myxl-core 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/client.js CHANGED
@@ -258,7 +258,6 @@ async function getTransactionHistory({ idToken }) {
258
258
  is_enterprise: false,
259
259
  lang: "en"
260
260
  };
261
- console.log("Fetching transaction history...");
262
261
  const res = await sendApiRequest(path, payload, idToken, "POST");
263
262
  return res.data.list;
264
263
  }
package/dist/index.js CHANGED
@@ -284,16 +284,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
284
284
  lang: "en",
285
285
  package_option_code: optionCode
286
286
  };
287
- console.log("Fetching intercept page...");
288
287
  try {
289
288
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
290
289
  if ("status" in res) {
291
290
  console.log(`Intercept status: ${res["status"]}`);
292
291
  } else {
293
- console.log("Intercept error");
292
+ console.error("Intercept error");
294
293
  }
295
294
  } catch (err) {
296
- console.log("Intercept error", err);
295
+ console.error("Intercept error", err);
297
296
  }
298
297
  }
299
298
  function unseal(getter, fallback) {
@@ -551,7 +550,6 @@ async function getTransactionHistory({ idToken }) {
551
550
  is_enterprise: false,
552
551
  lang: "en"
553
552
  };
554
- console.log("Fetching transaction history...");
555
553
  const res = await sendApiRequest(path, payload, idToken, "POST");
556
554
  return res.data.list;
557
555
  }
@@ -867,7 +865,6 @@ async function getPackage({
867
865
  is_upsell_pdp: false,
868
866
  package_variant_code: packageVariantCode
869
867
  };
870
- console.log("Fetching package...");
871
868
  const response = await sendApiRequest(path, payload, idToken, "POST");
872
869
  return response.data;
873
870
  }
@@ -908,10 +905,9 @@ async function getAddons({
908
905
  lang: "en",
909
906
  package_option_code: packageOptionCode
910
907
  };
911
- console.log("Fetching addons...");
912
908
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
913
909
  if (!("data" in res)) {
914
- console.log("Error getting addons:", res.error ?? "Unknown error");
910
+ console.error("Error getting addons:", res.error ?? "Unknown error");
915
911
  return null;
916
912
  }
917
913
  return res.data;
@@ -921,9 +917,11 @@ var exports_payments = {};
921
917
  __export(exports_payments, {
922
918
  payQrisWithDecoy: () => payQrisWithDecoy,
923
919
  payQrisDecoyV2: () => payQrisDecoyV2,
920
+ payQrisDecoy: () => payQrisDecoy,
924
921
  payQris: () => payQris,
925
922
  payPulsaWithDecoy: () => payPulsaWithDecoy,
926
923
  payPulsaDecoyV2: () => payPulsaDecoyV2,
924
+ payPulsaDecoy: () => payPulsaDecoy,
927
925
  payPulsa: () => payPulsa,
928
926
  payEwallet: () => payEwallet
929
927
  });
@@ -1361,7 +1359,6 @@ async function payPulsaWithDecoy(idToken, accessToken, pkg, useDecoyToken = fals
1361
1359
  if (result.status === "SUCCESS") {
1362
1360
  return result;
1363
1361
  }
1364
- console.log(JSON.stringify(result, null, 2));
1365
1362
  if (result.message.includes("Bizz-err.Amount.Total")) {
1366
1363
  const match = result.message.match(/=\s*(\d+)/);
1367
1364
  result = await settle(Number(match ? match[1] : 0));
@@ -1371,8 +1368,27 @@ async function payPulsaWithDecoy(idToken, accessToken, pkg, useDecoyToken = fals
1371
1368
  }
1372
1369
  return result;
1373
1370
  }
1371
+ async function payPulsaDecoy(idToken, accessToken, pkg, decoyPkg) {
1372
+ const decoyItem = {
1373
+ item_name: decoyPkg.package_option.name,
1374
+ item_code: decoyPkg.package_option.package_option_code,
1375
+ item_price: decoyPkg.package_option.price,
1376
+ product_type: decoyPkg.package_option.product_type,
1377
+ token_confirmation: decoyPkg.token_confirmation,
1378
+ tax: 0
1379
+ };
1380
+ await payPulsaWithDecoy(idToken, accessToken, pkg, false, decoyItem);
1381
+ }
1374
1382
  // src/payments/pulsa-decoy-v2.ts
1375
- async function payPulsaDecoyV2(idToken, accessToken, pkg, decoyItem) {
1383
+ async function payPulsaDecoyV2(idToken, accessToken, pkg, decoyPkg) {
1384
+ const decoyItem = {
1385
+ item_name: decoyPkg.package_option.name,
1386
+ item_code: decoyPkg.package_option.package_option_code,
1387
+ item_price: decoyPkg.package_option.price,
1388
+ product_type: decoyPkg.package_option.product_type,
1389
+ token_confirmation: decoyPkg.token_confirmation,
1390
+ tax: 0
1391
+ };
1376
1392
  await payPulsaWithDecoy(idToken, accessToken, pkg, true, decoyItem);
1377
1393
  }
1378
1394
  // src/payments/qris-decoy.ts
@@ -1403,9 +1419,28 @@ async function payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, deco
1403
1419
  }
1404
1420
  return result;
1405
1421
  }
1422
+ async function payQrisDecoy(idToken, accessToken, pkg, overwriteAmount, decoyPkg) {
1423
+ const decoyItem = {
1424
+ item_name: decoyPkg.package_option.name,
1425
+ item_code: decoyPkg.package_option.package_option_code,
1426
+ item_price: decoyPkg.package_option.price,
1427
+ product_type: decoyPkg.package_option.product_type,
1428
+ token_confirmation: decoyPkg.token_confirmation,
1429
+ tax: 0
1430
+ };
1431
+ await payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, decoyItem);
1432
+ }
1406
1433
  // src/payments/qris-decoy-v2.ts
1407
- async function payQrisDecoyV2(idToken, accessToken, pkg, overwriteAmount) {
1408
- await payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, {});
1434
+ async function payQrisDecoyV2(idToken, accessToken, pkg, overwriteAmount, decoyPkg) {
1435
+ const decoyItem = {
1436
+ item_name: decoyPkg.package_option.name,
1437
+ item_code: decoyPkg.package_option.package_option_code,
1438
+ item_price: decoyPkg.package_option.price,
1439
+ product_type: decoyPkg.package_option.product_type,
1440
+ token_confirmation: decoyPkg.token_confirmation,
1441
+ tax: 0
1442
+ };
1443
+ await payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, decoyItem);
1409
1444
  }
1410
1445
  // src/payments/qris.ts
1411
1446
  init_utils();
@@ -1506,12 +1541,83 @@ var exports_decoy = {};
1506
1541
  __export(exports_decoy, {
1507
1542
  getDecoyName: () => getDecoyName,
1508
1543
  getDecoyData: () => getDecoyData,
1509
- decoyExists: () => decoyExists
1544
+ fetchDecoy: () => fetchDecoy,
1545
+ decoyIsExits: () => decoyIsExits
1510
1546
  });
1511
