@ton-pay/api 0.1.0 → 0.1.2

package/README.md

@@ -1,6 +1,6 @@
 # @ton-pay/api
 
-Core API functions for TonPay SDK - create transfers, check status, and verify webhooks.
+Core API functions for TON Pay SDK - create transfers, check status, and verify webhooks.
 
 ## Documentation
 
@@ -24,12 +24,12 @@ import {
   USDT,
 } from "@ton-pay/api";
 
-// Create a TonPay transfer
+// Create a TON Pay transfer
 const transfer = await createTonPayTransfer(
   {
     amount: 10.5,
     asset: TON,
-    recipientAddr: "EQC...",
+    recipientAddr: "EQC...", // Optional if API key is provided
     senderAddr: "EQC...",
     commentToSender: "Payment for order #123",
     commentToRecipient: "Thank you!",

package/dist/index.d.mts

@@ -165,7 +165,7 @@ declare const TON = "TON";
 /**
  * Verifies the HMAC-SHA256 signature of a payload
  * @param payload - Raw JSON string or object to verify
- * @param signature - The signature from X-TonPay-Signature header
+ * @param signature - The signature from X-TON Pay-Signature header
  * @param apiSecret - Your TON Pay webhook API secret
  * @returns true if signature is valid, false otherwise
  *

package/dist/index.d.ts

@@ -165,7 +165,7 @@ declare const TON = "TON";
 /**
  * Verifies the HMAC-SHA256 signature of a payload
  * @param payload - Raw JSON string or object to verify
- * @param signature - The signature from X-TonPay-Signature header
+ * @param signature - The signature from X-TON Pay-Signature header
  * @param apiSecret - Your TON Pay webhook API secret
  * @returns true if signature is valid, false otherwise
  *

package/dist/index.js

@@ -1,4 +1,4 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }// src/common/const.ts
+"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { newObj[key] = obj[key]; } } } newObj.default = obj; return newObj; } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }// src/common/const.ts
 var BASE_URL = "https://tonpay.tech";
 var TESTNET_BASE_URL = "https://testnet.tonpay.tech";
 
@@ -72,12 +72,11 @@ var USDT = "EQCxE6mUtQJKFnGfaROTKOt1lZbDiiX1kCixRv7Nw2Id_sDs";
 var TON = "TON";
 
 // src/utils/verify-signature.ts
-var _crypto = require('crypto');
+var _cryptojs = require('crypto-js'); var CryptoJS = _interopRequireWildcard(_cryptojs);
 function verifySignature(payload, signature, apiSecret) {
   const payloadString = typeof payload === "string" ? payload : JSON.stringify(payload);
-  const hmac = _crypto.createHmac.call(void 0, "sha256", apiSecret);
-  hmac.update(payloadString);
-  const expectedSignature = `sha256=${hmac.digest("hex")}`;
+  const hmac = CryptoJS.HmacSHA256(payloadString, apiSecret);
+  const expectedSignature = `sha256=${hmac.toString(CryptoJS.enc.Hex)}`;
   return signature === expectedSignature;
 }
 

