creem-datafast 0.1.0

package/dist/index.js

@@ -0,0 +1,857 @@
+import {
+  readTrackingFromCookieHeader
+} from "./chunk-MHG2AARF.js";
+import {
+  CreemDataFastError,
+  DataFastRequestError,
+  InvalidCreemSignatureError,
+  MissingTrackingError,
+  TransactionHydrationError,
+  UnsupportedWebhookEventError
+} from "./chunk-EPUWLMCL.js";
+
+// src/core/headers.ts
+function isHeadersInstance(headers) {
+  return typeof Headers !== "undefined" && headers instanceof Headers;
+}
+function normalizeArrayValue(value) {
+  if (typeof value === "string") {
+    return value;
+  }
+  if (Array.isArray(value)) {
+    return value[0];
+  }
+  return void 0;
+}
+function getHeaderValue(headers, name) {
+  if (isHeadersInstance(headers)) {
+    return headers.get(name) ?? headers.get(name.toLowerCase()) ?? void 0;
+  }
+  const expected = name.toLowerCase();
+  for (const [key, value] of Object.entries(headers)) {
+    if (key.toLowerCase() === expected) {
+      return normalizeArrayValue(value);
+    }
+  }
+  return void 0;
+}
+
+// src/core/metadata.ts
+function asMetadataString(value) {
+  if (typeof value === "string" && value.length > 0) {
+    return value;
+  }
+  return void 0;
+}
+function readTrackingFromMetadata(metadata) {
+  if (!metadata) {
+    return {};
+  }
+  return {
+    visitorId: asMetadataString(metadata.datafast_visitor_id),
+    sessionId: asMetadataString(metadata.datafast_session_id)
+  };
+}
+function mergeTrackingIntoMetadata(metadata, tracking, options = {}) {
+  const result = { ...metadata ?? {} };
+  const captureSessionId = options.captureSessionId ?? true;
+  const preferTracking = options.preferTracking ?? false;
+  if (tracking.visitorId && (preferTracking || result.datafast_visitor_id === void 0)) {
+    result.datafast_visitor_id = tracking.visitorId;
+  }
+  if (captureSessionId && tracking.sessionId && (preferTracking || result.datafast_session_id === void 0)) {
+    result.datafast_session_id = tracking.sessionId;
+  }
+  return result;
+}
+
+// src/core/checkout.ts
+function hasExplicitTracking(tracking) {
+  return Boolean(tracking?.visitorId || tracking?.sessionId);
+}
+function resolveTracking(explicit, metadataTracking, queryTracking, cookieTracking, captureSessionId) {
+  return {
+    visitorId: explicit?.visitorId ?? metadataTracking.visitorId ?? queryTracking.visitorId ?? cookieTracking.visitorId,
+    sessionId: captureSessionId ? explicit?.sessionId ?? metadataTracking.sessionId ?? queryTracking.sessionId ?? cookieTracking.sessionId : void 0
+  };
+}
+function resolveCookieTracking(context) {
+  const requestCookieTracking = readTrackingFromCookieHeader(
+    context?.request ? getHeaderValue(context.request.headers, "cookie") : void 0
+  );
+  const fallbackCookieTracking = readTrackingFromCookieHeader(context?.cookieHeader);
+  return {
+    visitorId: requestCookieTracking.visitorId ?? fallbackCookieTracking.visitorId,
+    sessionId: requestCookieTracking.sessionId ?? fallbackCookieTracking.sessionId
+  };
+}
+function readTrackingFromRequestUrl(request) {
+  const requestUrl = request?.url;
+  if (!requestUrl) {
+    return {};
+  }
+  try {
+    const url = new URL(requestUrl, "http://localhost");
+    return {
+      visitorId: url.searchParams.get("datafast_visitor_id") ?? void 0,
+      sessionId: url.searchParams.get("datafast_session_id") ?? void 0
+    };
+  } catch {
+    return {};
+  }
+}
+async function createCheckout(params, context, dependencies) {
+  const cookieTracking = resolveCookieTracking(context);
+  const metadataTracking = readTrackingFromMetadata(params.metadata);
