myxl-core 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +24 -37
- package/dist/lib/decoy.js +2 -3
- package/dist/payments/ewallet.d.ts +1 -1
- package/dist/payments/ewallet.js +0 -21
- package/dist/payments/index.js +0 -29
- package/dist/payments/qris-decoy-v2.js +77 -98
- package/dist/payments/qris-decoy.d.ts +2 -2
- package/dist/payments/qris-decoy.js +77 -98
- package/dist/payments/qris.d.ts +1 -1
- package/dist/payments/qris.js +0 -21
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -926,27 +926,6 @@ __export(exports_payments, {
|
|
|
926
926
|
payEwallet: () => payEwallet
|
|
927
927
|
});
|
|
928
928
|
|
|
929
|
-
// src/lib/payment.ts
|
|
930
|
-
init_utils();
|
|
931
|
-
var exports_payment = {};
|
|
932
|
-
__export(exports_payment, {
|
|
933
|
-
getTransactionDetail: () => getTransactionDetail
|
|
934
|
-
});
|
|
935
|
-
async function getTransactionDetail({
|
|
936
|
-
idToken,
|
|
937
|
-
transactionId
|
|
938
|
-
}) {
|
|
939
|
-
const path = "payments/api/v8/pending-detail";
|
|
940
|
-
const payload = {
|
|
941
|
-
transaction_id: transactionId,
|
|
942
|
-
is_enterprise: false,
|
|
943
|
-
lang: "en",
|
|
944
|
-
status: ""
|
|
945
|
-
};
|
|
946
|
-
const res = await sendApiRequest(path, payload, idToken, "POST");
|
|
947
|
-
return res.data;
|
|
948
|
-
}
|
|
949
|
-
|
|
950
929
|
// src/payments/ewallet.ts
|
|
951
930
|
init_utils();
|
|
952
931
|
|
|
@@ -1305,10 +1284,6 @@ async function payEwallet(idToken, accessToken, pkg, overwriteAmount, walletNumb
|
|
|
1305
1284
|
walletNumber,
|
|
1306
1285
|
paymentMethod
|
|
1307
1286
|
});
|
|
1308
|
-
if (result.status === "SUCCESS") {
|
|
1309
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
1310
|
-
return transaction;
|
|
1311
|
-
}
|
|
1312
1287
|
return result;
|
|
1313
1288
|
}
|
|
1314
1289
|
// src/payments/pulsa.ts
|
|
@@ -1413,10 +1388,6 @@ async function payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, deco
|
|
|
1413
1388
|
items: [mainItem, finalDecoyItem],
|
|
1414
1389
|
paymentTargetsMethodsOption: finalDecoyItem.item_code
|
|
1415
1390
|
});
|
|
1416
|
-
if (result.status === "SUCCESS") {
|
|
1417
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
1418
|
-
return transaction;
|
|
1419
|
-
}
|
|
1420
1391
|
return result;
|
|
1421
1392
|
}
|
|
1422
1393
|
async function payQrisDecoy(idToken, accessToken, pkg, overwriteAmount, decoyPkg) {
|
|
@@ -1463,10 +1434,6 @@ async function payQris(idToken, accessToken, pkg, overwriteAmount) {
|
|
|
1463
1434
|
item: mainItem,
|
|
1464
1435
|
items: [mainItem]
|
|
1465
1436
|
});
|
|
1466
|
-
if (result.status === "SUCCESS") {
|
|
1467
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
1468
|
-
return transaction;
|
|
1469
|
-
}
|
|
1470
1437
|
return result;
|
|
1471
1438
|
}
|
|
1472
1439
|
// src/profile.ts
|
|
@@ -1485,8 +1452,8 @@ async function getPendingTransaction(idToken) {
|
|
|
1485
1452
|
return res.data;
|
|
1486
1453
|
}
|
|
1487
1454
|
// src/@types/payment.ts
|
|
1488
|
-
var
|
|
1489
|
-
__export(
|
|
1455
|
+
var exports_payment = {};
|
|
1456
|
+
__export(exports_payment, {
|
|
1490
1457
|
PaymentMethodEnum: () => PaymentMethodEnum
|
|
1491
1458
|
});
|
|
1492
1459
|
var PaymentMethodEnum;
|
|
@@ -1536,6 +1503,26 @@ async function checkDukcapil(msisdn, kk, nik) {
|
|
|
1536
1503
|
// src/index.ts
|
|
1537
1504
|
init_encrypt_helper();
|
|
1538
1505
|
|
|
1506
|
+
// src/lib/payment.ts
|
|
1507
|
+
init_utils();
|
|
1508
|
+
var exports_payment2 = {};
|
|
1509
|
+
__export(exports_payment2, {
|
|
1510
|
+
getTransactionDetail: () => getTransactionDetail
|
|
1511
|
+
});
|
|
1512
|
+
async function getTransactionDetail({
|
|
1513
|
+
idToken,
|
|
1514
|
+
transactionId
|
|
1515
|
+
}) {
|
|
1516
|
+
const path = "payments/api/v8/pending-detail";
|
|
1517
|
+
const payload = {
|
|
1518
|
+
