@vitrindigital/node 0.1.0

package/dist/index.js

@@ -0,0 +1,426 @@
+// src/errors.ts
+var VitrinError = class extends Error {
+  statusCode;
+  body;
+  requestId;
+  constructor(message, opts = {}) {
+    super(message);
+    this.name = this.constructor.name;
+    this.statusCode = opts.statusCode;
+    this.body = opts.body;
+    this.requestId = opts.requestId;
+  }
+};
+var VitrinAuthError = class extends VitrinError {
+};
+var VitrinValidationError = class extends VitrinError {
+  fieldErrors;
+  constructor(message, opts = {}) {
+    super(message, opts);
+    this.fieldErrors = opts.fieldErrors;
+  }
+};
+var VitrinRateLimitError = class extends VitrinError {
+};
+var VitrinNotFoundError = class extends VitrinError {
+};
+var VitrinServerError = class extends VitrinError {
+};
+var VitrinNetworkError = class extends VitrinError {
+};
+
+// src/client.ts
+var DEFAULT_BASE_URL = "https://api.vitrin.digital/api/v1";
+var SDK_VERSION = "0.1.0";
+var VitrinClient = class {
+  baseUrl;
+  apiKey;
+  timeout;
+  maxRetries;
+  constructor(opts) {
+    if (!opts.apiKey) {
+      throw new Error("apiKey \xE9 obrigat\xF3rio");
+    }
+    this.apiKey = opts.apiKey;
+    this.baseUrl = (opts.baseUrl ?? DEFAULT_BASE_URL).replace(/\/+$/, "");
+    this.timeout = opts.timeout ?? 3e4;
+    this.maxRetries = opts.maxRetries ?? 3;
+  }
+  /** Helper público pra resources. */
+  async request(path, options = {}) {
+    const { method = "GET", body, query, idempotencyKey } = options;
+    const url = this.buildUrl(path, query);
+    const headers = {
+      Authorization: `Bearer ${this.apiKey}`,
+      Accept: "application/json",
+      "User-Agent": `vitrindigital-node/${SDK_VERSION} node/${process.version}`
+    };
+    if (body !== void 0) headers["Content-Type"] = "application/json";
+    if (idempotencyKey) headers["Idempotency-Key"] = idempotencyKey;
+    let lastError = null;
+    for (let attempt = 0; attempt <= this.maxRetries; attempt++) {
+      const controller = new AbortController();
+      const timer = setTimeout(() => controller.abort(), this.timeout);
+      let res;
+      try {
+        res = await fetch(url, {
+          method,
+          headers,
+          body: body !== void 0 ? JSON.stringify(body) : void 0,
+          signal: controller.signal
+        });
+      } catch (err2) {
+        clearTimeout(timer);
+        const netErr = err2;
+        lastError = new VitrinNetworkError(
+          netErr.name === "AbortError" ? `Timeout ap\xF3s ${this.timeout}ms` : netErr.message || "Falha de rede"
+        );
+        if (attempt < this.maxRetries) {
+          await sleep(backoffMs(attempt));
+          continue;
+        }
+        throw lastError;
+      }
+      clearTimeout(timer);
+      const requestId = res.headers.get("x-request-id") || void 0;
+      if (res.status >= 200 && res.status < 300) {
+        if (res.status === 204) return void 0;
+        const text2 = await res.text();
+        return text2 ? JSON.parse(text2) : void 0;
+      }
+      const text = await res.text().catch(() => "");
+      let parsed = text;
+      try {
+        parsed = text ? JSON.parse(text) : null;
+      } catch {
+      }
+      const err = mapErrorResponse(res.status, parsed, requestId);
+      const retriable = res.status === 429 || res.status >= 500;
+      if (retriable && attempt < this.maxRetries) {
+        const retryAfter = parseRetryAfter(res.headers.get("retry-after"));
+        await sleep(retryAfter ?? backoffMs(attempt));
+        lastError = err;
+        continue;
+      }
+      throw err;
+    }
+    throw lastError ?? new VitrinError("Esgotou as tentativas sem erro identificado");
+  }
+  buildUrl(path, query) {
+    const url = new URL(this.baseUrl + (path.startsWith("/") ? path : `/${path}`));
+    if (query) {
+      for (const [k, v] of Object.entries(query)) {
+        if (v !== void 0 && v !== null && v !== "") {
+          url.searchParams.set(k, String(v));
+        }
+      }
+    }
+    return url.toString();
+  }
+};
+function mapErrorResponse(status, body, requestId) {
+  const message = extractErrorMessage(body) || `HTTP ${status}`;
+  const opts = { statusCode: status, body, requestId };
+  if (status === 401 || status === 403) return new VitrinAuthError(message, opts);
+  if (status === 404) return new VitrinNotFoundError(message, opts);
+  if (status === 429) return new VitrinRateLimitError(message, opts);