+  const queryTracking = readTrackingFromRequestUrl(context?.request);
+  const tracking = resolveTracking(
+    params.tracking,
+    metadataTracking,
+    queryTracking,
+    cookieTracking,
+    dependencies.captureSessionId
+  );
+  const strictTracking = context?.strictTracking ?? dependencies.strictTracking;
+  if (strictTracking && !tracking.visitorId) {
+    throw new MissingTrackingError("Missing datafast_visitor_id while strict tracking is enabled.");
+  }
+  if (!tracking.visitorId) {
+    dependencies.logger.warn("Creating Creem checkout without DataFast visitor tracking.");
+  }
+  const finalMetadata = mergeTrackingIntoMetadata(params.metadata, tracking, {
+    captureSessionId: dependencies.captureSessionId,
+    preferTracking: hasExplicitTracking(params.tracking)
+  });
+  const raw = await dependencies.creem.createCheckout({
+    productId: params.productId,
+    successUrl: params.successUrl,
+    requestId: params.requestId,
+    units: params.units,
+    discountCode: params.discountCode,
+    customer: params.customer,
+    customFields: params.customFields,
+    metadata: finalMetadata
+  });
+  const checkoutId = raw.id;
+  const checkoutUrl = raw.checkoutUrl ?? raw.checkout_url;
+  if (typeof checkoutId !== "string" || typeof checkoutUrl !== "string") {
+    throw new CreemDataFastError("Creem checkout response is missing id or checkoutUrl.");
+  }
+  return {
+    checkoutId,
+    checkoutUrl,
+    injectedTracking: tracking,
+    finalMetadata,
+    raw
+  };
+}
+
+// src/core/creem-client.ts
+import { Creem } from "creem";
+function assertCreemClient(candidate) {
+  if (!candidate || typeof candidate !== "object" || !("checkouts" in candidate) || !("transactions" in candidate)) {
+    throw new CreemDataFastError("Invalid creem client provided.");
+  }
+}
+function createCreemClient(options) {
+  const sdkCandidate = options.creemClient ?? (options.creemApiKey ? new Creem({
+    apiKey: options.creemApiKey,
+    serverIdx: options.testMode ? 1 : 0
+  }) : void 0);
+  if (!sdkCandidate) {
+    throw new CreemDataFastError("Missing creemApiKey or creemClient.");
+  }
+  assertCreemClient(sdkCandidate);
+  if (!sdkCandidate.checkouts || typeof sdkCandidate.checkouts.create !== "function" || !sdkCandidate.transactions || typeof sdkCandidate.transactions.getById !== "function") {
+    throw new CreemDataFastError("Provided creem client does not expose the expected SDK methods.");
+  }
+  return {
+    async createCheckout(request) {
+      return sdkCandidate.checkouts.create(request);
+    },
+    async getTransactionById(transactionId) {
+      return sdkCandidate.transactions.getById(transactionId);
+    }
+  };
+}
+
+// src/core/logger.ts
+var noop = () => void 0;
+var noopLogger = {
+  debug: noop,
+  info: noop,
+  warn: noop,
+  error: noop
+};
+function resolveLogger(logger) {
+  return logger ?? noopLogger;
+}
+
+// src/core/datafast-client.ts
+var DATAFAST_PAYMENTS_URL = "https://datafa.st/api/v1/payments";
+var DEFAULT_TIMEOUT_MS = 8e3;
+var DEFAULT_RETRIES = 1;
+var DEFAULT_BASE_DELAY_MS = 250;
+var DEFAULT_MAX_DELAY_MS = 2e3;
+var MAX_ERROR_BODY_LENGTH = 1024;
+var RETRYABLE_STATUSES = /* @__PURE__ */ new Set([408, 429, 500, 502, 503, 504]);
+function resolveFetch(fetchImplementation) {
+  const resolved = fetchImplementation ?? globalThis.fetch;
+  if (!resolved) {
+    throw new DataFastRequestError("Fetch implementation is required to call DataFast.", {
+      retryable: false
+    });
+  }
+  return resolved;
+}
+function parseResponseBody(body) {
+  if (!body) {
+    return void 0;
+  }
+  try {
+    return JSON.parse(body);