transaction_id: transactionId,
|
|
1519
|
+
is_enterprise: false,
|
|
1520
|
+
lang: "en",
|
|
1521
|
+
status: ""
|
|
1522
|
+
};
|
|
1523
|
+
const res = await sendApiRequest(path, payload, idToken, "POST");
|
|
1524
|
+
return res.data;
|
|
1525
|
+
}
|
|
1539
1526
|
// src/lib/decoy.ts
|
|
1540
1527
|
var exports_decoy = {};
|
|
1541
1528
|
__export(exports_decoy, {
|
|
@@ -1665,10 +1652,10 @@ var fetchDecoy = async ({
|
|
|
1665
1652
|
export {
|
|
1666
1653
|
exports_verification as Verification,
|
|
1667
1654
|
exports_utils as Utils,
|
|
1668
|
-
|
|
1655
|
+
exports_payment2 as Settlement,
|
|
1669
1656
|
exports_profile as Profile,
|
|
1670
1657
|
exports_payments as Payments,
|
|
1671
|
-
|
|
1658
|
+
exports_payment as PaymentTypes,
|
|
1672
1659
|
exports_package as Package,
|
|
1673
1660
|
exports_notification as Notification,
|
|
1674
1661
|
exports_family_plan as FamilyPlan,
|
package/dist/lib/decoy.js
CHANGED
|
@@ -479,9 +479,6 @@ async function getAddons({
|
|
|
479
479
|
}
|
|
480
480
|
return res.data;
|
|
481
481
|
}
|
|
482
|
-
// src/lib/payment.ts
|
|
483
|
-
init_utils();
|
|
484
|
-
|
|
485
482
|
// src/payments/ewallet.ts
|
|
486
483
|
init_utils();
|
|
487
484
|
|
|
@@ -531,6 +528,8 @@ init_utils();
|
|
|
531
528
|
// src/index.ts
|
|
532
529
|
init_encrypt_helper();
|
|
533
530
|
|
|
531
|
+
// src/lib/payment.ts
|
|
532
|
+
init_utils();
|
|
534
533
|
// src/lib/decoy.ts
|
|
535
534
|
var needPrioDecoys = ["PRIORITAS", "PRIOHYBRID", "GO"];
|
|
536
535
|
var getDecoyName = (paymentMethod) => {
|
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
import type { PackageDetailData } from "./../package";
|
|
2
2
|
import { EWalletProviderEnum } from "./method";
|
|
3
|
-
export declare function payEwallet(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null, walletNumber: string, paymentMethod: EWalletProviderEnum): Promise<import("./../lib/payment").
|
|
3
|
+
export declare function payEwallet(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null, walletNumber: string, paymentMethod: EWalletProviderEnum): Promise<import("./../lib/payment").SettlementResponse>;
|
package/dist/payments/ewallet.js
CHANGED
|
@@ -273,23 +273,6 @@ var init_utils = __esm(() => {
|
|
|
273
273
|
init_encrypt();
|
|
274
274
|
});
|
|
275
275
|
|
|
276
|
-
// src/lib/payment.ts
|
|
277
|
-
init_utils();
|
|
278
|
-
async function getTransactionDetail({
|
|
279
|
-
idToken,
|
|
280
|
-
transactionId
|
|
281
|
-
}) {
|
|
282
|
-
const path = "payments/api/v8/pending-detail";
|
|
283
|
-
const payload = {
|
|
284
|
-
transaction_id: transactionId,
|
|
285
|
-
is_enterprise: false,
|
|
286
|
-
lang: "en",
|
|
287
|
-
status: ""
|
|
288
|
-
};
|
|
289
|
-
const res = await sendApiRequest(path, payload, idToken, "POST");
|
|
290
|
-
return res.data;
|
|
291
|
-
}
|
|
292
|
-
|
|
293
276
|
// src/payments/ewallet.ts
|
|
294
277
|
init_utils();
|
|
295
278
|
|
|
@@ -426,10 +409,6 @@ async function payEwallet(idToken, accessToken, pkg, overwriteAmount, walletNumb
|
|
|
426
409
|
walletNumber,
|
|
427
410
|
paymentMethod
|
|
428
411
|
});
|
|
429
|
-
if (result.status === "SUCCESS") {
|
|
430
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
431
|
-
return transaction;
|
|
432
|
-
}
|
|
433
412
|
return result;
|
|
434
413
|
}
|
|
435
414
|
export {
|
package/dist/payments/index.js
CHANGED
|
@@ -294,23 +294,6 @@ var init_utils = __esm(() => {
|
|
|
294
294
|
init_encrypt();
|
|
295
295
|
});
|
|
296
296
|
|
|
297
|
-
// src/lib/payment.ts
|
|
298
|
-
init_utils();
|
|
299
|
-
async function getTransactionDetail({
|
|
300
|
-
idToken,
|
|
301
|
-
transactionId
|
|
302
|
-
}) {
|
|
303
|
-
const path = "payments/api/v8/pending-detail";
|
|
304
|
-
const payload = {
|
|
305
|
-
transaction_id: transactionId,
|
|
306
|
-
is_enterprise: false,
|
|
307
|
-
lang: "en",
