the secondary surfaces immediately — no further retry.
+            // @see docs/plans/vendure-plugin-v0.md §D15
+            // @see references/viva-docs/md/isv-credentials.txt:107
+            if (err instanceof VivaAuthError && err.httpStatus === 401 && this.secondaryClient) {
+                raw = await this.secondaryClient.request(requestOpts);
+            }
+            else {
+                throw err;
+            }
+        }
+        return {
+            orderCode: raw.OrderCode,
+            errorCode: raw.ErrorCode,
+            errorText: raw.ErrorText,
+        };
+    }
+}
+//# sourceMappingURL=client.js.map

package/dist/payments/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/payments/client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4DG;AAeH,OAAO,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACxE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E;;;;;;;GAOG;AACH,SAAS,mBAAmB,CAAC,IAAY;IACvC,OAAO,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AA+CD;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,IAAkB,EAAE,UAA8B;IAC7E,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,UAAU;YACb,OAAO,EAAE,IAAI,EAAE,qBAAqB,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QACpD,KAAK,KAAK;YACR,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,MAAM,IAAI,mBAAmB,CAAC;oBAC5B,OAAO,EAAE,qDAAqD;iBAC/D,CAAC,CAAC;YACL,CAAC;YACD,OAAO,EAAE,IAAI,EAAE,yBAAyB,EAAE,KAAK,EAAE,EAAE,UAAU,EAAE,EAAE,CAAC;IACtE,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,2BAA2B,CAClC,IAAkB,EAClB,aAAqB,EACrB,UAA8B;IAE9B,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,UAAU;YACb,OAAO,EAAE,IAAI,EAAE,6BAA6B,aAAa,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAC3E,KAAK,KAAK;YACR,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,MAAM,IAAI,mBAAmB,CAAC;oBAC5B,OAAO,EAAE,6DAA6D;iBACvE,CAAC,CAAC;YACL,CAAC;YACD,OAAO;gBACL,IAAI,EAAE,iCAAiC,aAAa,EAAE;gBACtD,KAAK,EAAE,EAAE,UAAU,EAAE;aACtB,CAAC;IACN,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAC1B,IAAkB,EAClB,SAAmC,EACnC,UAA8B;IAE9B,MAAM,IAAI,GAAG,uBAAuB,SAAS,EAAE,CAAC;IAChD,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,UAAU;YACb,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAC7B,KAAK,KAAK;YACR,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,MAAM,IAAI,mBAAmB,CAAC;oBAC5B,OAAO,EAAE,qDAAqD;iBAC/D,CAAC,CAAC;YACL,CAAC;YACD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,UAAU,EAAE,EAAE,CAAC;IAC3C,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,WAAW;AACX,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,OAAO,QAAQ;IACF,IAAI,CAAe;IACnB,MAAM,CAAgB;IACtB,eAAe,CAA4B;IAC3C,YAAY,CAA8B;IAE3D,YAAY,MAAsB;QAChC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QACxB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5B,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC;QAC9C,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;IAC1C,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACH,KAAK,CAAC,WAAW,CACf,GAAuB,EACvB,IAAyD;QAEzD,mCAAmC;QACnC,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YACrB,MAAM,IAAI,mBAAmB,CAAC;gBAC5B,OAAO,EAAE,6CAA6C,GAAG,CAAC,MAAM,EAAE;aACnE,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;YAC3C,MAAM,IAAI,mBAAmB,CAAC;gBAC5B,OAAO,EAAE,+EAA+E,GAAG,CAAC,YAAY,GAAG;aAC5G,CAAC,CAAC;QACL,CAAC;QAED,kEAAkE;QAClE,wEAAwE;QACxE,yDAAyD;QACzD,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAExE,6DAA6D;QAC7D,+EAA+E;QAC/E,MAAM,QAAQ,GAA4B;YACxC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,6CAA6C;YACjE,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,+CAA+C;SACxF,CAAC;QACF,IAAI,GAAG,CAAC,YAAY,KAAK,SAAS;YAAE,QAAQ,CAAC,cAAc,CAAC,GAAG,GAAG,CAAC,YAAY,CAAC;QAChF,IAAI,GAAG,CAAC,YAAY,KAAK,SAAS;YAAE,QAAQ,CAAC,cAAc,CAAC,GAAG,GAAG,CAAC,YAAY,CAAC;QAChF,IAAI,GAAG,CAAC,aAAa,KAAK,SAAS;YAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,GAAG,CAAC,aAAa,CAAC;QAC3E,IAAI,GAAG,CAAC,aAAa,KAAK,SAAS;YAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,GAAG,CAAC,aAAa,CAAC;QAC3E,IAAI,GAAG,CAAC,gBAAgB,KAAK,SAAS;YAAE,QAAQ,CAAC,UAAU,CAAC,GAAG,GAAG,CAAC,gBAAgB,CAAC;QACpF,IAAI,GAAG,CAAC,UAAU,KAAK,SAAS;YAAE,QAAQ,CAAC,YAAY,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC;QAC1E,IAAI,GAAG,CAAC,UAAU,KAAK,SAAS;YAAE,QAAQ,CAAC,YAAY,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC;QAC1E,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS;YAAE,QAAQ,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC;QACxD,IAAI,GAAG,CAAC,UAAU,KAAK,SAAS;YAAE,QAAQ,CAAC,YAAY,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC;QAC1E,IAAI,GAAG,CAAC,qBAAqB,KAAK,SAAS;YAAE,QAAQ,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC,qBAAqB,CAAC;QACpG,IAAI,GAAG,CAAC,wBAAwB,KAAK,SAAS;YAAE,QAAQ,CAAC,0BAA0B,CAAC,GAAG,GAAG,CAAC,wBAAwB,CAAC;QACpH,yEAAyE;QACzE,0EAA0E;QAC1E,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,IAAI,GAAG,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YACvD,QAAQ,CAAC,WAAW,CAAC,GAAG,GAAG,CAAC,SAAS,CAAC;QACxC,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAA2B;YAC9D,MAAM,EAAE,MAAM;YACd,IAAI;YACJ,KAAK;YACL,IAAI,EAAE,QAAQ;YACd,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,UAAU,EAAE,KAAK,EAAE,8BAA8B;YACjD,QAAQ,EAAE,QAAQ,IAAI,EAAE;SACzB,CAAC,CAAC;QAEH,