passkit-wallet 0.1.0

package/README.md

@@ -0,0 +1,190 @@
+# passkit-wallet
+
+Apple Wallet + Google Wallet pass generation made easy.
+
+Generate `.pkpass` files, Apple Order files, and Google Wallet save links from a single, framework-agnostic TypeScript library. Optional React components render the official "Add to Wallet" badges.
+
+## Install
+
+```bash
+npm install passkit-wallet
+```
+
+React components are optional — if you only use the backend helpers, React is not required.
+
+## Quick Start
+
+### Apple Wallet
+
+```typescript
+import { createAppleWalletClient, mountCouponPassBody } from 'passkit-wallet'
+
+const apple = createAppleWalletClient({
+  pass: {
+    passTypeIdentifier: 'pass.com.yourcompany',
+    teamIdentifier: 'ABCDE12345',
+    certificate: process.env.APPLE_PASS_CERTIFICATE!,
+    privateKey: process.env.APPLE_PASS_PRIVATE_KEY!,
+    keyPassword: process.env.APPLE_PASS_KEY_PASSWORD,
+    wwdrCertificate: process.env.APPLE_WWDR_CERT!,
+    webServiceURL: 'https://yourapp.com/api/passes',
+    authenticationToken: 'your-auth-token',
+    passTemplatePath: './resources/your.pass',
+  },
+})
+
+// Load template and create a coupon pass
+const template = await apple.loadPassTemplate()
+const passBody = mountCouponPassBody({
+  code: 'SAVE20',
+  offerTitle: '20% Off',
+  qrCodeUrl: 'https://yourapp.com/discount/SAVE20',
+  backFields: [
+    { key: 'support', label: 'Support', value: 'help@yourapp.com' },
+  ],
+})
+
+const pass = template.createPass()
+// ... set pass fields from passBody, then generate the .pkpass buffer
+```
+
+### Apple Orders
+
+```typescript
+import { createAppleWalletClient, mountOrderInstance } from 'passkit-wallet'
+
+const apple = createAppleWalletClient({
+  order: {
+    orderTypeIdentifier: 'order.com.yourcompany',
+    certificate: process.env.APPLE_ORDER_CERTIFICATE!,
+    privateKey: process.env.APPLE_ORDER_PRIVATE_KEY!,
+    keyPassword: process.env.APPLE_ORDER_KEY_PASSWORD,
+    wwdrCertificate: process.env.APPLE_WWDR_G5_CERT!,
+    webServiceURL: 'https://yourapp.com/api/orders',
+    authenticationToken: 'your-order-auth-token',
+    orderModelPath: './resources/model.order',
+  },
+})
+
+const orderBody = apple.mountOrderInstance({
+  orderNumber: 'ORD-12345',
+  currency: 'USD',
+  totals: { grandTotal: 4999, subTotal: 3999, shipping: 500, tax: 400, tip: 100 },
+  orderItems: [{
+    image: 'https://cdn.example.com/product.jpg',
+    price: 3999,
+    quantity: 1,
+    productName: 'Widget',
+  }],
+  customer: { emailAddress: 'customer@example.com', givenName: 'Jane' },
+  orderManagementURL: 'https://yourapp.com/orders/ORD-12345',
+})
+
+const orderBuffer = await apple.generateOrder(orderBody)
+// Serve orderBuffer as application/vnd.apple.order with Content-Disposition
+```
+
+### Google Wallet
+
+```typescript
+import {
+  createGoogleWalletClient,
+  mountOfferClassBody,
+  mountOfferObjectBody,
+  createClass,
+} from 'passkit-wallet'
+
+const gw = createGoogleWalletClient({
+  issuerId: '1234567890',
+  credentials: JSON.parse(process.env.GOOGLE_CREDENTIALS!),
+  origins: ['https://yourapp.com'],
+})
+
+// Create an offer class
+const classBody = mountOfferClassBody(gw.config.issuerId, {
+  classSuffix: 'my_offers',
+  offerTitle: '20% Off Everything',
+  reviewStatus: 'DRAFT',
+  provider: 'Your Company',
+  hexBackgroundColor: '#1a1a2e',
+})
+
+await createClass(gw.client, 'offerclass', gw.config.issuerId, 'my_offers', classBody)
+
+// Create an offer object
+const objectBody = mountOfferObjectBody(gw.config.issuerId, {
+  classSuffix: 'my_offers',
+  objectSuffix: 'offer_user123',
+  code: 'SAVE20',
+  qrCodeUrl: 'https://yourapp.com/discount/SAVE20',
+})
+
+// Get the signed save URL
+const saveUrl = gw.getSignedURL('offerObjects', 'offer_user123', 'my_offers')
+// Redirect or display saveUrl to the user
+```
+
+### React Components
+
+```tsx
+import { AddToAppleWallet, AddToGoogleWallet } from 'passkit-wallet/react'
+
+function WalletButtons({ pkpassUrl, googleSaveUrl }) {
+  return (
+    <div>
+      <AddToAppleWallet url={pkpassUrl} />
+      <AddToGoogleWallet saveUrl={googleSaveUrl} />
+    </div>
+  )
+}
+```
+
+## Apple Certificate Setup
+
+1. Create a Pass Type ID and Order Type ID in the [Apple Developer Portal](https://developer.apple.com/account/resources/identifiers/list/passTypeId).
+2. Generate certificates for each and export them as `.pem` files.
+3. Download the [WWDR G5 certificate](https://www.apple.com/certificateauthority/) and convert to PEM.
+4. Create a `.pass` bundle directory with your `pass.json`, icon, logo, and other assets.
+5. Create a `model.order` bundle directory with your `order.json`, icon, and assets.
+
+## Google Wallet Setup
+
+1. Create a [Google Wallet API](https://pay.google.com/business/console/) issuer account.
+2. Create a service account with the **Google Wallet Object Issuer** role.
+3. Download the service account JSON credentials.
+
+## API Reference
+
+### Factory Functions
+
+- `createAppleWalletClient(config)` — returns a client with bound config for Apple pass/order operations.
+- `createGoogleWalletClient(config)` — returns a client with bound config and authenticated Google API client.
+
+### Apple
+
+- `loadPassTemplate(config)` — loads a `.pass` template and configures certificates.
+- `mountCouponPassBody(options)` — builds coupon pass field data.
+- `loadOrderModel(config)` — loads an order model from a `.order` bundle.
+- `mountOrderInstance(options, webServiceURL)` — builds order instance data.
+- `generateOrder(instance, config, images?)` — generates a signed `.order` buffer.
+- `sendPushNotification(tokens, topic, options)` — sends APN push to trigger pass/order refresh.
+- `parseRegistrationRequest(request, authToken)` — validates Apple device registration requests.
+- `parseUnregistrationRequest(request, authToken)` — validates device unregistration requests.
+
+### Google
+
+- `loadClient(config)` — creates an authenticated Google Wallet API client.
+- `getSignedURL(config, type, objectSuffix, classSuffix)` — generates a signed save-to-wallet JWT URL.
+- `mountOfferClassBody(issuerId, options)` / `mountOfferObjectBody(issuerId, options)` — build offer class/object data.
+- `mountOrderClassBody(issuerId, options)` / `mountOrderObjectBody(issuerId, options)` — build order class/object data.
+- `getClass` / `createClass` / `updateClass` / `updateObject` — CRUD operations on wallet classes and objects.
+- `sendObjectMessage(client, type, resourceId, message)` — attach a message to a wallet object.
+
+### React
+
+- `<AddToAppleWallet url={string} />` — Apple Wallet badge link.
+- `<AddToGoogleWallet saveUrl={string} />` — Google Wallet badge link.
+
+## License
+
+MIT