|
|
308
|
-
status: ""
|
|
309
|
-
};
|
|
310
|
-
const res = await sendApiRequest(path, payload, idToken, "POST");
|
|
311
|
-
return res.data;
|
|
312
|
-
}
|
|
313
|
-
|
|
314
297
|
// src/payments/ewallet.ts
|
|
315
298
|
init_utils();
|
|
316
299
|
|
|
@@ -669,10 +652,6 @@ async function payEwallet(idToken, accessToken, pkg, overwriteAmount, walletNumb
|
|
|
669
652
|
walletNumber,
|
|
670
653
|
paymentMethod
|
|
671
654
|
});
|
|
672
|
-
if (result.status === "SUCCESS") {
|
|
673
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
674
|
-
return transaction;
|
|
675
|
-
}
|
|
676
655
|
return result;
|
|
677
656
|
}
|
|
678
657
|
// src/payments/pulsa.ts
|
|
@@ -777,10 +756,6 @@ async function payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, deco
|
|
|
777
756
|
items: [mainItem, finalDecoyItem],
|
|
778
757
|
paymentTargetsMethodsOption: finalDecoyItem.item_code
|
|
779
758
|
});
|
|
780
|
-
if (result.status === "SUCCESS") {
|
|
781
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
782
|
-
return transaction;
|
|
783
|
-
}
|
|
784
759
|
return result;
|
|
785
760
|
}
|
|
786
761
|
async function payQrisDecoy(idToken, accessToken, pkg, overwriteAmount, decoyPkg) {
|
|
@@ -827,10 +802,6 @@ async function payQris(idToken, accessToken, pkg, overwriteAmount) {
|
|
|
827
802
|
item: mainItem,
|
|
828
803
|
items: [mainItem]
|
|
829
804
|
});
|
|
830
|
-
if (result.status === "SUCCESS") {
|
|
831
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
832
|
-
return transaction;
|
|
833
|
-
}
|
|
834
805
|
return result;
|
|
835
806
|
}
|
|
836
807
|
export {
|
|
@@ -38,6 +38,79 @@ var __export = (target, all) => {
|
|
|
38
38
|
};
|
|
39
39
|
var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
|
|
40
40
|
|
|
41
|
+
// src/lib/utils.ts
|
|
42
|
+
import axios from "axios";
|
|
43
|
+
import { v4 as uuidv4 } from "uuid";
|
|
44
|
+
import { DateTime } from "luxon";
|
|
45
|
+
function javaLikeTimestamp(dt = DateTime.now()) {
|
|
46
|
+
return dt.toMillis().toString();
|
|
47
|
+
}
|
|
48
|
+
async function sendApiRequest(path, payloadDict, idToken, method = "POST") {
|
|
49
|
+
const encryptedPayload = encryptSignXData(method, path, idToken, payloadDict);
|
|
50
|
+
const xtime = Number(encryptedPayload.encrypted_body.xtime);
|
|
51
|
+
const sigTimeSec = Math.floor(xtime / 1000);
|
|
52
|
+
const body = encryptedPayload.encrypted_body;
|
|
53
|
+
const x_sig = encryptedPayload.x_signature;
|
|
54
|
+
const headers = {
|
|
55
|
+
host: BASE_API_URL.replace(/^https?:\/\//, ""),
|
|
56
|
+
"content-type": "application/json; charset=utf-8",
|
|
57
|
+
"user-agent": UA,
|
|
58
|
+
"x-api-key": API_KEY,
|
|
59
|
+
authorization: `Bearer ${idToken}`,
|
|
60
|
+
"x-hv": "v3",
|
|
61
|
+
"x-signature-time": String(sigTimeSec),
|
|
62
|
+
"x-signature": x_sig,
|
|
63
|
+
"x-request-id": uuidv4(),
|
|
64
|
+
"x-request-at": javaLikeTimestamp(),
|
|
65
|
+
"x-version-app": X_APP_VERSION
|
|
66
|
+
};
|
|
67
|
+
const url = `${BASE_API_URL.replace(/\/$/, "")}/${path.replace(/^\//, "")}`;
|
|
68
|
+
const resp = await axios.post(url, body, {
|
|
69
|
+
headers,
|
|
70
|
+
timeout: 30000
|
|
71
|
+
});
|
|
72
|
+
const respData = resp.data;
|
|
73
|
+
const decryptedXData = await decryptXData(respData.xdata, respData.xtime);
|
|
74
|
+
if (decryptedXData.status === "FAILED") {
|
|
75
|
+
throw new Error(JSON.stringify(decryptedXData));
|
|
76
|
+
}
|
|
77
|
+
return decryptedXData;
|
|
78
|
+
}
|
|
79
|
+
async function interceptPage(idToken, optionCode, isEnterprise = false) {
|
|
80
|
+
const path = "misc/api/v8/utility/intercept-page";
|
|
81
|
+
const rawPayload = {
|
|
82
|
+
is_enterprise: isEnterprise,
|
|
83
|
+
lang: "en",
|
|
84
|
+
package_option_code: optionCode
|
|
85
|
+
};
|
|
86
|
+
try {
|
|
87
|
+
const res = await sendApiRequest(path, rawPayload, idToken, "POST");
