better-auth-mercadopago 0.1.9 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/client.d.ts +88 -0
- package/dist/client.d.ts.map +1 -0
- package/dist/client.js +271 -0
- package/dist/client.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +3 -0
- package/dist/index.js.map +1 -0
- package/dist/security.d.ts +103 -0
- package/dist/security.d.ts.map +1 -0
- package/dist/security.js +300 -0
- package/dist/security.js.map +1 -0
- package/dist/server.d.ts +638 -0
- package/dist/server.d.ts.map +1 -0
- package/dist/server.js +1095 -0
- package/dist/server.js.map +1 -0
- package/dist/types.d.ts +294 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +1 -0
- package/dist/types.js.map +1 -0
- package/package.json +1 -1
package/dist/client.d.ts
ADDED
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
import type { BetterFetch, BetterFetchOption } from "better-auth/client";
|
|
2
|
+
import type { mercadoPagoPlugin } from "./index";
|
|
3
|
+
import type { CreatePaymentParams, CreatePaymentResponse, CreatePreapprovalPlanParams, CreatePreapprovalPlanResponse, CreateSubscriptionParams, CreateSubscriptionResponse, MercadoPagoCustomerRecord, MercadoPagoPaymentRecord, MercadoPagoPreapprovalPlanRecord, MercadoPagoSubscriptionRecord, OAuthTokenResponse, OAuthUrlResponse } from "./types";
|
|
4
|
+
export interface MercadoPagoClientActions {
|
|
5
|
+
/**
|
|
6
|
+
* Get or create a Mercado Pago customer for the authenticated user
|
|
7
|
+
*/
|
|
8
|
+
getOrCreateCustomer: (data?: {
|
|
9
|
+
email?: string;
|
|
10
|
+
firstName?: string;
|
|
11
|
+
lastName?: string;
|
|
12
|
+
}, fetchOptions?: BetterFetchOption) => Promise<{
|
|
13
|
+
customer: MercadoPagoCustomerRecord;
|
|
14
|
+
}>;
|
|
15
|
+
/**
|
|
16
|
+
* Create a payment and get checkout URL
|
|
17
|
+
*/
|
|
18
|
+
createPayment: (data: CreatePaymentParams, fetchOptions?: BetterFetchOption) => Promise<CreatePaymentResponse>;
|
|
19
|
+
/**
|
|
20
|
+
* Create a marketplace payment with automatic split
|
|
21
|
+
*/
|
|
22
|
+
createMarketplacePayment: (data: CreatePaymentParams, fetchOptions?: BetterFetchOption) => Promise<CreatePaymentResponse>;
|
|
23
|
+
/**
|
|
24
|
+
* Create a subscription with recurring payments
|
|
25
|
+
*/
|
|
26
|
+
createSubscription: (data: CreateSubscriptionParams, fetchOptions?: BetterFetchOption) => Promise<CreateSubscriptionResponse>;
|
|
27
|
+
/**
|
|
28
|
+
* Cancel a subscription
|
|
29
|
+
*/
|
|
30
|
+
cancelSubscription: (data: {
|
|
31
|
+
subscriptionId: string;
|
|
32
|
+
}, fetchOptions?: BetterFetchOption) => Promise<{
|
|
33
|
+
success: boolean;
|
|
34
|
+
}>;
|
|
35
|
+
/**
|
|
36
|
+
* Create a reusable preapproval plan (subscription template)
|
|
37
|
+
*/
|
|
38
|
+
createPreapprovalPlan: (data: CreatePreapprovalPlanParams, fetchOptions?: BetterFetchOption) => Promise<CreatePreapprovalPlanResponse>;
|
|
39
|
+
/**
|
|
40
|
+
* List all preapproval plans
|
|
41
|
+
*/
|
|
42
|
+
listPreapprovalPlans: (fetchOptions?: BetterFetchOption) => Promise<{
|
|
43
|
+
plans: MercadoPagoPreapprovalPlanRecord[];
|
|
44
|
+
}>;
|
|
45
|