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC;IACtC,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,KAAK,CAAC,mBAAmB,CACvB,aAA4B,EAC5B,OAAoC,EAAE;QAEtC,uEAAuE;QACvE,uCAAuC;QACvC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,2BAA2B,CACjD,IAAI,CAAC,IAAI,EACT,aAAa,EACb,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,MAAM,gBAAgB,GACpB,IAAI,CAAC,IAAI,KAAK,KAAK;YACjB,CAAC,CAAC,mDAAmD;YACrD,CAAC,CAAC,+CAA+C,CAAC;QAEtD,MAAM,WAAW,GAAG;YAClB,MAAM,EAAE,KAAc;YACtB,IAAI;YACJ,KAAK;YACL,UAAU,EAAE,IAAI;YAChB,QAAQ,EAAE,gBAAgB;SAC3B,CAAC;QAEF,sEAAsE;QACtE,kEAAkE;QAClE,gFAAgF;QAChF,IAAI,GAA4B,CAAC;QACjC,IAAI,CAAC;YACH,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAA0B,WAAW,CAAC,CAAC;QACxE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,6EAA6E;YAC7E,oEAAoE;YACpE,4CAA4C;YAC5C,uDAAuD;YACvD,IAAI,GAAG,YAAY,aAAa,IAAI,GAAG,CAAC,UAAU,KAAK,GAAG,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBACnF,GAAG,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAA0B,WAAW,CAAC,CAAC;YACjF,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC;QAED,mFAAmF;QACnF,sEAAsE;QACtE,MAAM,SAAS,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,GAAG,CAAC,WAAW,CAAC,CAAc,CAAC;QACtE,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC;QAC1D,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC;QAC1D,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;QACpD,MAAM,YAAY,GAAG,GAAG,CAAC,cAAc,CAAC,IAAI,GAAG,CAAC,cAAc,CAAC,CAAC;QAChE,MAAM,YAAY,GAAG,GAAG,CAAC,cAAc,CAAC,IAAI,GAAG,CAAC,cAAc,CAAC,CAAC;QAChE,MAAM,kBAAkB,GAAG,GAAG,CAAC,oBAAoB,CAAC,IAAI,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAElF,uEAAuE;QACvE,oEAAoE;QACpE,qDAAqD;QACrD,8BAA8B;QAC9B,yCAAyC;QACzC,MAAM,QAAQ,GACZ,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE3E,gFAAgF;QAChF,qEAAqE;QACrE,OAAO;YACL,aAAa,EAAE,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,GAAG,CAAC,eAAe,CAAC,CAAkB;YAC9E,SAAS;YACT,QAAQ,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,CAAW;YACxD,MAAM,EAAE,MAAM,CAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAqB,IAAI,CAAC,CAAe;YACxF,YAAY,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,GAAG,CAAC,cAAc,CAAC,CAA6C;YACtG,UAAU,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,YAAY,CAAC,CAAW;YAC9D,QAAQ,EAAG,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,CAAsC,IAAI,IAAI;YAC5F,OAAO,EAAE,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,CAAW;YAC3D,iBAAiB,EAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAY,IAAI,CAAC;YAC1F,GAAG,CAAC,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACzD,GAAG,CAAC,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACzD,GAAG,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,OAAO,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrD,GAAG,CAAC,OAAO,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7D,GAAG,CAAC,OAAO,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7D,GAAG,CAAC,OAAO,kBAAkB,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,kBAAkB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC1E,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;IACH,KAAK,CAAC,aAAa,CACjB,aAA4B,EAC5B,IAKC;QAED,2BAA2B;QAC3B,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS,IAAI,IAAI,CAAC,WAAW,IAAI,EAAE,EAAE,CAAC;YAC7D,MAAM,IAAI,mBAAmB,CAAC;gBAC5B,OAAO,EAAE,8DAA8D,IAAI,CAAC,WAAW,EAAE;aAC1F,CAAC,CAAC;QACL,CAAC;QAED,qEAAqE;QACrE,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,mBAAmB,CAAC;gBAC5B,OAAO,EACL,+EAA+E;oBAC/E,iEAAiE;oBACjE,4EAA4E;aAC/E,CAAC,CAAC;QACL,CAAC;QAED,8BAA8B;QAC9B,oFAAoF;QACpF,uCAAuC;QACvC,oEAAoE;QACpE,MAAM,QAAQ,GAAyD;YACrE,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,SAAS;SACzC,CAAC;QACF,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YACnC,iEAAiE;YACjE,QAAQ,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC;QACxC,CAAC;QASD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAkB;YAC9D,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,qBAAqB,aAAa,EAAE;YAC1C,QAAQ;YACR,UAAU,EAAE,KAAK,EAAE,yCAAyC;YAC5D,QAAQ,EAAE,wCAAwC;SACnD,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC;QAExB,8DAA8D;QAC9D,OAAO;YACL,aAAa,EAAE,CAAC,GAAG,CAAC,aAAa,IAAI,aAAa,CAAkB;YACpE,GAAG,CAAC,GAAG,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjE,GAAG,CAAC,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,MAAM,CAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAClF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,KAAK,CAAC,WAAW,CACf,SAAoB,EACpB,OAAoC,EAAE;QAItC,uEAAuE;QACvE,uCAAuC;QACvC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAEnF,MAAM,WAAW,GAAG;YAClB,MAAM,EAAE,QAAiB;YACzB,IAAI;YACJ,KAAK;YACL,UAAU,EAAE,IAAa,EAAE,2BAA2B;YACtD,QAAQ,EAAE,wCAAwC;SACnD,CAAC;QAEF,IAAI,GAAc,CAAC;QACnB,IAAI,CAAC;YACH,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAY,WAAW,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,6EAA6E;YAC7E,oEAAoE;YACpE,4CAA4C;YAC5C,uDAAuD;YACvD,IAAI,GAAG,YAAY,aAAa,IAAI,GAAG,CAAC,UAAU,KAAK,GAAG,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBACnF,GAAG,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAY,WAAW,CAAC,CAAC;YACnE,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC;QAED,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,SAAS,EAAE,GAAG,CAAC,SAAS;SACzB,CAAC;IACJ,CAAC;CACF"}