|
|
88
|
+
if ("status" in res) {
|
|
89
|
+
console.log(`Intercept status: ${res["status"]}`);
|
|
90
|
+
} else {
|
|
91
|
+
console.error("Intercept error");
|
|
92
|
+
}
|
|
93
|
+
} catch (err) {
|
|
94
|
+
console.error("Intercept error", err);
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
function unseal(getter, fallback) {
|
|
98
|
+
try {
|
|
99
|
+
const hex = getter();
|
|
100
|
+
if (!hex || typeof __SEED__ === "undefined")
|
|
101
|
+
return fallback;
|
|
102
|
+
const seed = Buffer.from(__SEED__, "hex");
|
|
103
|
+
const data = Buffer.from(hex, "hex");
|
|
104
|
+
return Buffer.from(data.map((b, i) => b ^ seed[i % seed.length])).toString("utf8");
|
|
105
|
+
} catch {
|
|
106
|
+
return fallback;
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
var init_utils = __esm(() => {
|
|
110
|
+
init_config();
|
|
111
|
+
init_encrypt();
|
|
112
|
+
});
|
|
113
|
+
|
|
41
114
|
// src/config.ts
|
|
42
115
|
var BASE_API_URL, BASE_CIAM_URL, BASIC_AUTH, AX_FP_KEY, UA, API_KEY, ENCRYPTED_FIELD_KEY, XDATA_KEY, AX_API_SIG_KEY, X_API_BASE_SECRET, CIRCLE_MSISDN_KEY, X_APP_VERSION = "8.9.0";
|
|
43
116
|
var init_config = __esm(() => {
|
|
@@ -67,7 +140,7 @@ __export(exports_encrypt_helper, {
|
|
|
67
140
|
makeAxApiSignature: () => makeAxApiSignature,
|
|
68
141
|
encryptXData: () => encryptXData,
|
|
69
142
|
encryptEncryptedField: () => encryptEncryptedField,
|
|
70
|
-
decryptXData: () =>
|
|
143
|
+
decryptXData: () => decryptXData2,
|
|
71
144
|
decryptEncryptedField: () => decryptEncryptedField
|
|
72
145
|
});
|
|
73
146
|
import crypto from "crypto";
|
|
@@ -103,7 +176,7 @@ function encryptXData(plaintext, xtimeMs) {
|
|
|
103
176
|
const ct = Buffer.concat([cipher.update(padded), cipher.final()]);
|
|
104
177
|
return urlsafeB64Encode(ct);
|
|
105
178
|
}
|
|
106
|
-
function
|
|
179
|
+
function decryptXData2(xdata, xtimeMs) {
|
|
107
180
|
const key = Buffer.from(XDATA_KEY, "ascii");
|
|
108
181
|
const iv = deriveIv(xtimeMs);
|
|
109
182
|
const ct = urlsafeB64Decode(xdata);
|
|
@@ -185,7 +258,7 @@ function encryptSignXData(method, path, idToken, payload) {
|
|
|
185
258
|
encrypted_body: { xdata, xtime }
|
|
186
259
|
};
|
|
187
260
|
}
|
|
188
|
-
async function
|
|
261
|
+
async function decryptXData(xdata, xtimeMs) {
|
|
189
262
|
const { decryptXData: _decrypt } = (init_encrypt_helper(), __toCommonJS(exports_encrypt_helper));
|
|
190
263
|
return JSON.parse(_decrypt(xdata, xtimeMs));
|
|
191
264
|
}
|
|
@@ -195,96 +268,6 @@ var init_encrypt = __esm(() => {
|
|
|
195
268
|
init_encrypt_helper();
|
|
196
269
|
});
|
|
197
270
|
|
|
198
|
-
// src/lib/utils.ts
|
|
199
|
-
import axios from "axios";
|
|
200
|
-
import { v4 as uuidv4 } from "uuid";
|
|
201
|
-
import { DateTime } from "luxon";
|
|
202
|
-
function javaLikeTimestamp(dt = DateTime.now()) {
|
|
203
|
-
return dt.toMillis().toString();
|
|
204
|
-
}
|
|
205
|
-
async function sendApiRequest(path, payloadDict, idToken, method = "POST") {
|
|
206
|
-
const encryptedPayload = encryptSignXData(method, path, idToken, payloadDict);
|
|
207
|
-
const xtime = Number(encryptedPayload.encrypted_body.xtime);
|
|
208
|
-
const sigTimeSec = Math.floor(xtime / 1000);
|
|
209
|
-
const body = encryptedPayload.encrypted_body;
|
|
210
|
-
const x_sig = encryptedPayload.x_signature;
|
|
211
|
-
const headers = {
|
|
212
|
-
host: BASE_API_URL.replace(/^https?:\/\//, ""),
|
|
213
|
-
"content-type": "application/json; charset=utf-8",
|
|
214
|
-
"user-agent": UA,
|
|
215
|
-
"x-api-key": API_KEY,
|
|
216
|
-
authorization: `Bearer ${idToken}`,
|
|
217
|
-
"x-hv": "v3",
|
|
218
|
-
"x-signature-time": String(sigTimeSec),
|
|
219
|
-
"x-signature": x_sig,
|
|
220
|
-
"x-request-id": uuidv4(),
|
|
221
|
-
"x-request-at": javaLikeTimestamp(),
|
|
222
|
-
