node-paytmpg 6.4.7 → 7.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (58) hide show
  1. package/README.MD +132 -182
  2. package/app/views/layouts/index.hbs +7 -7
  3. package/app/views/result.hbs +1 -1
  4. package/dist/app/controllers/adapters/open_money.js +400 -0
  5. package/dist/app/controllers/adapters/paytm.js +34 -0
  6. package/{app → dist/app}/controllers/adapters/payu.js +208 -239
  7. package/dist/app/controllers/checksum/PaytmChecksum.js +118 -0
  8. package/dist/app/controllers/checksum/checksum.js +158 -0
  9. package/dist/app/controllers/checksum/crypt.js +117 -0
  10. package/dist/app/controllers/checksum/server.js +130 -0
  11. package/dist/app/controllers/payment.controller.js +985 -0
  12. package/dist/app/controllers/static/loadingsvg.js +54 -0
  13. package/dist/app/controllers/user.controller.js +53 -0
  14. package/dist/app/models/index.js +2 -0
  15. package/dist/app/routes/payment_route.js +46 -0
  16. package/dist/app/utils/buildConfig.js +210 -0
  17. package/dist/app/utils/utils.js +20 -0
  18. package/dist/app/views/home.hbs +22 -0
  19. package/dist/app/views/init.hbs +98 -0
  20. package/dist/app/views/layouts/index.hbs +53 -0
  21. package/dist/app/views/result.hbs +33 -0
  22. package/dist/index.js +119 -0
  23. package/dist/package.json +67 -0
  24. package/dist/public/css/style.css +455 -0
  25. package/dist/public/js/index.js +283 -0
  26. package/dist/public/layer_checkout.js +38 -0
  27. package/dist/public/pay.png +0 -0
  28. package/dist/public/start.png +0 -0
  29. package/dist/public/start2.png +0 -0
  30. package/dist/public/stat.png +0 -0
  31. package/dist/public/test.html +24 -0
  32. package/dist/public/test.html~ +24 -0
  33. package/package.json +29 -6
  34. package/public/test.html~ +24 -0
  35. package/.github/workflows/codeql-analysis.yml +0 -71
  36. package/.github/workflows/nodejs.yml +0 -24
  37. package/.github/workflows/npm-publish.yml +0 -23
  38. package/Dockerfile +0 -9
  39. package/app/controllers/adapters/open_money.js +0 -515
  40. package/app/controllers/checksum/PaytmChecksum.js +0 -94
  41. package/app/controllers/checksum/checksum.js +0 -154
  42. package/app/controllers/checksum/crypt.js +0 -98
  43. package/app/controllers/checksum/server.js +0 -132
  44. package/app/controllers/np_user.controller.js +0 -89
  45. package/app/controllers/payment_controller.js +0 -1295
  46. package/app/models/np_multidbplugin.js +0 -111
  47. package/app/models/np_transaction.model.js +0 -16
  48. package/app/models/np_user.model.js +0 -12
  49. package/app/routes/payment_route.js +0 -73
  50. package/app.yaml +0 -18
  51. package/example.js +0 -34
  52. package/index.js +0 -90
  53. package/lib/config/buildConfig.js +0 -113
  54. package/lib/config/defaults.js +0 -37
  55. package/lib/config/validator.js +0 -103
  56. package/lib/services/database.service.js +0 -153
  57. package/lib/utils/id-generator.js +0 -30
  58. package/lib/utils/sanitizer.js +0 -25
package/dist/app/controllers/adapters/open_money.js ADDED
@@ -0,0 +1,400 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || (function () {
19
+ var ownKeys = function(o) {
20
+ ownKeys = Object.getOwnPropertyNames || function (o) {
21
+ var ar = [];
22
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
+ return ar;
24
+ };
25
+ return ownKeys(o);
26
+ };
27
+ return function (mod) {
28
+ if (mod && mod.__esModule) return mod;
29
+ var result = {};
30
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
+ __setModuleDefault(result, mod);
32
+ return result;
33
+ };
34
+ })();
35
+ var __importDefault = (this && this.__importDefault) || function (mod) {
36
+ return (mod && mod.__esModule) ? mod : { "default": mod };
37
+ };
38
+ Object.defineProperty(exports, "__esModule", { value: true });
39
+ const axios_1 = __importDefault(require("axios"));
40
+ const crypto = __importStar(require("crypto"));
