@tagadapay/plugin-sdk 3.1.24 → 3.1.25

package/dist/v2/core/client.js

@@ -527,6 +527,7 @@ export class TagadaClient {
                 utmSource: urlParams.utmSource,
                 utmMedium: urlParams.utmMedium,
                 utmCampaign: urlParams.utmCampaign,
+                gclid: urlParams.gclid,
                 browser: deviceInfo.userAgent.browser.name,
                 browserVersion: deviceInfo.userAgent.browser.version,
                 os: deviceInfo.userAgent.os.name,

package/dist/v2/core/funnelClient.d.ts

@@ -106,6 +106,14 @@ export interface PaymentMethodConfig {
     method: string;
     /** Provider / processor family */
     provider: string;
+    /** e.g. 'apm' for alternative payment methods, 'card', etc. */
+    type?: string;
+    /** Display label for the payment method */
+    label?: string;
+    /** URL to the payment method's logo */
+    logoUrl?: string;
+    /** Human-readable description shown to the customer */
+    description?: string;
     /** Render as express checkout button above the form */
     express?: boolean;
     /** Card routing via payment flow (cascade, fraud, processor selection) */

package/dist/v2/core/funnelClient.js

@@ -714,7 +714,7 @@ export class FunnelClient {
                 if (this.config.debugMode) {
                     console.log('🚀 [FunnelClient] Auto-redirecting to:', result.url, '(skipped session refresh - next page will initialize)');
                 }
-                window.location.href = result.url;
+                window.location.replace(result.url);
             }
             return result;
         }

package/dist/v2/core/resources/apiClient.d.ts

@@ -1,12 +1,12 @@
 /**
- * Base API Client using Axios
+ * Base API Client using native fetch
  * Shared between all resource clients
  */
-import { AxiosInstance, AxiosRequestConfig } from 'axios';
-declare module 'axios' {
-    interface AxiosRequestConfig {
-        skipAuth?: boolean;
-    }
+export interface RequestConfig {
+    headers?: Record<string, string>;
+    skipAuth?: boolean;
+    params?: Record<string, string>;
+    signal?: AbortSignal;
 }
 export interface ApiClientConfig {
     baseURL: string;
@@ -15,7 +15,9 @@ export interface ApiClientConfig {
 }
 export type TokenProvider = () => Promise<string | null>;
 export declare class ApiClient {
-    axios: AxiosInstance;
+    private baseURL;
+    private timeout;
+    private defaultHeaders;
     private currentToken;
     private tokenProvider;
     private requestHistory;
@@ -23,18 +25,20 @@ export declare class ApiClient {
     private readonly MAX_REQUESTS;
     constructor(config: ApiClientConfig);
     setTokenProvider(provider: TokenProvider): void;
-    get<T = unknown>(url: string, config?: AxiosRequestConfig): Promise<T>;
-    post<T = unknown>(url: string, data?: unknown, config?: AxiosRequestConfig): Promise<T>;
-    put<T = unknown>(url: string, data?: unknown, config?: AxiosRequestConfig): Promise<T>;
-    patch<T = unknown>(url: string, data?: unknown, config?: AxiosRequestConfig): Promise<T>;
-    delete<T = unknown>(url: string, config?: AxiosRequestConfig): Promise<T>;
+    get<T = unknown>(url: string, config?: RequestConfig): Promise<T>;
+    post<T = unknown>(url: string, data?: unknown, config?: RequestConfig): Promise<T>;
+    put<T = unknown>(url: string, data?: unknown, config?: RequestConfig): Promise<T>;
+    patch<T = unknown>(url: string, data?: unknown, config?: RequestConfig): Promise<T>;
+    delete<T = unknown>(url: string, config?: RequestConfig): Promise<T>;
     setHeader(key: string, value: string): void;
     removeHeader(key: string): void;
     updateToken(token: string | null): void;
     getCurrentToken(): string | null;
     updateConfig(config: Partial<ApiClientConfig>): void;
+    private request;
+    /** Convert a non-ok fetch response into the appropriate TagadaError subclass. */
+    private toTagadaError;
+    private safeParseJson;
     private checkRequestLimit;
     private cleanupHistory;
-    /** Convert an AxiosError into the appropriate TagadaError subclass. */
-    private toTagadaError;
 }