+  } catch {
+    return body;
+  }
+}
+function truncateString(value) {
+  if (value.length <= MAX_ERROR_BODY_LENGTH) {
+    return value;
+  }
+  return `${value.slice(0, MAX_ERROR_BODY_LENGTH)}...[truncated]`;
+}
+function sanitizeResponseBody(body) {
+  if (body === void 0) {
+    return void 0;
+  }
+  if (typeof body === "string") {
+    return truncateString(body);
+  }
+  try {
+    const serialized = JSON.stringify(body);
+    if (serialized.length <= MAX_ERROR_BODY_LENGTH) {
+      return body;
+    }
+    return truncateString(serialized);
+  } catch {
+    return "[unserializable response body]";
+  }
+}
+function normalizePositiveInteger(value, fallback) {
+  if (value === void 0) {
+    return fallback;
+  }
+  if (!Number.isFinite(value) || value < 0) {
+    return fallback;
+  }
+  return Math.floor(value);
+}
+function resolveRetryConfig(retry) {
+  return {
+    retries: normalizePositiveInteger(retry?.retries, DEFAULT_RETRIES),
+    baseDelayMs: normalizePositiveInteger(retry?.baseDelayMs, DEFAULT_BASE_DELAY_MS),
+    maxDelayMs: normalizePositiveInteger(retry?.maxDelayMs, DEFAULT_MAX_DELAY_MS)
+  };
+}
+function resolveTimeoutMs(timeoutMs) {
+  return normalizePositiveInteger(timeoutMs, DEFAULT_TIMEOUT_MS);
+}
+function isAbortError(error) {
+  return error instanceof DOMException && error.name === "AbortError";
+}
+function getRequestId(response) {
+  return response.headers.get("x-request-id") ?? response.headers.get("request-id") ?? response.headers.get("x-datafast-request-id") ?? void 0;
+}
+function isRetryableStatus(status) {
+  return RETRYABLE_STATUSES.has(status);
+}
+function computeDelayMs(attempt, retry) {
+  return Math.min(retry.baseDelayMs * 2 ** attempt + Math.random() * 100, retry.maxDelayMs);
+}
+async function sleep(delayMs) {
+  if (delayMs <= 0) {
+    return;
+  }
+  await new Promise((resolve) => setTimeout(resolve, delayMs));
+}
+function createDataFastClient(options) {
+  const fetchImplementation = resolveFetch(options.fetch);
+  const logger = resolveLogger(options.logger);
+  const timeoutMs = resolveTimeoutMs(options.timeoutMs);
+  const retry = resolveRetryConfig(options.retry);
+  return {
+    async sendPayment(payload) {
+      for (let attempt = 0; attempt <= retry.retries; attempt += 1) {
+        const controller = new AbortController();
+        const timeout = setTimeout(() => controller.abort(), timeoutMs);
+        try {
+          const response = await fetchImplementation(DATAFAST_PAYMENTS_URL, {
+            method: "POST",
+            headers: {
+              Authorization: `Bearer ${options.datafastApiKey}`,
+              "Content-Type": "application/json"
+            },
+            body: JSON.stringify(payload),
+            signal: controller.signal
+          });
+          const responseText = await response.text();
+          const responseBody = sanitizeResponseBody(parseResponseBody(responseText));
+          if (response.ok) {
+            return responseBody;
+          }
+          const retryable = isRetryableStatus(response.status);
+          const error = new DataFastRequestError(
+            `DataFast request failed with status ${response.status}.`,
+            {
+              status: response.status,
+              statusText: response.statusText,
+              requestId: getRequestId(response),
+              retryable,
+              responseBody
+            }
+          );
+          if (retryable && attempt < retry.retries) {
+            logger.warn("Retrying DataFast request after retryable response.", {
+              attempt: attempt + 1,
