npm - node-paytmpg - Versions diffs - 8.0.6 → 8.0.10 - Mend

node-paytmpg 8.0.6 → 8.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/app/controllers/adapters/razorpay.d.ts +2 -0
package/dist/app/controllers/adapters/razorpay.js +34 -0
package/dist/app/controllers/payment.controller.js +1 -1
package/dist/app/controllers/subscription.webhook.js +10 -9
package/dist/app/utils/buildConfig.js +1 -1
package/dist/package.json +2 -1
package/package.json +2 -1

package/dist/app/controllers/adapters/razorpay.d.ts CHANGED Viewed

@@ -12,4 +12,6 @@ export declare class RazorpayAdapter implements ISubscriptionProvider {
     }>;
     getSubscription(gatewayId: string, config: NPConfig): Promise<any>;
     cancelSubscription(gatewayId: string, cancelAtCycleEnd: boolean, config: NPConfig): Promise<any>;
+    getOrder(orderId: string, config: NPConfig): Promise<any>;
+    validateWebhookSignature(reqBody: string, signature: string, secret: string, jsonBody: any, clientConfig: NPConfig): Promise<boolean>;
 }

package/dist/app/controllers/adapters/razorpay.js CHANGED Viewed

@@ -57,5 +57,39 @@ class RazorpayAdapter {
         const instance = this.getInstance(config);
         return await instance.subscriptions.cancel(gatewayId, cancelAtCycleEnd);
     }
+    async getOrder(orderId, config) {
+        const instance = this.getInstance(config);
+        return await instance.orders.fetch(orderId);
+    }
+    async validateWebhookSignature(reqBody, signature, secret, jsonBody, clientConfig) {
+        var _a, _b, _c, _d, _e, _f;
+        try {
+            return razorpay_1.default.validateWebhookSignature(reqBody, signature, secret);
+        }
+        catch (e) {
+            if (clientConfig && jsonBody && jsonBody.payload && jsonBody.payload.payment && jsonBody.payload.payment.entity) {
+                let orderId = (_c = (_b = (_a = jsonBody === null || jsonBody === void 0 ? void 0 : jsonBody.payload) === null || _a === void 0 ? void 0 : _a.payment) === null || _b === void 0 ? void 0 : _b.entity) === null || _c === void 0 ? void 0 : _c.order_id;
+                let captureStatusClaimed = (_f = (_e = (_d = jsonBody === null || jsonBody === void 0 ? void 0 : jsonBody.payload) === null || _d === void 0 ? void 0 : _d.payment) === null || _e === void 0 ? void 0 : _e.entity) === null || _f === void 0 ? void 0 : _f.status;
+                console.log("Error validating Razorpay signature:", e);
+                if (orderId) {
+                    console.log("Attempting fallback validation method using GET Order", orderId);
+                    try {
+                        const orderDetails = await this.getOrder(orderId, { KEY: '', SECRET: secret });
+                        if (orderDetails && orderDetails.id === orderId && orderDetails.status === captureStatusClaimed) {
+                            console.log("Fallback validation successful for order:", orderId);
+                            return true;
+                        }
+                        else {
+                            console.log("Fallback validation failed: Order details do not match for order:", orderId, "Order details:", orderDetails);
+                        }
+                    }
+                    catch (e) {
+                        console.log("Error in fallback validation:", e);
+                    }
+                }
+            }
+            return false;
+        }
+    }
 }
 exports.RazorpayAdapter = RazorpayAdapter;

package/dist/app/controllers/payment.controller.js CHANGED Viewed

@@ -886,7 +886,7 @@ class PaymentController {
                         }
                         let signatureValid;
                         try {
-                            signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET);
+                            signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET, req.body, config);
                         }
                         catch (e) {
                             signatureValid = false;

