npm - simplepay-js-sdk - Versions diffs - 0.12.0 → 0.12.1 - Mend

simplepay-js-sdk 0.12.0 → 0.12.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md CHANGED Viewed

@@ -102,12 +102,19 @@ A SimplePay `POST` kérést küld az IPN URL-re, és válaszolnunk kell rá.
 import { handleIpnRequest } from 'simplepay-js-sdk'
 // Az IPN végpont kezelőjében (pl. Express, Next.js, stb.)
-const ipnBody = await request.text() // A nyers body stringként (fontos: használd a .text()-et, ne a JSON.parse()-t)
+const ipnBody = await request.text() // A nyers body stringként (FONTOS: használd a .text()-et, ne a JSON.parse()-t)
 const incomingSignature = request.headers.get('Signature')
 const { MERCHANT_KEY } = getSimplePayConfig('HUF') // vagy a te valutád
 const { responseBody, signature } = handleIpnRequest(ipnBody, incomingSignature, MERCHANT_KEY)
+// KRITIKUS: A responseBody-t pontosan úgy küldd el, ahogy visszaadódott, NE módosítsd!
+// NE:
+// - Formázd újra vagy "szépítsd" a JSON-t
+// - Parse-old és stringify-zd újra a JSON-t
+// - Adj hozzá szóközöket vagy formázást
+// Bármilyen módosítás érvényteleníti az aláírást!
 // Válasz küldése HTTP 200 státusszal
 return new Response(responseBody, {
   status: 200,

package/dist/index.d.ts CHANGED Viewed

@@ -15,9 +15,19 @@ export declare const getPaymentResponse: (r: string, signature: string) => Simpl
  *
  * This function implements the IPN flow according to SimplePay requirements:
  * 1. Validates the incoming signature
- * 2. Adds receiveDate property to the response
+ * 2. Adds receiveDate property to the response (preserving original field order and data types)
  * 3. Generates response signature
  *
+ * **IMPORTANT**: The responseBody must be sent EXACTLY as returned, without any modifications.
+ * Do NOT:
+ * - Re-format or pretty-print the JSON
+ * - Parse and re-stringify the JSON
+ * - Add any whitespace or formatting
+ * - Modify the Content-Type header (must be 'application/json')
+ *
+ * The signature is calculated on the exact string that will be sent in the HTTP body.
+ * Any modification to the responseBody will invalidate the signature.
+ *
  * @param ipnBody - The raw IPN request body as string (must be the exact string received, not parsed JSON)
  * @param incomingSignature - The signature from the 'Signature' HTTP header
  * @param merchantKey - The merchant secret key for signature validation and generation
@@ -25,11 +35,12 @@ export declare const getPaymentResponse: (r: string, signature: string) => Simpl
  *
  * @example
  * // In your IPN endpoint handler:
- * const ipnBody = await request.text() // Get raw body as string
+ * const ipnBody = await request.text() // Get raw body as string (IMPORTANT: use .text(), not JSON.parse())
  * const incomingSignature = request.headers.get('Signature')
  * const { responseBody, signature } = handleIpnRequest(ipnBody, incomingSignature, MERCHANT_KEY)
  *
  * // Send response with HTTP 200 status
+ * // CRITICAL: Send responseBody exactly as returned, do not modify it!
  * return new Response(responseBody, {
  *   status: 200,
  *   headers: {

package/dist/index.js CHANGED Viewed

@@ -1,31 +1,31 @@
-import S from "crypto";
-const _ = ["HUF", "HUF_SZEP", "EUR", "USD"], i = (...e) => {
+import l from "crypto";
+const d = ["HUF", "HUF_SZEP", "EUR", "USD"], i = (...e) => {
   process.env.SIMPLEPAY_LOGGER === "true" && console.log("👉 ", ...e);
 }, E = (e) => {
-  if (!_.includes(e))
+  if (!d.includes(e))
     throw new Error(`Unsupported currency: ${e}`);
-  const t = "https://secure.simplepay.hu/payment/v2", r = "https://sandbox.simplepay.hu/payment/v2", n = "SimplePay_Rrd_0.11.2", s = process.env[`SIMPLEPAY_MERCHANT_KEY_${e}`], c = process.env[`SIMPLEPAY_MERCHANT_ID_${e}`], o = process.env.SIMPLEPAY_PRODUCTION === "true" ? t : r, u = o + "/start", a = o + "/dorecurring", R = o + "/cardcancel";
+  const n = "https://secure.simplepay.hu/payment/v2", r = "https://sandbox.simplepay.hu/payment/v2", t = "SimplePay_Rrd_0.12.0", s = process.env[`SIMPLEPAY_MERCHANT_KEY_${e}`], c = process.env[`SIMPLEPAY_MERCHANT_ID_${e}`], o = process.env.SIMPLEPAY_PRODUCTION === "true" ? n : r, u = o + "/start", R = o + "/dorecurring", a = o + "/cardcancel";
   return {
     MERCHANT_KEY: s,
     MERCHANT_ID: c,
     API_URL_PAYMENT: u,
-    API_URL_RECURRING: a,
-    API_URL_CARD_CANCEL: R,
-    SDK_VERSION: n
+    API_URL_RECURRING: R,
+    API_URL_CARD_CANCEL: a,
+    SDK_VERSION: t
   };
-}, g = (e) => JSON.stringify(e).replace(/\//g, "\\/"), m = (e, t) => {
-  const r = S.createHmac("sha384", t.trim());
+}, g = (e) => JSON.stringify(e).replace(/\//g, "\\/"), m = (e, n) => {
+  const r = l.createHmac("sha384", n.trim());
   return r.update(e, "utf8"), r.digest("base64");
-}, d = (e, t, r) => t === m(e, r), l = (e) => e.toISOString().replace(/\.\d{3}Z$/, "+00:00"), I = (e) => {
-  const t = Object.entries(process.env).find(
-    ([r, n]) => r.startsWith("SIMPLEPAY_MERCHANT_ID_") && n === e
+}, _ = (e, n, r) => n === m(e, r), S = (e) => e.toISOString().replace(/\.\d{3}Z$/, "+00:00"), p = (e) => {
+  const n = Object.entries(process.env).find(
+    ([r, t]) => r.startsWith("SIMPLEPAY_MERCHANT_ID_") && t === e
   )?.[0]?.replace("SIMPLEPAY_MERCHANT_ID_", "");
-  if (!t)
+  if (!n)
     throw new Error(`Merchant id not found in the environment: ${e}`);
-  return t;
-}, p = async (e, t, r) => P(e, t, r, "oneTime"), f = async (e, t, r) => P(e, t, r, "recurring"), A = async (e, t, r) => P(e, t, r, "token"), h = async (e, t, r) => P(e, t, r, "cancelCard"), P = async (e, t, r, n) => {
-  const s = g(t), c = m(s, r);
-  i({ function: `SimplePay/makeRequest/${n}`, bodyString: s, signature: c });
+  return n;
+}, A = async (e, n, r) => P(e, n, r, "oneTime"), I = async (e, n, r) => P(e, n, r, "recurring"), f = async (e, n, r) => P(e, n, r, "token"), h = async (e, n, r) => P(e, n, r, "cancelCard"), P = async (e, n, r, t) => {
+  const s = g(n), c = m(s, r);
+  i({ function: `SimplePay/makeRequest/${t}`, bodyString: s, signature: c });
   try {
     const o = await fetch(e, {
       method: "POST",
@@ -35,25 +35,25 @@ const _ = ["HUF", "HUF_SZEP", "EUR", "USD"], i = (...e) => {
       },
       body: s
     });
-    if (i({ function: `SimplePay/makeRequest/${n}`, response: o }), !o.ok)
+    if (i({ function: `SimplePay/makeRequest/${t}`, response: o }), !o.ok)
       throw new Error(`SimplePay API error: ${o.status}`);
     const u = o.headers.get("Signature");
-    if (i({ function: `SimplePay/makeRequest/${n}`, responseSignature: u }), !u)
+    if (i({ function: `SimplePay/makeRequest/${t}`, responseSignature: u }), !u)
       throw new Error("Missing response signature");
-    const a = await o.text(), R = JSON.parse(a);
-    if (i({ function: `SimplePay/makeRequest/${n}`, responseText: a, responseJSON: R }), R.errorCodes)
-      throw new Error(`SimplePay API error: ${R.errorCodes}`);
-    if (!d(a, u, r))
+    const R = await o.text(), a = JSON.parse(R);
+    if (i({ function: `SimplePay/makeRequest/${t}`, responseText: R, responseJSON: a }), a.errorCodes)
+      throw new Error(`SimplePay API error: ${a.errorCodes}`);
+    if (!_(R, u, r))
       throw new Error("Invalid response signature");
-    return R;
+    return a;
   } catch (o) {
     throw o;
   }
-}, w = (e, t) => {
-  i({ function: "SimplePay/getPaymentResponse", r: e, signature: t }), t = decodeURIComponent(t);
-  const r = Buffer.from(e, "base64").toString("utf-8"), n = JSON.parse(r), s = I(n.m), { MERCHANT_KEY: c } = E(s);
-  if (!d(r, t, c || ""))
-    throw i({ function: "SimplePay/getPaymentResponse", rDecoded: r, signature: t }), new Error("Invalid response signature");
+}, U = (e, n) => {
+  i({ function: "SimplePay/getPaymentResponse", r: e, signature: n }), n = decodeURIComponent(n);
+  const r = Buffer.from(e, "base64").toString("utf-8"), t = JSON.parse(r), s = p(t.m), { MERCHANT_KEY: c } = E(s);
+  if (!_(r, n, c || ""))
+    throw i({ function: "SimplePay/getPaymentResponse", rDecoded: r, signature: n }), new Error("Invalid response signature");
   const o = JSON.parse(r);
   return {
     responseCode: o.r,
@@ -63,25 +63,22 @@ const _ = ["HUF", "HUF_SZEP", "EUR", "USD"], i = (...e) => {
     orderRef: o.o,
     tokens: o.tokens
   };
-}, U = (e, t, r) => {
-  if (i({ function: "SimplePay/handleIpnRequest", ipnBody: e, incomingSignature: t }), !d(e, t, r))
+}, w = (e, n, r) => {
+  if (i({ function: "SimplePay/handleIpnRequest", ipnBody: e, incomingSignature: n }), !_(e, n, r))
     throw new Error("Invalid IPN request signature");
   JSON.parse(e);
-  const n = l(/* @__PURE__ */ new Date()), s = e.trim();
-  if (!s.endsWith("}"))
-    throw new Error("Invalid IPN body format");
