@zendfi/sdk 0.1.2 → 0.3.0

package/dist/index.mjs

@@ -1,9 +1,7 @@
-var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
-  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
-}) : x)(function(x) {
-  if (typeof require !== "undefined") return require.apply(this, arguments);
-  throw Error('Dynamic require of "' + x + '" is not supported');
-});
+import {
+  __require,
+  processWebhook
+} from "./chunk-YFOBPGQE.mjs";
 
 // src/client.ts
 import fetch from "cross-fetch";
@@ -52,16 +50,30 @@ var ConfigLoader = class {
   static load(options) {
     const environment = this.detectEnvironment();
     const apiKey = this.loadApiKey(options?.apiKey);
-    const baseURL = this.getBaseURL(environment, options?.baseURL);
+    const mode = this.detectMode(apiKey);
+    const baseURL = this.getBaseURL(environment, mode, options?.baseURL);
     return {
       apiKey,
       baseURL,
       environment,
+      mode,
       timeout: options?.timeout ?? 3e4,
       retries: options?.retries ?? 3,
       idempotencyEnabled: options?.idempotencyEnabled ?? true
     };
   }
+  /**
+   * Detect mode (test/live) from API key prefix
+   */
+  static detectMode(apiKey) {
+    if (apiKey.startsWith("zfi_test_")) {
+      return "test";
+    }
+    if (apiKey.startsWith("zfi_live_")) {
+      return "live";
+    }
+    return "live";
+  }
   /**
    * Detect environment based on various signals
    */
@@ -110,8 +122,10 @@ var ConfigLoader = class {
   }
   /**
    * Get base URL for API
+   * Note: Both test and live modes use the same API endpoint.
+   * The backend routes requests to devnet or mainnet based on API key prefix.
    */
-  static getBaseURL(_environment, explicitURL) {
+  static getBaseURL(_environment, _mode, explicitURL) {
     if (explicitURL) return explicitURL;
     return process.env.ZENDFI_API_URL || "https://api.zendfi.tech";
   }
@@ -143,13 +157,17 @@ var ConfigLoader = class {
         'Invalid API key format. ZendFi API keys should start with "zfi_test_" or "zfi_live_"'
       );
     }
-    if (apiKey.startsWith("zfi_live_")) {
-      const env = this.detectEnvironment();
-      if (env === "development") {
-        console.warn(
-          "\u26A0\uFE0F  Warning: Using a live API key (zfi_live_) in development environment. This will create real transactions. Use a test key (zfi_test_) for development."
-        );
-      }
+    const mode = this.detectMode(apiKey);
+    const env = this.detectEnvironment();
+    if (mode === "live" && env === "development") {
+      console.warn(
+        "\u26A0\uFE0F  Warning: Using a live API key (zfi_live_) in development environment. This will create real mainnet transactions. Use a test key (zfi_test_) for devnet testing."
+      );
+    }
+    if (mode === "test" && env === "production") {
+      console.warn(
+        "\u26A0\uFE0F  Warning: Using a test API key (zfi_test_) in production environment. This will create devnet transactions only. Use a live key (zfi_live_) for mainnet."
+      );
     }
   }
 };
@@ -190,6 +208,11 @@ var ZendFiClient = class {
   constructor(options) {
     this.config = ConfigLoader.load(options);
     ConfigLoader.validateApiKey(this.config.apiKey);
+    if (this.config.environment === "development") {
+      console.log(
+        `\u2713 ZendFi SDK initialized in ${this.config.mode} mode (${this.config.mode === "test" ? "devnet" : "mainnet"})`
+      );
+    }
   }
   /**
    * Create a new payment
@@ -283,10 +306,14 @@ var ZendFiClient = class {
     };
   }
   /**
-   * List all payment links
+   * List all payment links for the authenticated merchant
    */
   async listPaymentLinks() {
-    return [];
+    const response = await this.request("GET", "/api/v1/payment-links");
+    return response.map((link) => ({
+      ...link,
+      url: link.hosted_page_url
+    }));
   }
   /**
    * Create an installment plan
@@ -635,65 +662,6 @@ function verifyWebhookSignature(payload, signature, secret) {
     secret
   });
 }
-
-// src/webhook-handler.ts
-var processedWebhooks = /* @__PURE__ */ new Set();
-var defaultIsProcessed = async (webhookId) => {
-  return processedWebhooks.has(webhookId);
-};
-var defaultOnProcessed = async (webhookId) => {
-  processedWebhooks.add(webhookId);
-  if (processedWebhooks.size > 1e4) {
-    const iterator = processedWebhooks.values();
-    for (let i = 0; i < 1e3; i++) {
-      const { value } = iterator.next();
-      if (value) processedWebhooks.delete(value);
-    }
-  }
-};
-function generateWebhookId(payload) {
-  return `${payload.merchant_id}:${payload.event}:${payload.timestamp}`;
-}
-async function processWebhook(payload, handlers, config) {
-  try {
-    const webhookId = generateWebhookId(payload);
-    const isProcessed = config.isProcessed || defaultIsProcessed;
-    const onProcessed = config.onProcessed || defaultOnProcessed;
-    if (await isProcessed(webhookId)) {
-      return {
-        success: true,
-        processed: false,
-        event: payload.event
-      };
-    }
-    const handler = handlers[payload.event];
-    if (!handler) {
-      return {
-        success: true,
-        processed: false,
-        event: payload.event
-      };
-    }
-    await handler(payload.data, payload);
-    await onProcessed(webhookId);
-    return {
-      success: true,
-      processed: true,
-      event: payload.event
-    };
-  } catch (error) {
-    const err = error;
-    if (config.onError) {
-      await config.onError(err, payload?.event);
-    }
-    return {
-      success: false,
-      processed: false,
-      error: err.message,
-      event: payload?.event
-    };
-  }
-}
 export {
   AuthenticationError,
   ConfigLoader,