package/dist/apple/index.d.ts

@@ -0,0 +1,7 @@
+export { loadPassTemplate, mountCouponPassBody } from "./pass.js";
+export { loadOrderModel, mountOrderInstance, generateOrder, writeOrderCertificates, addImagesToModelDir, removeImagesFromModelDir, } from "./order.js";
+export { sendPushNotification } from "./push.js";
+export { parseRegistrationRequest, parseUnregistrationRequest, } from "./registration.js";
+export type { RegistrationRequest, RegistrationResult, } from "./registration.js";
+export type { OrderInstance, Merchant, Payment, MoneyAmount, SummaryItem, LineItem, Fulfillment, AppleCouponPassOptions, AppleOrderOptions, ApplePushOptions, } from "./types.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/apple/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/apple/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAA;AACjE,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,aAAa,EACb,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,GACzB,MAAM,YAAY,CAAA;AACnB,OAAO,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AAChD,OAAO,EACL,wBAAwB,EACxB,0BAA0B,GAC3B,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EACV,mBAAmB,EACnB,kBAAkB,GACnB,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EACV,aAAa,EACb,QAAQ,EACR,OAAO,EACP,WAAW,EACX,WAAW,EACX,QAAQ,EACR,WAAW,EACX,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,YAAY,CAAA"}