41
+ const reqpost = require('request');
42
+ class OpenMoney {
43
+ constructor(npconfig) {
44
+ npconfig.accesskey = npconfig.KEY;
45
+ npconfig.secretkey = npconfig.SECRET;
46
+ npconfig.url = npconfig.open_money_url;
47
+ npconfig.script_url = (npconfig.url && npconfig.url.indexOf('sandbox') === -1)
48
+ ? 'https://payments.open.money/layer'
49
+ : 'https://sandbox-payments.open.money/layer';
50
+ this.config = npconfig;
51
+ }
52
+ generatePaymentToken(params) {
53
+ const config = this.config;
54
+ return new Promise((resolve, reject) => {
55
+ const open_txn = {
56
+ amount: params['TXN_AMOUNT'],
57
+ currency: params['CURRENCY'] || 'INR',
58
+ name: params['NAME'],
59
+ email_id: params['EMAIL'],
60
+ contact_number: ('' + params['MOBILE_NO']).replace('+91', ''),
61
+ mtx: params['ORDER_ID'],
62
+ };
63
+ create_payment_token(open_txn, config.accesskey, config.secretkey, config.url, (layer_payment_token_data) => {
64
+ if (typeof layer_payment_token_data['error'] !== 'undefined')
65
+ return reject(JSON.stringify('E55 Payment error. ' + layer_payment_token_data['error']));
66
+ if (typeof layer_payment_token_data['id'] === 'undefined' || !layer_payment_token_data['id'])
67
+ return reject(JSON.stringify('Payment error. ' + 'Layer token ID cannot be empty.'));
68
+ if (typeof layer_payment_token_data['id'] !== 'undefined') {
69
+ get_payment_token(layer_payment_token_data['id'], config.accesskey, config.secretkey, config.url, (payment_token_data_raw) => {
70
+ if (payment_token_data_raw && payment_token_data_raw.error) {
71
+ return reject({ error: payment_token_data_raw.error });
72
+ }
73
+ let payment_token_data;
74
+ try {
75
+ payment_token_data = JSON.parse(payment_token_data_raw);
76
+ }
77
+ catch (e) {
78
+ return reject({ error: 'Invalid payment token response' });
79
+ }
80
+ if (typeof payment_token_data['error'] !== 'undefined')
81
+ return reject({ error: JSON.stringify('E56 Payment error. ' + payment_token_data['error']) });
82
+ if (typeof payment_token_data['status'] !== 'undefined' && payment_token_data['status'] === 'paid')
83
+ return reject({ error: JSON.stringify('Layer: this order has already been paid.') });
84
+ if (parseFloat(payment_token_data['amount']) !== parseFloat(params['TXN_AMOUNT']))
85
+ return reject({ error: JSON.stringify('Layer: an amount mismatch occurred.') });
86
+ const hash = create_hash({
87
+ layer_pay_token_id: payment_token_data['id'],
88
+ layer_order_amount: payment_token_data['amount'],
89
+ tranid: params['ORDER_ID'],
90
+ }, config.accesskey, config.secretkey);
91
+ params['CHECKSUM'] = hash;
92
+ let html = `<form action='${params['CALLBACK_URL']}' method='post' style='display: none' name='layer_payment_int_form'>`;
93
+ html += "<input type='hidden' name='layer_pay_token_id' value='" + payment_token_data['id'] + "'>";
94
+ html += "<input type='hidden' name='tranid' value='" + params['ORDER_ID'] + "'>";
95
+ html += "<input type='hidden' name='layer_order_amount' value='" + payment_token_data['amount'] + "'>";
96
+ html += "<input type='hidden' id='layer_payment_id' name='layer_payment_id' value=''>";
97
+ html += "<input type='hidden' id='fallback_url' name='fallback_url' value=''>";
98
+ html += "<input type='hidden' name='hash' value='" + hash + "'></form>";
99
+ html += "<script>";
100
+ html += "var layer_params = {payment_token_id:'" + payment_token_data['id'] + "',accesskey:'" + config.accesskey + "'};";
101
+ html += "</script>";
102
+ html += `<script src="layer_checkout.js"></script>`;
103
+ return resolve({
104
+ html,
105
+ params,
106
+ data: config,
107
+ tokenid: payment_token_data['id'],
108
+ amount: payment_token_data['amount'],
109
+ hash,
110
+ });
111
+ });
112
+ }
113
+ });
114
+ });
115
+ }
116
+ verifyResult(req) {
117
+ const config = this.config;
118
+ return new Promise((resolve) => {
119
+ let txnid = '';
120