+
/**
|
|
46
|
+
* Get payment by ID
|
|
47
|
+
*/
|
|
48
|
+
getPayment: (paymentId: string, fetchOptions?: BetterFetchOption) => Promise<{
|
|
49
|
+
payment: MercadoPagoPaymentRecord;
|
|
50
|
+
}>;
|
|
51
|
+
/**
|
|
52
|
+
* List all payments for the authenticated user
|
|
53
|
+
*/
|
|
54
|
+
listPayments: (params?: {
|
|
55
|
+
limit?: number;
|
|
56
|
+
offset?: number;
|
|
57
|
+
}, fetchOptions?: BetterFetchOption) => Promise<{
|
|
58
|
+
payments: MercadoPagoPaymentRecord[];
|
|
59
|
+
}>;
|
|
60
|
+
/**
|
|
61
|
+
* List all subscriptions for the authenticated user
|
|
62
|
+
*/
|
|
63
|
+
listSubscriptions: (fetchOptions?: BetterFetchOption) => Promise<{
|
|
64
|
+
subscriptions: MercadoPagoSubscriptionRecord[];
|
|
65
|
+
}>;
|
|
66
|
+
/**
|
|
67
|
+
* Get OAuth authorization URL for marketplace sellers
|
|
68
|
+
*/
|
|
69
|
+
getOAuthUrl: (params: {
|
|
70
|
+
redirectUri: string;
|
|
71
|
+
}, fetchOptions?: BetterFetchOption) => Promise<OAuthUrlResponse>;
|
|
72
|
+
/**
|
|
73
|
+
* Exchange OAuth code for access token
|
|
74
|
+
*/
|
|
75
|
+
exchangeOAuthCode: (data: {
|
|
76
|
+
code: string;
|
|
77
|
+
redirectUri: string;
|
|
78
|
+
}, fetchOptions?: BetterFetchOption) => Promise<OAuthTokenResponse>;
|
|
79
|
+
}
|
|
80
|
+
type mercadopagoPlugin = typeof mercadoPagoPlugin;
|
|
81
|
+
export type MercadoPagoClient = MercadoPagoClientActions;
|
|
82
|
+
export declare const mercadoPagoClientPlugin: () => {
|
|
83
|
+
id: "mercadopago";
|
|
84
|
+
$InferServerPlugin: ReturnType<mercadopagoPlugin>;
|
|
85
|
+
getActions: ($fetch: BetterFetch) => MercadoPagoClientActions;
|
|
86
|
+
};
|
|
87
|
+
export {};
|
|
88
|
+
//# sourceMappingURL=client.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAEX,WAAW,EACX,iBAAiB,EACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AACjD,OAAO,KAAK,EACX,mBAAmB,EACnB,qBAAqB,EACrB,2BAA2B,EAC3B,6BAA6B,EAC7B,wBAAwB,EACxB,0BAA0B,EAC1B,yBAAyB,EACzB,wBAAwB,EACxB,gCAAgC,EAChC,6BAA6B,EAC7B,kBAAkB,EAClB,gBAAgB,EAChB,MAAM,SAAS,CAAC;AAEjB,MAAM,WAAW,wBAAwB;IACxC;;OAEG;IACH,mBAAmB,EAAE,CACpB,IAAI,CAAC,EAAE;QACN,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;KAClB,EACD,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC;QAAE,QAAQ,EAAE,yBAAyB,CAAA;KAAE,CAAC,CAAC;IAEtD;;OAEG;IACH,aAAa,EAAE,CACd,IAAI,EAAE,mBAAmB,EACzB,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAEpC;;OAEG;IACH,wBAAwB,EAAE,CACzB,IAAI,EAAE,mBAAmB,EACzB,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAEpC;;OAEG;IACH,kBAAkB,EAAE,CACnB,IAAI,EAAE,wBAAwB,EAC9B,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC,0BAA0B,CAAC,CAAC;IAEzC;;OAEG;IACH,kBAAkB,EAAE,CACnB,IAAI,EAAE;QAAE,cAAc,EAAE,MAAM,CAAA;KAAE,EAChC,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC,CAAC;IAEnC;;OAEG;IACH,qBAAqB,EAAE,CACtB,IAAI,EAAE,2BAA2B,EACjC,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAE5C;;OAEG;IACH,oBAAoB,EAAE,CACrB,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC;QAAE,KAAK,EAAE,gCAAgC,EAAE,CAAA;KAAE,CAAC,CAAC;IAE5D;;OAEG;IACH,UAAU,EAAE,CACX,SAAS,EAAE,MAAM,EACjB,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC;QAAE,OAAO,EAAE,wBAAwB,CAAA;KAAE,CAAC,CAAC;IAEpD;;OAEG;IACH,YAAY,EAAE,CACb,MAAM,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,EAC5C,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC;QAAE,QAAQ,EAAE,wBAAwB,EAAE,CAAA;KAAE,CAAC,CAAC;IAEvD;;OAEG;IACH,iBAAiB,EAAE,CAClB,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC;QAAE,aAAa,EAAE,6BAA6B,EAAE,CAAA;KAAE,CAAC,CAAC;IAEjE;;OAEG;IACH,WAAW,EAAE,CACZ,MAAM,EAAE;QAAE,WAAW,EAAE,MAAM,CAAA;KAAE,EAC/B,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAE/B;;OAEG;IACH,iBAAiB,EAAE,CAClB,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE,EAC3C,YAAY,CAAC,EAAE,iBAAiB,KAC5B,OAAO,CAAC,kBAAkB,CAAC,CAAC;CACjC;AAED,KAAK,iBAAiB,GAAG,OAAO,iBAAiB,CAAC;AAGlD,MAAM,MAAM,iBAAiB,GAAG,wBAAwB,CAAC;AAEzD,eAAO,MAAM,uBAAuB;;wBAGR,UAAU,CAAC,iBAAiB,CAAC;yBAElC,WAAW,KAAG,wBAAwB;CAyT5D,CAAC"}
|
package/dist/client.js
ADDED
|
@@ -0,0 +1,271 @@
|
|
|
1
|
+
export const mercadoPagoClientPlugin = () => {
|
|
2
|
+
return {
|
|
3
|
+
id: "mercadopago",
|
|
4
|
+
$InferServerPlugin: {},
|
|
5
|
+
getActions: ($fetch) => ({
|
|
6
|
+
/**
|
|
7
|
+
* Get or create a Mercado Pago customer for the authenticated user
|
|
8
|
+
*/
|
|
9
|
+
getOrCreateCustomer: async (data, fetchOptions) => {
|
|
10
|
+
return await $fetch("/mercado-pago/customer", {
|
|
11
|
+
method: "POST",
|
|
12
|
+
body: data || {},
|
|
13
|
+
...fetchOptions,
|
|
14
|
+
});
|
|
15
|
+
},
|
|
16
|
+
/**
|
|
17
|
+
* Create a payment and get checkout URL
|
|
18
|
+
*
|
|
19
|
+
* @example
|
|
20
|
+
* ```ts
|
|
21
|
+
* const { data } = await authClient.mercadoPago.createPayment({
|
|
22
|
+
* items: [{
|
|
23
|
+
* title: "Premium Plan",
|
|
24
|
+
* quantity: 1,
|
|
25
|
+
* unitPrice: 99.90,
|
|
26
|
+
* currencyId: "ARS"
|
|
27
|
+
* }]
|
|
28
|
+
* });
|
|
29
|
+
*
|
|
30
|
+
* // Redirect user to checkout
|
|
31
|
+
* window.location.href = data.checkoutUrl;
|
|
32
|
+
* ```
|
|
33
|
+
*/
|
|
34
|
+
createPayment: async (data, fetchOptions) => {
|
|
35
|
+
return await $fetch("/mercado-pago/payment/create", {
|
|
36
|
+
method: "POST",
|
|
37
|
+
body: data,
|
|
38
|
+
...fetchOptions,
|
|
39
|
+
});
|
|
40
|
+
},
|
|
41
|
+
/**
|
|
42
|
+
* Create a marketplace payment with automatic split
|
|
43
|
+
*
|
|
44
|
+
* You need to have the seller's MP User ID (collector_id) which they get
|
|
45
|
+
* after authorizing your app via OAuth.
|
|
46
|
+
*
|
|
47
|
+
* @example
|
|
48
|
+
* ```ts
|
|
49
|
+
* const { data } = await authClient.mercadoPago.createPayment({
|
|
50
|
+
* items: [{
|
|
51
|
+
* title: "Product from Seller",
|
|
52
|
+
* quantity: 1,
|
|
53
|
+
* unitPrice: 100
|
|
54
|
+
* }],
|
|
55
|
+
* marketplace: {
|
|
56
|
+
* collectorId: "123456789", // Seller's MP User ID
|
|
57
|
+
* applicationFeePercentage: 10 // Platform keeps 10%
|
|
58
|
+
* }
|
|
59
|
+
* });
|
|
60
|
+
* ```
|
|
61
|
+
*/
|
|
62
|
+
createMarketplacePayment: async (data, fetchOptions) => {
|
|
63
|
+
return await $fetch("/mercado-pago/payment/create", {
|
|
64
|
+
method: "POST",
|
|
65
|
+
body: data,
|
|
66
|
+
...fetchOptions,
|
|
67
|
+