"x-version-app": X_APP_VERSION
|
|
223
|
-
};
|
|
224
|
-
const url = `${BASE_API_URL.replace(/\/$/, "")}/${path.replace(/^\//, "")}`;
|
|
225
|
-
const resp = await axios.post(url, body, {
|
|
226
|
-
headers,
|
|
227
|
-
timeout: 30000
|
|
228
|
-
});
|
|
229
|
-
const respData = resp.data;
|
|
230
|
-
const decryptedXData = await decryptXData2(respData.xdata, respData.xtime);
|
|
231
|
-
if (decryptedXData.status === "FAILED") {
|
|
232
|
-
throw new Error(JSON.stringify(decryptedXData));
|
|
233
|
-
}
|
|
234
|
-
return decryptedXData;
|
|
235
|
-
}
|
|
236
|
-
async function interceptPage(idToken, optionCode, isEnterprise = false) {
|
|
237
|
-
const path = "misc/api/v8/utility/intercept-page";
|
|
238
|
-
const rawPayload = {
|
|
239
|
-
is_enterprise: isEnterprise,
|
|
240
|
-
lang: "en",
|
|
241
|
-
package_option_code: optionCode
|
|
242
|
-
};
|
|
243
|
-
try {
|
|
244
|
-
const res = await sendApiRequest(path, rawPayload, idToken, "POST");
|
|
245
|
-
if ("status" in res) {
|
|
246
|
-
console.log(`Intercept status: ${res["status"]}`);
|
|
247
|
-
} else {
|
|
248
|
-
console.error("Intercept error");
|
|
249
|
-
}
|
|
250
|
-
} catch (err) {
|
|
251
|
-
console.error("Intercept error", err);
|
|
252
|
-
}
|
|
253
|
-
}
|
|
254
|
-
function unseal(getter, fallback) {
|
|
255
|
-
try {
|
|
256
|
-
const hex = getter();
|
|
257
|
-
if (!hex || typeof __SEED__ === "undefined")
|
|
258
|
-
return fallback;
|
|
259
|
-
const seed = Buffer.from(__SEED__, "hex");
|
|
260
|
-
const data = Buffer.from(hex, "hex");
|
|
261
|
-
return Buffer.from(data.map((b, i) => b ^ seed[i % seed.length])).toString("utf8");
|
|
262
|
-
} catch {
|
|
263
|
-
return fallback;
|
|
264
|
-
}
|
|
265
|
-
}
|
|
266
|
-
var init_utils = __esm(() => {
|
|
267
|
-
init_config();
|
|
268
|
-
init_encrypt();
|
|
269
|
-
});
|
|
270
|
-
|
|
271
|
-
// src/lib/payment.ts
|
|
272
|
-
init_utils();
|
|
273
|
-
async function getTransactionDetail({
|
|
274
|
-
idToken,
|
|
275
|
-
transactionId
|
|
276
|
-
}) {
|
|
277
|
-
const path = "payments/api/v8/pending-detail";
|
|
278
|
-
const payload = {
|
|
279
|
-
transaction_id: transactionId,
|
|
280
|
-
is_enterprise: false,
|
|
281
|
-
lang: "en",
|
|
282
|
-
status: ""
|
|
283
|
-
};
|
|
284
|
-
const res = await sendApiRequest(path, payload, idToken, "POST");
|
|
285
|
-
return res.data;
|
|
286
|
-
}
|
|
287
|
-
|
|
288
271
|
// src/payments/method/balance.ts
|
|
289
272
|
init_encrypt();
|
|
290
273
|
init_utils();
|
|
@@ -400,7 +383,7 @@ async function settlementQris({
|
|
|
400
383
|
};
|
|
401
384
|
const url = `${BASE_API_URL}/${settlementPath}`;
|
|
402
385
|
const resp = await axios4.post(url, encrypted.encrypted_body, { headers, timeout: 30000 });
|
|
403
|
-
const decryptedXData = await
|
|
386
|
+
const decryptedXData = await decryptXData(resp.data.xdata, resp.data.xtime);
|
|
404
387
|
return decryptedXData;
|
|
405
388
|
}
|
|
406
389
|
// src/payments/qris-decoy.ts
|
|
@@ -425,10 +408,6 @@ async function payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, deco
|
|
|
425
408
|
items: [mainItem, finalDecoyItem],
|
|
426
409
|
paymentTargetsMethodsOption: finalDecoyItem.item_code
|
|
427
410
|
});
|
|
428
|
-
if (result.status === "SUCCESS") {
|
|
429
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
430
|
-
return transaction;
|
|
431
|
-
}
|
|
432
411
|
return result;
|
|
433
412
|
}
|
|
434
413
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import type { Item } from "./../lib/payment";
|
|
2
2
|
import type { PackageDetailData } from "./../package";
|
|
3
3
|
/** Shared QRIS + Decoy logic. Other controllers import this directly with custom decoy IDs. */
|
|
4
|
-
export declare function payQrisWithDecoy(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null, decoyItem: Item): Promise<import("./../lib/payment").