package/dist/payments/index.d.ts

@@ -0,0 +1,14 @@
+/**
+ * viva-payments-core/payments — barrel export.
+ *
+ * Subpath: `viva-payments-core/payments`
+ *
+ * The Payments client wraps Viva's payment surface (createOrder,
+ * retrieveTransaction, refundPayment, cancelOrder). Constructed with an
+ * IsvHttpClient (OAuth2) and optionally a BasicAuthClient (for refund).
+ *
+ * @see references/viva-docs/md/payment-isv-api.txt:1
+ */
+export { Payments } from './client.js';
+export type { PaymentsMode, PaymentsConfig } from './client.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/payments/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/payments/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,YAAY,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC"}

package/dist/payments/index.js

@@ -0,0 +1,13 @@
+/**
+ * viva-payments-core/payments — barrel export.
+ *
+ * Subpath: `viva-payments-core/payments`
+ *
+ * The Payments client wraps Viva's payment surface (createOrder,
+ * retrieveTransaction, refundPayment, cancelOrder). Constructed with an
+ * IsvHttpClient (OAuth2) and optionally a BasicAuthClient (for refund).
+ *
+ * @see references/viva-docs/md/payment-isv-api.txt:1
+ */
+export { Payments } from './client.js';
+//# sourceMappingURL=index.js.map

package/dist/payments/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/payments/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC"}