package/dist/apple/index.js

@@ -0,0 +1,5 @@
+export { loadPassTemplate, mountCouponPassBody } from "./pass.js";
+export { loadOrderModel, mountOrderInstance, generateOrder, writeOrderCertificates, addImagesToModelDir, removeImagesFromModelDir, } from "./order.js";
+export { sendPushNotification } from "./push.js";
+export { parseRegistrationRequest, parseUnregistrationRequest, } from "./registration.js";
+//# sourceMappingURL=index.js.map

package/dist/apple/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/apple/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAA;AACjE,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,aAAa,EACb,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,GACzB,MAAM,YAAY,CAAA;AACnB,OAAO,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AAChD,OAAO,EACL,wBAAwB,EACxB,0BAA0B,GAC3B,MAAM,mBAAmB,CAAA"}

package/dist/apple/order.d.ts

@@ -0,0 +1,40 @@
+import type { AppleOrderConfig } from "../common/config.js";
+import type { AppleOrderOptions, OrderInstance } from "./types.js";
+/**
+ * Write order certificates to a temporary directory so
+ * `wallet-order-generator` can read them from disk.
+ *
+ * Returns the temp directory path.
+ */
+export declare const writeOrderCertificates: (config: AppleOrderConfig) => string;
+/**
+ * Load an order model from a `.order` bundle directory.
+ */
+export declare const loadOrderModel: (config: AppleOrderConfig) => Promise<OrderInstance>;
+/**
+ * Build a plain order instance body from the provided data.
+ *
+ * Amounts in `totals` and `orderItems[].price` are expected in the
+ * **smallest currency unit** (e.g. cents) and will be divided by 100.
+ */
+export declare const mountOrderInstance: (options: AppleOrderOptions, webServiceURL: string) => Record<string, unknown>;
+/**
+ * Download images from URLs and save them into the order model directory.
+ *
+ * Returns the list of saved file names.
+ */
+export declare const addImagesToModelDir: (modelDirPath: string, images: string[]) => Promise<string[]>;
+/**
+ * Remove previously-added images from the order model directory.
+ */
+export declare const removeImagesFromModelDir: (modelDirPath: string, images: string[]) => Promise<void>;
+/**
+ * Generate a signed `.order` file buffer.
+ *
+ * @param orderInstance - The order data object (from `mountOrderInstance` or your own).
+ * @param config - Apple order certificate configuration.
+ * @param images - List of image file names already present in the model directory.
+ * @returns A `Buffer` containing the signed order file.
+ */
+export declare const generateOrder: (orderInstance: Record<string, unknown>, config: AppleOrderConfig, images?: string[]) => Promise<Buffer>;
+//# sourceMappingURL=order.d.ts.map

package/dist/apple/order.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"order.d.ts","sourceRoot":"","sources":["../../src/apple/order.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAC3D,OAAO,KAAK,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AAElE;;;;;GAKG;AACH,eAAO,MAAM,sBAAsB,GAAI,QAAQ,gBAAgB,KAAG,MAcjE,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,cAAc,GACzB,QAAQ,gBAAgB,KACvB,OAAO,CAAC,aAAa,CAGvB,CAAA;AAED;;;;;GAKG;AACH,eAAO,MAAM,kBAAkB,GAC7B,SAAS,iBAAiB,EAC1B,eAAe,MAAM,KACpB,MAAM,CAAC,MAAM,EAAE,OAAO,CAiDxB,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,mBAAmB,GAC9B,cAAc,MAAM,EACpB,QAAQ,MAAM,EAAE,KACf,OAAO,CAAC,MAAM,EAAE,CAkBlB,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,wBAAwB,GACnC,cAAc,MAAM,EACpB,QAAQ,MAAM,EAAE,KACf,OAAO,CAAC,IAAI,CAQd,CAAA;AAED;;;;;;;GAOG;AACH,eAAO,MAAM,aAAa,GACxB,eAAe,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACtC,QAAQ,gBAAgB,EACxB,SAAQ,MAAM,EAAO,KACpB,OAAO,CAAC,MAAM,CAehB,CAAA"}