package/dist/v2/core/resources/apiClient.js

@@ -1,8 +1,7 @@
 /**
- * Base API Client using Axios
+ * Base API Client using native fetch
  * Shared between all resource clients
  */
-import axios from 'axios';
 import { TagadaApiError, TagadaAuthError, TagadaNetworkError, TagadaCircuitBreakerError, TagadaError, TagadaErrorCode, } from '../errors';
 export class ApiClient {
     constructor(config) {
@@ -12,67 +11,16 @@ export class ApiClient {
         this.requestHistory = new Map();
         this.WINDOW_MS = 5000; // 5 seconds window
         this.MAX_REQUESTS = 30; // Max 30 requests per endpoint in window
-        this.axios = axios.create({
-            baseURL: config.baseURL,
-            timeout: config.timeout || 60000, // 60 seconds for payment operations
-            headers: {
-                'Content-Type': 'application/json',
-                ...config.headers,
-            },
-        });
+        this.baseURL = config.baseURL;
+        this.timeout = config.timeout || 60000; // 60 seconds for payment operations
+        this.defaultHeaders = {
+            'Content-Type': 'application/json',
+            ...config.headers,
+        };
         // Cleanup interval for circuit breaker history
         if (typeof setInterval !== 'undefined') {
             setInterval(() => this.cleanupHistory(), 10000);
         }
-        // Request interceptor for logging and auth
-        this.axios.interceptors.request.use(async (config) => {
-            // Circuit Breaker Check
-            if (config.url) {
-                try {
-                    this.checkRequestLimit(`${config.method?.toUpperCase()}:${config.url}`);
-                }
-                catch (error) {
-                    console.error('[SDK] 🛑 Request blocked by Circuit Breaker:', error);
-                    return Promise.reject(error);
-                }
-            }
-            // Check if we need to wait for token
-            if (!config.skipAuth && !this.currentToken && this.tokenProvider) {
-                try {
-                    console.log('[SDK] Waiting for token...');
-                    const token = await this.tokenProvider();
-                    if (token) {
-                        this.updateToken(token);
-                        // Ensure header is set on this specific request config
-                        config.headers['x-cms-token'] = token;
-                    }
-                }
-                catch (error) {
-                    console.error('[SDK] Failed to get token from provider:', error);
-                }
-            }
-            // Ensure token is in headers if we have it (and not skipped)
-            if (!config.skipAuth && this.currentToken) {
-                config.headers['x-cms-token'] = this.currentToken;
-            }
-            console.log(`[SDK] Making ${config.method?.toUpperCase()} request to: ${config.baseURL || ''}${config.url}`);
-            // console.log('[SDK] Request headers:', config.headers);
-            return config;
-        }, (error) => {
-            console.error('[SDK] Request error:', error);
-            return Promise.reject(error instanceof Error ? error : new Error(String(error)));
-        });
-        // Response interceptor — maps Axios errors to structured TagadaError subtypes
-        this.axios.interceptors.response.use((response) => response, (error) => {
-            console.error('[SDK] Response error:', error.message);
-            if (error instanceof TagadaError) {
-                return Promise.reject(error);
-            }
-            if (axios.isAxiosError(error)) {
-                return Promise.reject(this.toTagadaError(error));
-            }
-            return Promise.reject(error instanceof Error ? error : new Error(String(error)));
-        });
     }
     // Set a provider that returns a promise resolving to the token
     // This allows requests to wait until the token is ready
@@ -81,31 +29,26 @@ export class ApiClient {
     }
     // Convenience methods
     async get(url, config) {
-        const response = await this.axios.get(url, config);
-        return response.data;
+        return this.request('GET', url, undefined, config);
     }
     async post(url, data, config) {
-        const response = await this.axios.post(url, data, config);
-        return response.data;
+        return this.request('POST', url, data, config);
     }
     async put(url, data, config) {
-        const response = await this.axios.put(url, data, config);
