node-paytmpg 6.4.7 → 7.0.1

package/{app → dist/app}/controllers/adapters/payu.js

@@ -1,229 +1,199 @@
-const crypto = require('crypto');
-const axios = require('axios');
-
-class PayU {
-    config
-    constructor(npconfig) {
-        const baseUrl = (npconfig.payu_url || '').replace(/\/$/, '');
-        const isSandbox = baseUrl.indexOf('test.payu.in') > -1;
-        const verifyUrl = npconfig.payu_verify_url || (isSandbox
-            ? 'https://test.payu.in/merchant/postservice.php?form=2'
-            : 'https://info.payu.in/merchant/postservice.php?form=2');
-        this.config = {
-            key: npconfig.KEY,
-            salt: npconfig.SECRET,
-            baseUrl: baseUrl,
-            paymentUrl: npconfig.payu_payment_url || (baseUrl ? baseUrl + '/_payment' : ''),
-            verifyUrl: verifyUrl
-        };
-    }
-
-    normalizeAmount(amount) {
-        const value = parseFloat(amount || 0);
-        return value.toFixed(2);
-    }
-
-    buildRequestHash(payload) {
-        const parts = [
-            payload.key,
-            payload.txnid,
-            this.normalizeAmount(payload.amount),
-            payload.productinfo,
-            payload.firstname,
-            payload.email,
-            payload.udf1 || '',
-            payload.udf2 || '',
-            payload.udf3 || '',
-            payload.udf4 || '',
-            payload.udf5 || '',
-            payload.udf6 || '',
-            payload.udf7 || '',
-            payload.udf8 || '',
-            payload.udf9 || '',
-            payload.udf10 || '',
-            this.config.salt
-        ];
-        return crypto.createHash('sha512').update(parts.join('|')).digest('hex');
-    }
-
-    buildResponseHash(data) {
-        const amount = this.normalizeAmount(data.amount);
-        const sequence = [
-            data.additionalCharges || null,
-            this.config.salt,
-            data.status || '',
-            '', '', '', '', '', '', '', '', '', '',
-            data.udf5 || '',
-            data.udf4 || '',
-            data.udf3 || '',
-            data.udf2 || '',
-            data.udf1 || '',
-            data.email || '',
-            data.firstname || '',
-            data.productinfo || '',
-            amount,
-            data.txnid || '',
-            data.key || ''
-        ];
-        const filtered = sequence.filter((v) => v !== null);
-        return crypto.createHash('sha512').update(filtered.join('|')).digest('hex');
-    }
-
-    generatePaymentRequest(params) {
-        const payload = {
-            key: this.config.key,
-            txnid: params['ORDER_ID'],
-            amount: this.normalizeAmount(params['TXN_AMOUNT']),
-            productinfo: params['PRODUCT_NAME'],
-            firstname: params['NAME'],
-            email: params['EMAIL'],
-            phone: params['MOBILE_NO'],
-            surl: params['CALLBACK_URL'],
-            furl: params['CALLBACK_URL'],
-            udf1: params['CUST_ID'] || '',
-            udf2: params['ORDER_ID'] || '',
-            service_provider: 'payu_paisa'
-        };
-
-        payload.hash = this.buildRequestHash(payload);
-
-        const formFields = Object.keys(payload).map((key) => {
-            return "<input type='hidden' name='" + key + "' value='" + payload[key] + "' />";
-        }).join('');
-        const html = `<form action='${this.config.paymentUrl}' method='post' id='payu_payment_form' style='display:none'>${formFields}</form><script>document.getElementById('payu_payment_form').submit();</script>`;
-
-        return { html: html, payload: payload };
-    }
-    decodeTransactionResponse(txnDataBase64FromPayu) {
-        const txnDataJson = Buffer.from(txnDataBase64FromPayu, 'base64').toString('utf-8');
-        return JSON.parse(txnDataJson);
-    }
-    async verifyResult(req) {
-        const originalBody = req.body || {};
-        const lookupId = originalBody.txnid || req.query.order_id;
-        const statusResp = await this.checkBqrTxnStatus(lookupId);
-
-        let resData = null;
-        if (!resData && statusResp && statusResp.transaction_details) {
-            const td = statusResp.transaction_details;
-            // try direct lookup by lookupId
-            if (td[lookupId]) {
-                resData = td[lookupId];
-            }
-            else {
-                // find entry where txnid matches lookupId or key ends with lookupId
-                for (const k of Object.keys(td)) {