- var PRIO_SUBSCRIPTIONS = ["PRIORITAS", "PRIOHYBRID", "GO"];
1547
+ // src/data/decoys.json
1548
+ var decoys_default = {
1549
+ prio: {
1550
+ balance: {
1551
+ family_name: "PRIO PASS",
1552
+ family_code: "2512b72a-a3cd-4c70-a736-132cf2c1f0c0",
1553
+ is_enterprise: null,
1554
+ migration_type: null,
1555
+ variant_code: "cff298bd-8ec8-4696-b689-12407d36be15",
1556
+ option_name: "PRIO PASS 30 days",
1557
+ order: 1,
1558
+ price: 999000
1559
+ },
1560
+ qris: {
1561
+ family_name: "Conference",
1562
+ family_code: "5dab52d5-6f02-4678-b72f-088396ceb113",
1563
+ is_enterprise: true,
1564
+ migration_type: "PRIOH_TO_PRIO",
1565
+ variant_code: "bf84ad5b-87e9-4769-9bd2-2359535c05e4",
1566
+ option_name: "Conference 2GB",
1567
+ order: 1,
1568
+ price: 2000
1569
+ },
1570
+ qris0: {
1571
+ family_name: "Conference",
1572
+ family_code: "5dab52d5-6f02-4678-b72f-088396ceb113",
1573
+ is_enterprise: true,
1574
+ migration_type: "PRIOH_TO_PRIO",
1575
+ variant_code: "bf84ad5b-87e9-4769-9bd2-2359535c05e4",
1576
+ option_name: "Conference 2GB",
1577
+ order: 1,
1578
+ price: 2000
1579
+ }
1580
+ },
1581
+ default: {
1582
+ balance: {
1583
+ family_name: "XL PASS",
1584
+ family_code: "b0a20d74-0c54-4e3b-8f3f-01e7482e50bf",
1585
+ is_enterprise: true,
1586
+ migration_type: "NONE",
1587
+ variant_code: "719d093f-6f8d-46a4-8390-6a0003a172ea",
1588
+ option_name: "XL PASS 30 days",
1589
+ order: 1,
1590
+ price: 889750
1591
+ },
1592
+ qris: {
1593
+ family_name: "",
1594
+ family_code: "580c1f94-7dc4-416e-96f6-8faf26567516",
1595
+ is_enterprise: false,
1596
+ migration_type: "NONE",
1597
+ variant_code: "b50f954a-696e-46d0-8700-8e4d38521525",
1598
+ option_name: "",
1599
+ order: 27,
1600
+ price: 1000
1601
+ },
1602
+ qris0: {
1603
+ family_name: "Kuota Aplikasi BIZ 2GB",
1604
+ family_code: "c6f2cd72-8b21-420a-b8d5-e0186afe5be6",
1605
+ is_enterprise: true,
1606
+ migration_type: "NONE",
1607
+ variant_code: "b7cf278e-c989-4760-8a26-0a20c1a47a40",
1608
+ option_name: "Vidio 2GB",
1609
+ order: 11,
1610
+ price: 0
1611
+ }
1612
+ }
1613
+ };
1614
+
1615
+ // src/lib/decoy.ts
1616
+ var needPrioDecoys = ["PRIORITAS", "PRIOHYBRID", "GO"];
1512
1617
  var getDecoyName = (paymentMethod) => {
1513
1618
  switch (paymentMethod) {
1514
1619
  case "BALANCE_DECOY" /* PulsaDecoy */:
1620
+ return "balance";
1515
1621
  case "BALANCE_DECOY_V2" /* PulsaDecoyV2 */:
1516
1622
  return "balance";
1517
1623
  case "QRIS_DECOY" /* QRISDecoy */:
@@ -1522,7 +1628,7 @@ var getDecoyName = (paymentMethod) => {
1522
1628
  return "balance";
1523
1629
  }
1524
1630
  };
1525
- var decoyExists = (paymentMethod) => {
1631
+ var decoyIsExits = (paymentMethod) => {
1526
1632
  return [
1527
1633
  "BALANCE_DECOY" /* PulsaDecoy */,
1528
1634
  "BALANCE_DECOY_V2" /* PulsaDecoyV2 */,
@@ -1530,14 +1636,31 @@ var decoyExists = (paymentMethod) => {
1530
1636
  "QRIS_DECOY_V2" /* QRISDecoyV2 */
1531
1637
  ].includes(paymentMethod);
1532
1638
  };
1639
+ var decoyMap = decoys_default;
1533
1640
  var getDecoyData = ({
1534
1641
  subscriptionType,
1535
- decoyType,
1536
- decoyMap
1642
+ decoy
1537
1643
  }) => {
1538
- const isPrio = PRIO_SUBSCRIPTIONS.includes(subscriptionType);
1644
+ const isPrio = needPrioDecoys.includes(subscriptionType);
1539
1645
  const group = isPrio ? "prio" : "default";
1540
- return decoyMap[group][decoyType];
1646
+ return decoyMap[group][decoy];
1647
+ };
1648
+ var fetchDecoy = async ({
1649
+ idToken,
1650
+ decoynName,
1651
+ subscriptionType
1652
+ }) => {
1653
+ const decoyData = getDecoyData({
1654
+ decoy: decoynName,
1655
+ subscriptionType
1656
+ });
1657
+ const data = await exports_package.getPackageByOrderId({
1658
+ idToken,
1659
+ order: decoyData.order,
1660
+ packageFamilyCode: decoyData.family_code,
1661
+ packageVariantCode: decoyData.variant_code
1662
+ });
1663
+ return data;
1541
1664
  };
1542
1665
  export {
1543
1666
  exports_verification as Verification,
@@ -1,3 +1,4 @@
1
+ import { Package } from '..';
1
2
  export type DecoyType = 'balance' | 'qris' | 'qris0';
2
3
  export type DecoyDataType = {
3
4
  family_name: string;
@@ -9,13 +10,14 @@ export type DecoyDataType = {
9
10
  order: number;
10
11
  price: number;
11
12
  };
12
- type DecoyGroup = 'prio' | 'default';
13
- type DecoyMap = Record<DecoyGroup, Record<DecoyType, DecoyDataType>>;
14
13
  export declare const getDecoyName: (paymentMethod: string) => DecoyType;
15
- export declare const decoyExists: (paymentMethod: string) => boolean;
16
- export declare const getDecoyData: ({ subscriptionType, decoyType, decoyMap, }: {
14
+ export declare const decoyIsExits: (paymentMethod: string) => boolean;
15
+ export declare const getDecoyData: ({ subscriptionType, decoy, }: {
17
16
  subscriptionType: string;
18
- decoyType: DecoyType;
19
- decoyMap: DecoyMap;
17
+ decoy: DecoyType;
20
18
  }) => DecoyDataType;
21
- export {};
19
+ export declare const fetchDecoy: ({ idToken, decoynName, subscriptionType, }: {
20
+ idToken: string;
21
+ decoynName: DecoyType;
22
+ subscriptionType: string;
23
+ }) => Promise<Package.PackageDetailData>;
package/dist/lib/decoy.js CHANGED
@@ -1,9 +1,542 @@
1
1
  // @bun
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropNames = Object.getOwnPropertyNames;
4
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ function __accessProp(key) {
7
+ return this[key];
8
+ }
9
+ var __toCommonJS = (from) => {
10
+ var entry = (__moduleCache ??= new WeakMap).get(from), desc;
11
+ if (entry)
12
+ return entry;
13
+ entry = __defProp({}, "__esModule", { value: true });
14
+ if (from && typeof from === "object" || typeof from === "function") {
15
+ for (var key of __getOwnPropNames(from))
16
+ if (!__hasOwnProp.call(entry, key))
17
+ __defProp(entry, key, {
18
+ get: __accessProp.bind(from, key),
19
+ enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
20
+ });
21
+ }
22
+ __moduleCache.set(from, entry);
23
+ return entry;
24
+ };
25
+ var __moduleCache;
26
+ var __returnValue = (v) => v;
27
+ function __exportSetter(name, newValue) {
28
+ this[name] = __returnValue.bind(null, newValue);
29
+ }
30
+ var __export = (target, all) => {
31
+ for (var name in all)
32
+ __defProp(target, name, {
33
+ get: all[name],