+ let amount = '';
121
+ let tokenid = '';
122
+ let paymentid = '';
123
+ let payment_data = {};
124
+ if (!req.body.layer_payment_id) {
125
+ return resolve({ STATUS: 'TXN_FAILURE', ORDERID: txnid, TXNID: paymentid, reason: 'invalid response' });
126
+ }
127
+ else {
128
+ txnid = req.body.tranid;
129
+ amount = req.body.layer_order_amount;
130
+ tokenid = req.body.layer_pay_token_id;
131
+ paymentid = req.body.layer_payment_id;
132
+ }
133
+ const data = {
134
+ layer_pay_token_id: tokenid,
135
+ layer_order_amount: amount,
136
+ tranid: txnid,
137
+ };
138
+ if (verify_hash(data, req.body.hash, config.accesskey, config.secretkey)) {
139
+ get_payment_details(paymentid, config.accesskey, config.secretkey, config.url, (response) => {
140
+ if (response === '{}') {
141
+ return resolve({ STATUS: 'TXN_FAILURE', ORDERID: txnid, TXNID: paymentid, message: 'Invalid Response', data: payment_data });
142
+ }
143
+ else {
144
+ payment_data = JSON.parse(response);
145
+ if (!payment_data['payment_token'] || payment_data['payment_token']['id'] != tokenid) {
146
+ return resolve({ STATUS: 'TXN_FAILURE', ORDERID: txnid, TXNID: paymentid, message: 'received layer_pay_token_id and collected layer_pay_token_id doesnt match', data: payment_data });
147
+ }
148
+ else {
149
+ let status = '';
150
+ if (payment_data.status == 'captured' || payment_data.status == 'late_authorized') {
151
+ status = 'TXN_SUCCESS';
152
+ }
153
+ else if (payment_data.status == 'pending') {
154
+ status = 'TXN_PENDING';
155
+ }
156
+ else {
157
+ status = 'TXN_FAILURE';
158
+ }
159
+ return resolve({ STATUS: status, ORDERID: txnid, TXNID: paymentid, data: payment_data });
160
+ }
161
+ }
162
+ });
163
+ }
164
+ else {
165
+ return resolve({ STATUS: 'TXN_FAILURE', ORDERID: txnid, TXNID: paymentid, message: 'Invalid Response' });
166
+ }
167
+ });
168
+ }
169
+ processWebhook(req, res, updateTransaction) {
170
+ const config = this.config;
171
+ const events = ['payment_captured', 'payment_pending', 'payment_failed', 'payment_cancelled'];
172
+ if (req.body.event && events.indexOf(req.body.event) > -1) {
173
+ if (req.body.payment_token) {
174
+ const payment_token = req.body.payment_token;
175
+ const orderId = payment_token.mtx;
176
+ const paymentid = req.body.id;
177
+ const tokenid = payment_token.id;
178
+ let payment_data = {};
179
+ const amount = req.body.amount;
180
+ setTimeout(() => {
181
+ req.body.layer_pay_token_id = tokenid;
182
+ get_payment_details(paymentid, config.accesskey, config.secretkey, config.url, (response) => {
183
+ if (response === '{}') {
184
+ req.body.STATUS = 'TXN_FAILURE';
185
+ req.body.ORDERID = orderId;
186
+ req.body.TXNID = paymentid;
187
+ }
188
+ else {
189
+ payment_data = JSON.parse(response);
190
+ if (!payment_data['payment_token'] || payment_data['payment_token']['id'] != tokenid) {
191
+ req.body.STATUS = 'TXN_FAILURE';
192
+ req.body.ORDERID = orderId;
193
+ req.body.TXNID = paymentid;
194
+ }
195
+ else {
196
+ let status = 'INITIATED';
197
+ if (payment_data.status == 'captured' || payment_data.status == 'late_authorized') {
198
+ status = 'TXN_SUCCESS';
199
+ }
200
+ else if (payment_data.status == 'pending') {
201
+ status = 'TXN_PENDING';
202
+ }
203
+ if (status != 'TXN_SUCCESS') {
204
+ if (req.body.status == 'paid' || req.body.status == 'captured') {
205
+ status = 'TXN_SUCCESS';
206
+ }
207
+ else if (req.body.status == 'pending') {
208
+ status = 'TXN_PENDING';
209
+ }
210
+ }
211
+ console.log(`Open Money ${req.body.event} webhook for order=${payment_token.mtx} payid=${paymentid} status=${req.body.status} || ${status}`);
212
+ req.body.STATUS = status;
213
+ req.body.ORDERID = orderId;
214
+ req.body.TXNID = paymentid;
215
+ }
216
+ }
217
+ updateTransaction(req, res);
218
+ });
219
+ }, 3000);
220
+ }
221
+ else {
222
+ res.status(401);
223
+ res.send({ message: 'Missing payment_token' });
224