-                    const t = td[k];
-                    if (!t) continue;
-                    if ((t.txnid && t.txnid.toString() === lookupId) || k.toString().endsWith(lookupId)) {
-                        resData = t;
-                        break;
-                    }
-                }
-            }
-        }
-
-        // Determine source for status and mapping (prefer decoded resData)
-        const source = resData || (statusResp || {}) || originalBody;
-
-        const msg = (statusResp?.msg || '').toString();
-        const statusText = (source.status || source.unmappedstatus || msg || '').toString().toLowerCase();
-        let status = 'TXN_FAILURE';
-        if (statusText.includes('success') || statusText.includes('completed') || statusText.includes('captured')) {
-            status = 'TXN_SUCCESS';
-        }
-        else if (statusText.includes('pending')) {
-            status = 'TXN_PENDING';
-        }
-
-        const orderId = (source.udf2 || source.order_id || source.txnid || lookupId).toString();
-        const txnId = source.mihpayid || source.txnid || null;
-
-        return {
-            STATUS: status,
-            ORDERID: orderId,
-            TXNID: txnId,
-            data: resData || statusResp || originalBody,
-            cancelled: source.unmappedstatus?.toLowerCase()?.includes('cancelled') || false
-        };
-    }
-
-    async getPaymentStatus(txnId) {
-        const verifyPayload = new URLSearchParams();
-        verifyPayload.append('key', this.config.key || '');
-        verifyPayload.append('command', 'verify_payment');
-        verifyPayload.append('var1', txnId || '');
-        const hashString = [this.config.key, 'verify_payment', txnId, this.config.salt].join('|');
-        verifyPayload.append('hash', crypto.createHash('sha512').update(hashString).digest('hex'));
-
-        try {
-            const response = await axios.post(this.config.verifyUrl, verifyPayload.toString(), {
-                headers: {
-                    'Content-Type': 'application/x-www-form-urlencoded'
-                }
-            });
-            return response.data;
-        }
-        catch (e) {
-            return { error: e.message };
-        }
-    }
-
-    async postCommand(command, transactionId) {
-        const payload = new URLSearchParams();
-        payload.append('key', this.config.key || '');
-        payload.append('command', command || '');
-        payload.append('var1', transactionId || '');
-
-        // build hash: key|command|var1...|salt
-        const hashParts = [this.config.key, command, transactionId, this.config.salt];
-        const hashString = hashParts.join('|');
-        payload.append('hash', crypto.createHash('sha512').update(hashString).digest('hex'));
-
-        try {
-            const response = await axios.post(this.config.verifyUrl, payload.toString(), {
-                headers: { 'Content-Type': 'application/x-www-form-urlencoded' }
-            });
-            return response.data;
-        }
-        catch (e) {
-            return { error: e.message };
-        }
-    }
-
-    /**
-     * https://docs.payu.in/reference/transaction-status-check-api-2#sample-request
-     * @param {*} transactionId mandatory
-     * @param {*} paymentmode optional
-     * @param {*} productype optional
-     * @returns 
-     */
-    async checkBqrTxnStatus(transactionId) {
-        return this.postCommand('verify_payment', transactionId);
-    }
-
-    renderProcessingPage(params, paymentReq, res, loadingSVG) {
-        res.writeHead(200, { 'Content-Type': 'text/html' });
-        res.write(`<html><head><title>Merchant Checkout Page</title></head><body><center><h1>Processing ! Please do not refresh this page...</h1><br>${paymentReq.html}<br><br>${loadingSVG}</center></body></html>`);
-        res.end();
-    }
-
-    renderError(params, error, res) {
-        console.log('ERROR:::', error, '\n');
-        res.status(500);
-        let formFields = '';
-        const errorResp = {
-            TXNID: 'na',
-            STATUS: 'TXN_FAILURE',
-            CANCELLED: 'cancelled',
-            ORDERID: params['ORDER_ID']
-        };
-        Object.keys(errorResp).forEach((key) => {
-            formFields += "<input type='hidden' name='" + key + "' value='" + errorResp[key] + "' >";
-        });
-        formFields += "<input type='hidden' name='CHECKSUMHASH' value='" + (params['CHECKSUM'] || '') + "' >";
-