package/dist/apple/order.js

@@ -0,0 +1,127 @@
+// @ts-expect-error — wallet-order-generator has no type declarations
+import orderGenerator from "wallet-order-generator";
+import { mkdtempSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { unlink } from "node:fs/promises";
+/**
+ * Write order certificates to a temporary directory so
+ * `wallet-order-generator` can read them from disk.
+ *
+ * Returns the temp directory path.
+ */
+export const writeOrderCertificates = (config) => {
+    const tempDir = mkdtempSync(join(tmpdir(), "passkit-certs-"));
+    const certs = {
+        signerCert: config.certificate,
+        signerKey: config.privateKey,
+        wwdr: config.wwdrCertificate,
+    };
+    for (const [name, value] of Object.entries(certs)) {
+        writeFileSync(join(tempDir, `${name}.pem`), value);
+    }
+    return tempDir;
+};
+/**
+ * Load an order model from a `.order` bundle directory.
+ */
+export const loadOrderModel = async (config) => {
+    const orderInstance = await orderGenerator.from(config.orderModelPath);
+    return orderInstance;
+};
+/**
+ * Build a plain order instance body from the provided data.
+ *
+ * Amounts in `totals` and `orderItems[].price` are expected in the
+ * **smallest currency unit** (e.g. cents) and will be divided by 100.
+ */
+export const mountOrderInstance = (options, webServiceURL) => {
+    const { orderNumber, totals, currency, orderItems, customer, orderStatus, paymentStatus, fulfillments, orderManagementURL, } = options;
+    return {
+        orderNumber,
+        customer,
+        webServiceURL,
+        payment: {
+            status: paymentStatus || "paid",
+            total: {
+                amount: totals.grandTotal / 100,
+                currency,
+            },
+            summaryItems: [
+                {
+                    label: "Subtotal",
+                    value: { amount: totals.subTotal / 100, currency },
+                },
+                {
+                    label: "Shipping",
+                    value: { amount: totals.shipping / 100, currency },
+                },
+                {
+                    label: "Tip",
+                    value: { amount: totals.tip / 100, currency },
+                },
+            ],
+        },
+        lineItems: orderItems.map((item) => ({
+            image: item.image.split("/").pop(),
+            price: { amount: item.price / 100, currency },
+            quantity: item.quantity,
+            title: item.productName,
+            subtitle: item.variantName || "",
+        })),
+        statusDescription: orderStatus || "PROCESSING",
+        orderManagementURL,
+        fulfillments,
+    };
+};
+/**
+ * Download images from URLs and save them into the order model directory.
+ *
+ * Returns the list of saved file names.
+ */
+export const addImagesToModelDir = async (modelDirPath, images) => {
+    const results = await Promise.all(images.map(async (imageUrl) => {
+        try {
+            const response = await fetch(imageUrl);
+            const buffer = Buffer.from(await response.arrayBuffer());
+            const imageName = imageUrl.split("/").pop();
+            const imagePath = join(modelDirPath, imageName);
+            writeFileSync(imagePath, buffer);
+            return imageName;
+        }
+        catch (err) {
+            console.error("Failed to download image:", err);
+            return null;
+        }
+    }));
+    return results.filter((name) => name !== null);
+};
+/**
+ * Remove previously-added images from the order model directory.
+ */
+export const removeImagesFromModelDir = async (modelDirPath, images) => {
+    for (const image of images) {
+        try {
+            await unlink(join(modelDirPath, image));
+        }
+        catch {
+            // ignore missing files
+        }
+    }
+};
+/**
+ * Generate a signed `.order` file buffer.
+ *
+ * @param orderInstance - The order data object (from `mountOrderInstance` or your own).
+ * @param config - Apple order certificate configuration.
+ * @param images - List of image file names already present in the model directory.
+ * @returns A `Buffer` containing the signed order file.
+ */
+export const generateOrder = async (orderInstance, config, images = []) => {
+    const tempCertsDir = writeOrderCertificates(config);
+    // Inject the auth token
+    orderInstance.authenticationToken = config.authenticationToken;
+    const readStream = await orderGenerator.generateOrder(orderInstance, config.keyPassword ?? "", ["icon.png", ...images], config.orderModelPath, tempCertsDir);
+    return readStream.toBuffer();
+};
+//# sourceMappingURL=order.js.map