-  const c = s.lastIndexOf("}"), o = s.substring(0, c).trim(), u = `"receiveDate":"${n}"`, a = o.length > 1 ? `${o},${u}}` : `{${u}}`, R = m(a, r);
-  return i({ function: "SimplePay/handleIpnRequest", responseBody: a, responseSignature: R }), {
-    responseBody: a,
-    signature: R
+  const t = S(/* @__PURE__ */ new Date()), s = e.replace("}", `,"receiveDate":"${t}"}`), c = m(s, r);
+  return i({ function: "SimplePay/handleIpnRequest", responseBody: s, responseSignature: c }), {
+    responseBody: s,
+    signature: c
   };
-}, L = async (e, t = {}) => {
+}, L = async (e, n = {}) => {
   i({ function: "SimplePay/startPayment", paymentData: e });
-  const r = e.currency || "HUF", { MERCHANT_KEY: n, MERCHANT_ID: s, API_URL_PAYMENT: c, SDK_VERSION: o } = E(r);
-  if (i({ function: "SimplePay/startPayment", MERCHANT_KEY: n, MERCHANT_ID: s, API_URL_PAYMENT: c }), !n || !s)
+  const r = e.currency || "HUF", { MERCHANT_KEY: t, MERCHANT_ID: s, API_URL_PAYMENT: c, SDK_VERSION: o } = E(r);
+  if (i({ function: "SimplePay/startPayment", MERCHANT_KEY: t, MERCHANT_ID: s, API_URL_PAYMENT: c }), !t || !s)
     throw new Error(`Missing SimplePay configuration for ${r}`);
   const u = {
-    salt: S.randomBytes(16).toString("hex"),
+    salt: l.randomBytes(16).toString("hex"),
     merchant: s,
     orderRef: e.orderRef,
     currency: r.replace("_SZEP", ""),
@@ -90,48 +87,48 @@ const _ = ["HUF", "HUF_SZEP", "EUR", "USD"], i = (...e) => {
     sdkVersion: o,
     methods: [e.method || "CARD"],
     total: String(e.total),
-    timeout: l(new Date(Date.now() + 1800 * 1e3)),
-    url: t.redirectUrl || process.env.SIMPLEPAY_REDIRECT_URL || "http://url.to.redirect",
+    timeout: S(new Date(Date.now() + 1800 * 1e3)),
+    url: n.redirectUrl || process.env.SIMPLEPAY_REDIRECT_URL || "http://url.to.redirect",
     invoice: e.invoice
   };
-  return p(c, u, n);
-}, y = 6, C = new Date(Date.now() + y * 30 * 24 * 60 * 60 * 1e3), N = 12e3, M = 3, H = async (e) => {
+  return A(c, u, t);
+}, y = 6, C = new Date(Date.now() + y * 30 * 24 * 60 * 60 * 1e3), M = 12e3, N = 3, H = async (e) => {
   i({ function: "SimplePay/startRecurringPayment", paymentData: e });
-  const t = e.currency || "HUF", { MERCHANT_KEY: r, MERCHANT_ID: n, API_URL_PAYMENT: s, SDK_VERSION: c } = E(t);
-  if (i({ function: "SimplePay/startRecurringPayment", MERCHANT_KEY: r, MERCHANT_ID: n, API_URL_PAYMENT: s }), !r || !n)
-    throw new Error(`Missing SimplePay configuration for ${t}`);
+  const n = e.currency || "HUF", { MERCHANT_KEY: r, MERCHANT_ID: t, API_URL_PAYMENT: s, SDK_VERSION: c } = E(n);
+  if (i({ function: "SimplePay/startRecurringPayment", MERCHANT_KEY: r, MERCHANT_ID: t, API_URL_PAYMENT: s }), !r || !t)
+    throw new Error(`Missing SimplePay configuration for ${n}`);
   const o = {
-    salt: S.randomBytes(16).toString("hex"),
-    merchant: n,
+    salt: l.randomBytes(16).toString("hex"),
+    merchant: t,
     orderRef: e.orderRef,
-    currency: t.replace("_SZEP", ""),
+    currency: n.replace("_SZEP", ""),
     customer: e.customer,
     customerEmail: e.customerEmail,
     language: e.language || "HU",
     sdkVersion: c,
     methods: ["CARD"],
     recurring: {
-      times: e.recurring.times || M,
-      until: e.recurring.until || l(C),
-      maxAmount: e.recurring.maxAmount || N
+      times: e.recurring.times || N,
+      until: e.recurring.until || S(C),
+      maxAmount: e.recurring.maxAmount || M
     },
     threeDSReqAuthMethod: "02",
     total: String(e.total),
-    timeout: l(new Date(Date.now() + 1800 * 1e3)),
+    timeout: S(new Date(Date.now() + 1800 * 1e3)),
     url: process.env.SIMPLEPAY_REDIRECT_URL || "http://url.to.redirect",
     invoice: e.invoice
   };
-  return f(s, o, r);
-}, v = async (e) => {
+  return I(s, o, r);
+}, k = async (e) => {
   i({ function: "SimplePay/startTokenPayment", paymentData: e });
-  const t = e.currency || "HUF", { MERCHANT_KEY: r, MERCHANT_ID: n, API_URL_RECURRING: s, SDK_VERSION: c } = E(t);
-  if (i({ function: "SimplePay/startTokenPayment", MERCHANT_KEY: r, MERCHANT_ID: n, API_URL_RECURRING: s }), !r || !n)
-    throw new Error(`Missing SimplePay configuration for ${t}`);
+  const n = e.currency || "HUF", { MERCHANT_KEY: r, MERCHANT_ID: t, API_URL_RECURRING: s, SDK_VERSION: c } = E(n);
+  if (i({ function: "SimplePay/startTokenPayment", MERCHANT_KEY: r, MERCHANT_ID: t, API_URL_RECURRING: s }), !r || !t)
+    throw new Error(`Missing SimplePay configuration for ${n}`);
   const o = {
-    salt: S.randomBytes(16).toString("hex"),
-    merchant: n,
+    salt: l.randomBytes(16).toString("hex"),
+    merchant: t,
     orderRef: e.orderRef,
-    currency: t.replace("_SZEP", ""),
+    currency: n.replace("_SZEP", ""),
     customer: e.customer,
     customerEmail: e.customerEmail,
     language: e.language || "HU",
@@ -141,33 +138,33 @@ const _ = ["HUF", "HUF_SZEP", "EUR", "USD"], i = (...e) => {
     type: "MIT",
     threeDSReqAuthMethod: "02",
     total: String(e.total),
-    timeout: l(new Date(Date.now() + 1800 * 1e3)),
+    timeout: S(new Date(Date.now() + 1800 * 1e3)),
     url: process.env.SIMPLEPAY_REDIRECT_URL || "http://recurring.url.to.redirect",
     invoice: e.invoice
   };
-  return A(s, o, r);
-}, k = async (e) => {
+  return f(s, o, r);
+}, v = async (e) => {
   i({ function: "SimplePay/cancelCard", cardId: e });
-  const { API_URL_CARD_CANCEL: t, MERCHANT_KEY: r, MERCHANT_ID: n, SDK_VERSION: s } = E("HUF");
-  if (!r || !n)
+  const { API_URL_CARD_CANCEL: n, MERCHANT_KEY: r, MERCHANT_ID: t, SDK_VERSION: s } = E("HUF");
+  if (!r || !t)
     throw new Error("Missing SimplePay configuration for HUF");
   const c = {
-    salt: S.randomBytes(16).toString("hex"),
+    salt: l.randomBytes(16).toString("hex"),
     cardId: e,
-    merchant: n,
+    merchant: t,
     sdkVersion: s
   };
-  return h(t, c, r);
+  return h(n, c, r);
 };
 export {
-  k as cancelCard,
-  d as checkSignature,
+  v as cancelCard,
+  _ as checkSignature,
   m as generateSignature,
-  w as getPaymentResponse,
-  U as handleIpnRequest,
+  U as getPaymentResponse,
+  w as handleIpnRequest,
   L as startPayment,
   H as startRecurringPayment,
-  v as startTokenPayment,
-  l as toISO8601DateString
+  k as startTokenPayment,
+  S as toISO8601DateString
 };
 //# sourceMappingURL=index.js.map

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sources":["../src/types.ts","../src/utils.ts","../src/oneTime.ts","../src/recurring.ts"],"sourcesContent":["export type PaymentMethod = 'CARD' \| 'WIRE'\n\nexport const CURRENCIES = ['HUF', 'HUF_SZEP', 'EUR', 'USD'] as const\nexport type Currency = typeof CURRENCIES[number]\n\nexport const LANGUAGES = [\n 'AR', // Arabic\n 'BG', // Bulgarian\n 'CS', // Czech\n 'DE', // German\n 'EN', // English\n 'ES', // Spanish\n 'FR', // French\n 'IT', // Italian\n 'HR', // Croatian\n 'HU', // Hungarian\n 'PL', // Polish\n 'RO', // Romanian\n 'RU', // Russian\n 'SK', // Slovak\n 'TR', // Turkish\n 'ZH', // Chinese\n] as const\nexport type Language = typeof LANGUAGES[number]\n\nexport interface PaymentData {\n orderRef: string\n total: number \| string\n customerEmail: string\n currency?: Currency\n language?: Language\n method?: PaymentMethod\n invoice?: {\n name: string\n country: string\n state: string\n city: string\n zip: string\n address: string\n address2?: string\n phone?: string\n }\n}\n\nexport interface PaymentConfig {\n redirectUrl?: string\n}\n\nexport type ISO8601DateString = string\nexport interface Recurring {\n times: number,\n until: ISO8601DateString,\n maxAmount: number\n}\nexport interface RecurringPaymentData extends PaymentData {\n customer: string,\n recurring: Recurring\n}\n\nexport interface TokenPaymentData extends Omit<PaymentData, 'method'> {\n method: 'CARD',\n customer: string,\n token: string\n}\n\nexport interface SimplePayRequestBody extends Omit<PaymentData, 'total'> {\n total: string\n salt: string\n merchant: string\n sdkVersion: string\n methods: PaymentMethod[]\n timeout: string\n url: string\n}\n\nexport interface SimplePayRecurringRequestBody extends SimplePayRequestBody {\n customer: string\n recurring: Recurring\n threeDSReqAuthMethod: '02' // only registered users can use this\n}\n\nexport interface SimplePayTokenRequestBody extends SimplePayRequestBody {\n customer: string\n token: string\n threeDSReqAuthMethod: '02' // only registered users can use this\n type: 'MIT' // Merchant Initiated Transaction\n}\n\nexport interface SimplePayCancelCardRequestBody {\n salt: string\n cardId: string\n merchant: string\n sdkVersion: string\n}\n\nexport interface SimplePayResponse {\n salt: string\n merchant: string\n orderRef: string\n currency: Currency\n transactionId: string\n timeout: ISO8601DateString\n total: string\n paymentUrl: string\n errorCodes?: string[]\n}\n\nexport interface SimplePayRecurringResponse extends SimplePayResponse {\n tokens: string[]\n}\n\nexport interface SimplePayTokenResponse extends Omit<SimplePayResponse, 'paymentUrl' \| 'timeout'> { }\n\nexport interface SimplePayCancelCardResponse {\n salt: string\n merchant: string\n cardId: string\n status: 'DISABLED'\n expiry: string\n}\n\nexport type SimplePayEvents = 'SUCCESS' \| 'FAIL' \| 'TIMEOUT' \| 'CANCEL'\n\nexport interface SimplePayAPIResult {\n r: number // response code\n t: string // transaction id\n e: SimplePayEvents // event\n m: string // merchant id\n o: string // order id\n}\n\nexport interface SimplePayResult {\n responseCode: number,\n transactionId: string,\n event: SimplePayEvents,\n merchantId: string,\n orderRef: string,\n tokens?: string[],\n}\n","import crypto from 'crypto'\nimport { CURRENCIES, Currency, ISO8601DateString, SimplePayAPIResult, SimplePayCancelCardRequestBody, SimplePayCancelCardResponse, SimplePayRecurringRequestBody, SimplePayRecurringResponse, SimplePayRequestBody, SimplePayResponse, SimplePayResult, SimplePayTokenRequestBody, SimplePayTokenResponse } from \"./types\"\n\nexport const simplepayLogger = (...args: any[]) => {\n if (process.env.SIMPLEPAY_LOGGER !== 'true') {\n return\n }\n\n console.log('👉 ', ...args)\n}\n\nexport const getSimplePayConfig = (currency: Currency) => {\n if (!CURRENCIES.includes(currency)) {\n throw new Error(`Unsupported currency: ${currency}`)\n }\n\n const SIMPLEPAY_API_URL = 'https://secure.simplepay.hu/payment/v2'\n const SIMPLEPAY_SANDBOX_URL = 'https://sandbox.simplepay.hu/payment/v2'\n const SDK_VERSION = 'SimplePay_Rrd_0.11.2'\n const MERCHANT_KEY = process.env[`SIMPLEPAY_MERCHANT_KEY_${currency}`]\n const MERCHANT_ID = process.env[`SIMPLEPAY_MERCHANT_ID_${currency}`]\n\n const API_URL = process.env.SIMPLEPAY_PRODUCTION === 'true' ? SIMPLEPAY_API_URL : SIMPLEPAY_SANDBOX_URL\n const API_URL_PAYMENT = API_URL + '/start'\n const API_URL_RECURRING = API_URL + '/dorecurring'\n const API_URL_CARD_CANCEL = API_URL + '/cardcancel'\n return {\n MERCHANT_KEY,\n MERCHANT_ID,\n API_URL_PAYMENT,\n API_URL_RECURRING,\n API_URL_CARD_CANCEL,\n SDK_VERSION\n }\n}\n\n// escaping slashes for the request body to prevent strange SimplePay API errors (eg Missing Signature)\nexport const prepareRequestBody = (body: any) =>\n JSON.stringify(body).replace(/\\//g, '\\\\/')\n\nexport const generateSignature = (body: string, merchantKey: string) => {\n const hmac = crypto.createHmac('sha384', merchantKey.trim())\n hmac.update(body, 'utf8')\n return hmac.digest('base64')\n}\n\nexport const checkSignature = (responseText: string, signature: string, merchantKey: string) =>\n signature === generateSignature(responseText, merchantKey)\n\nexport const toISO8601DateString = (date: Date): ISO8601DateString => date.toISOString().replace(/\\.\\d{3}Z$/, '+00:00')\n\nexport const getCurrencyFromMerchantId = (merchantId: string) => {\n const currency = Object.entries(process.env)\n .find(([key, value]) =>\n key.startsWith('SIMPLEPAY_MERCHANT_ID_') && value === merchantId\n )?.[0]?.replace('SIMPLEPAY_MERCHANT_ID_', '') as Currency\n\n if (!currency) {\n throw new Error(`Merchant id not found in the environment: ${merchantId}`)\n }\n\n return currency\n}\n\nexport const makeSimplePayRequest = async (apiUrl: string, requestBody: SimplePayRequestBody, merchantKey: string) => {\n return makeRequest(apiUrl, requestBody, merchantKey, 'oneTime') as Promise<SimplePayResponse>\n}\n\nexport const makeSimplePayRecurringRequest = async (apiUrl: string, requestBody: SimplePayRecurringRequestBody, merchantKey: string) => {\n return makeRequest(apiUrl, requestBody, merchantKey, 'recurring') as Promise<SimplePayRecurringResponse>\n}\n\nexport const makeSimplePayTokenRequest = async (apiUrl: string, requestBody: SimplePayTokenRequestBody, merchantKey: string) => {\n return makeRequest(apiUrl, requestBody, merchantKey, 'token') as Promise<SimplePayTokenResponse>\n}\n\nexport const makeSimplePayCancelCardRequest = async (apiUrl: string, requestBody: SimplePayCancelCardRequestBody, merchantKey: string) => {\n return makeRequest(apiUrl, requestBody, merchantKey, 'cancelCard') as Promise<SimplePayCancelCardResponse>\n}\n\nconst makeRequest = async (apiUrl: string, requestBody: SimplePayRequestBody \| SimplePayRecurringRequestBody \| SimplePayTokenRequestBody \| SimplePayCancelCardRequestBody, merchantKey: string, type: 'oneTime' \| 'recurring' \| 'token' \| 'cancelCard') => {\n const bodyString = prepareRequestBody(requestBody)\n const signature = generateSignature(bodyString, merchantKey)\n simplepayLogger({ function: `SimplePay/makeRequest/${type}`, bodyString, signature })\n\n try {\n const response = await fetch(apiUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Signature': signature,\n },\n body: bodyString,\n })\n\n simplepayLogger({ function: `SimplePay/makeRequest/${type}`, response })\n\n if (!response.ok) {\n throw new Error(`SimplePay API error: ${response.status}`)\n }\n\n const responseSignature = response.headers.get('Signature')\n simplepayLogger({ function: `SimplePay/makeRequest/${type}`, responseSignature })\n if (!responseSignature) {\n throw new Error('Missing response signature')\n }\n\n const responseText = await response.text()\n const responseJSON = JSON.parse(responseText) as { errorCodes?: string[] }\n simplepayLogger({ function: `SimplePay/makeRequest/${type}`, responseText, responseJSON })\n\n if (responseJSON.errorCodes) {\n throw new Error(`SimplePay API error: ${responseJSON.errorCodes}`)\n }\n\n if (!checkSignature(responseText, responseSignature, merchantKey)) {\n throw new Error('Invalid response signature')\n }\n\n return responseJSON\n\n } catch (error) {\n throw error\n }\n}\n\nexport const getPaymentResponse = (r: string, signature: string) => {\n simplepayLogger({ function: 'SimplePay/getPaymentResponse', r, signature })\n signature = decodeURIComponent(signature)\n const rDecoded = Buffer.from(r, 'base64').toString('utf-8')\n const rDecodedJSON = JSON.parse(rDecoded) as SimplePayAPIResult\n const currency = getCurrencyFromMerchantId(rDecodedJSON.m)\n const { MERCHANT_KEY } = getSimplePayConfig(currency as Currency)\n\n if (!checkSignature(rDecoded, signature, MERCHANT_KEY \|\| '')) {\n simplepayLogger({ function: 'SimplePay/getPaymentResponse', rDecoded, signature })\n throw new Error('Invalid response signature')\n }\n\n const responseJson = JSON.parse(rDecoded)\n const response: SimplePayResult = {\n responseCode: responseJson.r,\n transactionId: responseJson.t,\n event: responseJson.e,\n merchantId: responseJson.m,\n orderRef: responseJson.o,\n tokens: responseJson.tokens,\n }\n\n return response\n}\n\n/*\n Handles IPN (Instant Payment Notification) request and generates response\n * \n * This function implements the IPN flow according to SimplePay requirements:\n * 1. Validates the incoming signature\n * 2. Adds receiveDate property to the response\n * 3. Generates response signature\n * \n * @param ipnBody - The raw IPN request body as string (must be the exact string received, not parsed JSON)\n * @param incomingSignature - The signature from the 'Signature' HTTP header\n * @param merchantKey - The merchant secret key for signature validation and generation\n * @returns Object containing the response JSON string and signature to send back\n * \n * @example\n * // In your IPN endpoint handler:\n * const ipnBody = await request.text() // Get raw body as string\n * const incomingSignature = request.headers.get('Signature')\n * const { responseBody, signature } = handleIpnRequest(ipnBody, incomingSignature, MERCHANT_KEY)\n * \n * // Send response with HTTP 200 status\n * return new Response(responseBody, {\n * status: 200,\n * headers: {\n * 'Content-Type': 'application/json',\n * 'Signature': signature\n * }\n * })\n /\nexport const handleIpnRequest = (ipnBody: string, incomingSignature: string, merchantKey: string) => {\n simplepayLogger({ function: 'SimplePay/handleIpnRequest', ipnBody, incomingSignature })\n \n // Step 1: Validate incoming signature\n if (!checkSignature(ipnBody, incomingSignature, merchantKey)) {\n throw new Error('Invalid IPN request signature')\n }\n \n // Step 2: Validate it's valid JSON (but don't use parsed object to preserve field order)\n JSON.parse(ipnBody) // Just validate, don't use the result\n \n // Step 3: Add receiveDate to the original JSON string while preserving field order\n // We insert receiveDate before the closing brace to maintain the original