-        res.writeHead(200, { 'Content-Type': 'text/html' });
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const crypto_1 = __importDefault(require("crypto"));
+const axios_1 = __importDefault(require("axios"));
+class PayU {
+    constructor(npconfig) {
+        const baseUrl = (npconfig.payu_url || '').replace(/\/$/, '');
+        const isSandbox = baseUrl.indexOf('test.payu.in') > -1;
+        const verifyUrl = npconfig.payu_verify_url || (isSandbox
+            ? 'https://test.payu.in/merchant/postservice.php?form=2'
+            : 'https://info.payu.in/merchant/postservice.php?form=2');
+        this.config = {
+            key: npconfig.KEY,
+            salt: npconfig.SECRET,
+            baseUrl,
+            paymentUrl: npconfig.payu_payment_url || (baseUrl ? `${baseUrl}/_payment` : ''),
+            verifyUrl,
+        };
+    }
+    normalizeAmount(amount) {
+        const value = parseFloat(amount || 0);
+        return value.toFixed(2);
+    }
+    buildRequestHash(payload) {
+        const parts = [
+            payload.key,
+            payload.txnid,
+            this.normalizeAmount(payload.amount),
+            payload.productinfo,
+            payload.firstname,
+            payload.email,
+            payload.udf1 || '',
+            payload.udf2 || '',
+            payload.udf3 || '',
+            payload.udf4 || '',
+            payload.udf5 || '',
+            payload.udf6 || '',
+            payload.udf7 || '',
+            payload.udf8 || '',
+            payload.udf9 || '',
+            payload.udf10 || '',
+            this.config.salt,
+        ];
+        return crypto_1.default.createHash('sha512').update(parts.join('|')).digest('hex');
+    }
+    buildResponseHash(data) {
+        const amount = this.normalizeAmount(data.amount);
+        const sequence = [
+            data.additionalCharges || null,
+            this.config.salt,
+            data.status || '',
+            '', '', '', '', '', '', '', '', '', '',
+            data.udf5 || '',
+            data.udf4 || '',
+            data.udf3 || '',
+            data.udf2 || '',
+            data.udf1 || '',
+            data.email || '',
+            data.firstname || '',
+            data.productinfo || '',
+            amount,
+            data.txnid || '',
+            data.key || '',
+        ];
+        const filtered = sequence.filter((value) => value !== null);
+        return crypto_1.default.createHash('sha512').update(filtered.join('|')).digest('hex');
+    }
+    generatePaymentRequest(params) {
+        const payload = {
+            key: this.config.key,
+            txnid: params.ORDER_ID,
+            amount: this.normalizeAmount(params.TXN_AMOUNT),
+            productinfo: params.PRODUCT_NAME,
+            firstname: params.NAME,
+            email: params.EMAIL,
+            phone: params.MOBILE_NO,
+            surl: params.CALLBACK_URL,
+            furl: params.CALLBACK_URL,
+            udf1: params.CUST_ID || '',
+            udf2: params.ORDER_ID || '',
+            service_provider: 'payu_paisa',
+        };
+        payload.hash = this.buildRequestHash(payload);
+        const formFields = Object.keys(payload)
+            .map((key) => `<input type='hidden' name='${key}' value='${payload[key]}' />`)
+            .join('');
+        const html = `<form action='${this.config.paymentUrl}' method='post' id='payu_payment_form' style='display:none'>${formFields}</form><script>document.getElementById('payu_payment_form').submit();</script>`;
+        return { html, payload };
+    }
+    decodeTransactionResponse(txnDataBase64FromPayu) {
+        const txnDataJson = Buffer.from(txnDataBase64FromPayu, 'base64').toString('utf-8');
+        return JSON.parse(txnDataJson);
+    }
+    async verifyResult(req) {
+        var _a, _b, _c;
+        const originalBody = req.body || {};
+        const lookupId = originalBody.txnid || ((_a = req.query) === null || _a === void 0 ? void 0 : _a.order_id);
+        const statusResp = await this.checkBqrTxnStatus(lookupId);
+        let resData = null;
+        if (!resData && statusResp && statusResp.transaction_details) {
+            const td = statusResp.transaction_details;
+            if (td[lookupId]) {
+                resData = td[lookupId];
+            }
+            else {
+                for (const key of Object.keys(td)) {
+                    const txn = td[key];
+                    if (!txn)
+                        continue;