-        return response.data;
+        return this.request('PUT', url, data, config);
     }
     async patch(url, data, config) {
-        const response = await this.axios.patch(url, data, config);
-        return response.data;
+        return this.request('PATCH', url, data, config);
     }
     async delete(url, config) {
-        const response = await this.axios.delete(url, config);
-        return response.data;
+        return this.request('DELETE', url, undefined, config);
     }
     // Update headers (useful for auth tokens)
     setHeader(key, value) {
-        this.axios.defaults.headers.common[key] = value;
+        this.defaultHeaders[key] = value;
     }
     removeHeader(key) {
-        delete this.axios.defaults.headers.common[key];
+        delete this.defaultHeaders[key];
     }
     // Token management methods (matching old ApiService pattern)
     updateToken(token) {
@@ -125,59 +68,106 @@ export class ApiClient {
     // Update configuration (useful for environment changes)
     updateConfig(config) {
         if (config.baseURL) {
-            this.axios.defaults.baseURL = config.baseURL;
+            this.baseURL = config.baseURL;
         }
         if (config.timeout) {
-            this.axios.defaults.timeout = config.timeout;
+            this.timeout = config.timeout;
         }
         if (config.headers) {
-            Object.assign(this.axios.defaults.headers.common, config.headers);
+            Object.assign(this.defaultHeaders, config.headers);
         }
         console.log('[SDK] ApiClient configuration updated');
     }
-    // Circuit Breaker Implementation
-    checkRequestLimit(key) {
-        const now = Date.now();
-        const history = this.requestHistory.get(key);
-        if (!history) {
-            this.requestHistory.set(key, { count: 1, firstRequestTime: now });
-            return;
+    // ---- Core request method ----
+    async request(method, url, data, config) {
+        const requestKey = `${method}:${url}`;
+        // Circuit Breaker Check
+        try {
+            this.checkRequestLimit(requestKey);
         }
-        if (now - history.firstRequestTime > this.WINDOW_MS) {
-            // Window expired, reset
-            this.requestHistory.set(key, { count: 1, firstRequestTime: now });
-            return;
+        catch (error) {
+            console.error('[SDK] 🛑 Request blocked by Circuit Breaker:', error);
+            throw error;
         }
-        history.count++;
-        if (history.count > this.MAX_REQUESTS) {
-            throw new TagadaCircuitBreakerError(`Circuit Breaker: Too many requests to ${key} (${history.count} in ${this.WINDOW_MS}ms)`);
+        // Token injection
+        if (!config?.skipAuth && !this.currentToken && this.tokenProvider) {
+            try {
+                console.log('[SDK] Waiting for token...');
+                const token = await this.tokenProvider();
+                if (token) {
+                    this.updateToken(token);
+                }
+            }
+            catch (error) {
+                console.error('[SDK] Failed to get token from provider:', error);
+            }
         }
-    }
-    cleanupHistory() {
-        const now = Date.now();
-        for (const [key, history] of this.requestHistory.entries()) {
-            if (now - history.firstRequestTime > this.WINDOW_MS) {
-                this.requestHistory.delete(key);
+        // Build headers
+        const headers = { ...this.defaultHeaders };
+        if (config?.headers) {
+            Object.assign(headers, config.headers);
+        }
+        if (!config?.skipAuth && this.currentToken) {
+            headers['x-cms-token'] = this.currentToken;
+        }
+        // Build URL
+        let fullUrl = `${this.baseURL}${url}`;
+        if (config?.params) {
+            const searchParams = new URLSearchParams(config.params);
+            fullUrl += `?${searchParams.toString()}`;
+        }
+        console.log(`[SDK] Making ${method} request to: ${fullUrl}`);
+        // Timeout via AbortController
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+        // Merge signals if caller provided one
+        const signal = config?.signal
+            ? anySignal([config.signal, controller.signal])
+            : controller.signal;
+        try {
+            const fetchOptions = {
+                method,
+                headers,
+                signal,
+            };