field order\n // This ensures the field order in the response matches the original request\n const receiveDate = toISO8601DateString(new Date())\n const trimmedBody = ipnBody.trim()\n \n if (!trimmedBody.endsWith('}')) {\n throw new Error('Invalid IPN body format')\n }\n \n // Remove the closing brace, add receiveDate with comma, then add closing brace back\n const lastBraceIndex = trimmedBody.lastIndexOf('}')\n const beforeLastBrace = trimmedBody.substring(0, lastBraceIndex).trim()\n const receiveDateJson = `\"receiveDate\":\"${receiveDate}\"`\n \n // Add comma before receiveDate if there's already content\n const responseBody = beforeLastBrace.length > 1 \n ? `${beforeLastBrace},${receiveDateJson}}`\n : `{${receiveDateJson}}`\n \n // Step 4: Generate response signature using SHA384 HMAC + Base64\n const responseSignature = generateSignature(responseBody, merchantKey)\n \n simplepayLogger({ function: 'SimplePay/handleIpnRequest', responseBody, responseSignature })\n \n return {\n responseBody,\n signature: responseSignature\n }\n}\n","import crypto from 'crypto'\nimport { Currency, PaymentConfig, PaymentData, SimplePayRequestBody } from './types'\nimport { simplepayLogger, getSimplePayConfig, toISO8601DateString, makeSimplePayRequest } from './utils'\n\nconst startPayment = async (paymentData: PaymentData, config: PaymentConfig = {}) => {\n simplepayLogger({ function: 'SimplePay/startPayment', paymentData })\n const currency = paymentData.currency \|\| 'HUF'\n const { MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT, SDK_VERSION } = getSimplePayConfig(currency)\n simplepayLogger({ function: 'SimplePay/startPayment', MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT })\n\n if (!MERCHANT_KEY \|\| !MERCHANT_ID) {\n throw new Error(`Missing SimplePay configuration for ${currency}`)\n }\n\n const requestBody: SimplePayRequestBody = {\n salt: crypto.randomBytes(16).toString('hex'),\n merchant: MERCHANT_ID,\n orderRef: paymentData.orderRef,\n currency: currency.replace('_SZEP', '') as Currency,\n customerEmail: paymentData.customerEmail,\n language: paymentData.language \|\| 'HU',\n sdkVersion: SDK_VERSION,\n methods: [paymentData.method \|\| 'CARD'],\n total: String(paymentData.total),\n timeout: toISO8601DateString(new Date(Date.now() + 30 60 * 1000)),\n url: config.redirectUrl \|\| process.env.SIMPLEPAY_REDIRECT_URL \|\| 'http://url.to.redirect',\n invoice: paymentData.invoice,\n }\n\n return makeSimplePayRequest(API_URL_PAYMENT, requestBody, MERCHANT_KEY)\n}\n\nexport { startPayment }\n","import crypto from 'crypto'\nimport { SimplePayRecurringRequestBody, RecurringPaymentData, TokenPaymentData, SimplePayTokenRequestBody, SimplePayCancelCardRequestBody, Currency} from './types'\nimport { getSimplePayConfig, simplepayLogger, toISO8601DateString, makeSimplePayTokenRequest, makeSimplePayRecurringRequest, makeSimplePayRequest, makeSimplePayCancelCardRequest} from './utils'\n\nconst INTERVAL_IN_MONTHS = 6\nconst DEFAULT_UNTIL = new Date(Date.now() + INTERVAL_IN_MONTHS * 30 * 24 * 60 * 60 * 1000)\nconst DEFAULT_MAX_AMOUNT = 12000\nconst DEFAULT_TIMES = 3\n\nconst startRecurringPayment = async (paymentData: RecurringPaymentData) => {\n simplepayLogger({ function: 'SimplePay/startRecurringPayment', paymentData })\n const currency = paymentData.currency \|\| 'HUF'\n const { MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT, SDK_VERSION } = getSimplePayConfig(currency)\n simplepayLogger({ function: 'SimplePay/startRecurringPayment', MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT })\n\n if (!MERCHANT_KEY \|\| !MERCHANT_ID) {\n throw new Error(`Missing SimplePay configuration for ${currency}`)\n }\n\n const requestBody: SimplePayRecurringRequestBody = {\n salt: crypto.randomBytes(16).toString('hex'),\n merchant: MERCHANT_ID,\n orderRef: paymentData.orderRef,\n currency: currency.replace('_SZEP', '') as Currency,\n customer: paymentData.customer,\n customerEmail: paymentData.customerEmail,\n language: paymentData.language \|\| 'HU',\n sdkVersion: SDK_VERSION,\n methods: ['CARD'],\n recurring: {\n times: paymentData.recurring.times \|\| DEFAULT_TIMES,\n until: paymentData.recurring.until \|\| toISO8601DateString(DEFAULT_UNTIL),\n maxAmount: paymentData.recurring.maxAmount \|\| DEFAULT_MAX_AMOUNT\n },\n threeDSReqAuthMethod: '02', \n total: String(paymentData.total),\n timeout: toISO8601DateString(new Date(Date.now() + 30 * 60 * 1000)),\n url: process.env.SIMPLEPAY_REDIRECT_URL \|\| 'http://url.to.redirect',\n invoice: paymentData.invoice,\n }\n\n return makeSimplePayRecurringRequest(API_URL_PAYMENT, requestBody, MERCHANT_KEY)\n}\n\nconst startTokenPayment = async (paymentData: TokenPaymentData) => {\n simplepayLogger({ function: 'SimplePay/startTokenPayment', paymentData })\n const currency = paymentData.currency \|\| 'HUF'\n const { MERCHANT_KEY, MERCHANT_ID, API_URL_RECURRING, SDK_VERSION } = getSimplePayConfig(currency)\n simplepayLogger({ function: 'SimplePay/startTokenPayment', MERCHANT_KEY, MERCHANT_ID, API_URL_RECURRING })\n\n if (!MERCHANT_KEY \|\| !MERCHANT_ID) {\n throw new Error(`Missing SimplePay configuration for ${currency}`)\n }\n\n const requestBody: SimplePayTokenRequestBody = {\n salt: crypto.randomBytes(16).toString('hex'),\n merchant: MERCHANT_ID,\n orderRef: paymentData.orderRef,\n currency: currency.replace('_SZEP', '') as Currency,\n customer: paymentData.customer,\n customerEmail: paymentData.customerEmail,\n language: paymentData.language \|\| 'HU',\n sdkVersion: SDK_VERSION,\n methods: ['CARD'],\n token: paymentData.token,\n type: 'MIT',\n threeDSReqAuthMethod: '02',\n total: String(paymentData.total),\n timeout: toISO8601DateString(new Date(Date.now() + 30 * 60 * 1000)),\n url: process.env.SIMPLEPAY_REDIRECT_URL \|\| 'http://recurring.url.to.redirect',\n invoice: paymentData.invoice,\n }\n\n return makeSimplePayTokenRequest(API_URL_RECURRING, requestBody, MERCHANT_KEY)\n}\n\nconst cancelCard = async (cardId: string) => {\n simplepayLogger({ function: 'SimplePay/cancelCard', cardId })\n const {API_URL_CARD_CANCEL, MERCHANT_KEY, MERCHANT_ID, SDK_VERSION} = getSimplePayConfig('HUF')\n\n if (!MERCHANT_KEY \|\| !MERCHANT_ID) {\n throw new Error(`Missing SimplePay configuration for HUF`)\n }\n\n const requestBody: SimplePayCancelCardRequestBody = {\n salt: crypto.randomBytes(16).toString('hex'),\n cardId,\n merchant: MERCHANT_ID,\n sdkVersion: SDK_VERSION,\n }\n return makeSimplePayCancelCardRequest(API_URL_CARD_CANCEL, requestBody, MERCHANT_KEY)\n}\n\nexport { startRecurringPayment, startTokenPayment , cancelCard}\n"],"names":["CURRENCIES","simplepayLogger","args","getSimplePayConfig","currency","SIMPLEPAY_API_URL","SIMPLEPAY_SANDBOX_URL","SDK_VERSION","MERCHANT_KEY","MERCHANT_ID","API_URL","API_URL_PAYMENT","API_URL_RECURRING","API_URL_CARD_CANCEL","prepareRequestBody","body","generateSignature","merchantKey","hmac","crypto","checkSignature","responseText","signature","toISO8601DateString","date","getCurrencyFromMerchantId","merchantId","key","value","makeSimplePayRequest","apiUrl","requestBody","makeRequest","makeSimplePayRecurringRequest","makeSimplePayTokenRequest","makeSimplePayCancelCardRequest","type","bodyString","response","responseSignature","responseJSON","error","getPaymentResponse","r","rDecoded","rDecodedJSON","responseJson","handleIpnRequest","ipnBody","incomingSignature","receiveDate","trimmedBody","lastBraceIndex","beforeLastBrace","receiveDateJson","responseBody","startPayment","paymentData","config","INTERVAL_IN_MONTHS","DEFAULT_UNTIL","DEFAULT_MAX_AMOUNT","DEFAULT_TIMES","startRecurringPayment","startTokenPayment","cancelCard","cardId"],"mappings":";AAEO,MAAMA,IAAa,CAAC,OAAO,YAAY,OAAO,KAAK,GCC7CC,IAAkB,IAAIC,MAAgB;AAC/C,EAAI,QAAQ,IAAI,qBAAqB,UAIrC,QAAQ,IAAI,OAAO,GAAGA,CAAI;AAC9B,GAEaC,IAAqB,CAACC,MAAuB;AACtD,MAAI,CAACJ,EAAW,SAASI,CAAQ;AAC7B,UAAM,IAAI,MAAM,yBAAyBA,CAAQ,EAAE;AAGvD,QAAMC,IAAoB,0CACpBC,IAAwB,2CACxBC,IAAc,wBACdC,IAAe,QAAQ,IAAI,0BAA0BJ,CAAQ,EAAE,GAC/DK,IAAc,QAAQ,IAAI,yBAAyBL,CAAQ,EAAE,GAE7DM,IAAU,QAAQ,IAAI,yBAAyB,SAASL,IAAoBC,GAC5EK,IAAkBD,IAAU,UAC5BE,IAAoBF,IAAU,gBAC9BG,IAAsBH,IAAU;AACtC,SAAO;AAAA,IACH,cAAAF;AAAA,IACA,aAAAC;AAAA,IACA,iBAAAE;AAAA,IACA,mBAAAC;AAAA,IACA,qBAAAC;AAAA,IACA,aAAAN;AAAA,EAAA;AAER,GAGaO,IAAqB,CAACC,MAC/B,KAAK,UAAUA,CAAI,EAAE,QAAQ,OAAO,KAAK,GAEhCC,IAAoB,CAACD,GAAcE,MAAwB;AACpE,QAAMC,IAAOC,EAAO,WAAW,UAAUF,EAAY,MAAM;AAC3D,SAAAC,EAAK,OAAOH,GAAM,MAAM,GACjBG,EAAK,OAAO,QAAQ;AAC/B,GAEaE,IAAiB,CAACC,GAAsBC,GAAmBL,MACpEK,MAAcN,EAAkBK,GAAcJ,CAAW,GAEhDM,IAAsB,CAACC,MAAkCA,EAAK,cAAc,QAAQ,aAAa,QAAQ,GAEzGC,IAA4B,CAACC,MAAuB;AAC7D,QAAMtB,IAAW,OAAO,QAAQ,QAAQ,GAAG,EACtC;AAAA,IAAK,CAAC,CAACuB,GAAKC,CAAK,MACdD,EAAI,WAAW,wBAAwB,KAAKC,MAAUF;AAAA,EAAA,IACtD,CAAC,GAAG,QAAQ,0BAA0B,EAAE;AAEhD,MAAI,CAACtB;AACD,UAAM,IAAI,MAAM,6CAA6CsB,CAAU,EAAE;AAG7E,SAAOtB;AACX,GAEayB,IAAuB,OAAOC,GAAgBC,GAAmCd,MACnFe,EAAYF,GAAQC,GAAad,GAAa,SAAS,GAGrDgB,IAAgC,OAAOH,GAAgBC,GAA4Cd,MACrGe,EAAYF,GAAQC,GAAad,GAAa,WAAW,GAGvDiB,IAA4B,OAAOJ,GAAgBC,GAAwCd,MAC7Fe,EAAYF,GAAQC,GAAad,GAAa,OAAO,GAGnDkB,IAAiC,OAAOL,GAAgBC,GAA6Cd,MACvGe,EAAYF,GAAQC,GAAad,GAAa,YAAY,GAG/De,IAAc,OAAOF,GAAgBC,GAAgId,GAAqBmB,MAA2D;AACvP,QAAMC,IAAavB,EAAmBiB,CAAW,GAC3CT,IAAYN,EAAkBqB,GAAYpB,CAAW;AAC3D,EAAAhB,EAAgB,EAAE,UAAU,yBAAyBmC,CAAI,IAAI,YAAAC,GAAY,WAAAf,GAAW;AAEpF,MAAI;AACA,UAAMgB,IAAW,MAAM,MAAMR,GAAQ;AAAA,MACjC,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,WAAaR;AAAA,MAAA;AAAA,MAEjB,MAAMe;AAAA,IAAA,CACT;AAID,QAFApC,EAAgB,EAAE,UAAU,yBAAyBmC,CAAI,IAAI,UAAAE,GAAU,GAEnE,CAACA,EAAS;AACV,YAAM,IAAI,MAAM,wBAAwBA,EAAS,MAAM,EAAE;AAG7D,UAAMC,IAAoBD,EAAS,QAAQ,IAAI,WAAW;AAE1D,QADArC,EAAgB,EAAE,UAAU,yBAAyBmC,CAAI,IAAI,mBAAAG,GAAmB,GAC5E,CAACA;AACD,YAAM,IAAI,MAAM,4BAA4B;AAGhD,UAAMlB,IAAe,MAAMiB,EAAS,KAAA,GAC9BE,IAAe,KAAK,MAAMnB,CAAY;AAG5C,QAFApB,EAAgB,EAAE,UAAU,yBAAyBmC,CAAI,IAAI,cAAAf,GAAc,cAAAmB,GAAc,GAErFA,EAAa;AACb,YAAM,IAAI,MAAM,wBAAwBA,EAAa,UAAU,EAAE;AAGrE,QAAI,CAACpB,EAAeC,GAAckB,GAAmBtB,CAAW;AAC5D,YAAM,IAAI,MAAM,4BAA4B;AAGhD,WAAOuB;AAAA,EAEX,SAASC,GAAO;AACZ,UAAMA;AAAA,EACV;AACJ,GAEaC,IAAqB,CAACC,GAAWrB,MAAsB;AAChE,EAAArB,EAAgB,EAAE,UAAU,gCAAgC,GAAA0C,GAAG,WAAArB,GAAW,GAC1EA,IAAY,mBAAmBA,CAAS;AACxC,QAAMsB,IAAW,OAAO,KAAKD,GAAG,QAAQ,EAAE,SAAS,OAAO,GACpDE,IAAe,KAAK,MAAMD,CAAQ,GAClCxC,IAAWqB,EAA0BoB,EAAa,CAAC,GACnD,EAAE,cAAArC,EAAA,IAAiBL,EAAmBC,CAAoB;AAEhE,MAAI,CAACgB,EAAewB,GAAUtB,GAAWd,KAAgB,EAAE;AACvD,UAAAP,EAAgB,EAAE,UAAU,gCAAgC,UAAA2C,GAAU,WAAAtB,GAAW,GAC3E,IAAI,MAAM,4BAA4B;AAGhD,QAAMwB,IAAe,KAAK,MAAMF,CAAQ;AAUxC,SATkC;AAAA,IAC9B,cAAcE,EAAa;AAAA,IAC3B,eAAeA,EAAa;AAAA,IAC5B,OAAOA,EAAa;AAAA,IACpB,YAAYA,EAAa;AAAA,IACzB,UAAUA,EAAa;AAAA,IACvB,QAAQA,EAAa;AAAA,EAAA;AAI7B,GA8BaC,IAAmB,CAACC,GAAiBC,GAA2BhC,MAAwB;AAIjG,MAHAhB,EAAgB,EAAE,UAAU,8BAA8B,SAAA+C,GAAS,mBAAAC,GAAmB,GAGlF,CAAC7B,EAAe4B,GAASC,GAAmBhC,CAAW;AACvD,UAAM,IAAI,MAAM,+BAA+B;AAInD,OAAK,MAAM+B,CAAO;AAKlB,QAAME,IAAc3B,EAAoB,oBAAI,MAAM,GAC5C4B,IAAcH,EAAQ,KAAA;AAE5B,MAAI,CAACG,EAAY,SAAS,GAAG;AACzB,UAAM,IAAI,MAAM,yBAAyB;AAI7C,QAAMC,IAAiBD,EAAY,YAAY,GAAG,GAC5CE,IAAkBF,EAAY,UAAU,GAAGC,CAAc,EAAE,KAAA,GAC3DE,IAAkB,kBAAkBJ,CAAW,KAG/CK,IAAeF,EAAgB,SAAS,IACxC,GAAGA,CAAe,IAAIC,CAAe,MACrC,IAAIA,CAAe,KAGnBf,IAAoBvB,EAAkBuC,GAActC,CAAW;AAErE,SAAAhB,EAAgB,EAAE,UAAU,8BAA8B,cAAAsD,GAAc,mBAAAhB,GAAmB,GAEpF;AAAA,IACH,cAAAgB;AAAA,IACA,WAAWhB;AAAA,EAAA;AAEnB,GCxNMiB,IAAe,OAAOC,GAA0BC,IAAwB,OAAO;AACjF,EAAAzD,EAAgB,EAAE,UAAU,0BAA0B,aAAAwD,EAAA,CAAa;AACnE,QAAMrD,IAAWqD,EAAY,YAAY,OACnC,EAAE,cAAAjD,GAAc,aAAAC,GAAa,iBAAAE,GAAiB,aAAAJ,EAAA,IAAgBJ,EAAmBC,CAAQ;AAG/F,MAFAH,EAAgB,EAAE,UAAU,0BAA0B,cAAAO,GAAc,aAAAC,GAAa,iBAAAE,GAAiB,GAE9F,CAACH,KAAgB,CAACC;AAClB,UAAM,IAAI,MAAM,uCAAuCL,CAAQ,EAAE;AAGrE,QAAM2B,IAAoC;AAAA,IACtC,MAAMZ,EAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAAA,IAC3C,UAAUV;AAAA,IACV,UAAUgD,EAAY;AAAA,IACtB,UAAUrD,EAAS,QAAQ,SAAS,EAAE;AAAA,IACtC,eAAeqD,EAAY;AAAA,IAC3B,UAAUA,EAAY,YAAY;AAAA,IAClC,YAAYlD;AAAA,IACZ,SAAS,CAACkD,EAAY,UAAU,MAAM;AAAA,IACtC,OAAO,OAAOA,EAAY,KAAK;AAAA,IAC/B,SAASlC,EAAoB,IAAI,KAAK,KAAK,QAAQ,OAAU,GAAI,CAAC;AAAA,IAClE,KAAKmC,EAAO,eAAe,QAAQ,IAAI,0BAA0B;AAAA,IACjE,SAASD,EAAY;AAAA,EAAA;AAGzB,SAAO5B,EAAqBlB,GAAiBoB,GAAavB,CAAY;AAC1E,GC1BMmD,IAAqB,GACrBC,IAAgB,IAAI,KAAK,KAAK,IAAA,IAAQD,IAAqB,KAAK,KAAK,KAAK,KAAK,GAAI,GACnFE,IAAqB,MACrBC,IAAgB,GAEhBC,IAAwB,OAAON,MAAsC;AACvE,EAAAxD,EAAgB,EAAE,UAAU,mCAAmC,aAAAwD,EAAA,CAAa;AAC5E,QAAMrD,IAAWqD,EAAY,YAAY,OACnC,EAAE,cAAAjD,GAAc,aAAAC,GAAa,iBAAAE,GAAiB,aAAAJ,EAAA,IAAgBJ,EAAmBC,CAAQ;AAG/F,MAFAH,EAAgB,EAAE,UAAU,mCAAmC,cAAAO,GAAc,aAAAC,GAAa,iBAAAE,GAAiB,GAEvG,CAACH,KAAgB,CAACC;AAClB,UAAM,IAAI,MAAM,uCAAuCL,CAAQ,EAAE;AAGrE,QAAM2B,IAA6C;AAAA,IAC/C,MAAMZ,EAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAAA,IAC3C,UAAUV;AAAA,IACV,UAAUgD,EAAY;AAAA,IACtB,UAAUrD,EAAS,QAAQ,SAAS,EAAE;AAAA,IACtC,UAAUqD,EAAY;AAAA,IACtB,eAAeA,EAAY;AAAA,IAC3B,UAAUA,EAAY,YAAY;AAAA,IAClC,YAAYlD;AAAA,IACZ,SAAS,CAAC,MAAM;AAAA,IAChB,WAAW;AAAA,MACP,OAAOkD,EAAY,UAAU,SAASK;AAAA,MACtC,OAAOL,EAAY,UAAU,SAASlC,EAAoBqC,CAAa;AAAA,MACvE,WAAWH,EAAY,UAAU,aAAaI;AAAA,IAAA;AAAA,IAElD,sBAAsB;AAAA,IACtB,OAAO,OAAOJ,EAAY,KAAK;AAAA,IAC/B,SAASlC,EAAoB,IAAI,KAAK,KAAK,QAAQ,OAAU,GAAI,CAAC;AAAA,IAClE,KAAK,QAAQ,IAAI,0BAA0B;AAAA,IAC3C,SAASkC,EAAY;AAAA,EAAA;AAG1B,SAAOxB,EAA8BtB,GAAiBoB,GAAavB,CAAY;AAClF,GAEMwD,IAAoB,OAAOP,MAAkC;AAC/D,EAAAxD,EAAgB,EAAE,UAAU,+BAA+B,aAAAwD,EAAA,CAAa;AACxE,QAAMrD,IAAWqD,EAAY,YAAY,OACnC,EAAE,cAAAjD,GAAc,aAAAC,GAAa,mBAAAG,GAAmB,aAAAL,EAAA,IAAgBJ,EAAmBC,CAAQ;AAGjG,MAFAH,EAAgB,EAAE,UAAU,+BAA+B,cAAAO,GAAc,aAAAC,GAAa,mBAAAG,GAAmB,GAErG,CAACJ,KAAgB,CAACC;AAClB,UAAM,IAAI,MAAM,uCAAuCL,CAAQ,EAAE;AAGrE,QAAM2B,IAAyC;AAAA,IAC3C,MAAMZ,EAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAAA,IAC3C,UAAUV;AAAA,IACV,UAAUgD,EAAY;AAAA,IACtB,UAAUrD,EAAS,QAAQ,SAAS,EAAE;AAAA,IACtC,UAAUqD,EAAY;AAAA,IACtB,eAAeA,EAAY;AAAA,IAC3B,UAAUA,EAAY,YAAY;AAAA,IAClC,YAAYlD;AAAA,IACZ,SAAS,CAAC,MAAM;AAAA,IAChB,OAAOkD,EAAY;AAAA,IACnB,MAAM;AAAA,IACN,sBAAsB;AAAA,IACtB,OAAO,OAAOA,EAAY,KAAK;AAAA,IAC/B,SAASlC,EAAoB,IAAI,KAAK,KAAK,QAAQ,OAAU,GAAI,CAAC;AAAA,IAClE,KAAK,QAAQ,IAAI,0BAA0B;AAAA,IAC3C,SAASkC,EAAY;AAAA,EAAA;AAG3B,SAAOvB,EAA0BtB,GAAmBmB,GAAavB,CAAY;AAC/E,GAEMyD,IAAa,OAAOC,MAAmB;AACzC,EAAAjE,EAAgB,EAAE,UAAU,wBAAwB,QAAAiE,EAAA,CAAQ;AAC5D,QAAM,EAAC,qBAAArD,GAAqB,cAAAL,GAAc,aAAAC,GAAa,aAAAF,EAAA,IAAeJ,EAAmB,KAAK;AAE9F,MAAI,CAACK,KAAgB,CAACC;AAClB,UAAM,IAAI,MAAM,yCAAyC;AAG7D,QAAMsB,IAA8C;AAAA,IAChD,MAAMZ,EAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAAA,IAC3C,QAAA+C;AAAA,IACA,UAAUzD;AAAA,IACV,YAAYF;AAAA,EAAA;AAEhB,SAAO4B,EAA+BtB,GAAqBkB,GAAavB,CAAY;AACxF;"}
1	+ {"version":3,"file":"index.js","sources":["../src/types.ts","../src/utils.ts","../src/oneTime.ts","../src/recurring.ts"],"sourcesContent":["export type PaymentMethod = 'CARD' \| 'WIRE'\n\nexport const CURRENCIES = ['HUF', 'HUF_SZEP', 'EUR', 'USD'] as const\nexport type Currency = typeof CURRENCIES[number]\n\nexport const LANGUAGES = [\n 'AR', // Arabic\n 'BG', // Bulgarian\n 'CS', // Czech\n 'DE', // German\n 'EN', // English\n 'ES', // Spanish\n 'FR', // French\n 'IT', // Italian\n 'HR', // Croatian\n 'HU', // Hungarian\n 'PL', // Polish\n 'RO', // Romanian\n 'RU', // Russian\n 'SK', // Slovak\n 'TR', // Turkish\n 'ZH', // Chinese\n] as const\nexport type Language = typeof LANGUAGES[number]\n\nexport interface PaymentData {\n orderRef: string\n total: number \| string\n customerEmail: string\n currency?: Currency\n language?: Language\n method?: PaymentMethod\n invoice?: {\n name: string\n country: string\n state: string\n city: string\n zip: string\n address: string\n address2?: string\n phone?: string\n }\n}\n\nexport interface PaymentConfig {\n redirectUrl?: string\n}\n\nexport type ISO8601DateString = string\nexport interface Recurring {\n times: number,\n until: ISO8601DateString,\n maxAmount: number\n}\nexport interface RecurringPaymentData extends PaymentData {\n customer: string,\n recurring: Recurring\n}\n\nexport interface TokenPaymentData extends Omit<PaymentData, 'method'> {\n method: 'CARD',\n customer: string,\n token: string\n}\n\nexport interface SimplePayRequestBody extends Omit<PaymentData, 'total'> {\n total: string\n salt: string\n merchant: string\n sdkVersion: string\n methods: PaymentMethod[]\n timeout: string\n url: string\n}\n\nexport interface SimplePayRecurringRequestBody extends SimplePayRequestBody {\n customer: string\n recurring: Recurring\n threeDSReqAuthMethod: '02' // only registered users can use this\n}\n\nexport interface SimplePayTokenRequestBody extends SimplePayRequestBody {\n customer: string\n token: string\n threeDSReqAuthMethod: '02' // only registered users can use this\n type: 'MIT' // Merchant Initiated Transaction\n}\n\nexport interface SimplePayCancelCardRequestBody {\n salt: string\n cardId: string\n merchant: string\n sdkVersion: string\n}\n\nexport interface SimplePayResponse {\n salt: string\n merchant: string\n orderRef: string\n currency: Currency\n transactionId: string\n timeout: ISO8601DateString\n total: string\n paymentUrl: string\n errorCodes?: string[]\n}\n\nexport interface SimplePayRecurringResponse extends SimplePayResponse {\n tokens: string[]\n}\n\nexport interface SimplePayTokenResponse extends Omit<SimplePayResponse, 'paymentUrl' \| 'timeout'> { }\n\nexport interface SimplePayCancelCardResponse {\n salt: string\n merchant: string\n cardId: string\n status: 'DISABLED'\n expiry: string\n}\n\nexport type SimplePayEvents = 'SUCCESS' \| 'FAIL' \| 'TIMEOUT' \| 'CANCEL'\n\nexport interface SimplePayAPIResult {\n r: number // response code\n t: string // transaction id\n e: SimplePayEvents // event\n m: string // merchant id\n o: string // order id\n}\n\nexport interface SimplePayResult {\n responseCode: number,\n transactionId: string,\n event: SimplePayEvents,\n merchantId: string,\n orderRef: string,\n tokens?: string[],\n}\n","import crypto from 'crypto'\nimport { CURRENCIES, Currency, ISO8601DateString, SimplePayAPIResult, SimplePayCancelCardRequestBody, SimplePayCancelCardResponse, SimplePayRecurringRequestBody, SimplePayRecurringResponse, SimplePayRequestBody, SimplePayResponse, SimplePayResult, SimplePayTokenRequestBody, SimplePayTokenResponse } from \"./types\"\n\nexport const simplepayLogger = (...args: any[]) => {\n if (process.env.SIMPLEPAY_LOGGER !