|
|
4
|
+
export declare function payQrisWithDecoy(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null, decoyItem: Item): Promise<import("./../lib/payment").SettlementResponse>;
|
|
5
5
|
export declare function payQrisDecoy(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null, decoyPkg: PackageDetailData): Promise<void>;
|
|
@@ -38,6 +38,79 @@ var __export = (target, all) => {
|
|
|
38
38
|
};
|
|
39
39
|
var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
|
|
40
40
|
|
|
41
|
+
// src/lib/utils.ts
|
|
42
|
+
import axios from "axios";
|
|
43
|
+
import { v4 as uuidv4 } from "uuid";
|
|
44
|
+
import { DateTime } from "luxon";
|
|
45
|
+
function javaLikeTimestamp(dt = DateTime.now()) {
|
|
46
|
+
return dt.toMillis().toString();
|
|
47
|
+
}
|
|
48
|
+
async function sendApiRequest(path, payloadDict, idToken, method = "POST") {
|
|
49
|
+
const encryptedPayload = encryptSignXData(method, path, idToken, payloadDict);
|
|
50
|
+
const xtime = Number(encryptedPayload.encrypted_body.xtime);
|
|
51
|
+
const sigTimeSec = Math.floor(xtime / 1000);
|
|
52
|
+
const body = encryptedPayload.encrypted_body;
|
|
53
|
+
const x_sig = encryptedPayload.x_signature;
|
|
54
|
+
const headers = {
|
|
55
|
+
host: BASE_API_URL.replace(/^https?:\/\//, ""),
|
|
56
|
+
"content-type": "application/json; charset=utf-8",
|
|
57
|
+
"user-agent": UA,
|
|
58
|
+
"x-api-key": API_KEY,
|
|
59
|
+
authorization: `Bearer ${idToken}`,
|
|
60
|
+
"x-hv": "v3",
|
|
61
|
+
"x-signature-time": String(sigTimeSec),
|
|
62
|
+
"x-signature": x_sig,
|
|
63
|
+
"x-request-id": uuidv4(),
|
|
64
|
+
"x-request-at": javaLikeTimestamp(),
|
|
65
|
+
"x-version-app": X_APP_VERSION
|
|
66
|
+
};
|
|
67
|
+
const url = `${BASE_API_URL.replace(/\/$/, "")}/${path.replace(/^\//, "")}`;
|
|
68
|
+
const resp = await axios.post(url, body, {
|
|
69
|
+
headers,
|
|
70
|
+
timeout: 30000
|
|
71
|
+
});
|
|
72
|
+
const respData = resp.data;
|
|
73
|
+
const decryptedXData = await decryptXData(respData.xdata, respData.xtime);
|
|
74
|
+
if (decryptedXData.status === "FAILED") {
|
|
75
|
+
throw new Error(JSON.stringify(decryptedXData));
|
|
76
|
+
}
|
|
77
|
+
return decryptedXData;
|
|
78
|
+
}
|
|
79
|
+
async function interceptPage(idToken, optionCode, isEnterprise = false) {
|
|
80
|
+
const path = "misc/api/v8/utility/intercept-page";
|
|
81
|
+
const rawPayload = {
|
|
82
|
+
is_enterprise: isEnterprise,
|
|
83
|
+
lang: "en",
|
|
84
|
+
package_option_code: optionCode
|
|
85
|
+
};
|
|
86
|
+
try {
|
|
87
|
+
const res = await sendApiRequest(path, rawPayload, idToken, "POST");
|
|
88
|
+
if ("status" in res) {
|
|
89
|
+
console.log(`Intercept status: ${res["status"]}`);
|
|
90
|
+
} else {
|
|
91
|
+
console.error("Intercept error");
|
|
92
|
+
}
|
|
93
|
+
} catch (err) {
|
|
94
|
+
console.error("Intercept error", err);
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
function unseal(getter, fallback) {
|
|
98
|
+
try {
|
|
99
|
+
const hex = getter();
|
|
100
|
+
if (!hex || typeof __SEED__ === "undefined")
|
|
101
|
+
return fallback;
|
|
102
|
+
const seed = Buffer.from(__SEED__, "hex");
|
|
103
|
+
const data = Buffer.from(hex, "hex");
|
|
104
|
+
return Buffer.from(data.map((b, i) => b ^ seed[i % seed.length])).toString("utf8");
|
|
105
|
+
} catch {
|
|
106
|
+
return fallback;
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
var init_utils = __esm(() => {
|
|
110
|
+
init_config();
|
|
111
|
+
init_encrypt();
|
|
112
|
+
});
|
|
113
|
+
|
|
41
114
|
// src/config.ts
|
|
42
115
|
var BASE_API_URL, BASE_CIAM_URL, BASIC_AUTH, AX_FP_KEY, UA, API_KEY, ENCRYPTED_FIELD_KEY, XDATA_KEY, AX_API_SIG_KEY, X_API_BASE_SECRET, CIRCLE_MSISDN_KEY, X_APP_VERSION = "8.9.0";
|
|
43
116
|
var init_config = __esm(() => {
|
|
@@ -67,7 +140,7 @@ __export(exports_encrypt_helper, {
|
|
|
67
140
|
makeAxApiSignature: () => makeAxApiSignature,