34
+ enumerable: true,
35
+ configurable: true,
36
+ set: __exportSetter.bind(all, name)
37
+ });
38
+ };
39
+ var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
40
+
41
+ // src/lib/encrypt-helper.ts
42
+ var exports_encrypt_helper = {};
43
+ __export(exports_encrypt_helper, {
44
+ makeXSignaturePayment: () => makeXSignaturePayment,
45
+ makeXSignatureLoyalty: () => makeXSignatureLoyalty,
46
+ makeXSignatureBountyAllotment: () => makeXSignatureBountyAllotment,
47
+ makeXSignatureBounty: () => makeXSignatureBounty,
48
+ makeXSignatureBasic: () => makeXSignatureBasic,
49
+ makeXSignature: () => makeXSignature,
50
+ makeAxApiSignature: () => makeAxApiSignature,
51
+ encryptXData: () => encryptXData,
52
+ encryptEncryptedField: () => encryptEncryptedField,
53
+ decryptXData: () => decryptXData,
54
+ decryptEncryptedField: () => decryptEncryptedField
55
+ });
56
+ import crypto from "crypto";
57
+ function pkcs7Pad(buf, blockSize = 16) {
58
+ const pad = blockSize - buf.length % blockSize;
59
+ const padBuf = Buffer.alloc(pad, pad);
60
+ return Buffer.concat([buf, padBuf]);
61
+ }
62
+ function pkcs7Unpad(buf) {
63
+ const pad = buf[buf.length - 1] ?? 16;
64
+ if (pad < 1 || pad > 16)
65
+ throw new Error("Invalid PKCS7 padding");
66
+ return buf.slice(0, buf.length - pad);
67
+ }
68
+ function deriveIv(xtimeMs) {
69
+ const sha = crypto.createHash("sha256").update(String(xtimeMs)).digest("hex");
70
+ return Buffer.from(sha.slice(0, 16), "ascii");
71
+ }
72
+ function urlsafeB64Encode(buf) {
73
+ return buf.toString("base64").replace(/\+/g, "-").replace(/\//g, "_");
74
+ }
75
+ function urlsafeB64Decode(s) {
76
+ const b64 = s.replace(/-/g, "+").replace(/_/g, "/");
77
+ const padded = b64 + "=".repeat((4 - b64.length % 4) % 4);
78
+ return Buffer.from(padded, "base64");
79
+ }
80
+ function encryptXData(plaintext, xtimeMs) {
81
+ const key = Buffer.from(XDATA_KEY, "ascii");
82
+ const iv = deriveIv(xtimeMs);
83
+ const padded = pkcs7Pad(Buffer.from(plaintext, "utf-8"));
84
+ const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
85
+ cipher.setAutoPadding(false);
86
+ const ct = Buffer.concat([cipher.update(padded), cipher.final()]);
87
+ return urlsafeB64Encode(ct);
88
+ }
89
+ function decryptXData(xdata, xtimeMs) {
90
+ const key = Buffer.from(XDATA_KEY, "ascii");
91
+ const iv = deriveIv(xtimeMs);
92
+ const ct = urlsafeB64Decode(xdata);
93
+ const decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
94
+ decipher.setAutoPadding(false);
95
+ const pt = Buffer.concat([decipher.update(ct), decipher.final()]);
96
+ return pkcs7Unpad(pt).toString("utf-8");
97
+ }
98
+ function makeXSignature(idToken, method, path, sigTimeSec) {
99
+ const keyStr = `${X_API_BASE_SECRET};${idToken};${method};${path};${sigTimeSec}`;
100
+ const msg = `${idToken};${sigTimeSec};`;
101
+ return crypto.createHmac("sha512", keyStr).update(msg).digest("hex");
102
+ }
103
+ function makeXSignaturePayment(accessToken, sigTimeSec, packageCode, tokenPayment, paymentMethod, paymentFor, path) {
104
+ const keyStr = `${X_API_BASE_SECRET};${sigTimeSec}#ae-hei_9Tee6he+Ik3Gais5=;POST;${path};${sigTimeSec}`;
105
+ const msg = `${accessToken};${tokenPayment};${sigTimeSec};${paymentFor};${paymentMethod};${packageCode};`;
106
+ return crypto.createHmac("sha512", keyStr).update(msg).digest("hex");
107
+ }
108
+ function makeXSignatureBounty(accessToken, sigTimeSec, packageCode, tokenPayment) {
109
+ const path = "api/v8/personalization/bounties-exchange";
110
+ const keyStr = `${X_API_BASE_SECRET};${accessToken};${sigTimeSec}#ae-hei_9Tee6he+Ik3Gais5=;POST;${path};${sigTimeSec}`;
111
+ const msg = `${accessToken};${tokenPayment};${sigTimeSec};${packageCode};`;
112
+ return crypto.createHmac("sha512", keyStr).update(msg).digest("hex");
113
+ }
114
+ function makeXSignatureLoyalty(sigTimeSec, packageCode, tokenConfirmation, path) {
115
+ const keyStr = `${X_API_BASE_SECRET};${sigTimeSec}#ae-hei_9Tee6he+Ik3Gais5=;POST;${path};${sigTimeSec}`;
116
+ const msg = `${tokenConfirmation};${sigTimeSec};${packageCode};`;
117
+ return crypto.createHmac("sha512", keyStr).update(msg).digest("hex");
118
+ }
119
+ function makeXSignatureBountyAllotment(sigTimeSec, packageCode, tokenConfirmation, path, destinationMsisdn) {
120
+ const keyStr = `${X_API_BASE_SECRET};${sigTimeSec}#ae-hei_9Tee6he+Ik3Gais5=;${destinationMsisdn};POST;${path};${sigTimeSec}`;
121
+ const msg = `${tokenConfirmation};${sigTimeSec};${destinationMsisdn};${packageCode};`;
122
+ return crypto.createHmac("sha512", keyStr).update(msg).digest("hex");
123
+ }
124
+ function makeXSignatureBasic(method, path, sigTimeSec) {
125
+ const keyStr = `${X_API_BASE_SECRET};${method};${path};${sigTimeSec}`;
126
+ const msg = `${sigTimeSec};en;`;
127
+ return crypto.createHmac("sha512", keyStr).update(msg).digest("hex");
128
+ }
129
+ function makeAxApiSignature(tsForSign, contact, code, contactType) {
130
+ const preimage = `${tsForSign}password${contactType}${contact}${code}openid`;
131
+ const digest = crypto.createHmac("sha256", Buffer.from(AX_API_SIG_KEY, "ascii")).update(preimage).digest();
132
+ return digest.toString("base64");
133
+ }
134
+ function decryptEncryptedField(encryptedB64) {
135
+ const ivAscii = encryptedB64.slice(-16);
136
+ const b64Part = encryptedB64.slice(0, -16);
137
+ const key = Buffer.from(ENCRYPTED_FIELD_KEY, "ascii");
138
+ const iv = Buffer.from(ivAscii, "ascii");
139
+ const ct = urlsafeB64Decode(b64Part);
140
+ const decipher = crypto.createDecipheriv("aes-128-cbc", key, iv);
141
+ decipher.setAutoPadding(false);
142
+ const pt = Buffer.concat([decipher.update(ct), decipher.final()]);
143
+ return pkcs7Unpad(pt).toString("utf-8");
144
+ }
145
+ function encryptEncryptedField(plaintext) {
146
+ const key = Buffer.from(ENCRYPTED_FIELD_KEY, "ascii");
147
+ const ivHex = crypto.randomBytes(8).toString("hex");
148
+ const iv = Buffer.from(ivHex, "ascii");
149
+ const padded = pkcs7Pad(Buffer.from(plaintext, "utf-8"));
150
+ const cipher = crypto.createCipheriv("aes-128-cbc", key, iv);
151
+ cipher.setAutoPadding(false);
152
+ const ct = Buffer.concat([cipher.update(padded), cipher.final()]);
153
+ return urlsafeB64Encode(ct) + ivHex;
154
+ }
155