+  if (status >= 500) return new VitrinServerError(message, opts);
+  if (status === 400 || status === 422) {
+    const fieldErrors = extractFieldErrors(body);
+    return new VitrinValidationError(message, { ...opts, fieldErrors });
+  }
+  return new VitrinError(message, opts);
+}
+function extractErrorMessage(body) {
+  if (!body || typeof body !== "object") return void 0;
+  const b = body;
+  if (typeof b.error === "string") return b.error;
+  if (typeof b.detail === "string") return b.detail;
+  for (const v of Object.values(b)) {
+    if (Array.isArray(v) && typeof v[0] === "string") return v[0];
+  }
+  return void 0;
+}
+function extractFieldErrors(body) {
+  if (!body || typeof body !== "object") return void 0;
+  const out = {};
+  for (const [k, v] of Object.entries(body)) {
+    if (Array.isArray(v) && v.every((item) => typeof item === "string")) {
+      out[k] = v;
+    }
+  }
+  return Object.keys(out).length > 0 ? out : void 0;
+}
+function parseRetryAfter(header) {
+  if (!header) return null;
+  const seconds = Number(header);
+  if (!Number.isNaN(seconds)) return seconds * 1e3;
+  return null;
+}
+function backoffMs(attempt) {
+  const base = 250 * Math.pow(2, attempt);
+  return base + Math.floor(Math.random() * base * 0.5);
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+// src/resources/charges.ts
+var Charges = class {
+  constructor(client) {
+    this.client = client;
+  }
+  client;
+  /** Cria uma cobrança avulsa (PIX/Boleto/Cartão). */
+  create(params) {
+    const { idempotencyKey, ...body } = params;
+    return this.client.request("/charges/", {
+      method: "POST",
+      body,
+      idempotencyKey
+    });
+  }
+  retrieve(id) {
+    return this.client.request(`/transactions/${id}/`);
+  }
+  list(params = {}) {
+    return this.client.request("/reports/transactions/", {
+      query: params
+    });
+  }
+  refund(id, params) {
+    return this.client.request(`/payments/${id}/refund/`, {
+      method: "POST",
+      body: params
+    });
+  }
+  cancel(id, pin) {
+    return this.client.request(`/payments/${id}/cancel/`, {
+      method: "POST",
+      body: { pin }
+    });
+  }
+  /** Status atual da transação (consultado no provedor). */
+  status(id) {
+    return this.client.request(
+      `/payments/${id}/status/`
+    );
+  }
+};
+
+// src/resources/customers.ts
+var Customers = class {
+  constructor(client) {
+    this.client = client;
+  }
+  client;
+  create(params) {
+    return this.client.request("/customers/", {
+      method: "POST",
+      body: params
+    });
+  }
+  retrieve(id) {
+    return this.client.request(`/customers/${id}/`);
+  }
+  list(params = {}) {
+    return this.client.request("/customers/", {
+      query: params
+    });
+  }
+  update(id, params) {
+    return this.client.request(`/customers/${id}/`, {
+      method: "PATCH",
+      body: params
+    });
+  }
+  delete(id) {
+    return this.client.request(`/customers/${id}/`, { method: "DELETE" });
+  }
+};
+
+// src/resources/plans.ts
+var Plans = class {
+  constructor(client) {
+    this.client = client;
+  }
+  client;
+  create(params) {
+    return this.client.request("/plans/", { method: "POST", body: params });
+  }
+  retrieve(id) {
+    return this.client.request(`/plans/${id}/`);
+  }
+  list(params = {}) {
+    return this.client.request("/plans/", { query: params });
+  }
+  update(id, params) {
+    return this.client.request(`/plans/${id}/`, {
+      method: "PATCH",
+      body: params
+    });
+  }
+  delete(id) {
+    return this.client.request(`/plans/${id}/`, { method: "DELETE" });
+  }
+};
+
+// src/resources/subscriptions.ts
+var Subscriptions = class {
+  constructor(client) {
+    this.client = client;
+  }
+  client;
+  create(params) {
+    return this.client.request("/subscriptions/", {
+      method: "POST",
+      body: params
+    });
+  }
+  retrieve(id) {
+    return this.client.request(`/subscriptions/${id}/`);
+  }
+  list(params = {}) {
+    return this.client.request("/subscriptions/", {
+      query: params
+    });
+  }
+  cancel(id, pin) {
+    return this.client.request(`/subscriptions/${id}/cancel/`, {
+      method: "POST",
+      body: { pin }
+    });
+  }
+};
+
+// src/resources/products.ts
+var Products = class {
+  constructor(client) {
+    this.client = client;
+  }
+  client;
+  create(params) {
+    return this.client.request("/products/", {