|
|
68
141
|
encryptXData: () => encryptXData,
|
|
69
142
|
encryptEncryptedField: () => encryptEncryptedField,
|
|
70
|
-
decryptXData: () =>
|
|
143
|
+
decryptXData: () => decryptXData2,
|
|
71
144
|
decryptEncryptedField: () => decryptEncryptedField
|
|
72
145
|
});
|
|
73
146
|
import crypto from "crypto";
|
|
@@ -103,7 +176,7 @@ function encryptXData(plaintext, xtimeMs) {
|
|
|
103
176
|
const ct = Buffer.concat([cipher.update(padded), cipher.final()]);
|
|
104
177
|
return urlsafeB64Encode(ct);
|
|
105
178
|
}
|
|
106
|
-
function
|
|
179
|
+
function decryptXData2(xdata, xtimeMs) {
|
|
107
180
|
const key = Buffer.from(XDATA_KEY, "ascii");
|
|
108
181
|
const iv = deriveIv(xtimeMs);
|
|
109
182
|
const ct = urlsafeB64Decode(xdata);
|
|
@@ -185,7 +258,7 @@ function encryptSignXData(method, path, idToken, payload) {
|
|
|
185
258
|
encrypted_body: { xdata, xtime }
|
|
186
259
|
};
|
|
187
260
|
}
|
|
188
|
-
async function
|
|
261
|
+
async function decryptXData(xdata, xtimeMs) {
|
|
189
262
|
const { decryptXData: _decrypt } = (init_encrypt_helper(), __toCommonJS(exports_encrypt_helper));
|
|
190
263
|
return JSON.parse(_decrypt(xdata, xtimeMs));
|
|
191
264
|
}
|
|
@@ -195,96 +268,6 @@ var init_encrypt = __esm(() => {
|
|
|
195
268
|
init_encrypt_helper();
|
|
196
269
|
});
|
|
197
270
|
|
|
198
|
-
// src/lib/utils.ts
|
|
199
|
-
import axios from "axios";
|
|
200
|
-
import { v4 as uuidv4 } from "uuid";
|
|
201
|
-
import { DateTime } from "luxon";
|
|
202
|
-
function javaLikeTimestamp(dt = DateTime.now()) {
|
|
203
|
-
return dt.toMillis().toString();
|
|
204
|
-
}
|
|
205
|
-
async function sendApiRequest(path, payloadDict, idToken, method = "POST") {
|
|
206
|
-
const encryptedPayload = encryptSignXData(method, path, idToken, payloadDict);
|
|
207
|
-
const xtime = Number(encryptedPayload.encrypted_body.xtime);
|
|
208
|
-
const sigTimeSec = Math.floor(xtime / 1000);
|
|
209
|
-
const body = encryptedPayload.encrypted_body;
|
|
210
|
-
const x_sig = encryptedPayload.x_signature;
|
|
211
|
-
const headers = {
|
|
212
|
-
host: BASE_API_URL.replace(/^https?:\/\//, ""),
|
|
213
|
-
"content-type": "application/json; charset=utf-8",
|
|
214
|
-
"user-agent": UA,
|
|
215
|
-
"x-api-key": API_KEY,
|
|
216
|
-
authorization: `Bearer ${idToken}`,
|
|
217
|
-
"x-hv": "v3",
|
|
218
|
-
"x-signature-time": String(sigTimeSec),
|
|
219
|
-
"x-signature": x_sig,
|
|
220
|
-
"x-request-id": uuidv4(),
|
|
221
|
-
"x-request-at": javaLikeTimestamp(),
|
|
222
|
-
"x-version-app": X_APP_VERSION
|
|
223
|
-
};
|
|
224
|
-
const url = `${BASE_API_URL.replace(/\/$/, "")}/${path.replace(/^\//, "")}`;
|
|
225
|
-
const resp = await axios.post(url, body, {
|
|
226
|
-
headers,
|
|
227
|
-
timeout: 30000
|
|
228
|
-
});
|
|
229
|
-
const respData = resp.data;
|
|
230
|
-
const decryptedXData = await decryptXData2(respData.xdata, respData.xtime);
|
|
231
|
-
if (decryptedXData.status === "FAILED") {
|
|
232
|
-
throw new Error(JSON.stringify(decryptedXData));
|
|
233
|
-
}
|
|
234
|
-
return decryptedXData;
|
|
235
|
-
}
|
|
236
|
-
async function interceptPage(idToken, optionCode, isEnterprise = false) {
|
|
237
|
-
const path = "misc/api/v8/utility/intercept-page";
|
|
238
|
-
const rawPayload = {
|
|
239
|
-
is_enterprise: isEnterprise,
|
|
240
|
-
lang: "en",
|
|
241
|
-
package_option_code: optionCode
|
|
242
|
-
};
|
|
243
|
-
try {
|
|
244
|
-
const res = await sendApiRequest(path, rawPayload, idToken, "POST");
|
|
245
|
-
if ("status" in res) {
|
|
246
|
-
console.log(`Intercept status: ${res["status"]}`);
|
|
247
|
-
} else {
|
|
248
|
-
console.error("Intercept error");
|
|
249
|
-
}
|
|
250
|
-
} catch (err) {
|
|
251
|
-
console.error("Intercept error", err);
|
|
252
|
-
}
|
|
253
|
-
}
|
|
254
|
-
function unseal(getter, fallback) {
|
|
255
|
-
try {
|
|
256
|
-