package/dist/app/controllers/subscription.webhook.js CHANGED Viewed

@@ -16,14 +16,23 @@ async function handleSubscriptionWebhook(req, res, db, baseConfig, tableNames, m
         const paymentEntity = (_a = req.body.payload.payment) === null || _a === void 0 ? void 0 : _a.entity;
         const gateway_subscription_id = subEntity.id;
         const reqBody = req.rawBody;
+        const jsonBody = req.body;
         const signature = req.headers["x-razorpay-signature"];
         if (signature === undefined) {
             res.status(200).send({ message: "Missing Razorpay signature" });
             return;
         }
+        // Find the local subscription
+        const sub = await db.getOne(tableNames.TRANSACTION.replace('transactions', 'subscriptions'), { gateway_subscription_id });
+        if (!sub) {
+            console.log("Subscription not found for webhook:", gateway_subscription_id);
+            res.status(200).send({ message: "Subscription not found locally" });
+            return;
+        }
+        const clientConf = (0, buildConfig_1.withClientConfigOverrides)(baseConfig, req, { clientId: sub.clientId });
         let signatureValid;
         try {
-            signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET);
+            signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET, jsonBody, clientConf);
         }
         catch (e) {
             signatureValid = false;
@@ -32,14 +41,6 @@ async function handleSubscriptionWebhook(req, res, db, baseConfig, tableNames, m
             res.status(200).send({ message: "Invalid Rzpay signature" });
             return;
         }
-        // Find the local subscription
-        const sub = await db.getOne(tableNames.TRANSACTION.replace('transactions', 'subscriptions'), { gateway_subscription_id });
-        if (!sub) {
-            console.log("Subscription not found for webhook:", gateway_subscription_id);
-            res.status(200).send({ message: "Subscription not found locally" });
-            return;
-        }
-        const clientConf = (0, buildConfig_1.withClientConfigOverrides)(baseConfig, req, { clientId: sub.clientId });
         let statusChanged = false;
         // Map Razorpay events to local subscription status
         switch (event) {

package/dist/app/utils/buildConfig.js CHANGED Viewed

@@ -115,7 +115,7 @@ function validateOpenMoneyConfig(config) {
 function withClientConfigOverrides(config, req, orderData) {
     let _client = config;
     if (config.getClientConfig && (req || (orderData === null || orderData === void 0 ? void 0 : orderData.clientId))) {
-        const clientId = (orderData === null || orderData === void 0 ? void 0 : orderData.clientId) || req.headers['x-client-id'] || req.query.client_id || req.body.client_id || req.body.CLIENT_ID || req.query.CLIENT_ID;
+        const clientId = (orderData === null || orderData === void 0 ? void 0 : orderData.clientId) || req.headers['x-client-id'] || req.query.client_id || req.body.client_id || req.body.CLIENT_ID || req.body.clientId || req.query.clientId || req.query.CLIENT_ID;
         if (clientId) {
             const clientConfig = config.getClientConfig(clientId);
             if (clientConfig) {

package/dist/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "node-paytmpg",
-    "version": "8.0.6",
+    "version": "8.0.10",
     "description": "Payment Gateway Integration using NodeJS",
     "main": "dist/index.js",
     "types": "dist/index.d.ts",
@@ -8,6 +8,7 @@
         "start": "node example.js",
         "clean": "node -e \"require('fs').rmSync('dist', { recursive: true, force: true })\"",
         "build:ts": "tsc -p tsconfig.json",
+        "release": "npm run build && git add . && git add package.json && git commit -m Update-files | npm version patch && npm login && npm publish && git add package.json && git commit -m Update-version | git push",
         "copy:views": "copyfiles -u 1 \"app/views/**/*\" dist/app",
         "copy:public": "copyfiles -u 1 \"public/**/*\" dist/public",
         "build": "npm-run-all clean build:ts copy:views copy:public",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "node-paytmpg",
-  "version": "8.0.6",
+  "version": "8.0.10",
   "description": "Payment Gateway Integration using NodeJS",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -8,6 +8,7 @@
     "start": "node example.js",
     "clean": "node -e \"require('fs').rmSync('dist', { recursive: true, force: true })\"",
     "build:ts": "tsc -p tsconfig.json",
+    "release": "npm run build && git add . && git add package.json && git commit -m Update-files | npm version patch && npm login && npm publish && git add package.json && git commit -m Update-version | git push",
     "copy:views": "copyfiles -u 1 \"app/views/**/*\" dist/app",
     "copy:public": "copyfiles -u 1 \"public/**/*\" dist/public",
     "build": "npm-run-all clean build:ts copy:views copy:public",