+      method: "POST",
+      body: params
+    });
+  }
+  retrieve(id) {
+    return this.client.request(`/products/${id}/`);
+  }
+  list(params = {}) {
+    return this.client.request("/products/", { query: params });
+  }
+  update(id, params) {
+    return this.client.request(`/products/${id}/`, {
+      method: "PATCH",
+      body: params
+    });
+  }
+  delete(id) {
+    return this.client.request(`/products/${id}/`, { method: "DELETE" });
+  }
+};
+
+// src/resources/balance.ts
+var BalanceAPI = class {
+  constructor(client) {
+    this.client = client;
+  }
+  client;
+  /** Saldo atual: disponível, pendente e total. */
+  retrieve() {
+    return this.client.request("/balance/");
+  }
+  /** Cronograma de recebíveis futuros (Pix D+1, Boleto D+2, Cartão D+30·N). */
+  scheduled(daysAhead = 90) {
+    return this.client.request("/balance/scheduled/", {
+      query: { days_ahead: daysAhead }
+    });
+  }
+};
+
+// src/webhooks.ts
+import { createHmac, timingSafeEqual } from "crypto";
+var Webhooks = {
+  /** Valida a assinatura e retorna o evento parseado. Lança em qualquer falha. */
+  constructEvent(opts) {
+    const { payload, signature, timestamp, eventType, eventId, secret, toleranceMs = 3e5 } = opts;
+    if (!signature) {
+      throw new VitrinError("Header X-Vitrin-Signature ausente.");
+    }
+    if (!secret) {
+      throw new VitrinError("webhook secret \xE9 obrigat\xF3rio.");
+    }
+    const raw = Buffer.isBuffer(payload) ? payload : Buffer.from(payload, "utf8");
+    const expected = createHmac("sha256", secret).update(raw).digest("hex");
+    const got = signature.trim();
+    if (expected.length !== got.length || !timingSafeEqual(Buffer.from(expected, "hex"), bufferFromHex(got))) {
+      throw new VitrinError("Assinatura inv\xE1lida \u2014 payload pode ter sido adulterado.");
+    }
+    if (toleranceMs > 0 && timestamp) {
+      const tsSec = Number(timestamp);
+      if (!Number.isFinite(tsSec)) {
+        throw new VitrinError("X-Vitrin-Timestamp inv\xE1lido.");
+      }
+      const tsMs = tsSec * 1e3;
+      const drift = Math.abs(Date.now() - tsMs);
+      if (drift > toleranceMs) {
+        throw new VitrinError(
+          `Webhook fora da janela de toler\xE2ncia (drift ${drift}ms > ${toleranceMs}ms).`
+        );
+      }
+    }
+    let data;
+    try {
+      data = JSON.parse(raw.toString("utf8"));
+    } catch {
+      throw new VitrinError("Payload n\xE3o \xE9 JSON v\xE1lido.");
+    }
+    return {
+      type: eventType || "",
+      id: eventId || "",
+      timestampMs: timestamp ? Number(timestamp) * 1e3 : Date.now(),
+      data
+    };
+  }
+};
+function bufferFromHex(hex) {
+  if (hex.length % 2 !== 0) return Buffer.alloc(0);
+  return Buffer.from(hex, "hex");
+}
+
+// src/index.ts
+var Vitrin = class {
+  client;
+  charges;
+  customers;
+  plans;
+  subscriptions;
+  products;
+  balance;
+  constructor(opts) {
+    this.client = new VitrinClient(opts);
+    this.charges = new Charges(this.client);
+    this.customers = new Customers(this.client);
+    this.plans = new Plans(this.client);
+    this.subscriptions = new Subscriptions(this.client);
+    this.products = new Products(this.client);
+    this.balance = new BalanceAPI(this.client);
+  }
+  /** Acesso bruto pro caso de endpoint não coberto pelos resources. */
+  request(path, options) {
+    return this.client.request(path, options);
+  }
+};
+export {
+  Vitrin,
+  VitrinAuthError,
+  VitrinError,
+  VitrinNetworkError,
+  VitrinNotFoundError,
+  VitrinRateLimitError,
+  VitrinServerError,
+  VitrinValidationError,
+  Webhooks
+};

package/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "@vitrindigital/node",
+  "version": "0.1.0",
+  "description": "SDK oficial Node.js para a API da Vitrin Digital",
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": ["dist", "README.md"],
+  "engines": {
+    "node": ">=18"
+  },
+  "scripts": {
+    "build": "tsup src/index.ts --format esm,cjs --dts --clean",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "lint": "tsc --noEmit"
+  },
+  "keywords": ["vitrin", "vitrin-digital", "pagamentos", "pix", "boleto", "checkout"],
+  "author": "Vitrin Digital",
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^22.10.0",
+    "tsup": "^8.3.5",
+    "typescript": "^5.7.2",
+    "vitest": "^2.1.8"
+  },
+  "publishConfig": {
+    "access": "public"
+  }
+}