+ }
225
+ }
226
+ else {
227
+ res.status(201);
228
+ res.send({ message: 'Webhook not supported' });
229
+ }
230
+ }
231
+ getPaymentStatus(paymentTokenId, cb) {
232
+ return new Promise((resolve) => {
233
+ get_payment_token_details(paymentTokenId, this.config.accesskey, this.config.secretkey, this.config.url, (data) => {
234
+ resolve(data);
235
+ if (cb)
236
+ cb(data);
237
+ });
238
+ });
239
+ }
240
+ renderProcessingPage(params, pmttoken, res, loadingSVG) {
241
+ res.writeHead(200, { 'Content-Type': 'text/html' });
242
+ res.write(`<html><head><title>Merchant Checkout Page</title>\n <script src="${this.config.script_url}"></script>\n </head><body><center><h1>Processing ! Please do not refresh this page...</h1><br>${pmttoken.html}<br><br>${loadingSVG}</center><script>triggerLayer();</script></body></html>`);
243
+ res.end();
244
+ }
245
+ renderError(params, error, res) {
246
+ console.log('ERROR:::', error, '\n');
247
+ res.status(500);
248
+ let form_fields = '';
249
+ const errorResp = { TXNID: 'na', STATUS: 'TXN_FAILURE', CANCELLED: 'cancelled', ORDERID: params['ORDER_ID'] };
250
+ for (const x in errorResp) {
251
+ form_fields += "<input type='hidden' name='" + x + "' value='" + errorResp[x] + "' >";
252
+ }
253
+ form_fields += "<input type='hidden' name='CHECKSUMHASH' value='" + params['CHECKSUM'] + "' >";
254
+ res.writeHead(200, { 'Content-Type': 'text/html' });
255
+ res.write(`<html>\n\n <head>\n <title>Merchant Checkout Error</title>\n </head>\n \n <body>\n <center>\n <h1>Something went wrong. Please wait you will be redirected automatically...</h1>\n </center>\n <form method="post" action="${params['CALLBACK_URL']}" name="f1">${form_fields}</form>\n <script type="text/javascript">document.f1.submit();</script>\n </body>\n \n </html>`);
256
+ res.end();
257
+ }
258
+ }
259
+ exports.default = OpenMoney;
260
+ // Helper functions
261
+ function create_payment_token(data, accesskey, secretkey, baseurl, callback) {
262
+ try {
263
+ const pay_token_request_data = {
264
+ amount: data['amount'] ? data['amount'] : null,
265
+ currency: data['currency'] ? data['currency'] : null,
266
+ name: data['name'] ? data['name'] : null,
267
+ email_id: data['email_id'] ? data['email_id'] : null,
268
+ contact_number: data['contact_number'] ? data['contact_number'] : null,
269
+ mtx: data['mtx'] ? data['mtx'] : null,
270
+ udf: data['udf'] ? data['udf'] : null,
271
+ };
272
+ http_post(pay_token_request_data, 'payment_token', accesskey, secretkey, baseurl, (response) => {
273
+ return callback(response);
274
+ });
275
+ }
276
+ catch (e) {
277
+ return callback({ error: e });
278
+ }
279
+ }
280
+ function get_payment_token(payment_token_id, accesskey, secretkey, url, callback) {
281
+ if (!payment_token_id)
282
+ throw new Error('payment_token_id cannot be empty');
283
+ try {
284
+ http_get('payment_token/' + payment_token_id, accesskey, secretkey, url, (response) => {
285
+ return callback(response);
286
+ });
287
+ }
288
+ catch (e) {
289
+ return callback({ error: e });
290
+ }
291
+ }
292
+ function get_payment_token_details(payment_tokenid, accesskey, secretkey, baseurl, callback) {
293
+ if (!payment_tokenid)
294
+ throw new Error('payment_id cannot be empty');
295
+ try {
296
+ http_get('payment_token/' + payment_tokenid + '/payment', accesskey, secretkey, baseurl, (response) => {
297
+ return callback(response);
298
+ });
299
+ }
300
+ catch (e) {
301
+ callback({ error: e });
302
+ }
303
+ }
304
+ function get_payment_details(payment_id, accesskey, secretkey, baseurl, callback) {
305
+ if (!payment_id)
306
+ throw new Error('payment_id cannot be empty');
307
+ try {
308
+ http_get('payment/' + payment_id, accesskey, secretkey, baseurl, (response) => {
309
+ return callback(response);
310
+ });
311
+ }
312
+ catch (e) {
313
+ callback({ error: e });
314
+ }
315
+ }
316