+            if (data !== undefined) {
+                fetchOptions.body = JSON.stringify(data);
+            }
+            const response = await fetch(fullUrl, fetchOptions);
+            if (!response.ok) {
+                const errorData = await this.safeParseJson(response);
+                throw this.toTagadaError(response.status, errorData, response.statusText);
             }
+            const responseData = await response.json();
+            return responseData;
         }
-    }
-    /** Convert an AxiosError into the appropriate TagadaError subclass. */
-    toTagadaError(error) {
-        const status = error.response?.status;
-        const data = error.response?.data;
-        const serverMessage = data?.message ??
-            data?.error ??
-            error.message;
-        // No response at all → network-level failure
-        if (!error.response) {
-            if (error.code === 'ECONNABORTED') {
-                return new TagadaApiError('Request timed out', 0, {
+        catch (error) {
+            if (error instanceof TagadaError) {
+                throw error;
+            }
+            // AbortError → timeout (from our controller) or caller abort
+            if (error instanceof DOMException && error.name === 'AbortError') {
+                throw new TagadaApiError('Request timed out', 0, {
                     code: TagadaErrorCode.TIMEOUT,
                     retryable: true,
                 });
             }
-            return new TagadaNetworkError(serverMessage);
+            // TypeError → network failure (DNS, CORS, offline, etc.)
+            if (error instanceof TypeError) {
+                throw new TagadaNetworkError(error.message);
+            }
+            throw error instanceof Error ? error : new Error(String(error));
         }
+        finally {
+            clearTimeout(timeoutId);
+        }
+    }
+    // ---- Error mapping ----
+    /** Convert a non-ok fetch response into the appropriate TagadaError subclass. */
+    toTagadaError(status, data, statusText) {
+        const serverMessage = data?.message ??
+            data?.error ??
+            statusText;
         // Auth failures
         if (status === 401 || status === 403) {
             return new TagadaAuthError(serverMessage, status);
@@ -197,10 +187,62 @@ export class ApiClient {
             });
         }
         // Generic API error
-        return new TagadaApiError(serverMessage, status ?? 0, {
+        return new TagadaApiError(serverMessage, status, {
             code: data?.code ?? TagadaErrorCode.API_ERROR,
             details: data,
-            retryable: (status ?? 0) >= 500,
+            retryable: status >= 500,
+        });
+    }
+    // ---- Helpers ----
+    async safeParseJson(response) {
+        try {
+            return await response.json();
+        }
+        catch {
+            return undefined;
+        }
+    }
+    // Circuit Breaker Implementation
+    checkRequestLimit(key) {
+        const now = Date.now();
+        const history = this.requestHistory.get(key);
+        if (!history) {
+            this.requestHistory.set(key, { count: 1, firstRequestTime: now });
+            return;
+        }
+        if (now - history.firstRequestTime > this.WINDOW_MS) {
+            // Window expired, reset
+            this.requestHistory.set(key, { count: 1, firstRequestTime: now });
+            return;
+        }
+        history.count++;
+        if (history.count > this.MAX_REQUESTS) {
+            throw new TagadaCircuitBreakerError(`Circuit Breaker: Too many requests to ${key} (${history.count} in ${this.WINDOW_MS}ms)`);
+        }
+    }
+    cleanupHistory() {
+        const now = Date.now();
+        for (const [key, history] of this.requestHistory.entries()) {
+            if (now - history.firstRequestTime > this.WINDOW_MS) {
+                this.requestHistory.delete(key);
+            }
+        }
+    }
+}
+/**
+ * Combine multiple AbortSignals into one that aborts when any input signal aborts.
+ */
+function anySignal(signals) {
+    const controller = new AbortController();
+    for (const signal of signals) {
+        if (signal.aborted) {
+            controller.abort(signal.reason);
+            return controller.signal;
+        }
+        signal.addEventListener('abort', () => controller.abort(signal.reason), {
+            once: true,
+            signal: controller.signal,
         });
     }
+    return controller.signal;
 }