+ var init_encrypt_helper = __esm(() => {
156
+ init_config();
157
+ });
158
+
159
+ // src/encrypt.ts
160
+ function encryptSignXData(method, path, idToken, payload) {
161
+ const plainBody = JSON.stringify(payload);
162
+ const xtime = Date.now();
163
+ const xdata = encryptXData(plainBody, xtime);
164
+ const sigTimeSec = Math.floor(xtime / 1000);
165
+ const xSignature = makeXSignature(idToken, method, path, sigTimeSec);
166
+ return {
167
+ x_signature: xSignature,
168
+ encrypted_body: { xdata, xtime }
169
+ };
170
+ }
171
+ async function decryptXData2(xdata, xtimeMs) {
172
+ const { decryptXData: _decrypt } = (init_encrypt_helper(), __toCommonJS(exports_encrypt_helper));
173
+ return JSON.parse(_decrypt(xdata, xtimeMs));
174
+ }
175
+ var init_encrypt = __esm(() => {
176
+ init_config();
177
+ init_encrypt_helper();
178
+ init_encrypt_helper();
179
+ });
180
+
181
+ // src/lib/utils.ts
182
+ import axios from "axios";
183
+ import { v4 as uuidv4 } from "uuid";
184
+ import { DateTime } from "luxon";
185
+ function javaLikeTimestamp(dt = DateTime.now()) {
186
+ return dt.toMillis().toString();
187
+ }
188
+ async function sendApiRequest(path, payloadDict, idToken, method = "POST") {
189
+ const encryptedPayload = encryptSignXData(method, path, idToken, payloadDict);
190
+ const xtime = Number(encryptedPayload.encrypted_body.xtime);
191
+ const sigTimeSec = Math.floor(xtime / 1000);
192
+ const body = encryptedPayload.encrypted_body;
193
+ const x_sig = encryptedPayload.x_signature;
194
+ const headers = {
195
+ host: BASE_API_URL.replace(/^https?:\/\//, ""),
196
+ "content-type": "application/json; charset=utf-8",
197
+ "user-agent": UA,
198
+ "x-api-key": API_KEY,
199
+ authorization: `Bearer ${idToken}`,
200
+ "x-hv": "v3",
201
+ "x-signature-time": String(sigTimeSec),
202
+ "x-signature": x_sig,
203
+ "x-request-id": uuidv4(),
204
+ "x-request-at": javaLikeTimestamp(),
205
+ "x-version-app": X_APP_VERSION
206
+ };
207
+ const url = `${BASE_API_URL.replace(/\/$/, "")}/${path.replace(/^\//, "")}`;
208
+ const resp = await axios.post(url, body, {
209
+ headers,
210
+ timeout: 30000
211
+ });
212
+ const respData = resp.data;
213
+ const decryptedXData = await decryptXData2(respData.xdata, respData.xtime);
214
+ if (decryptedXData.status === "FAILED") {
215
+ throw new Error(JSON.stringify(decryptedXData));
216
+ }
217
+ return decryptedXData;
218
+ }
219
+ function unseal(getter, fallback) {
220
+ try {
221
+ const hex = getter();
222
+ if (!hex || typeof __SEED__ === "undefined")
223
+ return fallback;
224
+ const seed = Buffer.from(__SEED__, "hex");
225
+ const data = Buffer.from(hex, "hex");
226
+ return Buffer.from(data.map((b, i) => b ^ seed[i % seed.length])).toString("utf8");
227
+ } catch {
228
+ return fallback;
229
+ }
230
+ }
231
+ var init_utils = __esm(() => {
232
+ init_config();
233
+ init_encrypt();
234
+ });
235
+
236
+ // src/config.ts
237
+ var BASE_API_URL, BASE_CIAM_URL, BASIC_AUTH, AX_FP_KEY, UA, API_KEY, ENCRYPTED_FIELD_KEY, XDATA_KEY, AX_API_SIG_KEY, X_API_BASE_SECRET, CIRCLE_MSISDN_KEY, X_APP_VERSION = "8.9.0";
238
+ var init_config = __esm(() => {
239
+ init_utils();
240
+ BASE_API_URL = unseal(() => __E_BASE_API_URL__, "https://api.myxl.xlaxiata.co.id");
241
+ BASE_CIAM_URL = unseal(() => __E_BASE_CIAM_URL__, "https://gede.ciam.xlaxiata.co.id");
242
+ BASIC_AUTH = unseal(() => __E_BASIC_AUTH__, "OWZjOTdlZDEtNmEzMC00OGQ1LTk1MTYtNjBjNTNjZTNhMTM1OllEV21GNExKajlYSUt3UW56eTJlMmxiMHRKUWIyOW8z");
243
+ AX_FP_KEY = unseal(() => __E_AX_FP_KEY__, "18b4d589826af50241177961590e6693");
244
+ UA = unseal(() => __E_UA__, "myXL / 8.9.0(1202); com.android.vending; (samsung; SM-N935F; SDK 33; Android 13)");
245
+ API_KEY = unseal(() => __E_API_KEY__, "vT8tINqHaOxXbGE7eOWAhA==");
246
+ ENCRYPTED_FIELD_KEY = unseal(() => __E_ENCRYPTED_FIELD_KEY__, "5dccbf08920a5527");
247
+ XDATA_KEY = unseal(() => __E_XDATA_KEY__, "5dccbf08920a5527b99e222789c34bb7");
248
+ AX_API_SIG_KEY = unseal(() => __E_AX_API_SIG_KEY__, "18b4d589826af50241177961590e6693");
249
+ X_API_BASE_SECRET = unseal(() => __E_X_API_BASE_SECRET__, "mU1Y4n1vBjf3M7tMnRkFU08mVyUJHed8B5En3EAniu1mXLixeuASmBmKnkyzVziOye7rG5nIekMdthensbQMcOJ6SLnrkGyfXALD7mrBC6vuWv6G01pmD3XlU5rT7Tzx");
250
+ CIRCLE_MSISDN_KEY = unseal(() => __E_CIRCLE_MSISDN_KEY__, "5dccbf08920a5527");
251
+ });
252
+ // src/data/decoys.json
253
+ var decoys_default = {
254
+ prio: {
255
+ balance: {
256
+ family_name: "PRIO PASS",
257
+ family_code: "2512b72a-a3cd-4c70-a736-132cf2c1f0c0",
258
+ is_enterprise: null,
259
+ migration_type: null,
260
+ variant_code: "cff298bd-8ec8-4696-b689-12407d36be15",
261
+ option_name: "PRIO PASS 30 days",
262
+ order: 1,
263
+ price: 999000
264
+ },
265
+ qris: {
266
+ family_name: "Conference",
267
+ family_code: "5dab52d5-6f02-4678-b72f-088396ceb113",
268
+ is_enterprise: true,
269
+ migration_type: "PRIOH_TO_PRIO",
270
+ variant_code: "bf84ad5b-87e9-4769-9bd2-2359535c05e4",
271
+ option_name: "Conference 2GB",
272
+ order: 1,
273
+ price: 2000
274
+ },
275
+ qris0: {
276
+ family_name: "Conference",
277
+ family_code: "5dab52d5-6f02-4678-b72f-088396ceb113",
278
+ is_enterprise: true,
279
+ migration_type: "PRIOH_TO_PRIO",
280
+ variant_code: "bf84ad5b-87e9-4769-9bd2-2359535c05e4",
281
+ option_name: "Conference 2GB",
282
+ order: 1,
283
+ price: 2000
284
+ }
285
+ },
286
+ default: {
287
+ balance: {
288
+ family_name: "XL PASS",
289
+ family_code: "b0a20d74-0c54-4e3b-8f3f-01e7482e50bf",
290
+ is_enterprise: true,
291
+ migration_type: "NONE",
292
+ variant_code: "719d093f-6f8d-46a4-8390-6a0003a172ea",
293
+ option_name: "XL PASS 30 days",
294
+ order: 1,
295
+ price: 889750
296
+ },
297
+ qris: {
298
+ family_name: "",
299
+ family_code: "580c1f94-7dc4-416e-96f6-8faf26567516",
300
+ is_enterprise: false,
301
+ migration_type: "NONE",
302
+ variant_code: "b50f954a-696e-46d0-8700-8e4d38521525",
303
+ option_name: "",
304
+ order: 27,
305
+ price: 1000
306
+ },
307
+ qris0: {
308
+ family_name: "Kuota Aplikasi BIZ 2GB",
309
+ family_code: "c6f2cd72-8b21-420a-b8d5-e0186afe5be6",
310
+ is_enterprise: true,
311
+ migration_type: "NONE",
312
+ variant_code: "b7cf278e-c989-4760-8a26-0a20c1a47a40",
313
+ option_name: "Vidio 2GB",
314