+              nextAttempt: attempt + 2,
+              requestId: error.requestId,
+              status: error.status,
+              statusText: error.statusText
+            });
+            await sleep(computeDelayMs(attempt, retry));
+            continue;
+          }
+          throw error;
+        } catch (error) {
+          const retryable = isAbortError(error) || !(error instanceof DataFastRequestError);
+          if (retryable && attempt < retry.retries) {
+            logger.warn("Retrying DataFast request after transport failure.", {
+              attempt: attempt + 1,
+              nextAttempt: attempt + 2,
+              reason: isAbortError(error) ? "timeout" : "network_error"
+            });
+            await sleep(computeDelayMs(attempt, retry));
+            continue;
+          }
+          if (error instanceof DataFastRequestError) {
+            throw error;
+          }
+          if (isAbortError(error)) {
+            logger.warn("DataFast request timed out.", {
+              attempts: attempt + 1,
+              timeoutMs
+            });
+            throw new DataFastRequestError(
+              `DataFast request timed out after ${timeoutMs}ms.`,
+              {
+                retryable: true
+              },
+              { cause: error }
+            );
+          }
+          throw new DataFastRequestError(
+            "DataFast request failed due to a network error.",
+            {
+              retryable: true
+            },
+            { cause: error instanceof Error ? error : void 0 }
+          );
+        } finally {
+          clearTimeout(timeout);
+        }
+      }
+      throw new DataFastRequestError("DataFast request failed unexpectedly.", {
+        retryable: false
+      });
+    }
+  };
+}
+
+// src/core/idempotency.ts
+var MemoryIdempotencyStore = class {
+  values = /* @__PURE__ */ new Map();
+  getActiveEntry(key) {
+    const entry = this.values.get(key);
+    if (!entry) {
+      return void 0;
+    }
+    if (Date.now() > entry.expiresAt) {
+      this.values.delete(key);
+      return void 0;
+    }
+    return entry;
+  }
+  async claim(key, ttlSeconds = 300) {
+    if (this.getActiveEntry(key)) {
+      return false;
+    }
+    this.values.set(key, {
+      expiresAt: Date.now() + ttlSeconds * 1e3,
+      status: "processing"
+    });
+    return true;
+  }
+  async complete(key, ttlSeconds = 86400) {
+    this.values.set(key, {
+      expiresAt: Date.now() + ttlSeconds * 1e3,
+      status: "processed"
+    });
+  }
+  async release(key) {
+    this.values.delete(key);
+  }
+};
+function resolveIdempotencyStore(store) {
+  return store ?? new MemoryIdempotencyStore();
+}
+function getIdempotencyKey(eventId) {
+  return `creem:event:${eventId}`;
+}
+async function claimEvent(eventId, store, ttlSeconds) {
+  return store.claim(getIdempotencyKey(eventId), ttlSeconds);
+}
+async function completeEvent(eventId, store, ttlSeconds) {
+  await store.complete(getIdempotencyKey(eventId), ttlSeconds);
+}
+async function releaseEvent(eventId, store) {
+  await store.release(getIdempotencyKey(eventId));
+}
+
+// src/core/signature.ts
+var textEncoder = new TextEncoder();
+function normalizeSignature(signature) {
+  return signature.trim().replace(/^sha256=/i, "");
+}
+function hexToUint8Array(input) {
+  if (input.length === 0 || input.length % 2 !== 0 || /[^0-9a-f]/iu.test(input)) {
+    return void 0;
+  }
+  const bytes = new Uint8Array(input.length / 2);
+  for (let index = 0; index < input.length; index += 2) {
+    const byte = Number.parseInt(input.slice(index, index + 2), 16);