== 'true') {\n return\n }\n\n console.log('👉 ', ...args)\n}\n\nexport const getSimplePayConfig = (currency: Currency) => {\n if (!CURRENCIES.includes(currency)) {\n throw new Error(`Unsupported currency: ${currency}`)\n }\n\n const SIMPLEPAY_API_URL = 'https://secure.simplepay.hu/payment/v2'\n const SIMPLEPAY_SANDBOX_URL = 'https://sandbox.simplepay.hu/payment/v2'\n const SDK_VERSION = 'SimplePay_Rrd_0.12.0'\n const MERCHANT_KEY = process.env[`SIMPLEPAY_MERCHANT_KEY_${currency}`]\n const MERCHANT_ID = process.env[`SIMPLEPAY_MERCHANT_ID_${currency}`]\n\n const API_URL = process.env.SIMPLEPAY_PRODUCTION === 'true' ? SIMPLEPAY_API_URL : SIMPLEPAY_SANDBOX_URL\n const API_URL_PAYMENT = API_URL + '/start'\n const API_URL_RECURRING = API_URL + '/dorecurring'\n const API_URL_CARD_CANCEL = API_URL + '/cardcancel'\n return {\n MERCHANT_KEY,\n MERCHANT_ID,\n API_URL_PAYMENT,\n API_URL_RECURRING,\n API_URL_CARD_CANCEL,\n SDK_VERSION\n }\n}\n\n// escaping slashes for the request body to prevent strange SimplePay API errors (eg Missing Signature)\nexport const prepareRequestBody = (body: any) =>\n JSON.stringify(body).replace(/\\//g, '\\\\/')\n\nexport const generateSignature = (body: string, merchantKey: string) => {\n const hmac = crypto.createHmac('sha384', merchantKey.trim())\n hmac.update(body, 'utf8')\n return hmac.digest('base64')\n}\n\nexport const checkSignature = (responseText: string, signature: string, merchantKey: string) =>\n signature === generateSignature(responseText, merchantKey)\n\nexport const toISO8601DateString = (date: Date): ISO8601DateString => date.toISOString().replace(/\\.\\d{3}Z$/, '+00:00')\n\nexport const getCurrencyFromMerchantId = (merchantId: string) => {\n const currency = Object.entries(process.env)\n .find(([key, value]) =>\n key.startsWith('SIMPLEPAY_MERCHANT_ID_') && value === merchantId\n )?.[0]?.replace('SIMPLEPAY_MERCHANT_ID_', '') as Currency\n\n if (!currency) {\n throw new Error(`Merchant id not found in the environment: ${merchantId}`)\n }\n\n return currency\n}\n\nexport const makeSimplePayRequest = async (apiUrl: string, requestBody: SimplePayRequestBody, merchantKey: string) => {\n return makeRequest(apiUrl, requestBody, merchantKey, 'oneTime') as Promise<SimplePayResponse>\n}\n\nexport const makeSimplePayRecurringRequest = async (apiUrl: string, requestBody: SimplePayRecurringRequestBody, merchantKey: string) => {\n return makeRequest(apiUrl, requestBody, merchantKey, 'recurring') as Promise<SimplePayRecurringResponse>\n}\n\nexport const makeSimplePayTokenRequest = async (apiUrl: string, requestBody: SimplePayTokenRequestBody, merchantKey: string) => {\n return makeRequest(apiUrl, requestBody, merchantKey, 'token') as Promise<SimplePayTokenResponse>\n}\n\nexport const makeSimplePayCancelCardRequest = async (apiUrl: string, requestBody: SimplePayCancelCardRequestBody, merchantKey: string) => {\n return makeRequest(apiUrl, requestBody, merchantKey, 'cancelCard') as Promise<SimplePayCancelCardResponse>\n}\n\nconst makeRequest = async (apiUrl: string, requestBody: SimplePayRequestBody \| SimplePayRecurringRequestBody \| SimplePayTokenRequestBody \| SimplePayCancelCardRequestBody, merchantKey: string, type: 'oneTime' \| 'recurring' \| 'token' \| 'cancelCard') => {\n const bodyString = prepareRequestBody(requestBody)\n const signature = generateSignature(bodyString, merchantKey)\n simplepayLogger({ function: `SimplePay/makeRequest/${type}`, bodyString, signature })\n\n try {\n const response = await fetch(apiUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'Signature': signature,\n },\n body: bodyString,\n })\n\n simplepayLogger({ function: `SimplePay/makeRequest/${type}`, response })\n\n if (!response.ok) {\n throw new Error(`SimplePay API error: ${response.status}`)\n }\n\n const responseSignature = response.headers.get('Signature')\n simplepayLogger({ function: `SimplePay/makeRequest/${type}`, responseSignature })\n if (!responseSignature) {\n throw new Error('Missing response signature')\n }\n\n const responseText = await response.text()\n const responseJSON = JSON.parse(responseText) as { errorCodes?: string[] }\n simplepayLogger({ function: `SimplePay/makeRequest/${type}`, responseText, responseJSON })\n\n if (responseJSON.errorCodes) {\n throw new Error(`SimplePay API error: ${responseJSON.errorCodes}`)\n }\n\n if (!checkSignature(responseText, responseSignature, merchantKey)) {\n throw new Error('Invalid response signature')\n }\n\n return responseJSON\n\n } catch (error) {\n throw error\n }\n}\n\nexport const getPaymentResponse = (r: string, signature: string) => {\n simplepayLogger({ function: 'SimplePay/getPaymentResponse', r, signature })\n signature = decodeURIComponent(signature)\n const rDecoded = Buffer.from(r, 'base64').toString('utf-8')\n const rDecodedJSON = JSON.parse(rDecoded) as SimplePayAPIResult\n const currency = getCurrencyFromMerchantId(rDecodedJSON.m)\n const { MERCHANT_KEY } = getSimplePayConfig(currency as Currency)\n\n if (!checkSignature(rDecoded, signature, MERCHANT_KEY \|\| '')) {\n simplepayLogger({ function: 'SimplePay/getPaymentResponse', rDecoded, signature })\n throw new Error('Invalid response signature')\n }\n\n const responseJson = JSON.parse(rDecoded)\n const response: SimplePayResult = {\n responseCode: responseJson.r,\n transactionId: responseJson.t,\n event: responseJson.e,\n merchantId: responseJson.m,\n orderRef: responseJson.o,\n tokens: responseJson.tokens,\n }\n\n return response\n}\n\n/*\n Handles IPN (Instant Payment Notification) request and generates response\n * \n * This function implements the IPN flow according to SimplePay requirements:\n * 1. Validates the incoming signature\n * 2. Adds receiveDate property to the response (preserving original field order and data types)\n * 3. Generates response signature\n * \n * IMPORTANT: The responseBody must be sent EXACTLY as returned, without any modifications.\n * Do NOT:\n * - Re-format or pretty-print the JSON\n * - Parse and re-stringify the JSON\n * - Add any whitespace or formatting\n * - Modify the Content-Type header (must be 'application/json')\n * \n * The signature is calculated on the exact string that will be sent in the HTTP body.\n * Any modification to the responseBody will invalidate the signature.\n * \n * @param ipnBody - The raw IPN request body as string (must be the exact string received, not parsed JSON)\n * @param incomingSignature - The signature from the 'Signature' HTTP header\n * @param merchantKey - The merchant secret key for signature validation and generation\n * @returns Object containing the response JSON string and signature to send back\n * \n * @example\n * // In your IPN endpoint handler:\n * const ipnBody = await request.text() // Get raw body as string (IMPORTANT: use .text(), not JSON.parse())\n * const incomingSignature = request.headers.get('Signature')\n * const { responseBody, signature } = handleIpnRequest(ipnBody, incomingSignature, MERCHANT_KEY)\n * \n * // Send response with HTTP 200 status\n * // CRITICAL: Send responseBody exactly as returned, do not modify it!