});
|
|
68
|
+
},
|
|
69
|
+
/**
|
|
70
|
+
* Create a subscription with recurring payments
|
|
71
|
+
*
|
|
72
|
+
* Supports two modes:
|
|
73
|
+
* 1. With preapproval plan (reusable): Pass preapprovalPlanId
|
|
74
|
+
* 2. Direct subscription (one-off): Pass reason + autoRecurring
|
|
75
|
+
*
|
|
76
|
+
* @example With plan
|
|
77
|
+
* ```ts
|
|
78
|
+
* const { data } = await authClient.mercadoPago.createSubscription({
|
|
79
|
+
* preapprovalPlanId: "plan_abc123"
|
|
80
|
+
* });
|
|
81
|
+
* ```
|
|
82
|
+
*
|
|
83
|
+
* @example Direct (without plan)
|
|
84
|
+
* ```ts
|
|
85
|
+
* const { data } = await authClient.mercadoPago.createSubscription({
|
|
86
|
+
* reason: "Premium Monthly Plan",
|
|
87
|
+
* autoRecurring: {
|
|
88
|
+
* frequency: 1,
|
|
89
|
+
* frequencyType: "months",
|
|
90
|
+
* transactionAmount: 99.90,
|
|
91
|
+
* currencyId: "ARS"
|
|
92
|
+
* }
|
|
93
|
+
* });
|
|
94
|
+
* ```
|
|
95
|
+
*/
|
|
96
|
+
createSubscription: async (data, fetchOptions) => {
|
|
97
|
+
return await $fetch("/mercado-pago/subscription/create", {
|
|
98
|
+
method: "POST",
|
|
99
|
+
body: data,
|
|
100
|
+
...fetchOptions,
|
|
101
|
+
});
|
|
102
|
+
},
|
|
103
|
+
/**
|
|
104
|
+
* Cancel a subscription
|
|
105
|
+
*
|
|
106
|
+
* @example
|
|
107
|
+
* ```ts
|
|
108
|
+
* await authClient.mercadoPago.cancelSubscription({
|
|
109
|
+
* subscriptionId: "sub_123"
|
|
110
|
+
* });
|
|
111
|
+
* ```
|
|
112
|
+
*/
|
|
113
|
+
cancelSubscription: async (data, fetchOptions) => {
|
|
114
|
+
return await $fetch("/mercado-pago/subscription/cancel", {
|
|
115
|
+
method: "POST",
|
|
116
|
+
body: data,
|
|
117
|
+
...fetchOptions,
|
|
118
|
+
});
|
|
119
|
+
},
|
|
120
|
+
/**
|
|
121
|
+
* Create a reusable preapproval plan (subscription template)
|
|
122
|
+
*
|
|
123
|
+
* Plans can be reused for multiple subscriptions. Create once,
|
|
124
|
+
* use many times with createSubscription({ preapprovalPlanId })
|
|
125
|
+
*
|
|
126
|
+
* @example
|
|
127
|
+
* ```ts
|
|
128
|
+
* const { data } = await authClient.mercadoPago.createPreapprovalPlan({
|
|
129
|
+
* reason: "Premium Monthly",
|
|
130
|
+
* autoRecurring: {
|
|
131
|
+
* frequency: 1,
|
|
132
|
+
* frequencyType: "months",
|
|
133
|
+
* transactionAmount: 99.90,
|
|
134
|
+
* freeTrial: {
|
|
135
|
+
* frequency: 7,
|
|
136
|
+
* frequencyType: "days"
|
|
137
|
+
* }
|
|
138
|
+
* },
|
|
139
|
+
* repetitions: 12 // 12 months, omit for infinite
|
|
140
|
+
* });
|
|
141
|
+
*
|
|
142
|
+
* // Use the plan
|
|
143
|
+
* const planId = data.plan.mercadoPagoPlanId;
|
|
144
|
+
* ```
|
|
145
|
+
*/
|
|
146
|
+
createPreapprovalPlan: async (data, fetchOptions) => {
|
|
147
|
+
return await $fetch("/mercado-pago/plan/create", {
|
|
148
|
+
method: "POST",
|
|
149
|
+
body: data,
|
|
150
|
+
...fetchOptions,
|
|
151
|
+
});
|
|
152
|
+
},
|
|
153
|
+
/**
|
|
154
|
+
* List all preapproval plans
|
|
155
|
+
*
|
|
156
|
+
* @example
|
|
157
|
+
* ```ts
|
|
158
|
+
* const { data } = await authClient.mercadoPago.listPreapprovalPlans();
|
|
159
|
+
*
|
|
160
|
+
* data.plans.forEach(plan => {