+    if (Number.isNaN(byte)) {
+      return void 0;
+    }
+    bytes[index / 2] = byte;
+  }
+  return bytes;
+}
+function getWebCrypto() {
+  const subtle = globalThis.crypto?.subtle;
+  if (subtle) {
+    return subtle;
+  }
+  throw new CreemDataFastError("Web Crypto API is required to verify Creem signatures.");
+}
+function toArrayBuffer(bytes) {
+  if (bytes.buffer instanceof ArrayBuffer) {
+    return bytes.buffer.slice(bytes.byteOffset, bytes.byteOffset + bytes.byteLength);
+  }
+  return Uint8Array.from(bytes).buffer;
+}
+function extractHeader(headers, name) {
+  return getHeaderValue(headers, name);
+}
+async function verifyCreemSignature(rawBody, webhookSecret, signature) {
+  const signatureBytes = hexToUint8Array(normalizeSignature(signature).toLowerCase());
+  if (!signatureBytes) {
+    return false;
+  }
+  const subtle = getWebCrypto();
+  const key = await subtle.importKey(
+    "raw",
+    textEncoder.encode(webhookSecret),
+    {
+      name: "HMAC",
+      hash: "SHA-256"
+    },
+    false,
+    ["verify"]
+  );
+  return subtle.verify(
+    "HMAC",
+    key,
+    toArrayBuffer(signatureBytes),
+    toArrayBuffer(textEncoder.encode(rawBody))
+  );
+}
+
+// src/core/amount.ts
+var ZERO_DECIMAL_CURRENCIES = /* @__PURE__ */ new Set([
+  "BIF",
+  "CLP",
+  "DJF",
+  "GNF",
+  "JPY",
+  "KMF",
+  "KRW",
+  "MGA",
+  "PYG",
+  "RWF",
+  "UGX",
+  "VND",
+  "VUV",
+  "XAF",
+  "XOF",
+  "XPF"
+]);
+var THREE_DECIMAL_CURRENCIES = /* @__PURE__ */ new Set(["BHD", "IQD", "JOD", "KWD", "LYD", "OMR", "TND"]);
+function currencyExponent(currency) {
+  const normalized = currency.toUpperCase();
+  if (ZERO_DECIMAL_CURRENCIES.has(normalized)) {
+    return 0;
+  }
+  if (THREE_DECIMAL_CURRENCIES.has(normalized)) {
+    return 3;
+  }
+  return 2;
+}
+function minorToMajor(amount, currency) {
+  const exponent = currencyExponent(currency);
+  return amount / 10 ** exponent;
+}
+
+// src/core/mapper.ts
+function asRecord(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) {
+    return void 0;
+  }
+  return value;
+}
+function readMetadataValue(metadata, key) {
+  const value = metadata?.[key];
+  return typeof value === "string" && value.length > 0 ? value : void 0;
+}
+function toIsoTimestamp(value) {
+  if (typeof value === "string" && value.length > 0) {
+    return value;
+  }
+  if (typeof value !== "number" || Number.isNaN(value)) {
+    return void 0;
+  }
+  const ms = value > 1e12 ? value : value * 1e3;
+  return new Date(ms).toISOString();
+}
+function toCustomer(value) {
+  return typeof value === "object" && value !== null ? value : void 0;
+}
+function resolveCustomerId(value) {
+  if (typeof value === "string" && value.length > 0) {
+    return value;
+  }
+  return toCustomer(value)?.id;
+}
+function withOptionalFields(base, fields) {
+  const result = { ...base };
+  for (const [key, value] of Object.entries(fields)) {
+    if (value !== void 0) {
+      result[key] = value;
+    }
+  }
+  return result;
+}
+function getCheckoutMetadata(event) {
+  return asRecord(event.object?.metadata) ?? asRecord(event.object?.order?.metadata);
+}
+function getSubscriptionMetadata(event) {
+  return asRecord(event.object?.metadata);
+}
+function getRefundVisitorId(event) {
+  return readMetadataValue(asRecord(event.object?.metadata), "datafast_visitor_id") ?? readMetadataValue(asRecord(event.object?.transaction?.metadata), "datafast_visitor_id");
+}
+function getRefundAmount(event) {
+  return event.object?.refund_amount ?? event.object?.refundAmount;
+}
+function getRefundCurrency(event) {
+  return event.object?.refund_currency ?? event.object?.refundCurrency;