package/dist/v2/core/resources/checkout.d.ts

@@ -4,7 +4,7 @@
  */
 import type { OrderAddress } from '../types';
 import { ApiClient } from './apiClient';
-export type PaymentMethodName = 'paypal' | 'card' | 'klarna' | 'zelle';
+export type PaymentMethodName = 'card' | 'paypal' | 'klarna' | 'apple_pay' | 'google_pay' | 'link' | 'bridge' | 'whop' | 'zelle' | 'hipay' | 'crypto' | 'convesiopay' | 'oceanpayment' | 'afterpay' | 'ideal' | 'bancontact' | 'giropay' | 'sepa_debit' | (string & {});
 export interface CheckoutLineItem {
     externalProductId?: string | null;
     externalVariantId?: string | null;

package/dist/v2/core/resources/index.d.ts

@@ -1,6 +1,6 @@
 /**
  * Resource Clients
- * Axios-based API clients for all endpoints
+ * Fetch-based API clients for all endpoints
  */
 export * from './apiClient';
 export * from './checkout';

package/dist/v2/core/resources/index.js

@@ -1,6 +1,6 @@
 /**
  * Resource Clients
- * Axios-based API clients for all endpoints
+ * Fetch-based API clients for all endpoints
  */
 export * from './apiClient';
 export * from './checkout';

package/dist/v2/core/resources/offers.js

@@ -44,7 +44,7 @@ export class OffersResource {
      *   - Use lineItemId for precise updates (same product, different variants)
      *   - Use productId for simple updates (all items with this product)
      */
-    async previewOffer(offerId, currency = 'USD', lineItems) {
+    async previewOffer(offerId, currency = '', lineItems) {
         console.log('📡 [OffersResource] Calling preview API:', {
             offerId,
             currency,
@@ -68,7 +68,7 @@ export class OffersResource {
      * @param returnUrl - Optional return URL for checkout
      * @param mainOrderId - Optional main order ID (for upsells)
      */
-    async payPreviewedOffer(offerId, currency = 'USD', lineItems, returnUrl, mainOrderId) {
+    async payPreviewedOffer(offerId, currency = '', lineItems, returnUrl, mainOrderId) {
         console.log('💳 [OffersResource] Calling pay-preview API:', {
             offerId,
             currency,
@@ -96,7 +96,7 @@ export class OffersResource {
      * @param returnUrl - Optional return URL for checkout
      * @param mainOrderId - Optional main order ID
      */
-    async toCheckout(offerId, currency = 'USD', lineItems, returnUrl, mainOrderId) {
+    async toCheckout(offerId, currency = '', lineItems, returnUrl, mainOrderId) {
         console.log('🛒 [OffersResource] Calling to-checkout API:', {
             offerId,
             currency,
@@ -218,7 +218,7 @@ export class OffersResource {
      *
      * // By the time page loads, background processing is usually complete
      */
-    async toCheckoutAsync(offerId, currency = 'USD', lineItems, returnUrl, mainOrderId) {
+    async toCheckoutAsync(offerId, currency = '', lineItems, returnUrl, mainOrderId) {
         console.log('🛒 [OffersResource] Calling to-checkout-async API:', {
             offerId,
             currency,

package/dist/v2/core/resources/payments.d.ts

@@ -279,6 +279,7 @@ export declare class PaymentsResource {
         error?: string;
     }>;
     saveRadarSession(data: {
+        paymentId?: string;
         orderId?: string;
         checkoutSessionId?: string;
         finixRadarSessionId?: string;

package/dist/v2/core/utils/currency.d.ts

@@ -7,6 +7,8 @@ export interface Currency {
     symbol: string;
     name: string;
     decimalPlaces: number;
+    /** True when the currency was explicitly set via URL param or persisted storage (not a SDK/store default) */
+    isExplicit: boolean;
 }
 /**
  * Format money amount from minor units (cents) to a formatted string
@@ -27,6 +29,7 @@ export declare class CurrencyUtils {
      * Get currency from context or fallback to default
      */
     static getCurrency(context: any, defaultCurrency?: string): Currency;
+    private static getCookieValue;
     /**
      * Get currency symbol
      */

