increase 0.24.3 → 0.25.0

package/src/resources/webhooks.ts

@@ -1,5 +1,111 @@
 // File generated from our OpenAPI spec by Stainless.
 
 import { APIResource } from "../resource";
+import { HeadersLike } from "../core";
+import { createHmac } from 'crypto';
+import { getRequiredHeader } from "../core";
 
-export class Webhooks extends APIResource {}
+export class Webhooks extends APIResource {
+  /**
+   * Validates that the given payload was sent by Increase and parses the payload.
+   */
+  unwrap(
+    payload: string,
+    headers: HeadersLike,
+    secret: string | undefined | null = this._client.webhookSecret,
+  ): Record<string, unknown> {
+    if (secret) {
+      this.verifySignature(payload, headers, secret);
+    }
+
+    return JSON.parse(payload);
+  }
+
+  private validateSecret(secret: string | null | undefined): asserts secret is string {
+    if (typeof secret !== 'string') {
+      throw new Error(
+        `The webhook secret must either be set using the env var, INCREASE_WEBHOOK_SECRET, on the client class, Increase({ webhook_secret: '123' }), or passed to this function`,
+      );
+    }
+  }
+
+  private signPayload(payload: string, { timestamp, secret }: { timestamp: string; secret: string }) {
+    const hmac = createHmac('sha256', secret);
+    hmac.update(`${timestamp}.${payload}`);
+
+    return hmac.digest('hex');
+  }
+
+  /** Make an assertion, if not `true`, then throw. */
+  private assert(expr: unknown, msg = ''): asserts expr {
+    if (!expr) {
+      throw new Error(msg);
+    }
+  }
+
+  /** Compare to array buffers or data views in a way that timing based attacks
+   * cannot gain information about the platform. */
+  private timingSafeEqual(
+    a: ArrayBufferView | ArrayBufferLike | DataView,
+    b: ArrayBufferView | ArrayBufferLike | DataView,
+  ): boolean {
+    if (a.byteLength !== b.byteLength) {
+      return false;
+    }
+    if (!(a instanceof DataView)) {
+      a = new DataView(ArrayBuffer.isView(a) ? a.buffer : a);
+    }
+    if (!(b instanceof DataView)) {
+      b = new DataView(ArrayBuffer.isView(b) ? b.buffer : b);
+    }
+    this.assert(a instanceof DataView);
+    this.assert(b instanceof DataView);
+    const length = a.byteLength;
+    let out = 0;
+    let i = -1;
+    while (++i < length) {
+      out |= a.getUint8(i) ^ b.getUint8(i);
+    }
+    return out === 0;
+  }
+
+  /**
+   * Validates whether or not the webhook payload was sent by Increase.
+   *
+   * An error will be raised if the webhook payload was not sent by Increase.
+   */
+  verifySignature(
+    payload: string,
+    headers: HeadersLike,
+    secret: string | undefined | null = this._client.webhookSecret,
+  ): void {
+    this.validateSecret(secret);
+
+    interface ParsedSignature {
+      t?: string;
+      v1?: string;
+    }
+
+    const { t: timestamp, v1: signature } = getRequiredHeader(headers, 'Increase-Webhook-Signature')
+      .split(',')
+      .map((kv) => kv.split('='))
+      .reduce((acc, [k, v]) => ({ ...acc, [k as string]: v }), {} as ParsedSignature);
+
+    if (timestamp === undefined) {
+      throw new Error('Unable to verify signature, missing timestamp');
+    }
+
+    if (signature === undefined) {
+      throw new Error('Unable to verify signature, missing signature');
+    }
+
+    const expectedSignature = this.signPayload(payload, { timestamp, secret });
+
+    const textEncoder = new TextEncoder();
+    if (this.timingSafeEqual(textEncoder.encode(signature), textEncoder.encode(expectedSignature))) {
+      return;
+    }
+
+    throw new Error('The given webhook signature does not match the expected signature');
+  }
+}

package/src/resources/wire-drawdown-requests.ts

@@ -90,6 +90,26 @@ export interface WireDrawdownRequest {
    */
   message_to_recipient: string;
 