+}
+function getRefundTimestamp(event) {
+  return toIsoTimestamp(
+    event.object?.created_at ?? event.object?.createdAt ?? event.created_at ?? event.createdAt ?? event.object?.transaction?.created_at ?? event.object?.transaction?.createdAt
+  );
+}
+function isRefundRenewal(event) {
+  const transaction = event.object?.transaction;
+  return Boolean(typeof transaction?.subscription === "string" && transaction.subscription.length > 0) || transaction?.type === "invoice";
+}
+function mapCheckoutCompletedToPayment(event) {
+  const order = event.object?.order;
+  if (!order) {
+    throw new CreemDataFastError("checkout.completed payload is missing order.");
+  }
+  const customerValue = event.object?.customer;
+  const customer = toCustomer(customerValue);
+  const metadata = getCheckoutMetadata(event);
+  return withOptionalFields(
+    {
+      amount: minorToMajor(order.amount, order.currency),
+      currency: order.currency,
+      transaction_id: order.id,
+      renewal: false
+    },
+    {
+      customer_id: resolveCustomerId(customerValue),
+      datafast_visitor_id: readMetadataValue(metadata, "datafast_visitor_id"),
+      email: customer?.email,
+      name: customer?.name
+    }
+  );
+}
+function mapSubscriptionPaidToPayment(event, transaction) {
+  const customerValue = event.object?.customer;
+  const customer = toCustomer(customerValue);
+  const metadata = getSubscriptionMetadata(event);
+  const product = event.object?.product;
+  const transactionId = transaction?.id ?? event.object?.last_transaction_id ?? event.object?.lastTransactionId;
+  if (!transactionId) {
+    throw new CreemDataFastError("subscription.paid payload is missing last_transaction_id.");
+  }
+  if (!transaction) {
+    if (!product || typeof product.price !== "number" || typeof product.currency !== "string") {
+      throw new CreemDataFastError(
+        "subscription.paid payload is missing product pricing for fallback mapping."
+      );
+    }
+  }
+  return withOptionalFields(
+    {
+      amount: transaction ? minorToMajor(transaction.amount, transaction.currency) : minorToMajor(product.price, product.currency),
+      currency: transaction?.currency ?? product.currency,
+      transaction_id: transactionId,
+      renewal: true
+    },
+    {
+      customer_id: resolveCustomerId(customerValue),
+      datafast_visitor_id: readMetadataValue(metadata, "datafast_visitor_id"),
+      email: customer?.email,
+      name: customer?.name,
+      timestamp: transaction?.timestamp ?? event.object?.last_transaction_date ?? event.object?.lastTransactionDate
+    }
+  );
+}
+function mapRefundCreatedToPayment(event) {
+  const refundId = event.object?.id;
+  const refundAmount = getRefundAmount(event);
+  const refundCurrency = getRefundCurrency(event);
+  const customerValue = event.object?.customer ?? event.object?.transaction?.customer;
+  const customer = toCustomer(customerValue);
+  if (typeof refundId !== "string" || refundId.length === 0) {
+    throw new CreemDataFastError("refund.created payload is missing refund id.");
+  }
+  if (typeof refundAmount !== "number" || typeof refundCurrency !== "string") {
+    throw new CreemDataFastError("refund.created payload is missing refund amount or currency.");
+  }
+  return withOptionalFields(
+    {
+      amount: minorToMajor(refundAmount, refundCurrency),
+      currency: refundCurrency,
+      refunded: true,
+      renewal: isRefundRenewal(event),
+      transaction_id: refundId
+    },
+    {
+      customer_id: resolveCustomerId(customerValue),
+      datafast_visitor_id: getRefundVisitorId(event),