package/dist/nextjs.d.mts

@@ -0,0 +1,37 @@
+import { W as WebhookHandlerConfig, a as WebhookHandlers } from './webhook-handler-DG-zic8m.mjs';
+
+/**
+ * Next.js Webhook Handler for App Router
+ *
+ * @example
+ * ```typescript
+ * // app/api/webhooks/zendfi/route.ts
+ * import { createNextWebhookHandler } from '@zendfi/sdk/nextjs';
+ *
+ * export const POST = createNextWebhookHandler({
+ *   secret: process.env.ZENDFI_WEBHOOK_SECRET!,
+ *   handlers: {
+ *     'payment.confirmed': async (payment) => {
+ *       await db.orders.update({
+ *         where: { id: payment.metadata.orderId },
+ *         data: { status: 'paid' },
+ *       });
+ *     },
+ *     'payment.failed': async (payment) => {
+ *       await sendFailureEmail(payment);
+ *     },
+ *   },
+ * });
+ * ```
+ */
+
+type NextRequest = any;
+interface NextWebhookHandlerConfig extends WebhookHandlerConfig {
+    handlers: WebhookHandlers;
+}
+/**
+ * Create a Next.js App Router webhook handler
+ */
+declare function createNextWebhookHandler(config: NextWebhookHandlerConfig): (request: NextRequest) => Promise<Response>;
+
+export { type NextWebhookHandlerConfig, createNextWebhookHandler };

package/dist/nextjs.d.ts

@@ -0,0 +1,37 @@
+import { W as WebhookHandlerConfig, a as WebhookHandlers } from './webhook-handler-DG-zic8m.js';
+
+/**
+ * Next.js Webhook Handler for App Router
+ *
+ * @example
+ * ```typescript
+ * // app/api/webhooks/zendfi/route.ts
+ * import { createNextWebhookHandler } from '@zendfi/sdk/nextjs';
+ *
+ * export const POST = createNextWebhookHandler({
+ *   secret: process.env.ZENDFI_WEBHOOK_SECRET!,
+ *   handlers: {
+ *     'payment.confirmed': async (payment) => {
+ *       await db.orders.update({
+ *         where: { id: payment.metadata.orderId },
+ *         data: { status: 'paid' },
+ *       });
+ *     },
+ *     'payment.failed': async (payment) => {
+ *       await sendFailureEmail(payment);
+ *     },
+ *   },
+ * });
+ * ```
+ */
+
+type NextRequest = any;
+interface NextWebhookHandlerConfig extends WebhookHandlerConfig {
+    handlers: WebhookHandlers;
+}
+/**
+ * Create a Next.js App Router webhook handler
+ */
+declare function createNextWebhookHandler(config: NextWebhookHandlerConfig): (request: NextRequest) => Promise<Response>;
+
+export { type NextWebhookHandlerConfig, createNextWebhookHandler };

