node-paytmpg 8.0.8 → 8.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -12,4 +12,6 @@ export declare class RazorpayAdapter implements ISubscriptionProvider {
|
|
|
12
12
|
}>;
|
|
13
13
|
getSubscription(gatewayId: string, config: NPConfig): Promise<any>;
|
|
14
14
|
cancelSubscription(gatewayId: string, cancelAtCycleEnd: boolean, config: NPConfig): Promise<any>;
|
|
15
|
+
getOrder(orderId: string, config: NPConfig): Promise<any>;
|
|
16
|
+
validateWebhookSignature(reqBody: string, signature: string, secret: string, jsonBody: any, clientConfig: NPConfig): Promise<boolean>;
|
|
15
17
|
}
|
|
@@ -57,5 +57,39 @@ class RazorpayAdapter {
|
|
|
57
57
|
const instance = this.getInstance(config);
|
|
58
58
|
return await instance.subscriptions.cancel(gatewayId, cancelAtCycleEnd);
|
|
59
59
|
}
|
|
60
|
+
async getOrder(orderId, config) {
|
|
61
|
+
const instance = this.getInstance(config);
|
|
62
|
+
return await instance.orders.fetch(orderId);
|
|
63
|
+
}
|
|
64
|
+
async validateWebhookSignature(reqBody, signature, secret, jsonBody, clientConfig) {
|
|
65
|
+
var _a, _b, _c, _d, _e, _f;
|
|
66
|
+
try {
|
|
67
|
+
return razorpay_1.default.validateWebhookSignature(reqBody, signature, secret);
|
|
68
|
+
}
|
|
69
|
+
catch (e) {
|
|
70
|
+
if (clientConfig && jsonBody && jsonBody.payload && jsonBody.payload.payment && jsonBody.payload.payment.entity) {
|
|
71
|
+
let orderId = (_c = (_b = (_a = jsonBody === null || jsonBody === void 0 ? void 0 : jsonBody.payload) === null || _a === void 0 ? void 0 : _a.payment) === null || _b === void 0 ? void 0 : _b.entity) === null || _c === void 0 ? void 0 : _c.order_id;
|
|
72
|
+
let captureStatusClaimed = (_f = (_e = (_d = jsonBody === null || jsonBody === void 0 ? void 0 : jsonBody.payload) === null || _d === void 0 ? void 0 : _d.payment) === null || _e === void 0 ? void 0 : _e.entity) === null || _f === void 0 ? void 0 : _f.status;
|
|
73
|
+
console.log("Error validating Razorpay signature:", e);
|
|
74
|
+
if (orderId) {
|
|
75
|
+
console.log("Attempting fallback validation method using GET Order", orderId);
|
|
76
|
+
try {
|
|
77
|
+
const orderDetails = await this.getOrder(orderId, { KEY: '', SECRET: secret });
|
|
78
|
+
if (orderDetails && orderDetails.id === orderId && orderDetails.status === captureStatusClaimed) {
|
|
79
|
+
console.log("Fallback validation successful for order:", orderId);
|
|
80
|
+
return true;
|
|
81
|
+
}
|
|
82
|
+
else {
|
|
83
|
+
console.log("Fallback validation failed: Order details do not match for order:", orderId, "Order details:", orderDetails);
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
catch (e) {
|
|
87
|
+
console.log("Error in fallback validation:", e);
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
return false;
|
|
92
|
+
}
|
|
93
|
+
}
|
|
60
94
|
}
|
|
61
95
|
exports.RazorpayAdapter = RazorpayAdapter;
|
|
@@ -886,7 +886,7 @@ class PaymentController {
|
|
|
886
886
|
}
|
|
887
887
|
let signatureValid;
|
|
888
888
|
try {
|
|
889
|
-
signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET);
|
|
889
|
+
signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET, req.body, config);
|
|
890
890
|
}
|
|
891
891
|
catch (e) {
|
|
892
892
|
signatureValid = false;
|
|
@@ -16,14 +16,23 @@ async function handleSubscriptionWebhook(req, res, db, baseConfig, tableNames, m
|
|
|
16
16
|
const paymentEntity = (_a = req.body.payload.payment) === null || _a === void 0 ? void 0 : _a.entity;
|
|
17
17
|
const gateway_subscription_id = subEntity.id;
|
|
18
18
|
const reqBody = req.rawBody;
|
|
19
|
+
const jsonBody = req.body;
|
|
19
20
|
const signature = req.headers["x-razorpay-signature"];
|
|
20
21
|
if (signature === undefined) {
|
|
21
22
|
res.status(200).send({ message: "Missing Razorpay signature" });
|
|
22
23
|
return;
|
|
23
24
|
}
|
|
25
|
+
// Find the local subscription
|
|
26
|
+
const sub = await db.getOne(tableNames.TRANSACTION.replace('transactions', 'subscriptions'), { gateway_subscription_id });
|
|
27
|
+
if (!sub) {
|
|
28
|
+
console.log("Subscription not found for webhook:", gateway_subscription_id);
|
|
29
|
+
res.status(200).send({ message: "Subscription not found locally" });
|
|
30
|
+
return;
|
|
31
|
+
}
|
|
32
|
+
const clientConf = (0, buildConfig_1.withClientConfigOverrides)(baseConfig, req, { clientId: sub.clientId });
|
|
24
33
|
let signatureValid;
|
|
25
34
|
try {
|
|
26
|
-
signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET);
|
|
35
|
+
signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET, jsonBody, clientConf);
|
|
27
36
|
}
|
|
28
37
|
catch (e) {
|
|
29
38
|
signatureValid = false;
|
|
@@ -32,14 +41,6 @@ async function handleSubscriptionWebhook(req, res, db, baseConfig, tableNames, m
|
|
|
32
41
|
res.status(200).send({ message: "Invalid Rzpay signature" });
|
|
33
42
|
return;
|
|
34
43
|
}
|
|
35
|
-
// Find the local subscription
|
|
36
|
-
const sub = await db.getOne(tableNames.TRANSACTION.replace('transactions', 'subscriptions'), { gateway_subscription_id });
|
|
37
|
-
if (!sub) {
|
|
38
|
-
console.log("Subscription not found for webhook:", gateway_subscription_id);
|
|
39
|
-
res.status(200).send({ message: "Subscription not found locally" });
|
|
40
|
-
return;
|
|
41
|
-
}
|
|
42
|
-
const clientConf = (0, buildConfig_1.withClientConfigOverrides)(baseConfig, req, { clientId: sub.clientId });
|
|
43
44
|
let statusChanged = false;
|
|
44
45
|
// Map Razorpay events to local subscription status
|
|
45
46
|
switch (event) {
|
package/dist/package.json
CHANGED