package/dist/apple/order.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"order.js","sourceRoot":"","sources":["../../src/apple/order.ts"],"names":[],"mappings":"AAAA,qEAAqE;AACrE,OAAO,cAAc,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAA;AAChC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAChC,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AAIzC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,MAAwB,EAAU,EAAE;IACzE,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,gBAAgB,CAAC,CAAC,CAAA;IAE7D,MAAM,KAAK,GAAG;QACZ,UAAU,EAAE,MAAM,CAAC,WAAW;QAC9B,SAAS,EAAE,MAAM,CAAC,UAAU;QAC5B,IAAI,EAAE,MAAM,CAAC,eAAe;KAC7B,CAAA;IAED,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAClD,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,MAAM,CAAC,EAAE,KAAK,CAAC,CAAA;IACpD,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,EACjC,MAAwB,EACA,EAAE;IAC1B,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CAAA;IACtE,OAAO,aAA8B,CAAA;AACvC,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,OAA0B,EAC1B,aAAqB,EACI,EAAE;IAC3B,MAAM,EACJ,WAAW,EACX,MAAM,EACN,QAAQ,EACR,UAAU,EACV,QAAQ,EACR,WAAW,EACX,aAAa,EACb,YAAY,EACZ,kBAAkB,GACnB,GAAG,OAAO,CAAA;IAEX,OAAO;QACL,WAAW;QACX,QAAQ;QACR,aAAa;QACb,OAAO,EAAE;YACP,MAAM,EAAE,aAAa,IAAI,MAAM;YAC/B,KAAK,EAAE;gBACL,MAAM,EAAE,MAAM,CAAC,UAAU,GAAG,GAAG;gBAC/B,QAAQ;aACT;YACD,YAAY,EAAE;gBACZ;oBACE,KAAK,EAAE,UAAU;oBACjB,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,GAAG,GAAG,EAAE,QAAQ,EAAE;iBACnD;gBACD;oBACE,KAAK,EAAE,UAAU;oBACjB,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,GAAG,GAAG,EAAE,QAAQ,EAAE;iBACnD;gBACD;oBACE,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,GAAG,GAAG,GAAG,EAAE,QAAQ,EAAE;iBAC9C;aACF;SACF;QACD,SAAS,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YACnC,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE;YAClC,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,GAAG,GAAG,EAAE,QAAQ,EAAE;YAC7C,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,WAAW;YACvB,QAAQ,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE;SACjC,CAAC,CAAC;QACH,iBAAiB,EAAE,WAAW,IAAI,YAAY;QAC9C,kBAAkB;QAClB,YAAY;KACb,CAAA;AACH,CAAC,CAAA;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,EACtC,YAAoB,EACpB,MAAgB,EACG,EAAE;IACrB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,QAAQ,EAAE,EAAE;QAC5B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,CAAA;YACtC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAA;YACxD,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAG,CAAA;YAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,SAAS,CAAC,CAAA;YAC/C,aAAa,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;YAChC,OAAO,SAAS,CAAA;QAClB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAA;YAC/C,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC,CAAC,CACH,CAAA;IAED,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,IAAI,KAAK,IAAI,CAAC,CAAA;AAChE,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,KAAK,EAC3C,YAAoB,EACpB,MAAgB,EACD,EAAE;IACjB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC,CAAA;QACzC,CAAC;QAAC,MAAM,CAAC;YACP,uBAAuB;QACzB,CAAC;IACH,CAAC;AACH,CAAC,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAChC,aAAsC,EACtC,MAAwB,EACxB,SAAmB,EAAE,EACJ,EAAE;IACnB,MAAM,YAAY,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAA;IAEnD,wBAAwB;IACxB,aAAa,CAAC,mBAAmB,GAAG,MAAM,CAAC,mBAAmB,CAAA;IAE9D,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,aAAa,CACnD,aAAa,EACb,MAAM,CAAC,WAAW,IAAI,EAAE,EACxB,CAAC,UAAU,EAAE,GAAG,MAAM,CAAC,EACvB,MAAM,CAAC,cAAc,EACrB,YAAY,CACb,CAAA;IAED,OAAO,UAAU,CAAC,QAAQ,EAAqB,CAAA;AACjD,CAAC,CAAA"}