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["/Users/ilya/work/tpn/ton-pay/packages/api/dist/index.js","../src/common/const.ts","../src/common/get-base-url.ts","../src/create-ton-pay-transfer/create-ton-pay-transfer.ts","../src/get-ton-pay-transfer/get-ton-pay-transfer-by-body-hash.ts","../src/get-ton-pay-transfer/get-ton-pay-transfer-by-reference.ts","../src/common/assets.ts","../src/utils/verify-signature.ts"],"names":[],"mappings":"AAAA;ACAO,IAAM,SAAA,EAAW,qBAAA;AACjB,IAAM,iBAAA,EAAmB,6BAAA;ADEhC;AACA;AEDO,IAAM,WAAA,EAAa,CAAC,KAAA,EAAA,GAAkB;AAE3C,EAAA,GAAA,CAAI,OAAA,CAAQ,GAAA,CAAI,eAAA,EAAiB;AAC/B,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,eAAA;AAAA,EACrB;AACA,EAAA,GAAA,CAAI,CAAC,MAAA,GAAS,MAAA,IAAU,SAAA,EAAW;AACjC,IAAA,OAAO,QAAA;AAAA,EACT;AACA,EAAA,OAAO,gBAAA;AACT,CAAA;AFEA;AACA;AGHO,IAAM,qBAAA,EAAuB,MAAA,CAClC,MAAA,EACA,OAAA,EAAA,GAC0C;AAC1C,EAAA,MAAM,QAAA,EAAU,UAAA,iBAAW,OAAA,2BAAS,OAAK,CAAA;AACzC,EAAA,MAAM,QAAA,EAAU;AAAA,IACd,cAAA,EAAgB,kBAAA;AAAA,IAChB,mBAAI,OAAA,6BAAS,SAAA,EAAS,EAAE,WAAA,EAAa,OAAA,CAAQ,OAAO,EAAA,EAAI,CAAC;AAAA,EAC3D,CAAA;AACA,EAAA,MAAM,SAAA,EAAW,MAAM,KAAA,CAAM,CAAA,EAAA;AACnB,IAAA;AACmB,IAAA;AAC3B,IAAA;AACD,EAAA;AACiB,EAAA;AACA,IAAA;AACE,MAAA;AACjB,IAAA;AACH,EAAA;AACqB,EAAA;AACvB;AHEgC;AACA;AIxBnB;AAIgB,EAAA;AACJ,EAAA;AACX,IAAA;AACV,IAAA;AACU,MAAA;AACV,IAAA;AACF,EAAA;AACkB,EAAA;AACA,IAAA;AACE,MAAA;AACjB,IAAA;AACH,EAAA;AACqB,EAAA;AACvB;AJuBgC;AACA;AKzCnB;AAIgB,EAAA;AACJ,EAAA;AACX,IAAA;AACV,IAAA;AACU,MAAA;AACV,IAAA;AACF,EAAA;AACkB,EAAA;AACA,IAAA;AACE,MAAA;AACjB,IAAA;AACH,EAAA;AACqB,EAAA;AACvB;ALwCgC;AACA;AMrEZ;AACD;ANuEa;AACA;AOzEL;AAsCzB;AAKS,EAAA;AAEe,EAAA;AACC,EAAA;AACC,EAAA;AAEL,EAAA;AACvB;APgCgC;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/Users/ilya/work/tpn/ton-pay/packages/api/dist/index.js","sourcesContent":[null,"export const BASE_URL = \"https://tonpay.tech\";\nexport const TESTNET_BASE_URL = \"https://testnet.tonpay.tech\";\n","import type { Chain } from \"../types/chain\";\nimport { BASE_URL, TESTNET_BASE_URL } from \"./const\";\n\nexport const getBaseUrl = (chain?: Chain) => {\n  // only for testing. do not use in production. do not use in docs\n  if (process.env.TONPAY_BASE_URL) {\n    return process.env.TONPAY_BASE_URL;\n  }\n  if (!chain || chain === \"mainnet\") {\n    return BASE_URL;\n  }\n  return TESTNET_BASE_URL;\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CreateTonPayTransferParams } from \"../types/create-ton-pay-transfer\";\nimport type { CreateTonPayTransferResponse } from \"../types/create-ton-pay-transfer\";\n\n/**\n * Creates a message for TON Pay transfer\n * @param params - the parameters for the transfer\n * @param options - the options for the transfer\n * @returns the message for the transfer and data for tracking the transfer\n */\n\nexport const createTonPayTransfer = async (\n  params: CreateTonPayTransferParams,\n  options?: APIOptions\n): Promise<CreateTonPayTransferResponse> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const headers = {\n    \"Content-Type\": \"application/json\",\n    ...(options?.apiKey ? { \"x-api-key\": options.apiKey } : {}),\n  };\n  const response = await fetch(`${baseUrl}/api/merchant/v1/create-transfer`, {\n    method: \"POST\",\n    body: JSON.stringify(params),\n    headers,\n  });\n  if (!response.ok) {\n    throw new Error(\"Failed to create TON Pay transfer\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CompletedTonPayTransferInfo } from \"../types/completed-ton-pay-transfer-info\";\n\n/**\n * Gets a TON Pay transfer by reference\n * @param reference - the reference of the transfer\n * @param options - the options for the transfer\n * @returns the transfer information\n */\n\nexport const getTonPayTransferByBodyHash = async (\n  bodyHash: string,\n  options?: APIOptions\n): Promise<CompletedTonPayTransferInfo> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const response = await fetch(\n    `${baseUrl}/api/merchant/v1/transfer?bodyHash=${bodyHash}`,\n    {\n      method: \"GET\",\n    }\n  );\n  if (!response.ok) {\n    throw new Error(\"Failed to get TON Pay transfer by body hash\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CompletedTonPayTransferInfo } from \"../types/completed-ton-pay-transfer-info\";\n\n/**\n * Gets a TON Pay transfer by reference\n * @param reference - the reference of the transfer\n * @param options - the options for the transfer\n * @returns the transfer information\n */\n\nexport const getTonPayTransferByReference = async (\n  reference: string,\n  options?: APIOptions\n): Promise<CompletedTonPayTransferInfo> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const response = await fetch(\n    `${baseUrl}/api/merchant/v1/transfer?reference=${reference}`,\n    {\n      method: \"GET\",\n    }\n  );\n  if (!response.ok) {\n    throw new Error(\"Failed to get TON Pay transfer by reference\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","export const USDT = \"EQCxE6mUtQJKFnGfaROTKOt1lZbDiiX1kCixRv7Nw2Id_sDs\";\nexport const TON = \"TON\";\n","import { createHmac } from \"crypto\";\n\n/**\n * Verifies the HMAC-SHA256 signature of a payload\n * @param payload - Raw JSON string or object to verify\n * @param signature - The signature from X-TonPay-Signature header\n * @param apiSecret - Your TON Pay webhook API secret\n * @returns true if signature is valid, false otherwise\n *\n * @example\n * ```typescript\n * import { verifySignature } from \"@ton-pay/api\";\n *\n * // With raw string\n * app.post(\"/webhook\", (req, res) => {\n *   const signature = req.headers[\"x-tonpay-signature\"] as string;\n *   const payload = JSON.stringify(req.body);\n *\n *   if (!verifySignature(payload, signature, YOUR_API_SECRET)) {\n *     return res.status(401).json({ error: \"Invalid signature\" });\n *   }\n *\n *   res.status(200).json({ received: true });\n * });\n *\n * // With object (will be stringified automatically)\n * app.post(\"/webhook\", (req, res) => {\n *   const signature = req.headers[\"x-tonpay-signature\"] as string;\n *\n *   if (!verifySignature(req.body, signature, YOUR_API_SECRET)) {\n *     return res.status(401).json({ error: \"Invalid signature\" });\n *   }\n *\n *   res.status(200).json({ received: true });\n * });\n * ```\n */\nexport function verifySignature(\n  payload: string | object,\n  signature: string,\n  apiSecret: string\n): boolean {\n  const payloadString =\n    typeof payload === \"string\" ? payload : JSON.stringify(payload);\n\n  const hmac = createHmac(\"sha256\", apiSecret);\n  hmac.update(payloadString);\n  const expectedSignature = `sha256=${hmac.digest(\"hex\")}`;\n\n  return signature === expectedSignature;\n}\n"]}
+{"version":3,"sources":["/Users/ilya/work/tonpay/ton-pay/packages/api/dist/index.js","../src/common/const.ts","../src/common/get-base-url.ts","../src/create-ton-pay-transfer/create-ton-pay-transfer.ts","../src/get-ton-pay-transfer/get-ton-pay-transfer-by-body-hash.ts","../src/get-ton-pay-transfer/get-ton-pay-transfer-by-reference.ts","../src/common/assets.ts","../src/utils/verify-signature.ts"],"names":[],"mappings":"AAAA;ACAO,IAAM,SAAA,EAAW,qBAAA;AACjB,IAAM,iBAAA,EAAmB,6BAAA;ADEhC;AACA;AEDO,IAAM,WAAA,EAAa,CAAC,KAAA,EAAA,GAAkB;AAE3C,EAAA,GAAA,CAAI,OAAA,CAAQ,GAAA,CAAI,eAAA,EAAiB;AAC/B,IAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,eAAA;AAAA,EACrB;AACA,EAAA,GAAA,CAAI,CAAC,MAAA,GAAS,MAAA,IAAU,SAAA,EAAW;AACjC,IAAA,OAAO,QAAA;AAAA,EACT;AACA,EAAA,OAAO,gBAAA;AACT,CAAA;AFEA;AACA;AGHO,IAAM,qBAAA,EAAuB,MAAA,CAClC,MAAA,EACA,OAAA,EAAA,GAC0C;AAC1C,EAAA,MAAM,QAAA,EAAU,UAAA,iBAAW,OAAA,2BAAS,OAAK,CAAA;AACzC,EAAA,MAAM,QAAA,EAAU;AAAA,IACd,cAAA,EAAgB,kBAAA;AAAA,IAChB,mBAAI,OAAA,6BAAS,SAAA,EAAS,EAAE,WAAA,EAAa,OAAA,CAAQ,OAAO,EAAA,EAAI,CAAC;AAAA,EAC3D,CAAA;AACA,EAAA,MAAM,SAAA,EAAW,MAAM,KAAA,CAAM,CAAA,EAAA;AACnB,IAAA;AACmB,IAAA;AAC3B,IAAA;AACD,EAAA;AACiB,EAAA;AACA,IAAA;AACE,MAAA;AACjB,IAAA;AACH,EAAA;AACqB,EAAA;AACvB;AHEgC;AACA;AIxBnB;AAIgB,EAAA;AACJ,EAAA;AACX,IAAA;AACV,IAAA;AACU,MAAA;AACV,IAAA;AACF,EAAA;AACkB,EAAA;AACA,IAAA;AACE,MAAA;AACjB,IAAA;AACH,EAAA;AACqB,EAAA;AACvB;AJuBgC;AACA;AKzCnB;AAIgB,EAAA;AACJ,EAAA;AACX,IAAA;AACV,IAAA;AACU,MAAA;AACV,IAAA;AACF,EAAA;AACkB,EAAA;AACA,IAAA;AACE,MAAA;AACjB,IAAA;AACH,EAAA;AACqB,EAAA;AACvB;ALwCgC;AACA;AMrEZ;AACD;ANuEa;AACA;AOzEN;AAsCxB;AAKS,EAAA;AAEa,EAAA;AACI,EAAA;AAEL,EAAA;AACvB;APgCgC;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/Users/ilya/work/tonpay/ton-pay/packages/api/dist/index.js","sourcesContent":[null,"export const BASE_URL = \"https://tonpay.tech\";\nexport const TESTNET_BASE_URL = \"https://testnet.tonpay.tech\";\n","import type { Chain } from \"../types/chain\";\nimport { BASE_URL, TESTNET_BASE_URL } from \"./const\";\n\nexport const getBaseUrl = (chain?: Chain) => {\n  // only for testing. do not use in production. do not use in docs\n  if (process.env.TONPAY_BASE_URL) {\n    return process.env.TONPAY_BASE_URL;\n  }\n  if (!chain || chain === \"mainnet\") {\n    return BASE_URL;\n  }\n  return TESTNET_BASE_URL;\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CreateTonPayTransferParams } from \"../types/create-ton-pay-transfer\";\nimport type { CreateTonPayTransferResponse } from \"../types/create-ton-pay-transfer\";\n\n/**\n * Creates a message for TON Pay transfer\n * @param params - the parameters for the transfer\n * @param options - the options for the transfer\n * @returns the message for the transfer and data for tracking the transfer\n */\n\nexport const createTonPayTransfer = async (\n  params: CreateTonPayTransferParams,\n  options?: APIOptions\n): Promise<CreateTonPayTransferResponse> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const headers = {\n    \"Content-Type\": \"application/json\",\n    ...(options?.apiKey ? { \"x-api-key\": options.apiKey } : {}),\n  };\n  const response = await fetch(`${baseUrl}/api/merchant/v1/create-transfer`, {\n    method: \"POST\",\n    body: JSON.stringify(params),\n    headers,\n  });\n  if (!response.ok) {\n    throw new Error(\"Failed to create TON Pay transfer\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CompletedTonPayTransferInfo } from \"../types/completed-ton-pay-transfer-info\";\n\n/**\n * Gets a TON Pay transfer by reference\n * @param reference - the reference of the transfer\n * @param options - the options for the transfer\n * @returns the transfer information\n */\n\nexport const getTonPayTransferByBodyHash = async (\n  bodyHash: string,\n  options?: APIOptions\n): Promise<CompletedTonPayTransferInfo> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const response = await fetch(\n    `${baseUrl}/api/merchant/v1/transfer?bodyHash=${bodyHash}`,\n    {\n      method: \"GET\",\n    }\n  );\n  if (!response.ok) {\n    throw new Error(\"Failed to get TON Pay transfer by body hash\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CompletedTonPayTransferInfo } from \"../types/completed-ton-pay-transfer-info\";\n\n/**\n * Gets a TON Pay transfer by reference\n * @param reference - the reference of the transfer\n * @param options - the options for the transfer\n * @returns the transfer information\n */\n\nexport const getTonPayTransferByReference = async (\n  reference: string,\n  options?: APIOptions\n): Promise<CompletedTonPayTransferInfo> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const response = await fetch(\n    `${baseUrl}/api/merchant/v1/transfer?reference=${reference}`,\n    {\n      method: \"GET\",\n    }\n  );\n  if (!response.ok) {\n    throw new Error(\"Failed to get TON Pay transfer by reference\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","export const USDT = \"EQCxE6mUtQJKFnGfaROTKOt1lZbDiiX1kCixRv7Nw2Id_sDs\";\nexport const TON = \"TON\";\n","import * as CryptoJS from \"crypto-js\";\n\n/**\n * Verifies the HMAC-SHA256 signature of a payload\n * @param payload - Raw JSON string or object to verify\n * @param signature - The signature from X-TON Pay-Signature header\n * @param apiSecret - Your TON Pay webhook API secret\n * @returns true if signature is valid, false otherwise\n *\n * @example\n * ```typescript\n * import { verifySignature } from \"@ton-pay/api\";\n *\n * // With raw string\n * app.post(\"/webhook\", (req, res) => {\n *   const signature = req.headers[\"x-tonpay-signature\"] as string;\n *   const payload = JSON.stringify(req.body);\n *\n *   if (!verifySignature(payload, signature, YOUR_API_SECRET)) {\n *     return res.status(401).json({ error: \"Invalid signature\" });\n *   }\n *\n *   res.status(200).json({ received: true });\n * });\n *\n * // With object (will be stringified automatically)\n * app.post(\"/webhook\", (req, res) => {\n *   const signature = req.headers[\"x-tonpay-signature\"] as string;\n *\n *   if (!verifySignature(req.body, signature, YOUR_API_SECRET)) {\n *     return res.status(401).json({ error: \"Invalid signature\" });\n *   }\n *\n *   res.status(200).json({ received: true });\n * });\n * ```\n */\nexport function verifySignature(\n  payload: string | object,\n  signature: string,\n  apiSecret: string\n): boolean {\n  const payloadString =\n    typeof payload === \"string\" ? payload : JSON.stringify(payload);\n\n  const hmac = CryptoJS.HmacSHA256(payloadString, apiSecret);\n  const expectedSignature = `sha256=${hmac.toString(CryptoJS.enc.Hex)}`;\n\n  return signature === expectedSignature;\n}\n"]}