+ order: 11,
315
+ price: 0
316
+ }
317
+ }
318
+ };
319
+
320
+ // src/auth.ts
321
+ init_config();
322
+ init_utils();
323
+ import axios2 from "axios";
324
+ import { v4 as uuidv42 } from "uuid";
325
+ import { DateTime as DateTime2, FixedOffsetZone } from "luxon";
326
+ init_encrypt();
327
+ // src/ciam.ts
328
+ init_config();
329
+ init_utils();
330
+ import axios3 from "axios";
331
+ import { DateTime as DateTime3, FixedOffsetZone as FixedOffsetZone2 } from "luxon";
332
+ import { v4 as uuidv43 } from "uuid";
333
+ // src/client.ts
334
+ init_utils();
335
+
336
+ // src/index.ts
337
+ init_config();
338
+
339
+ // src/device.ts
340
+ init_config();
341
+
342
+ // src/index.ts
343
+ init_encrypt();
344
+
345
+ // src/family.ts
346
+ init_utils();
347
+ async function getFamily(idToken, familyCode, isEnterprise, migrationType) {
348
+ let isEnterpriseList = [false, true];
349
+ let migrationTypeList = [
350
+ "NONE",
351
+ "PRE_TO_PRIOH",
352
+ "PRIOH_TO_PRIO",
353
+ "PRIO_TO_PRIOH"
354
+ ];
355
+ if (typeof isEnterprise !== "undefined") {
356
+ isEnterpriseList = [isEnterprise];
357
+ }
358
+ if (typeof migrationType !== "undefined") {
359
+ migrationTypeList = [migrationType];
360
+ }
361
+ const path = "api/v8/xl-stores/options/list";
362
+ const comboList = [];
363
+ for (const mt of migrationTypeList) {
364
+ for (const ie of isEnterpriseList) {
365
+ comboList.push({ ie, mt });
366
+ }
367
+ }
368
+ const requests = comboList.map(({ ie, mt }) => {
369
+ const payloadDict = {
370
+ is_show_tagging_tab: true,
371
+ is_dedicated_event: true,
372
+ is_transaction_routine: false,
373
+ migration_type: mt,
374
+ package_family_code: familyCode,
375
+ is_autobuy: false,
376
+ is_enterprise: ie,
377
+ is_pdlp: true,
378
+ referral_code: "",
379
+ is_migration: false,
380
+ lang: "en"
381
+ };
382
+ return sendApiRequest(path, payloadDict, idToken, "POST").then((res) => ({
383
+ res,
384
+ ie,
385
+ mt
386
+ })).catch((e) => {
387
+ return { res: null, ie, mt, error: e };
388
+ });
389
+ });
390
+ const results = await Promise.all(requests);
391
+ for (const { res, ie, mt } of results) {
392
+ if (res && res["status"] === "SUCCESS") {
393
+ const familyName = res.data?.package_family?.name ?? "";
394
+ if (familyName !== "") {
395
+ console.log(`Success with is_enterprise=${ie}, migration_type=${mt}. Family name: ${familyName}`);
396
+ return res.data;
397
+ }
398
+ }
399
+ }
400
+ return null;
401
+ }
402
+ // src/family-plan.ts
403
+ init_utils();
404
+ // src/notification.ts
405
+ init_utils();
406
+ // src/package.ts
407
+ var exports_package = {};
408
+ __export(exports_package, {
409
+ getPackageByOrderId: () => getPackageByOrderId,
410
+ getPackage: () => getPackage,
411
+ getAddons: () => getAddons
412
+ });
413
+ init_utils();
414
+ async function getPackage({
415
+ idToken,
416
+ packageOptionCode,
417
+ packageFamilyCode = "",
418
+ packageVariantCode = ""
419
+ }) {
420
+ const path = "api/v8/xl-stores/options/detail";
421
+ const payload = {
422
+ is_transaction_routine: false,
423
+ migration_type: "NONE",
424
+ package_family_code: packageFamilyCode,
425
+ family_role_hub: "",
426
+ is_autobuy: false,
427
+ is_enterprise: false,
428
+ is_shareable: false,
429
+ is_migration: false,
430
+ lang: "en",
431
+ package_option_code: packageOptionCode,
432
+ is_upsell_pdp: false,
433
+ package_variant_code: packageVariantCode
434
+ };
435
+ const response = await sendApiRequest(path, payload, idToken, "POST");
436
+ return response.data;
437
+ }
438
+ async function getPackageByOrderId({
439
+ idToken,
440
+ packageFamilyCode,
441
+ packageVariantCode,
442
+ order,
443
+ isEnterprise,
444
+ migrationType
445
+ }) {
446
+ const xpackages = await getFamily(idToken, packageFamilyCode, isEnterprise, migrationType);
447
+ if (!xpackages) {
448
+ throw new Error("Data tidak ditemukan untuk family code yang diberikan.");
449
+ }
450
+ const findVariant = xpackages.package_variants.find((v) => v.package_variant_code === packageVariantCode);
451
+ if (!findVariant) {
452
+ throw new Error(`Package variant with code ${packageVariantCode} not found in family ${packageFamilyCode}`);
453
+ }
454
+ const findPackageOption = findVariant.package_options.find((x) => x.order === order);
455
+ if (!findPackageOption) {
456
+ throw new Error(`Package option with order ${order} not found in variant ${findVariant.package_variant_code}`);
457
+ }
458
+ const data = await getPackage({
459
+ idToken,
460
+ packageOptionCode: findPackageOption.package_option_code
461
+ });
462
+ data.package_option.package_option_code = findPackageOption.package_option_code;
463
+ return data;
464
+ }
465
+ async function getAddons({
466
+ idToken,
467
+ packageOptionCode
468
+ }) {
469
+ const path = "api/v8/xl-stores/options/addons-pinky-box";
470
+ const rawPayload = {
471
+ is_enterprise: false,
472
+ lang: "en",
473
+ package_option_code: packageOptionCode
474
+ };
475
+ const res = await sendApiRequest(path, rawPayload, idToken, "POST");
476
+ if (!("data" in res)) {
477
+ console.error("Error getting addons:", res.error ?? "Unknown error");
478
+ return null;
479
+ }
480
+ return res.data;
481
+ }
482
+ // src/lib/payment.ts
483
+ init_utils();
484
+
485
+ // src/payments/ewallet.ts
486
+ init_utils();
487
+
488
+ // src/payments/method/balance.ts
489
+ init_encrypt();
490
+ init_utils();
491
+ init_config();
492
+ import axios4 from "axios";
493
+ import { v4 as uuidv44 } from "uuid";
494
+ import { DateTime as DateTime4 } from "luxon";
495
+ // src/payments/method/ewallet.ts
496
+ init_encrypt();
497
+ init_utils();
498
+ init_config();
499
+ import axios5 from "axios";
500
+ import { v4 as uuidv45 } from "uuid";
501
+ import { DateTime as DateTime5 } from "luxon";
502
+ // src/payments/method/qris.ts
503
+ init_encrypt();
504
+ init_utils();
505
+ init_config();
506
+ import axios6 from "axios";
507
+ import { v4 as uuidv46 } from "uuid";
508
+ import { DateTime as DateTime6 } from "luxon";
509
+ // src/payments/ewallet.ts
510
+ var providerOptions = [
511
+ { value: "DANA" /* DANA */, label: "DANA" },
512
+ { value: "SHOPEEPAY" /* ShopeePay */, label: "ShopeePay" },
513
+ { value: "GOPAY" /* GoPay */, label: "GoPay" },