package/dist/nextjs.js

@@ -0,0 +1,227 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/nextjs.ts
+var nextjs_exports = {};
+__export(nextjs_exports, {
+  createNextWebhookHandler: () => createNextWebhookHandler
+});
+module.exports = __toCommonJS(nextjs_exports);
+var import_crypto2 = require("crypto");
+
+// src/webhook-handler.ts
+var import_crypto = require("crypto");
+var processedWebhooks = /* @__PURE__ */ new Set();
+var defaultIsProcessed = async (webhookId) => {
+  return processedWebhooks.has(webhookId);
+};
+var defaultOnProcessed = async (webhookId) => {
+  processedWebhooks.add(webhookId);
+  if (processedWebhooks.size > 1e4) {
+    const iterator = processedWebhooks.values();
+    for (let i = 0; i < 1e3; i++) {
+      const { value } = iterator.next();
+      if (value) processedWebhooks.delete(value);
+    }
+  }
+};
+function generateWebhookId(payload) {
+  return `${payload.merchant_id}:${payload.event}:${payload.timestamp}`;
+}
+async function processPayload(payload, handlers, config) {
+  try {
+    const webhookId = generateWebhookId(payload);
+    const isProcessed = config.isProcessed || config.checkDuplicate || defaultIsProcessed;
+    const onProcessed = config.onProcessed || config.markProcessed || defaultOnProcessed;
+    const dedupEnabled = !!(config.enableDeduplication || config.isProcessed || config.checkDuplicate);
+    if (dedupEnabled && await isProcessed(webhookId)) {
+      return {
+        success: false,
+        processed: false,
+        event: payload.event,
+        error: "Duplicate webhook",
+        statusCode: 409
+      };
+    }
+    const handler = handlers[payload.event];
+    if (!handler) {
+      return {
+        success: true,
+        processed: false,
+        event: payload.event,
+        statusCode: 200
+      };
+    }
+    await handler(payload.data, payload);
+    await onProcessed(webhookId);
+    return {
+      success: true,
+      processed: true,
+      event: payload.event
+    };
+  } catch (error) {
+    const err = error;
+    if (config?.onError) {
+      await config.onError(err, error?.event);
+    }
+    return {
+      success: false,
+      processed: false,
+      error: err.message,
+      event: error?.event,
+      statusCode: 500
+    };
+  }
+}
+async function processWebhook(a, b, c) {
+  if (a && typeof a === "object" && a.event && b && c) {
+    return processPayload(a, b, c);
+  }
+  const opts = a;
+  if (!opts || !opts.signature && !opts.body && !opts.handlers) {
+    return {
+      success: false,
+      processed: false,
+      error: "Invalid arguments to processWebhook",
+      statusCode: 400
+    };
+  }
+  const signature = opts.signature;
+  const body = opts.body;
+  const handlers = opts.handlers || {};
+  const cfg = opts.config || {};
+  const secret = cfg.webhookSecret || cfg.secret;
+  if (!secret) {
+    return {
+      success: false,
+      processed: false,
+      error: "Webhook secret not provided",
+      statusCode: 400
+    };
+  }
+  if (!signature || !body) {
+    return {
+      success: false,
+      processed: false,
+      error: "Missing signature or body",
+      statusCode: 400
+    };
+  }
+  try {
+    const sig = typeof signature === "string" && signature.startsWith("sha256=") ? signature.slice("sha256=".length) : String(signature);
+    const hmac = (0, import_crypto.createHmac)("sha256", secret).update(body, "utf8").digest("hex");
+    let ok = false;
+    try {
+      const sigBuf = Buffer.from(sig, "hex");
+      const hmacBuf = Buffer.from(hmac, "hex");
+      if (sigBuf.length === hmacBuf.length) {
+        ok = (0, import_crypto.timingSafeEqual)(sigBuf, hmacBuf);
+      }
+    } catch (e) {
+      ok = (0, import_crypto.timingSafeEqual)(Buffer.from(String(sig), "utf8"), Buffer.from(hmac, "utf8"));
+    }
+    if (!ok) {
+      return {
+        success: false,
+        processed: false,
+        error: "Invalid signature",
+        statusCode: 401
+      };
+    }
+    const payload = JSON.parse(body);
+    const fullConfig = {
+      secret,
+      isProcessed: cfg.isProcessed,
+      onProcessed: cfg.onProcessed,
+      onError: cfg.onError,
+      // Forward compatibility for alternate names and flags
+      enableDeduplication: cfg.enableDeduplication,
+      checkDuplicate: cfg.checkDuplicate,
+      markProcessed: cfg.markProcessed
+    };
+    return await processPayload(payload, handlers, fullConfig);
+  } catch (err) {
+    return {
+      success: false,
+      processed: false,
+      error: err.message,
+      statusCode: 500
+    };
+  }
+}
+
+// src/nextjs.ts
+function createNextWebhookHandler(config) {
+  return async (request) => {
+    try {
+      const signature = request.headers.get("x-zendfi-signature");
+      if (!signature) {
+        return new Response(
+          JSON.stringify({ error: "Missing signature" }),
+          { status: 401, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      const body = await request.text();
+      const computedSignature = (0, import_crypto2.createHmac)("sha256", config.secret).update(body, "utf8").digest("hex");
+      const sigBuffer = Buffer.from(signature, "utf8");
+      const compBuffer = Buffer.from(computedSignature, "utf8");
+      if (sigBuffer.length !== compBuffer.length || !(0, import_crypto2.timingSafeEqual)(sigBuffer, compBuffer)) {
+        return new Response(
+          JSON.stringify({ error: "Invalid signature" }),
+          { status: 401, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      let payload;
+      try {
+        payload = JSON.parse(body);
+      } catch {
+        return new Response(
+          JSON.stringify({ error: "Invalid JSON" }),
+          { status: 400, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      const result = await processWebhook(payload, config.handlers, config);
+      if (!result.success) {
+        return new Response(
+          JSON.stringify({ error: result.error || "Webhook processing failed" }),
+          { status: 500, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      return new Response(
+        JSON.stringify({
+          received: true,
+          processed: result.processed,
+          event: result.event
+        }),
+        { status: 200, headers: { "Content-Type": "application/json" } }
+      );
+    } catch (error) {
+      const err = error;
+      console.error("Webhook handler error:", err);
+      return new Response(
+        JSON.stringify({ error: "Internal server error" }),
+        { status: 500, headers: { "Content-Type": "application/json" } }
+      );
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createNextWebhookHandler
+});