package/dist/index.mjs

@@ -72,12 +72,11 @@ var USDT = "EQCxE6mUtQJKFnGfaROTKOt1lZbDiiX1kCixRv7Nw2Id_sDs";
 var TON = "TON";
 
 // src/utils/verify-signature.ts
-import { createHmac } from "crypto";
+import * as CryptoJS from "crypto-js";
 function verifySignature(payload, signature, apiSecret) {
   const payloadString = typeof payload === "string" ? payload : JSON.stringify(payload);
-  const hmac = createHmac("sha256", apiSecret);
-  hmac.update(payloadString);
-  const expectedSignature = `sha256=${hmac.digest("hex")}`;
+  const hmac = CryptoJS.HmacSHA256(payloadString, apiSecret);
+  const expectedSignature = `sha256=${hmac.toString(CryptoJS.enc.Hex)}`;
   return signature === expectedSignature;
 }
 export {

package/dist/index.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/common/const.ts","../src/common/get-base-url.ts","../src/create-ton-pay-transfer/create-ton-pay-transfer.ts","../src/get-ton-pay-transfer/get-ton-pay-transfer-by-body-hash.ts","../src/get-ton-pay-transfer/get-ton-pay-transfer-by-reference.ts","../src/common/assets.ts","../src/utils/verify-signature.ts"],"sourcesContent":["export const BASE_URL = \"https://tonpay.tech\";\nexport const TESTNET_BASE_URL = \"https://testnet.tonpay.tech\";\n","import type { Chain } from \"../types/chain\";\nimport { BASE_URL, TESTNET_BASE_URL } from \"./const\";\n\nexport const getBaseUrl = (chain?: Chain) => {\n  // only for testing. do not use in production. do not use in docs\n  if (process.env.TONPAY_BASE_URL) {\n    return process.env.TONPAY_BASE_URL;\n  }\n  if (!chain || chain === \"mainnet\") {\n    return BASE_URL;\n  }\n  return TESTNET_BASE_URL;\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CreateTonPayTransferParams } from \"../types/create-ton-pay-transfer\";\nimport type { CreateTonPayTransferResponse } from \"../types/create-ton-pay-transfer\";\n\n/**\n * Creates a message for TON Pay transfer\n * @param params - the parameters for the transfer\n * @param options - the options for the transfer\n * @returns the message for the transfer and data for tracking the transfer\n */\n\nexport const createTonPayTransfer = async (\n  params: CreateTonPayTransferParams,\n  options?: APIOptions\n): Promise<CreateTonPayTransferResponse> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const headers = {\n    \"Content-Type\": \"application/json\",\n    ...(options?.apiKey ? { \"x-api-key\": options.apiKey } : {}),\n  };\n  const response = await fetch(`${baseUrl}/api/merchant/v1/create-transfer`, {\n    method: \"POST\",\n    body: JSON.stringify(params),\n    headers,\n  });\n  if (!response.ok) {\n    throw new Error(\"Failed to create TON Pay transfer\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CompletedTonPayTransferInfo } from \"../types/completed-ton-pay-transfer-info\";\n\n/**\n * Gets a TON Pay transfer by reference\n * @param reference - the reference of the transfer\n * @param options - the options for the transfer\n * @returns the transfer information\n */\n\nexport const getTonPayTransferByBodyHash = async (\n  bodyHash: string,\n  options?: APIOptions\n): Promise<CompletedTonPayTransferInfo> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const response = await fetch(\n    `${baseUrl}/api/merchant/v1/transfer?bodyHash=${bodyHash}`,\n    {\n      method: \"GET\",\n    }\n  );\n  if (!response.ok) {\n    throw new Error(\"Failed to get TON Pay transfer by body hash\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CompletedTonPayTransferInfo } from \"../types/completed-ton-pay-transfer-info\";\n\n/**\n * Gets a TON Pay transfer by reference\n * @param reference - the reference of the transfer\n * @param options - the options for the transfer\n * @returns the transfer information\n */\n\nexport