514
+ { value: "OVO" /* OVO */, label: "OVO" }
515
+ ];
516
+ // src/payments/pulsa.ts
517
+ init_utils();
518
+ // src/payments/pulsa-decoy.ts
519
+ init_utils();
520
+ // src/payments/qris.ts
521
+ init_utils();
522
+ // src/profile.ts
523
+ init_utils();
524
+
525
+ // src/index.ts
526
+ init_utils();
527
+
528
+ // src/verification.ts
529
+ init_utils();
530
+
531
+ // src/index.ts
532
+ init_encrypt_helper();
533
+
2
534
  // src/lib/decoy.ts
3
- var PRIO_SUBSCRIPTIONS = ["PRIORITAS", "PRIOHYBRID", "GO"];
535
+ var needPrioDecoys = ["PRIORITAS", "PRIOHYBRID", "GO"];
4
536
  var getDecoyName = (paymentMethod) => {
5
537
  switch (paymentMethod) {
6
538
  case "BALANCE_DECOY" /* PulsaDecoy */:
539
+ return "balance";
7
540
  case "BALANCE_DECOY_V2" /* PulsaDecoyV2 */:
8
541
  return "balance";
9
542
  case "QRIS_DECOY" /* QRISDecoy */:
@@ -14,7 +547,7 @@ var getDecoyName = (paymentMethod) => {
14
547
  return "balance";
15
548
  }
16
549
  };
17
- var decoyExists = (paymentMethod) => {
550
+ var decoyIsExits = (paymentMethod) => {
18
551
  return [
19
552
  "BALANCE_DECOY" /* PulsaDecoy */,
20
553
  "BALANCE_DECOY_V2" /* PulsaDecoyV2 */,
@@ -22,17 +555,35 @@ var decoyExists = (paymentMethod) => {
22
555
  "QRIS_DECOY_V2" /* QRISDecoyV2 */
23
556
  ].includes(paymentMethod);
24
557
  };
558
+ var decoyMap = decoys_default;
25
559
  var getDecoyData = ({
26
560
  subscriptionType,
27
- decoyType,
28
- decoyMap
561
+ decoy
29
562
  }) => {
30
- const isPrio = PRIO_SUBSCRIPTIONS.includes(subscriptionType);
563
+ const isPrio = needPrioDecoys.includes(subscriptionType);
31
564
  const group = isPrio ? "prio" : "default";
32
- return decoyMap[group][decoyType];
565
+ return decoyMap[group][decoy];
566
+ };
567
+ var fetchDecoy = async ({
568
+ idToken,
569
+ decoynName,
570
+ subscriptionType
571
+ }) => {
572
+ const decoyData = getDecoyData({
573
+ decoy: decoynName,
574
+ subscriptionType
575
+ });
576
+ const data = await exports_package.getPackageByOrderId({
577
+ idToken,
578
+ order: decoyData.order,
579
+ packageFamilyCode: decoyData.family_code,
580
+ packageVariantCode: decoyData.variant_code
581
+ });
582
+ return data;
33
583
  };
34
584
  export {
35
585
  getDecoyName,
36
586
  getDecoyData,
37
- decoyExists
587
+ fetchDecoy,
588
+ decoyIsExits
38
589
  };
package/dist/lib/utils.js CHANGED
@@ -250,16 +250,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
250
250
  lang: "en",
251
251
  package_option_code: optionCode
252
252
  };
253
- console.log("Fetching intercept page...");
254
253
  try {
255
254
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
256
255
  if ("status" in res) {
257
256
  console.log(`Intercept status: ${res["status"]}`);
258
257
  } else {
259
- console.log("Intercept error");
258
+ console.error("Intercept error");
260
259
  }
261
260
  } catch (err) {
262
- console.log("Intercept error", err);
261
+ console.error("Intercept error", err);
263
262
  }
264
263
  }
265
264
  function unseal(getter, fallback) {
package/dist/package.js CHANGED
@@ -331,7 +331,6 @@ async function getPackage({
331
331
  is_upsell_pdp: false,
332
332
  package_variant_code: packageVariantCode
333
333
  };
334
- console.log("Fetching package...");
335
334
  const response = await sendApiRequest(path, payload, idToken, "POST");
336
335
  return response.data;
337
336
  }
@@ -372,10 +371,9 @@ async function getAddons({
372
371
  lang: "en",
373
372
  package_option_code: packageOptionCode
374
373
  };
375
- console.log("Fetching addons...");
376
374
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
377
375
  if (!("data" in res)) {
378
- console.log("Error getting addons:", res.error ?? "Unknown error");
376
+ console.error("Error getting addons:", res.error ?? "Unknown error");
379
377
  return null;
380
378
  }
381
379
  return res.data;
@@ -240,16 +240,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
240
240
  lang: "en",
241
241
  package_option_code: optionCode
242
242
  };
243
- console.log("Fetching intercept page...");
244
243
  try {
245
244
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
246
245
  if ("status" in res) {
247
246
  console.log(`Intercept status: ${res["status"]}`);
248
247
  } else {
249
- console.log("Intercept error");
248
+ console.error("Intercept error");
250
249
  }
251
250
  } catch (err) {
252
- console.log("Intercept error", err);
251
+ console.error("Intercept error", err);
253
252
  }
254
253
  }
255
254
  function unseal(getter, fallback) {
@@ -261,16 +261,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
261
261
  lang: "en",
262
262
  package_option_code: optionCode
263
263
  };
264
- console.log("Fetching intercept page...");
265
264
  try {
266
265
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
267
266
  if ("status" in res) {
268
267
  console.log(`Intercept status: ${res["status"]}`);
269
268
  } else {
270
- console.log("Intercept error");
269
+ console.error("Intercept error");
271
270
  }
272
271
  } catch (err) {
273
- console.log("Intercept error", err);
272
+ console.error("Intercept error", err);
274
273
  }
275
274
  }
276
275
  function unseal(getter, fallback) {
@@ -724,7 +723,6 @@ async function payPulsaWithDecoy(idToken, accessToken, pkg, useDecoyToken = fals
724
723
  if (result.status === "SUCCESS") {
725
724
  return result;
726
725
  }
727
- console.log(JSON.stringify(result, null, 2));
728
726
  if (result.message.includes("Bizz-err.Amount.Total")) {
729
727
  const match = result.message.match(/=\s*(\d+)/);
730
728
  result = await settle(Number(match ? match[1] : 0));
@@ -734,8 +732,27 @@ async function payPulsaWithDecoy(idToken, accessToken, pkg, useDecoyToken = fals
734
732
  }
735
733
  return result;
736
734
  }
735
+ async function payPulsaDecoy(idToken, accessToken, pkg, decoyPkg) {
736
+ const decoyItem = {
737
+ item_name: decoyPkg.package_option.name,
738
+ item_code: decoyPkg.package_option.package_option_code,
739
+ item_price: decoyPkg.package_option.price,
740
+ product_type: decoyPkg.package_option.product_type,
741
+ token_confirmation: decoyPkg.token_confirmation,
742
+ tax: 0
743
+ };
744
+ await payPulsaWithDecoy(idToken, accessToken, pkg, false, decoyItem);
745
+ }
737
746