+ function http_post(data, route, accesskey, secretkey, baseurl, callback) {
317
+ Object.keys(data).forEach((key) => { if (data[key] === null)
318
+ delete data[key]; });
319
+ const url = baseurl + '/' + route;
320
+ const options = {
321
+ method: 'POST',
322
+ uri: url,
323
+ json: true,
324
+ form: {
325
+ amount: data['amount'],
326
+ currency: data['currency'],
327
+ name: data['name'],
328
+ email_id: data['email_id'],
329
+ contact_number: data['contact_number'],
330
+ mtx: data['mtx'],
331
+ },
332
+ headers: {
333
+ 'Content-Type': 'application/json',
334
+ Authorization: 'Bearer ' + accesskey + ':' + secretkey,
335
+ },
336
+ };
337
+ reqpost(options)
338
+ .on('response', function (resp) {
339
+ resp.setEncoding('utf8');
340
+ resp.on('data', function (chunk) {
341
+ const data = JSON.parse(chunk);
342
+ let rdata = '';
343
+ if ('error' in data) {
344
+ Object.keys(data).forEach(function (key) {
345
+ if (key == 'error_data') {
346
+ const obj = data[key];
347
+ Object.keys(obj).forEach(function (k) {
348
+ rdata += obj[k] + ' ';
349
+ });
350
+ }
351
+ });
352
+ return callback({ error: rdata });
353
+ }
354
+ else
355
+ return callback(data);
356
+ });
357
+ })
358
+ .on('error', function (err) {
359
+ return callback(err);
360
+ });
361
+ }
362
+ function http_get(route, accesskey, secretkey, baseurl, callback) {
363
+ const url = baseurl + '/' + route;
364
+ const options = {
365
+ method: 'GET',
366
+ url,
367
+ headers: {
368
+ 'Content-Type': 'application/json',
369
+ Authorization: 'Bearer ' + accesskey + ':' + secretkey,
370
+ },
371
+ };
372
+ (0, axios_1.default)(options)
373
+ .then((d) => {
374
+ callback(JSON.stringify(d.data));
375
+ })
376
+ .catch((e) => {
377
+ callback('{}');
378
+ });
379
+ }
380
+ function create_hash(data, accesskey, secretkey) {
381
+ data = ksort(data);
382
+ let hash_string = accesskey;
383
+ Object.keys(data).forEach(function (key) {
384
+ hash_string += '|' + data[key];
385
+ });
386
+ const cryp = crypto.createHash('sha256');
387
+ cryp.update(hash_string);
388
+ return cryp.digest('hex');
389
+ }
390
+ function verify_hash(data, rec_hash, accesskey, secretkey) {
391
+ const gen_hash = create_hash(data, accesskey, secretkey);
392
+ return gen_hash === rec_hash;
393
+ }
394
+ function ksort(obj) {
395
+ const keys = Object.keys(obj).sort();
396
+ const sortedObj = {};
397
+ for (const i of keys)
398
+ sortedObj[i] = obj[i];
399
+ return sortedObj;
400
+ }
package/dist/app/controllers/adapters/paytm.js ADDED
@@ -0,0 +1,34 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.createPaytmJsCheckoutHtml = createPaytmJsCheckoutHtml;
4
+ const loadingsvg_1 = require("../static/loadingsvg");
5
+ function createPaytmJsCheckoutHtml(params, config) {
6
+ let paytmJsCheckouHtml = `<html>
7
+ <head>
8
+ <title>Merchant Checkout</title>
9
+ <meta name="viewport" content="width=device-width, height=device-height, initial-scale=1.0, maximum-scale=1.0"/>
10
+
11
+ </head>
12
+ <body>
13
+ <center>
14
+ <h1>Please donot close this page or press the back button. Processing...</h1>
15
+ ${loadingsvg_1.LoadingSVG}
16
+ </center>
17
+ <form id="cancelform" action="${params['CALLBACK_URL']}" method="post">
18
+ <input type="hidden" name="TXNID" value="na"/>
19
+ <input type="hidden" name="STATUS" value="TXN_FAILURE"/>
20
+ <input type="hidden" name="CANCELLED" value="cancelled"/>
21
+ <input id="RESPMSG" type="hidden" name="RESPMSG" value=""/>
22
+ <input type="hidden" name="ORDERID" value="${params["ORDER_ID"]}"/>
23
+ </form>
24
+
25
+ <script>
26
+ // (omitted for brevity in patch) script will use token from server
27
+ </script>
28
+ <script type="application/javascript" crossorigin="anonymous" src="${config.paytm_url}/merchantpgpui/checkoutjs/merchants/${params['MID']}.js" onload="onScriptLoad();" crossorigin="anonymous"></script>
29
+
30
+
31
+ </body>
32
+ </html>`;
33
+ return paytmJsCheckouHtml;
34
+ }