npm - @sphoq/payments - Versions diffs - 0.1.0 - Mend

@sphoq/payments 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/client.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+import type { SphoqPaymentsOptions, CreateChargeOptions, Charge, GetChargeOptions, CancelChargeOptions, CancelChargeResult, VerifyWebhookOptions } from "./types.js";
+export declare class SphoqPayments {
+    private readonly apiKey;
+    private readonly baseUrl;
+    readonly charges: ChargesClient;
+    constructor(options: SphoqPaymentsOptions);
+    /**
+     * Verify a webhook signature to ensure it came from Sphoq.
+     *
+     * Works in both Node.js (using crypto module) and edge runtimes (using Web Crypto API).
+     */
+    static verifyWebhookSignature(options: VerifyWebhookOptions): Promise<boolean>;
+}
+declare class ChargesClient {
+    private readonly apiKey;
+    private readonly baseUrl;
+    constructor(apiKey: string, baseUrl: string);
+    create(options: CreateChargeOptions): Promise<Charge>;
+    get(options: GetChargeOptions): Promise<Charge>;
+    cancel(options: CancelChargeOptions): Promise<CancelChargeResult>;
+    private request;
+}
+export {};

package/dist/client.js ADDED Viewed

@@ -0,0 +1,92 @@
+import { SphoqApiError } from "./types.js";
+const DEFAULT_BASE_URL = "https://your-convex-deployment.convex.site";
+export class SphoqPayments {
+    apiKey;
+    baseUrl;
+    charges;
+    constructor(options) {
+        this.apiKey = options.apiKey;
+        this.baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+        this.charges = new ChargesClient(this.apiKey, this.baseUrl);
+    }
+    /**
+     * Verify a webhook signature to ensure it came from Sphoq.
+     *
+     * Works in both Node.js (using crypto module) and edge runtimes (using Web Crypto API).
+     */
+    static async verifyWebhookSignature(options) {
+        const { payload, signature, secret } = options;
+        if (!signature.startsWith("sha256="))
+            return false;
+        const expectedHex = signature.slice(7);
+        // Use Web Crypto API (works in Node 18+, Deno, Cloudflare Workers, Vercel Edge)
+        const encoder = new TextEncoder();
+        const key = await globalThis.crypto.subtle.importKey("raw", encoder.encode(secret), { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
+        const signatureBuffer = await globalThis.crypto.subtle.sign("HMAC", key, encoder.encode(payload));
+        const computedHex = Array.from(new Uint8Array(signatureBuffer))
+            .map((b) => b.toString(16).padStart(2, "0"))
+            .join("");
+        // Constant-time comparison
+        if (computedHex.length !== expectedHex.length)
+            return false;
+        let result = 0;
+        for (let i = 0; i < computedHex.length; i++) {
+            result |= computedHex.charCodeAt(i) ^ expectedHex.charCodeAt(i);
+        }
+        return result === 0;
+    }
+}
+class ChargesClient {
+    apiKey;
+    baseUrl;
+    constructor(apiKey, baseUrl) {
+        this.apiKey = apiKey;
+        this.baseUrl = baseUrl;
+    }
+    async create(options) {
+        const body = {
+            amount: options.amount,
+            description: options.description,
+        };
+        if (options.externalId)
+            body.externalId = options.externalId;
+        if (options.customer)
+            body.customer = options.customer;
+        if (options.expirationSeconds)
+            body.expirationSeconds = options.expirationSeconds;
+        if (options.metadata)
+            body.metadata = options.metadata;
+        return this.request("/v1/charges", body);
+    }
+    async get(options) {
+        if (!options.id && !options.externalId) {
+            throw new Error("Either id or externalId is required");
+        }
+        const body = {};
+        if (options.id)
+            body.id = options.id;
+        if (options.externalId)
+            body.externalId = options.externalId;
+        return this.request("/v1/charges/get", body);
+    }
+    async cancel(options) {
+        return this.request("/v1/charges/cancel", {
+            id: options.id,
+        });
+    }
+    async request(path, body) {
+        const response = await fetch(`${this.baseUrl}${path}`, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                Authorization: `Bearer ${this.apiKey}`,
+            },
+            body: JSON.stringify(body),
+        });
+        const data = await response.json();
+        if (!response.ok) {
+            throw new SphoqApiError(data.error ?? "Request failed", response.status, data);
+        }
+        return data;
+    }
+}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { SphoqPayments } from "./client.js";
+export { SphoqApiError } from "./types.js";
+export type { SphoqPaymentsOptions, CreateChargeOptions, Charge, GetChargeOptions, CancelChargeOptions, CancelChargeResult, WebhookPayload, VerifyWebhookOptions, } from "./types.js";

package/dist/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { SphoqPayments } from "./client.js";
2	+ export { SphoqApiError } from "./types.js";

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,60 @@
+export interface SphoqPaymentsOptions {
+    apiKey: string;
+    baseUrl?: string;
+}
+export interface CreateChargeOptions {
+    amount: number;
+    description: string;
+    externalId?: string;
+    customer?: {
+        name?: string;
+        email?: string;
+        cpf?: string;
+    };
+    expirationSeconds?: number;
+    metadata?: Record<string, unknown>;
+}
+export interface Charge {
+    id: string;
+    externalId?: string;
+    amount: number;
+    currency: string;
+    description: string;
+    status: "pending" | "paid" | "expired" | "cancelled";
+    txid: string;
+    pixCopiaECola?: string;
+    qrCode?: string;
+    customerName?: string;
+    customerEmail?: string;
+    paidAt?: number;
+    endToEndId?: string;
+    metadata?: Record<string, unknown>;
+    createdAt: number;
+    expiresAt: number;
+}
+export interface GetChargeOptions {
+    id?: string;
+    externalId?: string;
+}
+export interface CancelChargeOptions {
+    id: string;
+}
+export interface CancelChargeResult {
+    id: string;
+    status: "cancelled";
+}
+export interface WebhookPayload {
+    type: "charge.paid" | "charge.expired" | "charge.cancelled";
+    data: Charge;
+    createdAt: number;
+}
+export interface VerifyWebhookOptions {
+    payload: string;
+    signature: string;
+    secret: string;
+}
+export declare class SphoqApiError extends Error {
+    readonly statusCode: number;
+    readonly body: unknown;
+    constructor(message: string, statusCode: number, body?: unknown);
+}

package/dist/types.js ADDED Viewed

@@ -0,0 +1,10 @@
+export class SphoqApiError extends Error {
+    statusCode;
+    body;
+    constructor(message, statusCode, body) {
+        super(message);
+        this.name = "SphoqApiError";
+        this.statusCode = statusCode;
+        this.body = body;
+    }
+}

package/package.json ADDED Viewed

@@ -0,0 +1,24 @@
+{
+  "name": "@sphoq/payments",
+  "version": "0.1.0",
+  "description": "Sphoq Payments SDK — integrate PIX payment processing into your app",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": ["dist"],
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch"
+  },
+  "keywords": ["sphoq", "pix", "payments", "brazil", "efibank", "convex"],
+  "license": "MIT",
+  "devDependencies": {
+    "typescript": "^5.9.0"
+  }
+}