+      email: customer?.email,
+      name: customer?.name,
+      timestamp: getRefundTimestamp(event)
+    }
+  );
+}
+
+// src/core/transaction.ts
+function toIsoTimestamp2(input) {
+  if (typeof input !== "number" || Number.isNaN(input)) {
+    return void 0;
+  }
+  const ms = input > 1e12 ? input : input * 1e3;
+  return new Date(ms).toISOString();
+}
+async function hydrateTransaction(creem, transactionId) {
+  try {
+    const rawTransaction = await creem.getTransactionById(transactionId);
+    if (!rawTransaction || typeof rawTransaction.id !== "string" || typeof rawTransaction.amount !== "number" || typeof rawTransaction.currency !== "string") {
+      throw new TransactionHydrationError("Creem transaction response is missing required fields.");
+    }
+    return {
+      amount: rawTransaction.amount,
+      currency: rawTransaction.currency,
+      id: rawTransaction.id,
+      timestamp: toIsoTimestamp2(rawTransaction.createdAt ?? rawTransaction.created_at)
+    };
+  } catch (error) {
+    if (error instanceof TransactionHydrationError) {
+      throw error;
+    }
+    throw new TransactionHydrationError(`Failed to hydrate transaction ${transactionId}.`, {
+      cause: error
+    });
+  }
+}
+
+// src/core/webhook.ts
+function getEventType(payload) {
+  const eventType = payload.eventType ?? payload.event_type;
+  return typeof eventType === "string" ? eventType : void 0;
+}
+function getEventId(payload) {
+  return typeof payload.id === "string" ? payload.id : void 0;
+}
+function isSupportedWebhookEvent(eventType) {
+  return eventType === "checkout.completed" || eventType === "subscription.paid" || eventType === "refund.created";
+}
+function parseWebhookPayload(rawBody) {
+  return JSON.parse(rawBody);
+}
+function isInitialSubscriptionCheckout(payload) {
+  const orderType = payload.object?.order?.type;
+  const subscription = payload.object?.subscription;
+  return orderType === "recurring" || typeof subscription === "string" || typeof subscription === "object" && subscription !== null;
+}
+async function handleWebhook(params, dependencies) {
+  const signature = extractHeader(params.headers, "creem-signature");
+  if (!signature) {
+    throw new InvalidCreemSignatureError("Missing creem-signature header.");
+  }
+  if (!await verifyCreemSignature(params.rawBody, dependencies.creemWebhookSecret, signature)) {
+    throw new InvalidCreemSignatureError("Invalid Creem webhook signature.");
+  }
+  const payload = parseWebhookPayload(params.rawBody);
+  const eventType = getEventType(payload);
+  const eventId = getEventId(payload);
+  if (!eventType) {
+    throw new UnsupportedWebhookEventError("Webhook payload is missing eventType.");
+  }
+  if (!isSupportedWebhookEvent(eventType)) {
+    return {
+      ok: true,
+      ignored: true,
+      eventId,
+      eventType,
+      reason: "unsupported_event"
+    };
+  }
+  if (!eventId) {
+    throw new UnsupportedWebhookEventError("Supported webhook payload is missing id.");
+  }
+  const idempotencyStore = resolveIdempotencyStore(dependencies.idempotencyStore);
+  const canProcess = await claimEvent(
+    eventId,
+    idempotencyStore,
+    dependencies.idempotencyInFlightTtlSeconds
+  );
+  if (!canProcess) {
+    return {
+      ok: true,
+      ignored: true,
+      eventId,
+      eventType,
+      reason: "duplicate_event"
+    };
+  }
+  if (eventType === "checkout.completed" && isInitialSubscriptionCheckout(payload)) {
+    await completeEvent(eventId, idempotencyStore, dependencies.idempotencyProcessedTtlSeconds);
+    return {
+      ok: true,
+      ignored: true,