|
|
161
|
+
* console.log(plan.reason); // "Premium Monthly"
|
|
162
|
+
* console.log(plan.transactionAmount); // 99.90
|
|
163
|
+
* });
|
|
164
|
+
* ```
|
|
165
|
+
*/
|
|
166
|
+
listPreapprovalPlans: async (fetchOptions) => {
|
|
167
|
+
return await $fetch("/mercado-pago/plans", {
|
|
168
|
+
method: "GET",
|
|
169
|
+
...fetchOptions,
|
|
170
|
+
});
|
|
171
|
+
},
|
|
172
|
+
/**
|
|
173
|
+
* Get payment by ID
|
|
174
|
+
*/
|
|
175
|
+
getPayment: async (paymentId, fetchOptions) => {
|
|
176
|
+
return await $fetch(`/mercado-pago/payment/${paymentId}`, {
|
|
177
|
+
method: "GET",
|
|
178
|
+
...fetchOptions,
|
|
179
|
+
});
|
|
180
|
+
},
|
|
181
|
+
/**
|
|
182
|
+
* List all payments for the authenticated user
|
|
183
|
+
*
|
|
184
|
+
* @example
|
|
185
|
+
* ```ts
|
|
186
|
+
* const { data } = await authClient.mercadoPago.listPayments({
|
|
187
|
+
* limit: 20,
|
|
188
|
+
* offset: 0
|
|
189
|
+
* });
|
|
190
|
+
* ```
|
|
191
|
+
*/
|
|
192
|
+
listPayments: async (params, fetchOptions) => {
|
|
193
|
+
const query = new URLSearchParams();
|
|
194
|
+
if (params?.limit)
|
|
195
|
+
query.set("limit", params.limit.toString());
|
|
196
|
+
if (params?.offset)
|
|
197
|
+
query.set("offset", params.offset.toString());
|
|
198
|
+
return await $fetch(`/mercado-pago/payments?${query.toString()}`, {
|
|
199
|
+
method: "GET",
|
|
200
|
+
...fetchOptions,
|
|
201
|
+
});
|
|
202
|
+
},
|
|
203
|
+
/**
|
|
204
|
+
* List all subscriptions for the authenticated user
|
|
205
|
+
*
|
|
206
|
+
* @example
|
|
207
|
+
* ```ts
|
|
208
|
+
* const { data } = await authClient.mercadoPago.listSubscriptions();
|
|
209
|
+
* ```
|
|
210
|
+
*/
|
|
211
|
+
listSubscriptions: async (fetchOptions) => {
|
|
212
|
+
return await $fetch(`/mercado-pago/subscriptions`, {
|
|
213
|
+
method: "GET",
|
|
214
|
+
...fetchOptions,
|
|
215
|
+
});
|
|
216
|
+
},
|
|
217
|
+
/**
|
|
218
|
+
* Get OAuth authorization URL for marketplace sellers
|
|
219
|
+
*
|
|
220
|
+
* This is Step 1 of OAuth flow. Redirect the seller to this URL so they
|
|
221
|
+
* can authorize your app to process payments on their behalf.
|
|
222
|
+
*
|
|
223
|
+
* @example
|
|
224
|
+
* ```ts
|
|
225
|
+
* const { data } = await authClient.mercadoPago.getOAuthUrl({
|
|
226
|
+
* redirectUri: "https://myapp.com/oauth/callback"
|
|
227
|
+
* });
|
|
228
|
+
*
|
|
229
|
+
* // Redirect seller to authorize
|
|
230
|
+
* window.location.href = data.authUrl;
|
|
231
|
+
* ```
|
|
232
|
+
*/
|
|
233
|
+
getOAuthUrl: async (params, fetchOptions) => {
|
|
234
|
+
const query = new URLSearchParams();
|
|
235
|
+
query.set("redirectUri", params.redirectUri);
|
|
236
|
+
return await $fetch(`/mercado-pago/oauth/authorize?${query.toString()}`, {
|
|
237
|
+
method: "GET",
|
|
238
|
+
...fetchOptions,
|
|
239
|
+
});
|
|
240
|
+
},
|
|
241
|
+
/**
|
|
242
|
+
* Exchange OAuth code for access token
|
|
243
|
+
*
|
|
244
|
+
* This is Step 2 of OAuth flow. After the seller authorizes and MP redirects
|
|
245
|
+
* them back with a code, exchange that code for an access token.