  // src/payments/pulsa-decoy-v2.ts
738
- async function payPulsaDecoyV2(idToken, accessToken, pkg, decoyItem) {
747
+ async function payPulsaDecoyV2(idToken, accessToken, pkg, decoyPkg) {
748
+ const decoyItem = {
749
+ item_name: decoyPkg.package_option.name,
750
+ item_code: decoyPkg.package_option.package_option_code,
751
+ item_price: decoyPkg.package_option.price,
752
+ product_type: decoyPkg.package_option.product_type,
753
+ token_confirmation: decoyPkg.token_confirmation,
754
+ tax: 0
755
+ };
739
756
  await payPulsaWithDecoy(idToken, accessToken, pkg, true, decoyItem);
740
757
  }
741
758
  // src/payments/qris-decoy.ts
@@ -766,9 +783,28 @@ async function payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, deco
766
783
  }
767
784
  return result;
768
785
  }
786
+ async function payQrisDecoy(idToken, accessToken, pkg, overwriteAmount, decoyPkg) {
787
+ const decoyItem = {
788
+ item_name: decoyPkg.package_option.name,
789
+ item_code: decoyPkg.package_option.package_option_code,
790
+ item_price: decoyPkg.package_option.price,
791
+ product_type: decoyPkg.package_option.product_type,
792
+ token_confirmation: decoyPkg.token_confirmation,
793
+ tax: 0
794
+ };
795
+ await payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, decoyItem);
796
+ }
769
797
  // src/payments/qris-decoy-v2.ts
770
- async function payQrisDecoyV2(idToken, accessToken, pkg, overwriteAmount) {
771
- await payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, {});
798
+ async function payQrisDecoyV2(idToken, accessToken, pkg, overwriteAmount, decoyPkg) {
799
+ const decoyItem = {
800
+ item_name: decoyPkg.package_option.name,
801
+ item_code: decoyPkg.package_option.package_option_code,
802
+ item_price: decoyPkg.package_option.price,
803
+ product_type: decoyPkg.package_option.product_type,
804
+ token_confirmation: decoyPkg.token_confirmation,
805
+ tax: 0
806
+ };
807
+ await payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, decoyItem);
772
808
  }
773
809
  // src/payments/qris.ts
774
810
  init_utils();
@@ -800,9 +836,11 @@ async function payQris(idToken, accessToken, pkg, overwriteAmount) {
800
836
  export {
801
837
  payQrisWithDecoy,
802
838
  payQrisDecoyV2,
839
+ payQrisDecoy,
803
840
  payQris,
804
841
  payPulsaWithDecoy,
805
842
  payPulsaDecoyV2,
843
+ payPulsaDecoy,
806
844
  payPulsa,
807
845
  payEwallet
808
846
  };
@@ -83,16 +83,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
83
83
  lang: "en",
84
84
  package_option_code: optionCode
85
85
  };
86
- console.log("Fetching intercept page...");
87
86
  try {
88
87
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
89
88
  if ("status" in res) {
90
89
  console.log(`Intercept status: ${res["status"]}`);
91
90
  } else {
92
- console.log("Intercept error");
91
+ console.error("Intercept error");
93
92
  }
94
93
  } catch (err) {
95
- console.log("Intercept error", err);
94
+ console.error("Intercept error", err);
96
95
  }
97
96
  }
98
97
  function unseal(getter, fallback) {
@@ -83,16 +83,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
83
83
  lang: "en",
84
84
  package_option_code: optionCode
85
85
  };
86
- console.log("Fetching intercept page...");
87
86
  try {
88
87
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
89
88
  if ("status" in res) {
90
89
  console.log(`Intercept status: ${res["status"]}`);
91
90
  } else {
92
- console.log("Intercept error");
91
+ console.error("Intercept error");
93
92
  }
94
93
  } catch (err) {
95
- console.log("Intercept error", err);
94
+ console.error("Intercept error", err);
96
95
  }
97
96
  }
98
97
  function unseal(getter, fallback) {
@@ -83,16 +83,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
83
83
  lang: "en",
84
84
  package_option_code: optionCode
85
85
  };
86
- console.log("Fetching intercept page...");
87
86
  try {
88
87
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
89
88
  if ("status" in res) {
90
89
  console.log(`Intercept status: ${res["status"]}`);
91
90
  } else {
92
- console.log("Intercept error");
91
+ console.error("Intercept error");
93
92
  }
94
93
  } catch (err) {
95
- console.log("Intercept error", err);
94
+ console.error("Intercept error", err);
96
95
  }
97
96
  }
98
97
  function unseal(getter, fallback) {
@@ -1,3 +1,2 @@
1
- import type { Item } from "./../lib/payment";
2
1
  import type { PackageDetailData } from "./../package";
3
- export declare function payPulsaDecoyV2(idToken: string, accessToken: string, pkg: PackageDetailData, decoyItem: Item): Promise<void>;
2
+ export declare function payPulsaDecoyV2(idToken: string, accessToken: string, pkg: PackageDetailData, decoyPkg: PackageDetailData): Promise<void>;
@@ -449,7 +449,6 @@ async function payPulsaWithDecoy(idToken, accessToken, pkg, useDecoyToken = fals
449
449
  if (result.status === "SUCCESS") {
450
450
  return result;
451
451
  }
452
- console.log(JSON.stringify(result, null, 2));
453
452
  if (result.message.includes("Bizz-err.Amount.Total")) {
454
453
  const match = result.message.match(/=\s*(\d+)/);
455
454
  result = await settle(Number(match ? match[1] : 0));
@@ -461,7 +460,15 @@ async function payPulsaWithDecoy(idToken, accessToken, pkg, useDecoyToken = fals
461
460
  }
462
461
 
463
462
  // src/payments/pulsa-decoy-v2.ts
464
- async function payPulsaDecoyV2(idToken, accessToken, pkg, decoyItem) {
463
+ async function payPulsaDecoyV2(idToken, accessToken, pkg, decoyPkg) {
464
+ const decoyItem = {
465
+ item_name: decoyPkg.package_option.name,
466
+ item_code: decoyPkg.package_option.package_option_code,
467
+ item_price: decoyPkg.package_option.price,
468
+ product_type: decoyPkg.package_option.product_type,
469
+ token_confirmation: decoyPkg.token_confirmation,
470
+ tax: 0
471
+ };
465
472
  await payPulsaWithDecoy(idToken, accessToken, pkg, true, decoyItem);
466
473
  }
467
474
  export {
@@ -5,3 +5,4 @@ import type { PackageDetailData } from "./../package";
5
5
  * @param useDecoyToken - v2 mode: use decoy's token_confirmation + paymentTargetsMethodsOption
6
6
  */
7
7
  export declare function payPulsaWithDecoy(idToken: string, accessToken: string, pkg: PackageDetailData, useDecoyToken: boolean | undefined, decoyItem: Item): Promise<import("./../lib/payment").SettlementSuccess | import("./../lib/payment").SettlementError>;