+      eventId,
+      eventType,
+      reason: "delegated_to_subscription_paid"
+    };
+  }
+  let normalizedPayload;
+  let datafastResponse;
+  try {
+    normalizedPayload = eventType === "checkout.completed" ? mapCheckoutCompletedToPayment(payload) : eventType === "refund.created" ? mapRefundCreatedToPayment(payload) : await (async () => {
+      const subscriptionPayload = payload;
+      const lastTransactionId = subscriptionPayload.object?.last_transaction_id ?? subscriptionPayload.object?.lastTransactionId;
+      if (dependencies.hydrateTransactionOnSubscriptionPaid && lastTransactionId) {
+        try {
+          const transaction = await hydrateTransaction(
+            dependencies.creem,
+            lastTransactionId
+          );
+          return mapSubscriptionPaidToPayment(subscriptionPayload, transaction);
+        } catch (error) {
+          dependencies.logger.warn(
+            "Falling back to subscription product pricing after transaction hydration failure.",
+            {
+              error,
+              lastTransactionId
+            }
+          );
+        }
+      }
+      return mapSubscriptionPaidToPayment(subscriptionPayload);
+    })();
+    datafastResponse = await dependencies.datafast.sendPayment(normalizedPayload);
+  } catch (error) {
+    await releaseEvent(eventId, idempotencyStore);
+    throw error;
+  }
+  await completeEvent(eventId, idempotencyStore, dependencies.idempotencyProcessedTtlSeconds);
+  return {
+    ok: true,
+    ignored: false,
+    eventId,
+    eventType,
+    deduplicated: false,
+    payload: normalizedPayload,
+    datafastResponse
+  };
+}
+
+// src/index.ts
+function createCreemDataFast(options) {
+  const logger = resolveLogger(options.logger);
+  const creem = createCreemClient(options);
+  const datafast = createDataFastClient(options);
+  const captureSessionId = options.captureSessionId ?? true;
+  const strictTracking = options.strictTracking ?? false;
+  const hydrateTransactionOnSubscriptionPaid = options.hydrateTransactionOnSubscriptionPaid ?? true;
+  const idempotencyStore = options.idempotencyStore ?? new MemoryIdempotencyStore();
+  const idempotencyInFlightTtlSeconds = options.idempotencyInFlightTtlSeconds ?? 300;
+  const idempotencyProcessedTtlSeconds = options.idempotencyProcessedTtlSeconds ?? 86400;
+  return {
+    createCheckout(params, context) {
+      return createCheckout(params, context, {
+        creem,
+        captureSessionId,
+        strictTracking,
+        logger
+      });
+    },
+    handleWebhook(params) {
+      return handleWebhook(params, {
+        creemWebhookSecret: options.creemWebhookSecret,
+        datafast,
+        creem,
+        idempotencyStore,
+        idempotencyInFlightTtlSeconds,
+        idempotencyProcessedTtlSeconds,
+        hydrateTransactionOnSubscriptionPaid,
+        logger
+      });
+    },
+    /**
+     * Returns `true` for a valid signature and `false` for an invalid one.
+     * Throws `InvalidCreemSignatureError` when the `creem-signature` header is missing.
+     */
+    async verifyWebhookSignature(rawBody, headers) {
+      const signature = extractHeader(headers, "creem-signature");
+      if (!signature) {
+        throw new InvalidCreemSignatureError("Missing creem-signature header.");
+      }
+      return verifyCreemSignature(rawBody, options.creemWebhookSecret, signature);
+    }
+  };
+}
+export {
+  CreemDataFastError,
+  DataFastRequestError,
+  InvalidCreemSignatureError,
+  MemoryIdempotencyStore,
+  MissingTrackingError,
+  createCreemDataFast
+};
+//# sourceMappingURL=index.js.map