package/dist/nextjs.mjs

@@ -0,0 +1,63 @@
+import {
+  processWebhook
+} from "./chunk-YFOBPGQE.mjs";
+
+// src/nextjs.ts
+import { createHmac, timingSafeEqual } from "crypto";
+function createNextWebhookHandler(config) {
+  return async (request) => {
+    try {
+      const signature = request.headers.get("x-zendfi-signature");
+      if (!signature) {
+        return new Response(
+          JSON.stringify({ error: "Missing signature" }),
+          { status: 401, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      const body = await request.text();
+      const computedSignature = createHmac("sha256", config.secret).update(body, "utf8").digest("hex");
+      const sigBuffer = Buffer.from(signature, "utf8");
+      const compBuffer = Buffer.from(computedSignature, "utf8");
+      if (sigBuffer.length !== compBuffer.length || !timingSafeEqual(sigBuffer, compBuffer)) {
+        return new Response(
+          JSON.stringify({ error: "Invalid signature" }),
+          { status: 401, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      let payload;
+      try {
+        payload = JSON.parse(body);
+      } catch {
+        return new Response(
+          JSON.stringify({ error: "Invalid JSON" }),
+          { status: 400, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      const result = await processWebhook(payload, config.handlers, config);
+      if (!result.success) {
+        return new Response(
+          JSON.stringify({ error: result.error || "Webhook processing failed" }),
+          { status: 500, headers: { "Content-Type": "application/json" } }
+        );
+      }
+      return new Response(
+        JSON.stringify({
+          received: true,
+          processed: result.processed,
+          event: result.event
+        }),
+        { status: 200, headers: { "Content-Type": "application/json" } }
+      );
+    } catch (error) {
+      const err = error;
+      console.error("Webhook handler error:", err);
+      return new Response(
+        JSON.stringify({ error: "Internal server error" }),
+        { status: 500, headers: { "Content-Type": "application/json" } }
+      );
+    }
+  };
+}
+export {
+  createNextWebhookHandler
+};