package/dist/apple/pass.d.ts

@@ -0,0 +1,36 @@
+import { Template } from "@walletpass/pass-js";
+import type { ApplePassConfig } from "../common/config.js";
+import type { AppleCouponPassOptions } from "./types.js";
+/**
+ * Load a pass template from a `.pass` bundle directory and configure
+ * it with the provided certificates.
+ */
+export declare const loadPassTemplate: (config: ApplePassConfig) => Promise<Template>;
+/**
+ * Build the body for a coupon-style pass.
+ *
+ * Returns a plain object suitable for passing to `template.createPass()`.
+ */
+export declare const mountCouponPassBody: (options: AppleCouponPassOptions) => {
+    primaryFields: {
+        key: string;
+        label: string;
+        value: string;
+    }[];
+    secondaryFields: {
+        key: string;
+        label: string;
+        value: string;
+    }[];
+    barcode: {
+        format: string;
+        message: string;
+        messageEncoding: string;
+    };
+    backFields: {
+        key: string;
+        label: string;
+        value: string;
+    }[];
+};
+//# sourceMappingURL=pass.d.ts.map

package/dist/apple/pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pass.d.ts","sourceRoot":"","sources":["../../src/apple/pass.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAC9C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AAC1D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAA;AAExD;;;GAGG;AACH,eAAO,MAAM,gBAAgB,GAAU,QAAQ,eAAe,sBAS7D,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,mBAAmB,GAAI,SAAS,sBAAsB;;;;;;;;;;;;;;;;;;;;;CAyBlE,CAAA"}

package/dist/apple/pass.js

@@ -0,0 +1,44 @@
+import { Template } from "@walletpass/pass-js";
+/**
+ * Load a pass template from a `.pass` bundle directory and configure
+ * it with the provided certificates.
+ */
+export const loadPassTemplate = async (config) => {
+    const template = await Template.load(config.passTemplatePath, "", {
+        allowHttp: config.allowHttp ?? false,
+    });
+    template.setCertificate(config.certificate);
+    template.setPrivateKey(config.privateKey, config.keyPassword);
+    return template;
+};
+/**
+ * Build the body for a coupon-style pass.
+ *
+ * Returns a plain object suitable for passing to `template.createPass()`.
+ */
+export const mountCouponPassBody = (options) => {
+    const { code, offerTitle, qrCodeUrl, backFields } = options;
+    return {
+        primaryFields: [
+            {
+                key: "offer",
+                label: "Discount",
+                value: offerTitle,
+            },
+        ],
+        secondaryFields: [
+            {
+                key: "code",
+                label: "Code",
+                value: code,
+            },
+        ],
+        barcode: {
+            format: "PKBarcodeFormatQR",
+            message: qrCodeUrl,
+            messageEncoding: "iso-8859-1",
+        },
+        backFields: backFields ?? [],
+    };
+};
+//# sourceMappingURL=pass.js.map

package/dist/apple/pass.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pass.js","sourceRoot":"","sources":["../../src/apple/pass.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAI9C;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,EAAE,MAAuB,EAAE,EAAE;IAChE,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,EAAE,EAAE;QAChE,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,KAAK;KACrC,CAAC,CAAA;IAEF,QAAQ,CAAC,cAAc,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;IAC3C,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,WAAW,CAAC,CAAA;IAE7D,OAAO,QAAQ,CAAA;AACjB,CAAC,CAAA;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,OAA+B,EAAE,EAAE;IACrE,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,OAAO,CAAA;IAE3D,OAAO;QACL,aAAa,EAAE;YACb;gBACE,GAAG,EAAE,OAAO;gBACZ,KAAK,EAAE,UAAU;gBACjB,KAAK,EAAE,UAAU;aAClB;SACF;QACD,eAAe,EAAE;YACf;gBACE,GAAG,EAAE,MAAM;gBACX,KAAK,EAAE,MAAM;gBACb,KAAK,EAAE,IAAI;aACZ;SACF;QACD,OAAO,EAAE;YACP,MAAM,EAAE,mBAAmB;YAC3B,OAAO,EAAE,SAAS;YAClB,eAAe,EAAE,YAAY;SAC9B;QACD,UAAU,EAAE,UAAU,IAAI,EAAE;KAC7B,CAAA;AACH,CAAC,CAAA"}

package/dist/apple/push.d.ts

@@ -0,0 +1,14 @@
+import type { ApplePushOptions } from "./types.js";
+/**
+ * Send an APN push notification to one or more devices to trigger
+ * a pass or order refresh.
+ *
+ * @param pushTokens - A single token or array of device push tokens.
+ * @param topic - The pass type identifier or order type identifier.
+ * @param options - Certificate and key configuration.
+ */
+export declare const sendPushNotification: (pushTokens: string | string[], topic: string, options: ApplePushOptions) => Promise<{
+    sent: number;
+    failed: number;
+}>;
+//# sourceMappingURL=push.d.ts.map