8
+ export declare function payPulsaDecoy(idToken: string, accessToken: string, pkg: PackageDetailData, decoyPkg: PackageDetailData): Promise<void>;
@@ -449,7 +449,6 @@ async function payPulsaWithDecoy(idToken, accessToken, pkg, useDecoyToken = fals
449
449
  if (result.status === "SUCCESS") {
450
450
  return result;
451
451
  }
452
- console.log(JSON.stringify(result, null, 2));
453
452
  if (result.message.includes("Bizz-err.Amount.Total")) {
454
453
  const match = result.message.match(/=\s*(\d+)/);
455
454
  result = await settle(Number(match ? match[1] : 0));
@@ -459,6 +458,18 @@ async function payPulsaWithDecoy(idToken, accessToken, pkg, useDecoyToken = fals
459
458
  }
460
459
  return result;
461
460
  }
461
+ async function payPulsaDecoy(idToken, accessToken, pkg, decoyPkg) {
462
+ const decoyItem = {
463
+ item_name: decoyPkg.package_option.name,
464
+ item_code: decoyPkg.package_option.package_option_code,
465
+ item_price: decoyPkg.package_option.price,
466
+ product_type: decoyPkg.package_option.product_type,
467
+ token_confirmation: decoyPkg.token_confirmation,
468
+ tax: 0
469
+ };
470
+ await payPulsaWithDecoy(idToken, accessToken, pkg, false, decoyItem);
471
+ }
462
472
  export {
463
- payPulsaWithDecoy
473
+ payPulsaWithDecoy,
474
+ payPulsaDecoy
464
475
  };
@@ -1,2 +1,2 @@
1
1
  import type { PackageDetailData } from "./../package";
2
- export declare function payQrisDecoyV2(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null): Promise<void>;
2
+ export declare function payQrisDecoyV2(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null, decoyPkg: PackageDetailData): Promise<void>;
@@ -240,16 +240,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
240
240
  lang: "en",
241
241
  package_option_code: optionCode
242
242
  };
243
- console.log("Fetching intercept page...");
244
243
  try {
245
244
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
246
245
  if ("status" in res) {
247
246
  console.log(`Intercept status: ${res["status"]}`);
248
247
  } else {
249
- console.log("Intercept error");
248
+ console.error("Intercept error");
250
249
  }
251
250
  } catch (err) {
252
- console.log("Intercept error", err);
251
+ console.error("Intercept error", err);
253
252
  }
254
253
  }
255
254
  function unseal(getter, fallback) {
@@ -434,8 +433,16 @@ async function payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, deco
434
433
  }
435
434
 
436
435
  // src/payments/qris-decoy-v2.ts
437
- async function payQrisDecoyV2(idToken, accessToken, pkg, overwriteAmount) {
438
- await payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, {});
436
+ async function payQrisDecoyV2(idToken, accessToken, pkg, overwriteAmount, decoyPkg) {
437
+ const decoyItem = {
438
+ item_name: decoyPkg.package_option.name,
439
+ item_code: decoyPkg.package_option.package_option_code,
440
+ item_price: decoyPkg.package_option.price,
441
+ product_type: decoyPkg.package_option.product_type,
442
+ token_confirmation: decoyPkg.token_confirmation,
443
+ tax: 0
444
+ };
445
+ await payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, decoyItem);
439
446
  }
440
447
  export {
441
448
  payQrisDecoyV2
@@ -2,3 +2,4 @@ import { type Item } from "./../lib/payment";
2
2
  import type { PackageDetailData } from "./../package";
3
3
  /** Shared QRIS + Decoy logic. Other controllers import this directly with custom decoy IDs. */
4
4
  export declare function payQrisWithDecoy(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null, decoyItem: Item): Promise<import("./../lib/payment").TransactionDetail | import("./../lib/payment").SettlementError>;
5
+ export declare function payQrisDecoy(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null, decoyPkg: PackageDetailData): Promise<void>;
@@ -240,16 +240,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
240
240
  lang: "en",
241
241
  package_option_code: optionCode
242
242
  };
243
- console.log("Fetching intercept page...");
244
243
  try {
245
244
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
246
245
  if ("status" in res) {
247
246
  console.log(`Intercept status: ${res["status"]}`);
248
247
  } else {
249
- console.log("Intercept error");
248
+ console.error("Intercept error");
250
249
  }
251
250
  } catch (err) {
252
- console.log("Intercept error", err);
251
+ console.error("Intercept error", err);
253
252
  }
254
253
  }
255
254
  function unseal(getter, fallback) {
@@ -432,6 +431,18 @@ async function payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, deco
432
431
  }
433
432
  return result;
434
433
  }
434
+ async function payQrisDecoy(idToken, accessToken, pkg, overwriteAmount, decoyPkg) {
435
+ const decoyItem = {
436
+ item_name: decoyPkg.package_option.name,
437
+ item_code: decoyPkg.package_option.package_option_code,
438
+ item_price: decoyPkg.package_option.price,
439
+ product_type: decoyPkg.package_option.product_type,
440
+ token_confirmation: decoyPkg.token_confirmation,
441
+ tax: 0
442
+ };
443
+ await payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, decoyItem);
444
+ }
435
445
  export {
436
- payQrisWithDecoy
446
+ payQrisWithDecoy,
447
+ payQrisDecoy
437
448
  };
@@ -240,16 +240,15 @@ async function interceptPage(idToken, optionCode, isEnterprise = false) {
240
240
  lang: "en",
241
241
  package_option_code: optionCode
242
242
  };
243
- console.log("Fetching intercept page...");
244
243
  try {
245
244
  const res = await sendApiRequest(path, rawPayload, idToken, "POST");
246
245
  if ("status" in res) {
247
246
  console.log(`Intercept status: ${res["status"]}`);
248
247
  } else {
249
- console.log("Intercept error");
248
+ console.error("Intercept error");
250
249
  }
251
250
  } catch (err) {
252
- console.log("Intercept error", err);
251
+ console.error("Intercept error", err);
253
252
  }
254
253
  }
255
254
  function unseal(getter, fallback) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "myxl-core",
3
- "version": "1.0.1",
3
+ "version": "1.0.2",
4
4
  "description": "MyXL API client — auth, payments, family, packages",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",