const getTonPayTransferByReference = async (\n  reference: string,\n  options?: APIOptions\n): Promise<CompletedTonPayTransferInfo> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const response = await fetch(\n    `${baseUrl}/api/merchant/v1/transfer?reference=${reference}`,\n    {\n      method: \"GET\",\n    }\n  );\n  if (!response.ok) {\n    throw new Error(\"Failed to get TON Pay transfer by reference\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","export const USDT = \"EQCxE6mUtQJKFnGfaROTKOt1lZbDiiX1kCixRv7Nw2Id_sDs\";\nexport const TON = \"TON\";\n","import { createHmac } from \"crypto\";\n\n/**\n * Verifies the HMAC-SHA256 signature of a payload\n * @param payload - Raw JSON string or object to verify\n * @param signature - The signature from X-TonPay-Signature header\n * @param apiSecret - Your TON Pay webhook API secret\n * @returns true if signature is valid, false otherwise\n *\n * @example\n * ```typescript\n * import { verifySignature } from \"@ton-pay/api\";\n *\n * // With raw string\n * app.post(\"/webhook\", (req, res) => {\n *   const signature = req.headers[\"x-tonpay-signature\"] as string;\n *   const payload = JSON.stringify(req.body);\n *\n *   if (!verifySignature(payload, signature, YOUR_API_SECRET)) {\n *     return res.status(401).json({ error: \"Invalid signature\" });\n *   }\n *\n *   res.status(200).json({ received: true });\n * });\n *\n * // With object (will be stringified automatically)\n * app.post(\"/webhook\", (req, res) => {\n *   const signature = req.headers[\"x-tonpay-signature\"] as string;\n *\n *   if (!verifySignature(req.body, signature, YOUR_API_SECRET)) {\n *     return res.status(401).json({ error: \"Invalid signature\" });\n *   }\n *\n *   res.status(200).json({ received: true });\n * });\n * ```\n */\nexport function verifySignature(\n  payload: string | object,\n  signature: string,\n  apiSecret: string\n): boolean {\n  const payloadString =\n    typeof payload === \"string\" ? payload : JSON.stringify(payload);\n\n  const hmac = createHmac(\"sha256\", apiSecret);\n  hmac.update(payloadString);\n  const expectedSignature = `sha256=${hmac.digest(\"hex\")}`;\n\n  return signature === expectedSignature;\n}\n"],"mappings":";AAAO,IAAM,WAAW;AACjB,IAAM,mBAAmB;;;ACEzB,IAAM,aAAa,CAAC,UAAkB;AAE3C,MAAI,QAAQ,IAAI,iBAAiB;AAC/B,WAAO,QAAQ,IAAI;AAAA,EACrB;AACA,MAAI,CAAC,SAAS,UAAU,WAAW;AACjC,WAAO;AAAA,EACT;AACA,SAAO;AACT;;;ACAO,IAAM,uBAAuB,OAClC,QACA,YAC0C;AAC1C,QAAM,UAAU,WAAW,SAAS,KAAK;AACzC,QAAM,UAAU;AAAA,IACd,gBAAgB;AAAA,IAChB,GAAI,SAAS,SAAS,EAAE,aAAa,QAAQ,OAAO,IAAI,CAAC;AAAA,EAC3D;AACA,QAAM,WAAW,MAAM,MAAM,GAAG,OAAO,oCAAoC;AAAA,IACzE,QAAQ;AAAA,IACR,MAAM,KAAK,UAAU,MAAM;AAAA,IAC3B;AAAA,EACF,CAAC;AACD,MAAI,CAAC,SAAS,IAAI;AAChB,UAAM,IAAI,MAAM,qCAAqC;AAAA,MACnD,OAAO,SAAS;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO,SAAS,KAAK;AACvB;;;ACrBO,IAAM,8BAA8B,OACzC,UACA,YACyC;AACzC,QAAM,UAAU,WAAW,SAAS,KAAK;AACzC,QAAM,WAAW,MAAM;AAAA,IACrB,GAAG,OAAO,sCAAsC,QAAQ;AAAA,IACxD;AAAA,MACE,QAAQ;AAAA,IACV;AAAA,EACF;AACA,MAAI,CAAC,SAAS,IAAI;AAChB,UAAM,IAAI,MAAM,+CAA+C;AAAA,MAC7D,OAAO,SAAS;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO,SAAS,KAAK;AACvB;;;ACjBO,IAAM,+BAA+B,OAC1C,WACA,YACyC;AACzC,QAAM,UAAU,WAAW,SAAS,KAAK;AACzC,QAAM,WAAW,MAAM;AAAA,IACrB,GAAG,OAAO,uCAAuC,SAAS;AAAA,IAC1D;AAAA,MACE,QAAQ;AAAA,IACV;AAAA,EACF;AACA,MAAI,CAAC,SAAS,IAAI;AAChB,UAAM,IAAI,MAAM,+CAA+C;AAAA,MAC7D,OAAO,SAAS;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO,SAAS,KAAK;AACvB;;;AC5BO,IAAM,OAAO;AACb,IAAM,MAAM;;;ACDnB,SAAS,kBAAkB;AAqCpB,SAAS,gBACd,SACA,WACA,WACS;AACT,QAAM,gBACJ,OAAO,YAAY,WAAW,UAAU,KAAK,UAAU,OAAO;AAEhE,QAAM,OAAO,WAAW,UAAU,SAAS;AAC3C,OAAK,OAAO,aAAa;AACzB,QAAM,oBAAoB,UAAU,KAAK,OAAO,KAAK,CAAC;AAEtD,SAAO,cAAc;AACvB;","names":[]}