|
|
246
|
+
*
|
|
247
|
+
* @example
|
|
248
|
+
* ```ts
|
|
249
|
+
* // In your /oauth/callback page:
|
|
250
|
+
* const code = new URLSearchParams(window.location.search).get("code");
|
|
251
|
+
*
|
|
252
|
+
* const { data } = await authClient.mercadoPago.exchangeOAuthCode({
|
|
253
|
+
* code,
|
|
254
|
+
* redirectUri: "https://myapp.com/oauth/callback"
|
|
255
|
+
* });
|
|
256
|
+
*
|
|
257
|
+
* // Now you have the seller's MP User ID
|
|
258
|
+
* console.log(data.oauthToken.mercadoPagoUserId);
|
|
259
|
+
* ```
|
|
260
|
+
*/
|
|
261
|
+
exchangeOAuthCode: async (data, fetchOptions) => {
|
|
262
|
+
return await $fetch("/mercado-pago/oauth/callback", {
|
|
263
|
+
method: "POST",
|
|
264
|
+
body: data,
|
|
265
|
+
...fetchOptions,
|
|
266
|
+
});
|
|
267
|
+
},
|
|
268
|
+
}),
|
|
269
|
+
};
|
|
270
|
+
};
|
|
271
|
+
//# sourceMappingURL=client.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AA8HA,MAAM,CAAC,MAAM,uBAAuB,GAAG,GAAG,EAAE;IAC3C,OAAO;QACN,EAAE,EAAE,aAAa;QACjB,kBAAkB,EAAE,EAAmC;QAEvD,UAAU,EAAE,CAAC,MAAmB,EAA4B,EAAE,CAAC,CAAC;YAC/D;;eAEG;YACH,mBAAmB,EAAE,KAAK,EACzB,IAIC,EACD,YAAgC,EAC/B,EAAE;gBACH,OAAO,MAAM,MAAM,CAAC,wBAAwB,EAAE;oBAC7C,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,IAAI,IAAI,EAAE;oBAChB,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;;;;;;;;;;;;;;;;eAiBG;YACH,aAAa,EAAE,KAAK,EACnB,IAAyB,EACzB,YAAgC,EAC/B,EAAE;gBACH,OAAO,MAAM,MAAM,CAAC,8BAA8B,EAAE;oBACnD,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,IAAI;oBACV,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;;;;;;;;;;;;;;;;;;;eAoBG;YACH,wBAAwB,EAAE,KAAK,EAC9B,IAAyB,EACzB,YAAgC,EAC/B,EAAE;gBACH,OAAO,MAAM,MAAM,CAAC,8BAA8B,EAAE;oBACnD,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,IAAI;oBACV,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;;;;;;;;;;;;;;;;;;;;;;;;;eA0BG;YACH,kBAAkB,EAAE,KAAK,EACxB,IAA8B,EAC9B,YAAgC,EAC/B,EAAE;gBACH,OAAO,MAAM,MAAM,CAAC,mCAAmC,EAAE;oBACxD,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,IAAI;oBACV,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;;;;;;;;eASG;YACH,kBAAkB,EAAE,KAAK,EACxB,IAAgC,EAChC,YAAgC,EAC/B,EAAE;gBACH,OAAO,MAAM,MAAM,CAAC,mCAAmC,EAAE;oBACxD,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,IAAI;oBACV,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;;;;;;;;;;;;;;;;;;;;;;;;eAyBG;YACH,qBAAqB,EAAE,KAAK,EAC3B,IAAiC,EACjC,YAAgC,EAC/B,EAAE;gBACH,OAAO,MAAM,MAAM,CAAC,2BAA2B,EAAE;oBAChD,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,IAAI;oBACV,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;;;;;;;;;;;eAYG;YACH,oBAAoB,EAAE,KAAK,EAAE,YAAgC,EAAE,EAAE;gBAChE,OAAO,MAAM,MAAM,CAAC,qBAAqB,EAAE;oBAC1C,MAAM,EAAE,KAAK;oBACb,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;eAEG;YACH,UAAU,EAAE,KAAK,EAChB,SAAiB,EACjB,YAAgC,EAC/B,EAAE;gBACH,OAAO,MAAM,MAAM,CAAC,yBAAyB,SAAS,EAAE,EAAE;oBACzD,MAAM,EAAE,KAAK;oBACb,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;;;;;;;;;eAUG;YACH,YAAY,EAAE,KAAK,EAClB,MAA4C,EAC5C,YAAgC,EAC/B,EAAE;gBACH,MAAM,KAAK,GAAG,IAAI,eAAe,EAAE,CAAC;gBACpC,IAAI,MAAM,EAAE,KAAK;oBAAE,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAC/D,IAAI,MAAM,EAAE,MAAM;oBAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAElE,OAAO,MAAM,MAAM,CAAC,0BAA0B,KAAK,CAAC,QAAQ,EAAE,EAAE,EAAE;oBACjE,MAAM,EAAE,KAAK;oBACb,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;;;;;;eAOG;YACH,iBAAiB,EAAE,KAAK,EAAE,YAAgC,EAAE,EAAE;gBAC7D,OAAO,MAAM,MAAM,CAAC,6BAA6B,EAAE;oBAClD,MAAM,EAAE,KAAK;oBACb,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;YAED;;;;;;;;;;;;;;;eAeG;YACH,WAAW,EAAE,KAAK,EACjB,MAA+B,EAC/B,YAAgC,EAC/B,EAAE;gBACH,MAAM,KAAK,GAAG,IAAI,eAAe,EAAE,CAAC;gBACpC,KAAK,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;gBAE7C,OAAO,MAAM,MAAM,CAClB,iCAAiC,KAAK,CAAC,QAAQ,EAAE,EAAE,EACnD;oBACC,MAAM,EAAE,KAAK;oBACb,GAAG,YAAY;iBACf,CACD,CAAC;YACH,CAAC;YAED;;;;;;;;;;;;;;;;;;;eAmBG;YACH,iBAAiB,EAAE,KAAK,EACvB,IAA2C,EAC3C,YAAgC,EAC/B,EAAE;gBACH,OAAO,MAAM,MAAM,CAAC,8BAA8B,EAAE;oBACnD,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,IAAI;oBACV,GAAG,YAAY;iBACf,CAAC,CAAC;YACJ,CAAC;SACD,CAAC;KAC+B,CAAC;AACpC,CAAC,CAAC"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,UAAU,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,UAAU,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC"}
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
import { APIError } from "better-auth/api";
|
|
2
|
+
/**
|
|
3
|
+
* Verify Mercado Pago webhook signature
|
|
4
|
+
* https://www.mercadopago.com/developers/en/docs/subscriptions/additional-content/security/signature
|
|
5
|
+
*/
|
|
6
|
+
export declare function verifyWebhookSignature(params: {
|
|
7
|
+
xSignature: string | null;
|
|
8
|
+
xRequestId: string | null;
|
|
9
|
+
dataId: string;
|
|
10
|
+
secret: string;
|
|
11
|
+
}): boolean;
|
|
12
|
+
/**
|
|
13
|
+
* Rate limiting store (in-memory, use Redis in production)
|
|
14
|
+
*/
|
|
15
|
+
declare class RateLimiter {
|
|
16
|
+
private attempts;
|
|
17
|
+
check(key: string, maxAttempts: number, windowMs: number): boolean;
|
|
18
|
+
cleanup(): void;
|
|
19
|
+
}
|
|
20
|
+
export declare const rateLimiter: RateLimiter;
|
|
21
|
+
/**
|
|
22
|
+
* Validate payment amount to prevent manipulation
|
|
23
|
+
*/
|
|
24
|
+
export declare function validatePaymentAmount(requestedAmount: number, mpPaymentAmount: number, tolerance?: number): boolean;
|
|
25
|
+
/**
|
|
26
|
+
* Sanitize metadata to prevent injection attacks
|
|
27
|
+
*/
|
|
28
|
+
export declare function sanitizeMetadata(metadata: Record<string, any>): Record<string, any>;
|
|
29
|
+
/**
|
|
30
|
+
* Validate callback URL to prevent open redirects
|
|
31
|
+
*/
|
|
32
|
+
export declare function validateCallbackUrl(url: string, allowedDomains: string[]): boolean;
|
|
33
|
+
/**
|
|
34
|
+
* Idempotency key validation
|
|
35
|
+
*/
|
|
36
|
+
export declare function validateIdempotencyKey(key: string): boolean;
|
|
37
|
+
/**
|
|
38
|
+
* Prevent timing attacks on webhook validation
|
|
39
|
+
*/
|
|
40
|
+
export declare function secureCompare(a: string, b: string): boolean;
|
|
41
|
+
/**
|
|
42
|
+
* Error codes mapping
|
|
43
|
+
*/
|
|
44
|
+
export declare const MercadoPagoErrorCodes: {
|
|
45
|
+
readonly INVALID_API_KEY: "invalid_api_key";
|
|
46
|
+
readonly UNAUTHORIZED: "unauthorized";
|
|
47
|
+
readonly INSUFFICIENT_FUNDS: "cc_rejected_insufficient_amount";
|
|
48
|
+
readonly INVALID_CARD: "cc_rejected_bad_filled_card_number";
|
|
49
|
+
readonly CARD_DISABLED: "cc_rejected_card_disabled";
|
|
50
|
+
readonly MAX_ATTEMPTS: "cc_rejected_max_attempts";
|
|
51
|
+
readonly DUPLICATED_PAYMENT: "cc_rejected_duplicated_payment";
|
|
52
|
+
readonly SUBSCRIPTION_NOT_FOUND: "subscription_not_found";
|
|
53
|
+
readonly SUBSCRIPTION_ALREADY_CANCELLED: "subscription_already_cancelled";
|
|
54
|
+
readonly INVALID_PARAMETER: "invalid_parameter";
|
|
55
|
+
readonly RESOURCE_NOT_FOUND: "resource_not_found";
|
|
56
|
+
readonly INTERNAL_SERVER_ERROR: "internal_server_error";
|
|
57
|
+
};
|
|
58
|
+
/**
|
|
59
|
+
* Custom error class for Mercado Pago errors
|
|
60
|
+
*/
|
|
61
|
+
export declare class MercadoPagoError extends Error {
|
|
62
|
+
code: string;
|
|
63
|
+
message: string;
|
|
64
|
+
statusCode: number;
|
|
65
|
+
details?: any | undefined;
|
|
66
|
+
constructor(code: string, message: string, statusCode?: number, details?: any | undefined);
|
|
67
|
+