const hex = getter();
|
|
257
|
-
if (!hex || typeof __SEED__ === "undefined")
|
|
258
|
-
return fallback;
|
|
259
|
-
const seed = Buffer.from(__SEED__, "hex");
|
|
260
|
-
const data = Buffer.from(hex, "hex");
|
|
261
|
-
return Buffer.from(data.map((b, i) => b ^ seed[i % seed.length])).toString("utf8");
|
|
262
|
-
} catch {
|
|
263
|
-
return fallback;
|
|
264
|
-
}
|
|
265
|
-
}
|
|
266
|
-
var init_utils = __esm(() => {
|
|
267
|
-
init_config();
|
|
268
|
-
init_encrypt();
|
|
269
|
-
});
|
|
270
|
-
|
|
271
|
-
// src/lib/payment.ts
|
|
272
|
-
init_utils();
|
|
273
|
-
async function getTransactionDetail({
|
|
274
|
-
idToken,
|
|
275
|
-
transactionId
|
|
276
|
-
}) {
|
|
277
|
-
const path = "payments/api/v8/pending-detail";
|
|
278
|
-
const payload = {
|
|
279
|
-
transaction_id: transactionId,
|
|
280
|
-
is_enterprise: false,
|
|
281
|
-
lang: "en",
|
|
282
|
-
status: ""
|
|
283
|
-
};
|
|
284
|
-
const res = await sendApiRequest(path, payload, idToken, "POST");
|
|
285
|
-
return res.data;
|
|
286
|
-
}
|
|
287
|
-
|
|
288
271
|
// src/payments/method/balance.ts
|
|
289
272
|
init_encrypt();
|
|
290
273
|
init_utils();
|
|
@@ -400,7 +383,7 @@ async function settlementQris({
|
|
|
400
383
|
};
|
|
401
384
|
const url = `${BASE_API_URL}/${settlementPath}`;
|
|
402
385
|
const resp = await axios4.post(url, encrypted.encrypted_body, { headers, timeout: 30000 });
|
|
403
|
-
const decryptedXData = await
|
|
386
|
+
const decryptedXData = await decryptXData(resp.data.xdata, resp.data.xtime);
|
|
404
387
|
return decryptedXData;
|
|
405
388
|
}
|
|
406
389
|
// src/payments/qris-decoy.ts
|
|
@@ -425,10 +408,6 @@ async function payQrisWithDecoy(idToken, accessToken, pkg, overwriteAmount, deco
|
|
|
425
408
|
items: [mainItem, finalDecoyItem],
|
|
426
409
|
paymentTargetsMethodsOption: finalDecoyItem.item_code
|
|
427
410
|
});
|
|
428
|
-
if (result.status === "SUCCESS") {
|
|
429
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
430
|
-
return transaction;
|
|
431
|
-
}
|
|
432
411
|
return result;
|
|
433
412
|
}
|
|
434
413
|
async function payQrisDecoy(idToken, accessToken, pkg, overwriteAmount, decoyPkg) {
|
package/dist/payments/qris.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
1
|
import type { PackageDetailData } from "./../package";
|
|
2
|
-
export declare function payQris(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null): Promise<import("./../lib/payment").
|
|
2
|
+
export declare function payQris(idToken: string, accessToken: string, pkg: PackageDetailData, overwriteAmount: number | null): Promise<import("./../lib/payment").SettlementResponse>;
|
package/dist/payments/qris.js
CHANGED
|
@@ -273,23 +273,6 @@ var init_utils = __esm(() => {
|
|
|
273
273
|
init_encrypt();
|
|
274
274
|
});
|
|
275
275
|
|
|
276
|
-
// src/lib/payment.ts
|
|
277
|
-
init_utils();
|
|
278
|
-
async function getTransactionDetail({
|
|
279
|
-
idToken,
|
|
280
|
-
transactionId
|
|
281
|
-
}) {
|
|
282
|
-
const path = "payments/api/v8/pending-detail";
|
|
283
|
-
const payload = {
|
|
284
|
-
transaction_id: transactionId,
|
|
285
|
-
is_enterprise: false,
|
|
286
|
-
lang: "en",
|
|
287
|
-
status: ""
|
|
288
|
-
};
|
|
289
|
-
const res = await sendApiRequest(path, payload, idToken, "POST");
|
|
290
|
-
return res.data;
|
|
291
|
-
}
|
|
292
|
-
|
|
293
276
|
// src/payments/qris.ts
|
|
294
277
|
init_utils();
|
|
295
278
|
|
|
@@ -431,10 +414,6 @@ async function payQris(idToken, accessToken, pkg, overwriteAmount) {
|
|
|
431
414
|
item: mainItem,
|
|
432
415
|
items: [mainItem]
|
|
433
416
|
});
|
|
434
|
-
if (result.status === "SUCCESS") {
|
|
435
|
-
const transaction = await getTransactionDetail({ idToken, transactionId: result.data.transaction_code });
|
|
436
|
-
return transaction;
|
|
437
|
-
}
|
|
438
417
|
return result;
|
|
439
418
|
}
|
|
440
419
|
export {
|