package/dist/apple/push.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"push.d.ts","sourceRoot":"","sources":["../../src/apple/push.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAElD;;;;;;;GAOG;AACH,eAAO,MAAM,oBAAoB,GAC/B,YAAY,MAAM,GAAG,MAAM,EAAE,EAC7B,OAAO,MAAM,EACb,SAAS,gBAAgB,KACxB,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CA2B1C,CAAA"}

package/dist/apple/push.js

@@ -0,0 +1,37 @@
+import apn from "@parse/node-apn";
+/**
+ * Send an APN push notification to one or more devices to trigger
+ * a pass or order refresh.
+ *
+ * @param pushTokens - A single token or array of device push tokens.
+ * @param topic - The pass type identifier or order type identifier.
+ * @param options - Certificate and key configuration.
+ */
+export const sendPushNotification = async (pushTokens, topic, options) => {
+    const provider = new apn.Provider({
+        cert: options.certificate,
+        key: options.privateKey,
+        passphrase: options.passphrase,
+        production: options.production ?? true,
+    });
+    const note = new apn.Notification();
+    note.expiry = Math.floor(Date.now() / 1000) + 3600; // 1 hour
+    note.badge = 3;
+    note.priority = 10;
+    note.pushType = "alert";
+    note.sound = "ping.aiff";
+    note.alert = "You have updates!";
+    note.payload = {};
+    note.topic = topic;
+    try {
+        const result = await provider.send(note, pushTokens);
+        return {
+            sent: result.sent?.length ?? 0,
+            failed: result.failed?.length ?? 0,
+        };
+    }
+    finally {
+        provider.shutdown();
+    }
+};
+//# sourceMappingURL=push.js.map

package/dist/apple/push.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"push.js","sourceRoot":"","sources":["../../src/apple/push.ts"],"names":[],"mappings":"AAAA,OAAO,GAAG,MAAM,iBAAiB,CAAA;AAGjC;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,KAAK,EACvC,UAA6B,EAC7B,KAAa,EACb,OAAyB,EACkB,EAAE;IAC7C,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC;QAChC,IAAI,EAAE,OAAO,CAAC,WAAW;QACzB,GAAG,EAAE,OAAO,CAAC,UAAU;QACvB,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,IAAI;KACvC,CAAC,CAAA;IAEF,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,YAAY,EAAE,CAAA;IACnC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAA,CAAC,SAAS;IAC5D,IAAI,CAAC,KAAK,GAAG,CAAC,CAAA;IACd,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAA;IAClB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAA;IACvB,IAAI,CAAC,KAAK,GAAG,WAAW,CAAA;IACxB,IAAI,CAAC,KAAK,GAAG,mBAAmB,CAAA;IAChC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAA;IACjB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;IAElB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;QACpD,OAAO;YACL,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,MAAM,IAAI,CAAC;YAC9B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC;SACnC,CAAA;IACH,CAAC;YAAS,CAAC;QACT,QAAQ,CAAC,QAAQ,EAAE,CAAA;IACrB,CAAC;AACH,CAAC,CAAA"}

package/dist/apple/registration.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Framework-agnostic helpers for Apple Wallet device registration.
+ *
+ * These helpers validate and parse incoming registration / unregistration
+ * requests so you can plug them into any HTTP framework (Express, Fastify,
+ * Hono, Elysia, etc.).
+ */
+export interface RegistrationRequest {
+    /** The `Authorization` header value (e.g. "ApplePass <token>"). */
+    authorizationHeader?: string;
+    /** Device library identifier from the URL path. */
+    deviceLibraryIdentifier: string;
+    /** Serial number of the pass being registered. */
+    serialNumber: string;
+    /** Push token from the request body (register only). */
+    pushToken?: string;
+}
+export interface RegistrationResult {
+    valid: boolean;
+    /** HTTP status code to return. */
+    status: number;
+    /** Parsed fields (available when valid). */
+    deviceLibraryIdentifier?: string;
+    serialNumber?: string;
+    pushToken?: string;
+    authToken?: string;
+}
+/**
+ * Validate and parse a device registration request.
+ *
+ * @param request - The incoming request data.
+ * @param expectedAuthToken - The authentication token configured for this pass type.
+ */
+export declare const parseRegistrationRequest: (request: RegistrationRequest, expectedAuthToken: string) => RegistrationResult;
+/**
+ * Validate and parse a device unregistration request.
+ *
+ * Same validation as registration but does not require a push token.
+ */
+export declare const parseUnregistrationRequest: (request: Omit<RegistrationRequest, "pushToken">, expectedAuthToken: string) => RegistrationResult;
+//# sourceMappingURL=registration.d.ts.map