toAPIError(): APIError;
|
|
68
|
+
}
|
|
69
|
+
/**
|
|
70
|
+
* Handle Mercado Pago API errors
|
|
71
|
+
*/ export declare function handleMercadoPagoError(error: any): never;
|
|
72
|
+
/**
|
|
73
|
+
* Webhook event types validation
|
|
74
|
+
*/
|
|
75
|
+
export declare const VALID_WEBHOOK_TOPICS: readonly ["payment", "merchant_order", "subscription_preapproval", "subscription_preapproval_plan", "subscription_authorized_payment", "point_integration_wh", "topic_claims_integration_wh", "topic_merchant_order_wh", "delivery_cancellation"];
|
|
76
|
+
export type WebhookTopic = (typeof VALID_WEBHOOK_TOPICS)[number];
|
|
77
|
+
export declare function isValidWebhookTopic(topic: string): topic is WebhookTopic;
|
|
78
|
+
/**
|
|
79
|
+
* Idempotency store (in-memory, use Redis in production)
|
|
80
|
+
*/
|
|
81
|
+
declare class IdempotencyStore {
|
|
82
|
+
private store;
|
|
83
|
+
get(key: string): any | null;
|
|
84
|
+
set(key: string, result: any, ttlMs?: number): void;
|
|
85
|
+
cleanup(): void;
|
|
86
|
+
}
|
|
87
|
+
export declare const idempotencyStore: IdempotencyStore;
|
|
88
|
+
/**
|
|
89
|
+
* CSRF token validation
|
|
90
|
+
*/
|
|
91
|
+
export declare function validateCSRFToken(token: string, expectedToken: string): boolean;
|
|
92
|
+
/**
|
|
93
|
+
* Input validation helpers
|
|
94
|
+
*/
|
|
95
|
+
export declare const ValidationRules: {
|
|
96
|
+
email: (email: string) => boolean;
|
|
97
|
+
amount: (amount: number) => boolean;
|
|
98
|
+
currency: (currency: string) => boolean;
|
|
99
|
+
frequency: (frequency: number) => boolean;
|
|
100
|
+
userId: (userId: string) => boolean;
|
|
101
|
+
};
|
|
102
|
+
export {};
|
|
103
|
+
//# sourceMappingURL=security.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE3C;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE;IAC9C,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CA2BV;AAED;;GAEG;AACH,cAAM,WAAW;IAChB,OAAO,CAAC,QAAQ,CAA8D;IAE9E,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IAoBlE,OAAO;CAQP;AAED,eAAO,MAAM,WAAW,aAAoB,CAAC;AAK7C;;GAEG;AACH,wBAAgB,qBAAqB,CACpC,eAAe,EAAE,MAAM,EACvB,eAAe,EAAE,MAAM,EACvB,SAAS,GAAE,MAAa,GACtB,OAAO,CAGT;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAE/B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAE3B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAsBrB;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAClC,GAAG,EAAE,MAAM,EACX,cAAc,EAAE,MAAM,EAAE,GACtB,OAAO,CAsBT;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAO3D;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAU3D;AAED;;GAEG;AACH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;CAoBxB,CAAC;AAEX;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,KAAK;IAElC,IAAI,EAAE,MAAM;IACH,OAAO,EAAE,MAAM;IACxB,UAAU,EAAE,MAAM;IAElB,OAAO,CAAC,EAAE,GAAG;gBAJb,IAAI,EAAE,MAAM,EACH,OAAO,EAAE,MAAM,EACxB,UAAU,GAAE,MAAY,EAExB,OAAO,CAAC,EAAE,GAAG,YAAA;IAMrB,UAAU,IAAI,QAAQ;CAuEtB;AAED;;GAEG,CACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,GAAG,GAAG,KAAK,CAcxD;AAED;;GAEG;AACH,eAAO,MAAM,oBAAoB,mPAUvB,CAAC;AAEX,MAAM,MAAM,YAAY,GAAG,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAC;AAEjE,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,IAAI,YAAY,CAExE;AAED;;GAEG;AACH,cAAM,gBAAgB;IAErB,OAAO,CAAC,KAAK,CAA8D;IAG3E,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,GAAG,IAAI;IAU5B,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,GAAE,MAA4B;IAOjE,OAAO;CAQP;AAED,eAAO,MAAM,gBAAgB,kBAAyB,CAAC;AAKvD;;GAEG;AACH,wBAAgB,iBAAiB,CAChC,KAAK,EAAE,MAAM,EACb,aAAa,EAAE,MAAM,GACnB,OAAO,CAET;AAED;;GAEG;AACH,eAAO,MAAM,eAAe;mBACZ,MAAM,KAAG,OAAO;qBAKd,MAAM,KAAG,OAAO;yBAIZ,MAAM,KAAG,OAAO;2BAcd,MAAM,KAAG,OAAO;qBAItB,MAAM,KAAG,OAAO;CAIjC,CAAC"}
|