+  /**
+   * The originator's address line 1.
+   */
+  originator_address_line1: string | null;
+
+  /**
+   * The originator's address line 2.
+   */
+  originator_address_line2: string | null;
+
+  /**
+   * The originator's address line 3.
+   */
+  originator_address_line3: string | null;
+
+  /**
+   * The originator's name.
+   */
+  originator_name: string | null;
+
   /**
    * The drawdown request's recipient's account number.
    */
@@ -190,6 +210,34 @@ export interface WireDrawdownRequestCreateParams {
    */
   recipient_routing_number: string;
 
+  /**
+   * The drawdown request originator's address line 1. This is only necessary if
+   * you're requesting a payment to a commingled account. Otherwise, we'll use the
+   * associated entity's details.
+   */
+  originator_address_line1?: string;
+
+  /**
+   * The drawdown request originator's address line 2. This is only necessary if
+   * you're requesting a payment to a commingled account. Otherwise, we'll use the
+   * associated entity's details.
+   */
+  originator_address_line2?: string;
+
+  /**
+   * The drawdown request originator's address line 3. This is only necessary if
+   * you're requesting a payment to a commingled account. Otherwise, we'll use the
+   * associated entity's details.
+   */
+  originator_address_line3?: string;
+
+  /**
+   * The drawdown request originator's name. This is only necessary if you're
+   * requesting a payment to a commingled account. Otherwise, we'll use the
+   * associated entity's details.
+   */
+  originator_name?: string;
+
   /**
    * Line 1 of the drawdown request's recipient's address.
    */

package/src/resources/wire-transfers.ts

@@ -166,6 +166,26 @@ export interface WireTransfer {
    */
   network: 'wire';
 
+  /**
+   * The originator's address line 1.
+   */
+  originator_address_line1: string | null;
+
+  /**
+   * The originator's address line 2.
+   */
+  originator_address_line2: string | null;
+
+  /**
+   * The originator's address line 3.
+   */
+  originator_address_line3: string | null;
+
+  /**
+   * The originator's name.
+   */
+  originator_name: string | null;
+
   /**
    * The ID for the pending transaction representing the transfer. A pending
    * transaction is created when the transfer
@@ -419,6 +439,30 @@ export interface WireTransferCreateParams {
    */
   external_account_id?: string;
 
+  /**
+   * The originator's address line 1. This is only necessary if you're transferring
+   * from a commingled account. Otherwise, we'll use the associated entity's details.
+   */
+  originator_address_line1?: string;
+
+  /**
+   * The originator's address line 2. This is only necessary if you're transferring
+   * from a commingled account. Otherwise, we'll use the associated entity's details.
+   */
+  originator_address_line2?: string;
+
+  /**
+   * The originator's address line 3. This is only necessary if you're transferring
+   * from a commingled account. Otherwise, we'll use the associated entity's details.
+   */
+  originator_address_line3?: string;
+
+  /**
+   * The originator's name. This is only necessary if you're transferring from a
+   * commingled account. Otherwise, we'll use the associated entity's details.
+   */
+  originator_name?: string;
+
   /**
    * Whether the transfer requires explicit approval via the dashboard or API.
    */

package/src/version.ts

@@ -1 +1 @@
-export const VERSION = '0.24.3'; // x-release-please-version
+export const VERSION = '0.25.0'; // x-release-please-version

package/version.d.ts

@@ -1,2 +1,2 @@
-export declare const VERSION = "0.24.3";
+export declare const VERSION = "0.25.0";
 //# sourceMappingURL=version.d.ts.map

package/version.js

@@ -1,5 +1,5 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.VERSION = void 0;
-exports.VERSION = '0.24.3'; // x-release-please-version
+exports.VERSION = '0.25.0'; // x-release-please-version
 //# sourceMappingURL=version.js.map

package/version.mjs

@@ -1,2 +1,2 @@
-export const VERSION = '0.24.3'; // x-release-please-version
+export const VERSION = '0.25.0'; // x-release-please-version
 //# sourceMappingURL=version.mjs.map