+                    if ((txn.txnid && txn.txnid.toString() === lookupId) || key.toString().endsWith(lookupId)) {
+                        resData = txn;
+                        break;
+                    }
+                }
+            }
+        }
+        const source = resData || statusResp || originalBody;
+        const msg = ((statusResp === null || statusResp === void 0 ? void 0 : statusResp.msg) || '').toString();
+        const statusText = (source.status || source.unmappedstatus || msg || '').toString().toLowerCase();
+        let status = 'TXN_FAILURE';
+        if (statusText.includes('success') || statusText.includes('completed') || statusText.includes('captured')) {
+            status = 'TXN_SUCCESS';
+        }
+        else if (statusText.includes('pending')) {
+            status = 'TXN_PENDING';
+        }
+        const orderId = (source.udf2 || source.order_id || source.txnid || lookupId).toString();
+        const txnId = source.mihpayid || source.txnid || null;
+        return {
+            STATUS: status,
+            ORDERID: orderId,
+            TXNID: txnId,
+            data: resData || statusResp || originalBody,
+            cancelled: ((_c = (_b = source.unmappedstatus) === null || _b === void 0 ? void 0 : _b.toLowerCase) === null || _c === void 0 ? void 0 : _c.call(_b).includes('cancelled')) || false,
+        };
+    }
+    async getPaymentStatus(txnId) {
+        const verifyPayload = new URLSearchParams();
+        verifyPayload.append('key', this.config.key || '');
+        verifyPayload.append('command', 'verify_payment');
+        verifyPayload.append('var1', txnId || '');
+        const hashString = [this.config.key, 'verify_payment', txnId, this.config.salt].join('|');
+        verifyPayload.append('hash', crypto_1.default.createHash('sha512').update(hashString).digest('hex'));
+        try {
+            const response = await axios_1.default.post(this.config.verifyUrl, verifyPayload.toString(), {
+                headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            });
+            return response.data;
+        }
+        catch (error) {
+            return { error: error.message };
+        }
+    }
+    async postCommand(command, transactionId) {
+        const payload = new URLSearchParams();
+        payload.append('key', this.config.key || '');
+        payload.append('command', command || '');
+        payload.append('var1', transactionId || '');
+        const hashString = [this.config.key, command, transactionId, this.config.salt].join('|');
+        payload.append('hash', crypto_1.default.createHash('sha512').update(hashString).digest('hex'));
+        try {
+            const response = await axios_1.default.post(this.config.verifyUrl, payload.toString(), {
+                headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            });
+            return response.data;
+        }
+        catch (error) {
+            return { error: error.message };
+        }
+    }
+    async checkBqrTxnStatus(transactionId) {
+        return this.postCommand('verify_payment', transactionId);
+    }
+    renderProcessingPage(params, paymentReq, res, loadingSVG) {
+        res.writeHead(200, { 'Content-Type': 'text/html' });
+        res.write(`<html><head><title>Merchant Checkout Page</title></head><body><center><h1>Processing ! Please do not refresh this page...</h1><br>${paymentReq.html}<br><br>${loadingSVG}</center></body></html>`);
+        res.end();
+    }
+    renderError(params, error, res) {
+        console.log('ERROR:::', error, '\n');
+        res.status(500);
+        let formFields = '';
+        const errorResp = {
+            TXNID: 'na',
+            STATUS: 'TXN_FAILURE',
+            CANCELLED: 'cancelled',
+            ORDERID: params.ORDER_ID,
+        };
+        Object.keys(errorResp).forEach((key) => {
+            formFields += `<input type='hidden' name='${key}' value='${errorResp[key]}' >`;
+        });
+        formFields += `<input type='hidden' name='CHECKSUMHASH' value='${params.CHECKSUM || ''}' >`;
+        res.writeHead(200, { 'Content-Type': 'text/html' });
         res.write(`<html>
 
                     <head>
@@ -234,18 +204,17 @@ class PayU {
                         <center>
                             <h1>Something went wrong. Please wait you will be redirected automatically...</h1>
                         </center>
-                        <form method="post" action="${params['CALLBACK_URL']}" name="f1">${formFields}</form>