+{"version":3,"sources":["../src/common/const.ts","../src/common/get-base-url.ts","../src/create-ton-pay-transfer/create-ton-pay-transfer.ts","../src/get-ton-pay-transfer/get-ton-pay-transfer-by-body-hash.ts","../src/get-ton-pay-transfer/get-ton-pay-transfer-by-reference.ts","../src/common/assets.ts","../src/utils/verify-signature.ts"],"sourcesContent":["export const BASE_URL = \"https://tonpay.tech\";\nexport const TESTNET_BASE_URL = \"https://testnet.tonpay.tech\";\n","import type { Chain } from \"../types/chain\";\nimport { BASE_URL, TESTNET_BASE_URL } from \"./const\";\n\nexport const getBaseUrl = (chain?: Chain) => {\n  // only for testing. do not use in production. do not use in docs\n  if (process.env.TONPAY_BASE_URL) {\n    return process.env.TONPAY_BASE_URL;\n  }\n  if (!chain || chain === \"mainnet\") {\n    return BASE_URL;\n  }\n  return TESTNET_BASE_URL;\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CreateTonPayTransferParams } from \"../types/create-ton-pay-transfer\";\nimport type { CreateTonPayTransferResponse } from \"../types/create-ton-pay-transfer\";\n\n/**\n * Creates a message for TON Pay transfer\n * @param params - the parameters for the transfer\n * @param options - the options for the transfer\n * @returns the message for the transfer and data for tracking the transfer\n */\n\nexport const createTonPayTransfer = async (\n  params: CreateTonPayTransferParams,\n  options?: APIOptions\n): Promise<CreateTonPayTransferResponse> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const headers = {\n    \"Content-Type\": \"application/json\",\n    ...(options?.apiKey ? { \"x-api-key\": options.apiKey } : {}),\n  };\n  const response = await fetch(`${baseUrl}/api/merchant/v1/create-transfer`, {\n    method: \"POST\",\n    body: JSON.stringify(params),\n    headers,\n  });\n  if (!response.ok) {\n    throw new Error(\"Failed to create TON Pay transfer\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CompletedTonPayTransferInfo } from \"../types/completed-ton-pay-transfer-info\";\n\n/**\n * Gets a TON Pay transfer by reference\n * @param reference - the reference of the transfer\n * @param options - the options for the transfer\n * @returns the transfer information\n */\n\nexport const getTonPayTransferByBodyHash = async (\n  bodyHash: string,\n  options?: APIOptions\n): Promise<CompletedTonPayTransferInfo> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const response = await fetch(\n    `${baseUrl}/api/merchant/v1/transfer?bodyHash=${bodyHash}`,\n    {\n      method: \"GET\",\n    }\n  );\n  if (!response.ok) {\n    throw new Error(\"Failed to get TON Pay transfer by body hash\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","import { getBaseUrl } from \"../common/get-base-url\";\nimport type { APIOptions } from \"../types/api-options\";\nimport type { CompletedTonPayTransferInfo } from \"../types/completed-ton-pay-transfer-info\";\n\n/**\n * Gets a TON Pay transfer by reference\n * @param reference - the reference of the transfer\n * @param options - the options for the transfer\n * @returns the transfer information\n */\n\nexport const getTonPayTransferByReference = async (\n  reference: string,\n  options?: APIOptions\n): Promise<CompletedTonPayTransferInfo> => {\n  const baseUrl = getBaseUrl(options?.chain);\n  const response = await fetch(\n    `${baseUrl}/api/merchant/v1/transfer?reference=${reference}`,\n    {\n      method: \"GET\",\n    }\n  );\n  if (!response.ok) {\n    throw new Error(\"Failed to get TON Pay transfer by reference\", {\n      cause: response.statusText,\n    });\n  }\n  return response.json();\n};\n","export const USDT = \"EQCxE6mUtQJKFnGfaROTKOt1lZbDiiX1kCixRv7Nw2Id_sDs\";\nexport const TON = \"TON\";\n","import * as CryptoJS from \"crypto-js\";\n\n/**\n * Verifies the HMAC-SHA256 signature of a payload\n * @param payload - Raw JSON string or object to verify\n * @param signature - The signature from X-TON Pay-Signature header\n * @param apiSecret - Your TON Pay webhook API secret\n * @returns true if signature is valid, false otherwise\n *\n * @example\n * ```typescript\n * import { verifySignature } from \"@ton-pay/api\";\n *\n * // With raw string\n * app.post(\"/webhook\", (req, res) => {\n *   const signature = req.headers[\"x-tonpay-signature\"] as string;\n *   const payload = JSON.stringify(req.body);\n *\n *   if (!verifySignature(payload, signature, YOUR_API_SECRET)) {\n *     return res.status(401).json({ error: \"Invalid signature\" });\n *   }\n *\n *   res.status(200).json({ received: true });\n * });\n *\n * // With object (will be stringified automatically)\n * app.post(\"/webhook\", (req, res) => {\n *   const signature = req.headers[\"x-tonpay-signature\"] as string;\n *\n *   if (!verifySignature(req.body, signature, YOUR_API_SECRET)) {\n *     return res.status(401).json({ error: \"Invalid signature\" });\n *   }\n *\n *   res.status(200).json({ received: true });\n * });\n * ```\n */\nexport function verifySignature(\n  payload: string | object,\n  signature: string,\n  apiSecret: string\n): boolean {\n  const payloadString =\n    typeof payload === \"string\" ? payload : JSON.stringify(payload);\n\n  const hmac = CryptoJS.HmacSHA256(payloadString, apiSecret);\n  const expectedSignature = `sha256=${hmac.toString(CryptoJS.enc.Hex)}`;\n\n  return signature === expectedSignature;\n}\n"],"mappings":";AAAO,IAAM,WAAW;AACjB,IAAM,mBAAmB;;;ACEzB,IAAM,aAAa,CAAC,UAAkB;AAE3C,MAAI,QAAQ,IAAI,iBAAiB;AAC/B,WAAO,QAAQ,IAAI;AAAA,EACrB;AACA,MAAI,CAAC,SAAS,UAAU,WAAW;AACjC,WAAO;AAAA,EACT;AACA,SAAO;AACT;;;ACAO,IAAM,uBAAuB,OAClC,QACA,YAC0C;AAC1C,QAAM,UAAU,WAAW,SAAS,KAAK;AACzC,QAAM,UAAU;AAAA,IACd,gBAAgB;AAAA,IAChB,GAAI,SAAS,SAAS,EAAE,aAAa,QAAQ,OAAO,IAAI,CAAC;AAAA,EAC3D;AACA,QAAM,WAAW,MAAM,MAAM,GAAG,OAAO,oCAAoC;AAAA,IACzE,QAAQ;AAAA,IACR,MAAM,KAAK,UAAU,MAAM;AAAA,IAC3B;AAAA,EACF,CAAC;AACD,MAAI,CAAC,SAAS,IAAI;AAChB,UAAM,IAAI,MAAM,qCAAqC;AAAA,MACnD,OAAO,SAAS;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO,SAAS,KAAK;AACvB;;;ACrBO,IAAM,8BAA8B,OACzC,UACA,YACyC;AACzC,QAAM,UAAU,WAAW,SAAS,KAAK;AACzC,QAAM,WAAW,MAAM;AAAA,IACrB,GAAG,OAAO,sCAAsC,QAAQ;AAAA,IACxD;AAAA,MACE,QAAQ;AAAA,IACV;AAAA,EACF;AACA,MAAI,CAAC,SAAS,IAAI;AAChB,UAAM,IAAI,MAAM,+CAA+C;AAAA,MAC7D,OAAO,SAAS;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO,SAAS,KAAK;AACvB;;;ACjBO,IAAM,+BAA+B,OAC1C,WACA,YACyC;AACzC,QAAM,UAAU,WAAW,SAAS,KAAK;AACzC,QAAM,WAAW,MAAM;AAAA,IACrB,GAAG,OAAO,uCAAuC,SAAS;AAAA,IAC1D;AAAA,MACE,QAAQ;AAAA,IACV;AAAA,EACF;AACA,MAAI,CAAC,SAAS,IAAI;AAChB,UAAM,IAAI,MAAM,+CAA+C;AAAA,MAC7D,OAAO,SAAS;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO,SAAS,KAAK;AACvB;;;AC5BO,IAAM,OAAO;AACb,IAAM,MAAM;;;ACDnB,YAAY,cAAc;AAqCnB,SAAS,gBACd,SACA,WACA,WACS;AACT,QAAM,gBACJ,OAAO,YAAY,WAAW,UAAU,KAAK,UAAU,OAAO;AAEhE,QAAM,OAAgB,oBAAW,eAAe,SAAS;AACzD,QAAM,oBAAoB,UAAU,KAAK,SAAkB,aAAI,GAAG,CAAC;AAEnE,SAAO,cAAc;AACvB;","names":[]}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@ton-pay/api",
-  "version": "0.1.0",
-  "description": "API functions for TonPay SDK",
+  "version": "0.1.2",
+  "description": "API functions for TON Pay SDK",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
   "types": "dist/index.d.ts",
@@ -31,9 +31,15 @@
     "dts": true,
     "splitting": true,
     "sourcemap": true,
-    "clean": true
+    "clean": true,
+    "platform": "browser"
+  },
+  "dependencies": {
+    "crypto-js": "^4.2.0"
+  },
+  "devDependencies": {
+    "@types/crypto-js": "^4.2.0"
   },
-  "dependencies": {},
   "peerDependencies": {},
   "keywords": [
     "ton",