node-paytmpg 8.0.8 → 8.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/app/controllers/adapters/razorpay.d.ts +2 -0
  2. package/dist/app/controllers/adapters/razorpay.js +34 -0
  3. package/dist/app/controllers/payment.controller.js +6 -1
  4. package/dist/app/controllers/subscription.webhook.js +12 -10
  5. package/dist/package.json +1 -1
  6. package/package.json +1 -1
package/dist/app/controllers/adapters/razorpay.d.ts CHANGED
@@ -12,4 +12,6 @@ export declare class RazorpayAdapter implements ISubscriptionProvider {
12
12
  }>;
13
13
  getSubscription(gatewayId: string, config: NPConfig): Promise<any>;
14
14
  cancelSubscription(gatewayId: string, cancelAtCycleEnd: boolean, config: NPConfig): Promise<any>;
15
+ getOrder(orderId: string, config: NPConfig): Promise<any>;
16
+ validateWebhookSignature(reqBody: string, signature: string, secret: string, jsonBody: any, clientConfig: NPConfig): Promise<boolean>;
15
17
  }
package/dist/app/controllers/adapters/razorpay.js CHANGED
@@ -57,5 +57,39 @@ class RazorpayAdapter {
57
57
  const instance = this.getInstance(config);
58
58
  return await instance.subscriptions.cancel(gatewayId, cancelAtCycleEnd);
59
59
  }
60
+ async getOrder(orderId, config) {
61
+ const instance = this.getInstance(config);
62
+ return await instance.orders.fetch(orderId);
63
+ }
64
+ async validateWebhookSignature(reqBody, signature, secret, jsonBody, clientConfig) {
65
+ var _a, _b, _c, _d, _e, _f;
66
+ try {
67
+ return razorpay_1.default.validateWebhookSignature(reqBody, signature, secret);
68
+ }
69
+ catch (e) {
70
+ if (clientConfig && jsonBody && jsonBody.payload && jsonBody.payload.payment && jsonBody.payload.payment.entity) {
71
+ let orderId = (_c = (_b = (_a = jsonBody === null || jsonBody === void 0 ? void 0 : jsonBody.payload) === null || _a === void 0 ? void 0 : _a.payment) === null || _b === void 0 ? void 0 : _b.entity) === null || _c === void 0 ? void 0 : _c.order_id;
72
+ let captureStatusClaimed = (_f = (_e = (_d = jsonBody === null || jsonBody === void 0 ? void 0 : jsonBody.payload) === null || _d === void 0 ? void 0 : _d.payment) === null || _e === void 0 ? void 0 : _e.entity) === null || _f === void 0 ? void 0 : _f.status;
73
+ console.log("Error validating Razorpay signature:", e);
74
+ if (orderId) {
75
+ console.log("Attempting fallback validation method using GET Order", orderId);
76
+ try {
77
+ const orderDetails = await this.getOrder(orderId, { KEY: '', SECRET: secret });
78
+ if (orderDetails && orderDetails.id === orderId && orderDetails.status === captureStatusClaimed) {
79
+ console.log("Fallback validation successful for order:", orderId);
80
+ return true;
81
+ }
82
+ else {
83
+ console.log("Fallback validation failed: Order details do not match for order:", orderId, "Order details:", orderDetails);
84
+ }
85
+ }
86
+ catch (e) {
87
+ console.log("Error in fallback validation:", e);
88
+ }
89
+ }
90
+ }
91
+ return false;
92
+ }
93
+ }
60
94
  }
61
95
  exports.RazorpayAdapter = RazorpayAdapter;
package/dist/app/controllers/payment.controller.js CHANGED
@@ -881,16 +881,19 @@ class PaymentController {
881
881
  const signature = req.headers["x-razorpay-signature"];
882
882
  console.log("Razorpay webhook signature:", signature);
883
883
  if (signature === undefined) {
884
+ console.log("Razorpay webhook missing signature");
884
885
  res.status(200).send({ message: "Missing Razorpay signature" });
885
886
  return;
886
887
  }
887
888
  let signatureValid;
889
+ const razorPayInstance = this.getProviderInstance(serviceUsed, config);
888
890
  try {
889
- signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET);
891
+ signatureValid = await razorPayInstance.validateWebhookSignature(reqBody, signature, config.SECRET, req.body, config);
890
892
  }
891
893
  catch (e) {
892
894
  signatureValid = false;
893
895
  }
896