package/dist/v2/core/utils/currency.js

@@ -47,9 +47,25 @@ export class CurrencyUtils {
      * Get currency from context or fallback to default
      */
     static getCurrency(context, defaultCurrency = 'USD') {
-        // Handle case where context.currency might be a Currency object or string
         let currencyCode;
-        if (typeof context?.currency === 'string') {
+        let isExplicit = false;
+        // 1. URL ?currency= param takes highest priority (set by CRM preview, storefront links, or currency selector)
+        const urlCurrency = typeof window !== 'undefined'
+            ? new URLSearchParams(window.location.search).get('currency')
+            : null;
+        // 2. Persisted tgd_currency from storage/cookie (survives navigation between funnel steps)
+        const storedCurrency = typeof window !== 'undefined'
+            ? (localStorage.getItem('tgd_currency') || CurrencyUtils.getCookieValue('tgd_currency'))
+            : null;
+        if (urlCurrency) {
+            currencyCode = urlCurrency.toUpperCase();
+            isExplicit = true;
+        }
+        else if (storedCurrency) {
+            currencyCode = storedCurrency.toUpperCase();
+            isExplicit = true;
+        }
+        else if (typeof context?.currency === 'string') {
             currencyCode = context.currency;
         }
         else if (context?.currency?.code) {
@@ -61,13 +77,35 @@ export class CurrencyUtils {
         else {
             currencyCode = defaultCurrency;
         }
+        // Validate against store's presentment currencies when available.
+        // This catches both explicit overrides (URL/storage) and fallback values that
+        // reference a currency the store doesn't support.
+        const presentment = context?.store?.presentmentCurrencies;
+        if (presentment?.length && !presentment.includes(currencyCode)) {
+            console.warn(`[CurrencyUtils] Currency "${currencyCode}" is not in store presentmentCurrencies [${presentment.join(', ')}]. Falling back to ${presentment[0]}.`);
+            currencyCode = presentment[0];
+            // Update persisted storage so subsequent renders don't keep requesting the unsupported currency
+            if (isExplicit && typeof window !== 'undefined') {
+                try {
+                    localStorage.setItem('tgd_currency', currencyCode);
+                }
+                catch { }
+            }
+        }
         return {
             code: currencyCode,
             symbol: this.getCurrencySymbol(currencyCode),
             name: this.getCurrencyName(currencyCode),
             decimalPlaces: this.getDecimalPlaces(currencyCode),
+            isExplicit,
         };
     }
+    static getCookieValue(name) {
+        if (typeof document === 'undefined')
+            return null;
+        const match = document.cookie.match(new RegExp(`(?:^|; )${name}=([^;]*)`));
+        return match ? decodeURIComponent(match[1]) : null;
+    }
     /**
      * Get currency symbol
      */

package/dist/v2/core/utils/deviceInfo.d.ts

@@ -43,4 +43,5 @@ export declare function getUrlParams(): {
     utmSource?: string;
     utmMedium?: string;
     utmCampaign?: string;
+    gclid?: string;
 };

package/dist/v2/core/utils/deviceInfo.js

@@ -202,5 +202,6 @@ export function getUrlParams() {
         utmSource: params.get('utm_source') || undefined,
         utmMedium: params.get('utm_medium') || undefined,
         utmCampaign: params.get('utm_campaign') || undefined,
+        gclid: params.get('gclid') || undefined,
     };
 }

package/dist/v2/core/utils/previewMode.js

@@ -360,6 +360,18 @@ function persistSDKParamsFromURL() {
     if (urlBaseUrl) {
         setClientBaseUrl(urlBaseUrl);
     }
+    // Persist currency if in URL (survives navigation between funnel steps)
+    const urlCurrency = urlParams.get('currency');
+    if (urlCurrency) {
+        setInStorage(STORAGE_KEYS.CURRENCY, urlCurrency.toUpperCase());
+        setInCookie(STORAGE_KEYS.CURRENCY, urlCurrency.toUpperCase(), 86400);
+    }
+    // Persist locale if in URL
+    const urlLocale = urlParams.get('locale');
+    if (urlLocale) {
+        setInStorage(STORAGE_KEYS.LOCALE, urlLocale);
+        setInCookie(STORAGE_KEYS.LOCALE, urlLocale, 86400);
+    }
 }
 /**
  * Set funnel tracking mode in storage for persistence