package/dist/apple/registration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"registration.d.ts","sourceRoot":"","sources":["../../src/apple/registration.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,WAAW,mBAAmB;IAClC,mEAAmE;IACnE,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,mDAAmD;IACnD,uBAAuB,EAAE,MAAM,CAAA;IAC/B,kDAAkD;IAClD,YAAY,EAAE,MAAM,CAAA;IACpB,wDAAwD;IACxD,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,OAAO,CAAA;IACd,kCAAkC;IAClC,MAAM,EAAE,MAAM,CAAA;IACd,4CAA4C;IAC5C,uBAAuB,CAAC,EAAE,MAAM,CAAA;IAChC,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED;;;;;GAKG;AACH,eAAO,MAAM,wBAAwB,GACnC,SAAS,mBAAmB,EAC5B,mBAAmB,MAAM,KACxB,kBAoBF,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,0BAA0B,GACrC,SAAS,IAAI,CAAC,mBAAmB,EAAE,WAAW,CAAC,EAC/C,mBAAmB,MAAM,KACxB,kBAKF,CAAA"}

package/dist/apple/registration.js

@@ -0,0 +1,40 @@
+/**
+ * Framework-agnostic helpers for Apple Wallet device registration.
+ *
+ * These helpers validate and parse incoming registration / unregistration
+ * requests so you can plug them into any HTTP framework (Express, Fastify,
+ * Hono, Elysia, etc.).
+ */
+/**
+ * Validate and parse a device registration request.
+ *
+ * @param request - The incoming request data.
+ * @param expectedAuthToken - The authentication token configured for this pass type.
+ */
+export const parseRegistrationRequest = (request, expectedAuthToken) => {
+    const authHeader = request.authorizationHeader ?? "";
+    const token = authHeader.replace(/^ApplePass\s+/i, "").trim();
+    if (!token || token !== expectedAuthToken) {
+        return { valid: false, status: 401 };
+    }
+    if (!request.deviceLibraryIdentifier || !request.serialNumber) {
+        return { valid: false, status: 400 };
+    }
+    return {
+        valid: true,
+        status: 200,
+        deviceLibraryIdentifier: request.deviceLibraryIdentifier,
+        serialNumber: request.serialNumber,
+        pushToken: request.pushToken,
+        authToken: token,
+    };
+};
+/**
+ * Validate and parse a device unregistration request.
+ *
+ * Same validation as registration but does not require a push token.
+ */
+export const parseUnregistrationRequest = (request, expectedAuthToken) => {
+    return parseRegistrationRequest({ ...request, pushToken: undefined }, expectedAuthToken);
+};
+//# sourceMappingURL=registration.js.map

package/dist/apple/registration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"registration.js","sourceRoot":"","sources":["../../src/apple/registration.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAwBH;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CACtC,OAA4B,EAC5B,iBAAyB,EACL,EAAE;IACtB,MAAM,UAAU,GAAG,OAAO,CAAC,mBAAmB,IAAI,EAAE,CAAA;IACpD,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAA;IAE7D,IAAI,CAAC,KAAK,IAAI,KAAK,KAAK,iBAAiB,EAAE,CAAC;QAC1C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,CAAA;IACtC,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,uBAAuB,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QAC9D,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,CAAA;IACtC,CAAC;IAED,OAAO;QACL,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,GAAG;QACX,uBAAuB,EAAE,OAAO,CAAC,uBAAuB;QACxD,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,SAAS,EAAE,KAAK;KACjB,CAAA;AACH,CAAC,CAAA;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,0BAA0B,GAAG,CACxC,OAA+C,EAC/C,iBAAyB,EACL,EAAE;IACtB,OAAO,wBAAwB,CAC7B,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,EACpC,iBAAiB,CAClB,CAAA;AACH,CAAC,CAAA"}