+ console.log("Razorpay webhook signature valid:", signatureValid);
894
897
  if (signatureValid) {
895
898
  if (event === events[0]) {
896
899
  req.body.STATUS = "TXN_SUCCESS";
@@ -908,10 +911,12 @@ class PaymentController {
908
911
  }, 3000);
909
912
  }
910
913
  else {
914
+ console.log("Razorpay webhook invalid signature");
911
915
  res.status(200).send({ message: "Invalid Rzpay signature" });
912
916
  }
913
917
  }
914
918
  else {
919
+ console.log("Razorpay webhook invalid payload");
915
920
  res.status(200).send({ message: "Invalid Payload" });
916
921
  }
917
922
  }
package/dist/app/controllers/subscription.webhook.js CHANGED
@@ -4,9 +4,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
4
4
  };
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
6
  exports.handleSubscriptionWebhook = handleSubscriptionWebhook;
7
- const razorpay_1 = __importDefault(require("razorpay"));
8
7
  const axios_1 = __importDefault(require("axios"));
9
8
  const buildConfig_1 = require("../utils/buildConfig");
9
+ const razorpay_1 = require("./adapters/razorpay");
10
10
  async function handleSubscriptionWebhook(req, res, db, baseConfig, tableNames, makeid) {
11
11
  var _a;
12
12
  const event = req.body.event;
@@ -16,14 +16,24 @@ async function handleSubscriptionWebhook(req, res, db, baseConfig, tableNames, m
16
16
  const paymentEntity = (_a = req.body.payload.payment) === null || _a === void 0 ? void 0 : _a.entity;
17
17
  const gateway_subscription_id = subEntity.id;
18
18
  const reqBody = req.rawBody;
19
+ const jsonBody = req.body;
19
20
  const signature = req.headers["x-razorpay-signature"];
20
21
  if (signature === undefined) {
21
22
  res.status(200).send({ message: "Missing Razorpay signature" });
22
23
  return;
23
24
  }
25
+ // Find the local subscription
26
+ const sub = await db.getOne(tableNames.TRANSACTION.replace('transactions', 'subscriptions'), { gateway_subscription_id });
27
+ if (!sub) {
28
+ console.log("Subscription not found for webhook:", gateway_subscription_id);
29
+ res.status(200).send({ message: "Subscription not found locally" });
30
+ return;
31
+ }
32
+ const clientConf = (0, buildConfig_1.withClientConfigOverrides)(baseConfig, req, { clientId: sub.clientId });
33
+ const razorPayInstance = new razorpay_1.RazorpayAdapter();
24
34
  let signatureValid;
25
35
  try {
26
- signatureValid = razorpay_1.default.validateWebhookSignature(reqBody, signature, config.SECRET);
36
+ signatureValid = await razorPayInstance.validateWebhookSignature(reqBody, signature, config.SECRET, jsonBody, clientConf);
27
37
  }
28
38
  catch (e) {
29
39
  signatureValid = false;
@@ -32,14 +42,6 @@ async function handleSubscriptionWebhook(req, res, db, baseConfig, tableNames, m
32
42
  res.status(200).send({ message: "Invalid Rzpay signature" });
33
43
  return;
34
44
  }
35
- // Find the local subscription
36
- const sub = await db.getOne(tableNames.TRANSACTION.replace('transactions', 'subscriptions'), { gateway_subscription_id });
37
- if (!sub) {
38
- console.log("Subscription not found for webhook:", gateway_subscription_id);
39
- res.status(200).send({ message: "Subscription not found locally" });
40
- return;
41
- }
42
- const clientConf = (0, buildConfig_1.withClientConfigOverrides)(baseConfig, req, { clientId: sub.clientId });
43
45
  let statusChanged = false;
44
46
  // Map Razorpay events to local subscription status
45
47
  switch (event) {
package/dist/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "node-paytmpg",
3
- "version": "8.0.8",
3
+ "version": "8.0.12",
4
4
  "description": "Payment Gateway Integration using NodeJS",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "node-paytmpg",
3
- "version": "8.0.8",
3
+ "version": "8.0.12",
4
4
  "description": "Payment Gateway Integration using NodeJS",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",