-                        <script type="text/javascript">document.f1.submit();</script>
+                        <form method='post' action='${params.CALLBACK_URL}' name='f1'>${formFields}</form>
+                        <script type='text/javascript'>document.f1.submit();</script>
                     </body>
         
-        </html>`);
-        res.end();
-    }
-
-    processWebhook(req, res) {
-        res.status(201);
-        res.send({ message: 'Webhook not implemented for PayU' });
-    }
-}
-
-module.exports = PayU;
+        </html>`);
+        res.end();
+    }
+    processWebhook(req, res, updateTransaction) {
+        res.status(201);
+        res.send({ message: 'Webhook not implemented for PayU' });
+    }
+}
+exports.default = PayU;
+module.exports = PayU;

package/dist/app/controllers/checksum/PaytmChecksum.js

@@ -0,0 +1,118 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+const crypto = __importStar(require("crypto"));
+class PaytmChecksum {
+    static encrypt(input, key) {
+        const cipher = crypto.createCipheriv('AES-128-CBC', key, PaytmChecksum.iv);
+        let encrypted = cipher.update(input, 'binary', 'base64');
+        encrypted += cipher.final('base64');
+        return encrypted;
+    }
+    static decrypt(encrypted, key) {
+        const decipher = crypto.createDecipheriv('AES-128-CBC', key, PaytmChecksum.iv);
+        let decrypted = decipher.update(encrypted, 'base64', 'binary');
+        try {
+            decrypted += decipher.final('binary');
+        }
+        catch (e) {
+            console.log(e);
+        }
+        return decrypted;
+    }
+    static generateSignature(params, key) {
+        if (typeof params !== 'object' && typeof params !== 'string') {
+            const error = 'string or object expected, ' + (typeof params) + ' given.';
+            return Promise.reject(error);
+        }
+        if (typeof params !== 'string') {
+            params = PaytmChecksum.getStringByParams(params);
+        }
+        return PaytmChecksum.generateSignatureByString(params, key);
+    }
+    static verifySignature(params, key, checksum) {
+        if (typeof params !== 'object' && typeof params !== 'string') {
+            const error = 'string or object expected, ' + (typeof params) + ' given.';
+            return Promise.reject(error);
+        }
+        if (typeof params !== 'string') {
+            if (params.hasOwnProperty('CHECKSUMHASH')) {
+                delete params.CHECKSUMHASH;
+            }
+            params = PaytmChecksum.getStringByParams(params);
+        }
+        return PaytmChecksum.verifySignatureByString(params, key, checksum);
+    }
+    static async generateSignatureByString(params, key) {
+        const salt = await PaytmChecksum.generateRandomString(4);
+        return PaytmChecksum.calculateChecksum(params, key, salt);
+    }
+    static verifySignatureByString(params, key, checksum) {
+        const paytm_hash = PaytmChecksum.decrypt(checksum, key);
+        const salt = paytm_hash.substr(paytm_hash.length - 4);
+        return (paytm_hash === PaytmChecksum.calculateHash(params, salt));
+    }
+    static generateRandomString(length) {
+        return new Promise(function (resolve, reject) {
+            crypto.randomBytes((length * 3.0) / 4.0, function (err, buf) {
+                if (!err) {
+                    const salt = buf.toString('base64');
+                    resolve(salt);
+                }
+                else {
+                    console.log('error occurred in generateRandomString: ' + err);
+                    reject(err);
+                }
+            });
+        });
+    }
+    static getStringByParams(params) {
+        const data = {};
+        Object.keys(params).sort().forEach(function (key) {
+            data[key] = (params[key] !== null && String(params[key]).toLowerCase() !== 'null') ? params[key] : '';
+        });
+        return Object.values(data).join('|');
+    }
+    static calculateHash(params, salt) {
+        const finalString = params + '|' + salt;
+        return crypto.createHash('sha256').update(finalString).digest('hex') + salt;
+    }
+    static calculateChecksum(params, key, salt) {
+        const hashString = PaytmChecksum.calculateHash(params, salt);
+        return PaytmChecksum.encrypt(hashString, key);
+    }
+}
+PaytmChecksum.iv = '@@@@&&&&####$$$$';
+exports.default = PaytmChecksum;