\n * return new Response(responseBody, {\n * status: 200,\n * headers: {\n * 'Content-Type': 'application/json',\n * 'Signature': signature\n * }\n * })\n /\nexport const handleIpnRequest = (ipnBody: string, incomingSignature: string, merchantKey: string) => {\n simplepayLogger({ function: 'SimplePay/handleIpnRequest', ipnBody, incomingSignature })\n \n // Step 1: Validate incoming signature\n if (!checkSignature(ipnBody, incomingSignature, merchantKey)) {\n throw new Error('Invalid IPN request signature')\n }\n \n // Step 2: Validate it's valid JSON (but don't use parsed object to preserve field order and data types)\n JSON.parse(ipnBody) // Just validate, don't use the result\n \n // Step 3: Add receiveDate to the original JSON string while preserving:\n // - Exact field order\n // - Exact data types (numeric vs string)\n // - No whitespace (compact JSON)\n // \n // Use the same simple approach as the working solution:\n // Replace the closing brace with: ,\"receiveDate\":\"${receiveDate}\"}\n // This preserves the exact original format and field order\n const receiveDate = toISO8601DateString(new Date())\n \n // Simple string replacement: replace the first (and only) closing brace\n // This is the same approach as the working solution\n const responseBody = ipnBody.replace('}', `,\"receiveDate\":\"${receiveDate}\"}`)\n \n // Step 4: Generate response signature using SHA384 HMAC + Base64\n // The signature must be calculated on the exact string that will be sent\n const responseSignature = generateSignature(responseBody, merchantKey)\n \n simplepayLogger({ function: 'SimplePay/handleIpnRequest', responseBody, responseSignature })\n \n return {\n responseBody,\n signature: responseSignature\n }\n}\n","import crypto from 'crypto'\nimport { Currency, PaymentConfig, PaymentData, SimplePayRequestBody } from './types'\nimport { simplepayLogger, getSimplePayConfig, toISO8601DateString, makeSimplePayRequest } from './utils'\n\nconst startPayment = async (paymentData: PaymentData, config: PaymentConfig = {}) => {\n simplepayLogger({ function: 'SimplePay/startPayment', paymentData })\n const currency = paymentData.currency \|\| 'HUF'\n const { MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT, SDK_VERSION } = getSimplePayConfig(currency)\n simplepayLogger({ function: 'SimplePay/startPayment', MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT })\n\n if (!MERCHANT_KEY \|\| !MERCHANT_ID) {\n throw new Error(`Missing SimplePay configuration for ${currency}`)\n }\n\n const requestBody: SimplePayRequestBody = {\n salt: crypto.randomBytes(16).toString('hex'),\n merchant: MERCHANT_ID,\n orderRef: paymentData.orderRef,\n currency: currency.replace('_SZEP', '') as Currency,\n customerEmail: paymentData.customerEmail,\n language: paymentData.language \|\| 'HU',\n sdkVersion: SDK_VERSION,\n methods: [paymentData.method \|\| 'CARD'],\n total: String(paymentData.total),\n timeout: toISO8601DateString(new Date(Date.now() + 30 60 * 1000)),\n url: config.redirectUrl \|\| process.env.SIMPLEPAY_REDIRECT_URL \|\| 'http://url.to.redirect',\n invoice: paymentData.invoice,\n }\n\n return makeSimplePayRequest(API_URL_PAYMENT, requestBody, MERCHANT_KEY)\n}\n\nexport { startPayment }\n","import crypto from 'crypto'\nimport { SimplePayRecurringRequestBody, RecurringPaymentData, TokenPaymentData, SimplePayTokenRequestBody, SimplePayCancelCardRequestBody, Currency} from './types'\nimport { getSimplePayConfig, simplepayLogger, toISO8601DateString, makeSimplePayTokenRequest, makeSimplePayRecurringRequest, makeSimplePayRequest, makeSimplePayCancelCardRequest} from './utils'\n\nconst INTERVAL_IN_MONTHS = 6\nconst DEFAULT_UNTIL = new Date(Date.now() + INTERVAL_IN_MONTHS * 30 * 24 * 60 * 60 * 1000)\nconst DEFAULT_MAX_AMOUNT = 12000\nconst DEFAULT_TIMES = 3\n\nconst startRecurringPayment = async (paymentData: RecurringPaymentData) => {\n simplepayLogger({ function: 'SimplePay/startRecurringPayment', paymentData })\n const currency = paymentData.currency \|\| 'HUF'\n const { MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT, SDK_VERSION } = getSimplePayConfig(currency)\n simplepayLogger({ function: 'SimplePay/startRecurringPayment', MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT })\n\n if (!MERCHANT_KEY \|\| !MERCHANT_ID) {\n throw new Error(`Missing SimplePay configuration for ${currency}`)\n }\n\n const requestBody: SimplePayRecurringRequestBody = {\n salt: crypto.randomBytes(16).toString('hex'),\n merchant: MERCHANT_ID,\n orderRef: paymentData.orderRef,\n currency: currency.replace('_SZEP', '') as Currency,\n customer: paymentData.customer,\n customerEmail: paymentData.customerEmail,\n language: paymentData.language \|\| 'HU',\n sdkVersion: SDK_VERSION,\n methods: ['CARD'],\n recurring: {\n times: paymentData.recurring.times \|\| DEFAULT_TIMES,\n until: paymentData.recurring.until \|\| toISO8601DateString(DEFAULT_UNTIL),\n maxAmount: paymentData.recurring.maxAmount \|\| DEFAULT_MAX_AMOUNT\n },\n threeDSReqAuthMethod: '02', \n total: String(paymentData.total),\n timeout: toISO8601DateString(new Date(Date.now() + 30 * 60 * 1000)),\n url: process.env.SIMPLEPAY_REDIRECT_URL \|\| 'http://url.to.redirect',\n invoice: paymentData.invoice,\n }\n\n return makeSimplePayRecurringRequest(API_URL_PAYMENT, requestBody, MERCHANT_KEY)\n}\n\nconst startTokenPayment = async (paymentData: TokenPaymentData) => {\n simplepayLogger({ function: 'SimplePay/startTokenPayment', paymentData })\n const currency = paymentData.currency \|\| 'HUF'\n const { MERCHANT_KEY, MERCHANT_ID, API_URL_RECURRING, SDK_VERSION } = getSimplePayConfig(currency)\n simplepayLogger({ function: 'SimplePay/startTokenPayment', MERCHANT_KEY, MERCHANT_ID, API_URL_RECURRING })\n\n if (!MERCHANT_KEY \|\| !MERCHANT_ID) {\n throw new Error(`Missing SimplePay configuration for ${currency}`)\n }\n\n const requestBody: SimplePayTokenRequestBody = {\n salt: crypto.randomBytes(16).toString('hex'),\n merchant: MERCHANT_ID,\n orderRef: paymentData.orderRef,\n currency: currency.replace('_SZEP', '') as Currency,\n customer: paymentData.customer,\n customerEmail: paymentData.customerEmail,\n language: paymentData.language \|\| 'HU',\n sdkVersion: SDK_VERSION,\n methods: ['CARD'],\n token: paymentData.token,\n type: 'MIT',\n threeDSReqAuthMethod: '02',\n total: String(paymentData.total),\n timeout: toISO8601DateString(new Date(Date.now() + 30 * 60 * 1000)),\n url: process.env.SIMPLEPAY_REDIRECT_URL \|\| 'http://recurring.url.to.redirect',\n invoice: paymentData.invoice,\n }\n\n return makeSimplePayTokenRequest(API_URL_RECURRING, requestBody, MERCHANT_KEY)\n}\n\nconst cancelCard = async (cardId: string) => {\n simplepayLogger({ function: 'SimplePay/cancelCard', cardId })\n const {API_URL_CARD_CANCEL, MERCHANT_KEY, MERCHANT_ID, SDK_VERSION} = getSimplePayConfig('HUF')\n\n if (!MERCHANT_KEY \|\| !MERCHANT_ID) {\n throw new Error(`Missing SimplePay configuration for HUF`)\n }\n\n const requestBody: SimplePayCancelCardRequestBody = {\n salt: crypto.randomBytes(16).toString('hex'),\n cardId,\n merchant: MERCHANT_ID,\n sdkVersion: SDK_VERSION,\n }\n return makeSimplePayCancelCardRequest(API_URL_CARD_CANCEL, requestBody, MERCHANT_KEY)\n}\n\nexport { startRecurringPayment, startTokenPayment , cancelCard}\n"],"names":["CURRENCIES","simplepayLogger","args","getSimplePayConfig","currency","SIMPLEPAY_API_URL","SIMPLEPAY_SANDBOX_URL","SDK_VERSION","MERCHANT_KEY","MERCHANT_ID","API_URL","API_URL_PAYMENT","API_URL_RECURRING","API_URL_CARD_CANCEL","prepareRequestBody","body","generateSignature","merchantKey","hmac","crypto","checkSignature","responseText","signature","toISO8601DateString","date","getCurrencyFromMerchantId","merchantId","key","value","makeSimplePayRequest","apiUrl","requestBody","makeRequest","makeSimplePayRecurringRequest","makeSimplePayTokenRequest","makeSimplePayCancelCardRequest","type","bodyString","response","responseSignature","responseJSON","error","getPaymentResponse","r","rDecoded","rDecodedJSON","responseJson","handleIpnRequest","ipnBody","incomingSignature","receiveDate","responseBody","startPayment","paymentData","config","INTERVAL_IN_MONTHS","DEFAULT_UNTIL","DEFAULT_MAX_AMOUNT","DEFAULT_TIMES","startRecurringPayment","startTokenPayment","cancelCard","cardId"],"mappings":";AAEO,MAAMA,IAAa,CAAC,OAAO,YAAY,OAAO,KAAK,GCC7CC,IAAkB,IAAIC,MAAgB;AAC/C,EAAI,QAAQ,IAAI,qBAAqB,UAIrC,QAAQ,IAAI,OAAO,GAAGA,CAAI;AAC9B,GAEaC,IAAqB,CAACC,MAAuB;AACtD,MAAI,CAACJ,EAAW,SAASI,CAAQ;AAC7B,UAAM,IAAI,MAAM,yBAAyBA,CAAQ,EAAE;AAGvD,QAAMC,IAAoB,0CACpBC,IAAwB,2CACxBC,IAAc,wBACdC,IAAe,QAAQ,IAAI,0BAA0BJ,CAAQ,EAAE,GAC/DK,IAAc,QAAQ,IAAI,yBAAyBL,CAAQ,EAAE,GAE7DM,IAAU,QAAQ,IAAI,yBAAyB,SAASL,IAAoBC,GAC5EK,IAAkBD,IAAU,UAC5BE,IAAoBF,IAAU,gBAC9BG,IAAsBH,IAAU;AACtC,SAAO;AAAA,IACH,cAAAF;AAAA,IACA,aAAAC;AAAA,IACA,iBAAAE;AAAA,IACA,mBAAAC;AAAA,IACA,qBAAAC;AAAA,IACA,aAAAN;AAAA,EAAA;AAER,GAGaO,IAAqB,CAACC,MAC/B,KAAK,UAAUA,CAAI,EAAE,QAAQ,OAAO,KAAK,GAEhCC,IAAoB,CAACD,GAAcE,MAAwB;AACpE,QAAMC,IAAOC,EAAO,WAAW,UAAUF,EAAY,MAAM;AAC3D,SAAAC,EAAK,OAAOH,GAAM,MAAM,GACjBG,EAAK,OAAO,QAAQ;AAC/B,GAEaE,IAAiB,CAACC,GAAsBC,GAAmBL,MACpEK,MAAcN,EAAkBK,GAAcJ,CAAW,GAEhDM,IAAsB,CAACC,MAAkCA,EAAK,cAAc,QAAQ,aAAa,QAAQ,GAEzGC,IAA4B,CAACC,MAAuB;AAC7D,QAAMtB,IAAW,OAAO,QAAQ,QAAQ,GAAG,EACtC;AAAA,IAAK,CAAC,CAACuB,GAAKC,CAAK,MACdD,EAAI,WAAW,wBAAwB,KAAKC,MAAUF;AAAA,EAAA,IACtD,CAAC,GAAG,QAAQ,0BAA0B,EAAE;AAEhD,MAAI,CAACtB;AACD,UAAM,IAAI,MAAM,6CAA6CsB,CAAU,EAAE;AAG7E,SAAOtB;AACX,GAEayB,IAAuB,OAAOC,GAAgBC,GAAmCd,MACnFe,EAAYF,GAAQC,GAAad,GAAa,SAAS,GAGrDgB,IAAgC,OAAOH,GAAgBC,GAA4Cd,MACrGe,EAAYF,GAAQC,GAAad,GAAa,WAAW,GAGvDiB,IAA4B,OAAOJ,GAAgBC,GAAwCd,MAC7Fe,EAAYF,GAAQC,GAAad,GAAa,OAAO,GAGnDkB,IAAiC,OAAOL,GAAgBC,GAA6Cd,MACvGe,EAAYF,GAAQC,GAAad,GAAa,YAAY,GAG/De,IAAc,OAAOF,GAAgBC,GAAgId,GAAqBmB,MAA2D;AACvP,QAAMC,IAAavB,EAAmBiB,CAAW,GAC3CT,IAAYN,EAAkBqB,GAAYpB,CAAW;AAC3D,EAAAhB,EAAgB,EAAE,UAAU,yBAAyBmC,CAAI,IAAI,YAAAC,GAAY,WAAAf,GAAW;AAEpF,MAAI;AACA,UAAMgB,IAAW,MAAM,MAAMR,GAAQ;AAAA,MACjC,QAAQ;AAAA,MACR,SAAS;AAAA,QACL,gBAAgB;AAAA,QAChB,WAAaR;AAAA,MAAA;AAAA,MAEjB,MAAMe;AAAA,IAAA,CACT;AAID,QAFApC,EAAgB,EAAE,UAAU,yBAAyBmC,CAAI,IAAI,UAAAE,GAAU,GAEnE,CAACA,EAAS;AACV,YAAM,IAAI,MAAM,wBAAwBA,EAAS,MAAM,EAAE;AAG7D,UAAMC,IAAoBD,EAAS,QAAQ,IAAI,WAAW;AAE1D,QADArC,EAAgB,EAAE,UAAU,yBAAyBmC,CAAI,IAAI,mBAAAG,GAAmB,GAC5E,CAACA;AACD,YAAM,IAAI,MAAM,4BAA4B;AAGhD,UAAMlB,IAAe,MAAMiB,EAAS,KAAA,GAC9BE,IAAe,KAAK,MAAMnB,CAAY;AAG5C,QAFApB,EAAgB,EAAE,UAAU,yBAAyBmC,CAAI,IAAI,cAAAf,GAAc,cAAAmB,GAAc,GAErFA,EAAa;AACb,YAAM,IAAI,MAAM,wBAAwBA,EAAa,UAAU,EAAE;AAGrE,QAAI,CAACpB,EAAeC,GAAckB,GAAmBtB,CAAW;AAC5D,YAAM,IAAI,MAAM,4BAA4B;AAGhD,WAAOuB;AAAA,EAEX,SAASC,GAAO;AACZ,UAAMA;AAAA,EACV;AACJ,GAEaC,IAAqB,CAACC,GAAWrB,MAAsB;AAChE,EAAArB,EAAgB,EAAE,UAAU,gCAAgC,GAAA0C,GAAG,WAAArB,GAAW,GAC1EA,IAAY,mBAAmBA,CAAS;AACxC,QAAMsB,IAAW,OAAO,KAAKD,GAAG,QAAQ,EAAE,SAAS,OAAO,GACpDE,IAAe,KAAK,MAAMD,CAAQ,GAClCxC,IAAWqB,EAA0BoB,EAAa,CAAC,GACnD,EAAE,cAAArC,EAAA,IAAiBL,EAAmBC,CAAoB;AAEhE,MAAI,CAACgB,EAAewB,GAAUtB,GAAWd,KAAgB,EAAE;AACvD,UAAAP,EAAgB,EAAE,UAAU,gCAAgC,UAAA2C,GAAU,WAAAtB,GAAW,GAC3E,IAAI,MAAM,4BAA4B;AAGhD,QAAMwB,IAAe,KAAK,MAAMF,CAAQ;AAUxC,SATkC;AAAA,IAC9B,cAAcE,EAAa;AAAA,IAC3B,eAAeA,EAAa;AAAA,IAC5B,OAAOA,EAAa;AAAA,IACpB,YAAYA,EAAa;AAAA,IACzB,UAAUA,EAAa;AAAA,IACvB,QAAQA,EAAa;AAAA,EAAA;AAI7B,GAyCaC,IAAmB,CAACC,GAAiBC,GAA2BhC,MAAwB;AAIjG,MAHAhB,EAAgB,EAAE,UAAU,8BAA8B,SAAA+C,GAAS,mBAAAC,GAAmB,GAGlF,CAAC7B,EAAe4B,GAASC,GAAmBhC,CAAW;AACvD,UAAM,IAAI,MAAM,+BAA+B;AAInD,OAAK,MAAM+B,CAAO;AAUlB,QAAME,IAAc3B,EAAoB,oBAAI,MAAM,GAI5C4B,IAAeH,EAAQ,QAAQ,KAAK,mBAAmBE,CAAW,IAAI,GAItEX,IAAoBvB,EAAkBmC,GAAclC,CAAW;AAErE,SAAAhB,EAAgB,EAAE,UAAU,8BAA8B,cAAAkD,GAAc,mBAAAZ,GAAmB,GAEpF;AAAA,IACH,cAAAY;AAAA,IACA,WAAWZ;AAAA,EAAA;AAEnB,GC9NMa,IAAe,OAAOC,GAA0BC,IAAwB,OAAO;AACjF,EAAArD,EAAgB,EAAE,UAAU,0BAA0B,aAAAoD,EAAA,CAAa;AACnE,QAAMjD,IAAWiD,EAAY,YAAY,OACnC,EAAE,cAAA7C,GAAc,aAAAC,GAAa,iBAAAE,GAAiB,aAAAJ,EAAA,IAAgBJ,EAAmBC,CAAQ;AAG/F,MAFAH,EAAgB,EAAE,UAAU,0BAA0B,cAAAO,GAAc,aAAAC,GAAa,iBAAAE,GAAiB,GAE9F,CAACH,KAAgB,CAACC;AAClB,UAAM,IAAI,MAAM,uCAAuCL,CAAQ,EAAE;AAGrE,QAAM2B,IAAoC;AAAA,IACtC,MAAMZ,EAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAAA,IAC3C,UAAUV;AAAA,IACV,UAAU4C,EAAY;AAAA,IACtB,UAAUjD,EAAS,QAAQ,SAAS,EAAE;AAAA,IACtC,eAAeiD,EAAY;AAAA,IAC3B,UAAUA,EAAY,YAAY;AAAA,IAClC,YAAY9C;AAAA,IACZ,SAAS,CAAC8C,EAAY,UAAU,MAAM;AAAA,IACtC,OAAO,OAAOA,EAAY,KAAK;AAAA,IAC/B,SAAS9B,EAAoB,IAAI,KAAK,KAAK,QAAQ,OAAU,GAAI,CAAC;AAAA,IAClE,KAAK+B,EAAO,eAAe,QAAQ,IAAI,0BAA0B;AAAA,IACjE,SAASD,EAAY;AAAA,EAAA;AAGzB,SAAOxB,EAAqBlB,GAAiBoB,GAAavB,CAAY;AAC1E,GC1BM+C,IAAqB,GACrBC,IAAgB,IAAI,KAAK,KAAK,IAAA,IAAQD,IAAqB,KAAK,KAAK,KAAK,KAAK,GAAI,GACnFE,IAAqB,MACrBC,IAAgB,GAEhBC,IAAwB,OAAON,MAAsC;AACvE,EAAApD,EAAgB,EAAE,UAAU,mCAAmC,aAAAoD,EAAA,CAAa;AAC5E,QAAMjD,IAAWiD,EAAY,YAAY,OACnC,EAAE,cAAA7C,GAAc,aAAAC,GAAa,iBAAAE,GAAiB,aAAAJ,EAAA,IAAgBJ,EAAmBC,CAAQ;AAG/F,MAFAH,EAAgB,EAAE,UAAU,mCAAmC,cAAAO,GAAc,aAAAC,GAAa,iBAAAE,GAAiB,GAEvG,CAACH,KAAgB,CAACC;AAClB,UAAM,IAAI,MAAM,uCAAuCL,CAAQ,EAAE;AAGrE,QAAM2B,IAA6C;AAAA,IAC/C,MAAMZ,EAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAAA,IAC3C,UAAUV;AAAA,IACV,UAAU4C,EAAY;AAAA,IACtB,UAAUjD,EAAS,QAAQ,SAAS,EAAE;AAAA,IACtC,UAAUiD,EAAY;AAAA,IACtB,eAAeA,EAAY;AAAA,IAC3B,UAAUA,EAAY,YAAY;AAAA,IAClC,YAAY9C;AAAA,IACZ,SAAS,CAAC,MAAM;AAAA,IAChB,WAAW;AAAA,MACP,OAAO8C,EAAY,UAAU,SAASK;AAAA,MACtC,OAAOL,EAAY,UAAU,SAAS9B,EAAoBiC,CAAa;AAAA,MACvE,WAAWH,EAAY,UAAU,aAAaI;AAAA,IAAA;AAAA,IAElD,sBAAsB;AAAA,IACtB,OAAO,OAAOJ,EAAY,KAAK;AAAA,IAC/B,SAAS9B,EAAoB,IAAI,KAAK,KAAK,QAAQ,OAAU,GAAI,CAAC;AAAA,IAClE,KAAK,QAAQ,IAAI,0BAA0B;AAAA,IAC3C,SAAS8B,EAAY;AAAA,EAAA;AAG1B,SAAOpB,EAA8BtB,GAAiBoB,GAAavB,CAAY;AAClF,GAEMoD,IAAoB,OAAOP,MAAkC;AAC/D,EAAApD,EAAgB,EAAE,UAAU,+BAA+B,aAAAoD,EAAA,CAAa;AACxE,QAAMjD,IAAWiD,EAAY,YAAY,OACnC,EAAE,cAAA7C,GAAc,aAAAC,GAAa,mBAAAG,GAAmB,aAAAL,EAAA,IAAgBJ,EAAmBC,CAAQ;AAGjG,MAFAH,EAAgB,EAAE,UAAU,+BAA+B,cAAAO,GAAc,aAAAC,GAAa,mBAAAG,GAAmB,GAErG,CAACJ,KAAgB,CAACC;AAClB,UAAM,IAAI,MAAM,uCAAuCL,CAAQ,EAAE;AAGrE,QAAM2B,IAAyC;AAAA,IAC3C,MAAMZ,EAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAAA,IAC3C,UAAUV;AAAA,IACV,UAAU4C,EAAY;AAAA,IACtB,UAAUjD,EAAS,QAAQ,SAAS,EAAE;AAAA,IACtC,UAAUiD,EAAY;AAAA,IACtB,eAAeA,EAAY;AAAA,IAC3B,UAAUA,EAAY,YAAY;AAAA,IAClC,YAAY9C;AAAA,IACZ,SAAS,CAAC,MAAM;AAAA,IAChB,OAAO8C,EAAY;AAAA,IACnB,MAAM;AAAA,IACN,sBAAsB;AAAA,IACtB,OAAO,OAAOA,EAAY,KAAK;AAAA,IAC/B,SAAS9B,EAAoB,IAAI,KAAK,KAAK,QAAQ,OAAU,GAAI,CAAC;AAAA,IAClE,KAAK,QAAQ,IAAI,0BAA0B;AAAA,IAC3C,SAAS8B,EAAY;AAAA,EAAA;AAG3B,SAAOnB,EAA0BtB,GAAmBmB,GAAavB,CAAY;AAC/E,GAEMqD,IAAa,OAAOC,MAAmB;AACzC,EAAA7D,EAAgB,EAAE,UAAU,wBAAwB,QAAA6D,EAAA,CAAQ;AAC5D,QAAM,EAAC,qBAAAjD,GAAqB,cAAAL,GAAc,aAAAC,GAAa,aAAAF,EAAA,IAAeJ,EAAmB,KAAK;AAE9F,MAAI,CAACK,KAAgB,CAACC;AAClB,UAAM,IAAI,MAAM,yCAAyC;AAG7D,QAAMsB,IAA8C;AAAA,IAChD,MAAMZ,EAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAAA,IAC3C,QAAA2C;AAAA,IACA,UAAUrD;AAAA,IACV,YAAYF;AAAA,EAAA;AAEhB,SAAO4B,EAA+BtB,GAAqBkB,GAAavB,CAAY;AACxF;"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "simplepay-js-sdk",
-  "version": "0.12.0",
+  "version": "0.12.1",
   "description": "A Node.js utility for SimplePay payment integration",
   "repository": {
     "type": "git",

package/src/utils.spec.ts CHANGED Viewed

@@ -256,6 +256,55 @@ describe('SimplePay Utils Tests', () => {
             expect(lastFieldIndex).toBe(receiveDateIndex)
         })
+        it('should preserve numeric data types in IPN response', () => {
+            setEnv()
+            const merchantKey = 'testKey'
+            // Test with numeric transactionId (not string)
+            // This is critical: SimplePay sends numeric values, they must stay numeric
+            const ipnBodyString = '{"r":0,"t":508163884,"e":"SUCCESS","m":"testId","o":"order123"}'
+            const incomingSignature = generateSignature(ipnBodyString, merchantKey)
+            const { responseBody, signature } = handleIpnRequest(ipnBodyString, incomingSignature, merchantKey)
+            // Verify numeric transactionId stays numeric (no quotes around the number)
+            expect(responseBody).toMatch(/"t":508163884,/)
+            expect(responseBody).not.toMatch(/"t":"508163884",/)
+            // Verify response signature is valid
+            const isSignatureValid = checkSignature(responseBody, signature, merchantKey)
+            expect(isSignatureValid).toBeTruthy()
+            // Verify the response can be parsed and numeric value is preserved
+            const parsed = JSON.parse(responseBody)
+            expect(typeof parsed.t).toBe('number')
+            expect(parsed.t).toBe(508163884)
+        })
+        it('should preserve string data types in IPN response', () => {
+            setEnv()
+            const merchantKey = 'testKey'
+            // Test with string transactionId
+            const ipnBodyString = '{"r":0,"t":"504233881","e":"SUCCESS","m":"testId","o":"order123"}'
+            const incomingSignature = generateSignature(ipnBodyString, merchantKey)
+            const { responseBody, signature } = handleIpnRequest(ipnBodyString, incomingSignature, merchantKey)
+            // Verify string transactionId stays string (with quotes)
+            expect(responseBody).toMatch(/"t":"504233881",/)
+            expect(responseBody).not.toMatch(/"t":504233881,/)
+            // Verify response signature is valid
+            const isSignatureValid = checkSignature(responseBody, signature, merchantKey)
+            expect(isSignatureValid).toBeTruthy()
+            // Verify the response can be parsed and string value is preserved
+            const parsed = JSON.parse(responseBody)
+            expect(typeof parsed.t).toBe('string')
+            expect(parsed.t).toBe('504233881')
+        })
         it('should throw error for invalid incoming IPN signature', () => {
             setEnv()
             const merchantKey = 'testKey'

package/src/utils.ts CHANGED Viewed

@@ -16,7 +16,7 @@ export const getSimplePayConfig = (currency: Currency) => {
     const SIMPLEPAY_API_URL = 'https://secure.simplepay.hu/payment/v2'
     const SIMPLEPAY_SANDBOX_URL = 'https://sandbox.simplepay.hu/payment/v2'
-    const SDK_VERSION = 'SimplePay_Rrd_0.12.0'
+    const SDK_VERSION = 'SimplePay_Rrd_0.12.1'
     const MERCHANT_KEY = process.env[`SIMPLEPAY_MERCHANT_KEY_${currency}`]
     const MERCHANT_ID = process.env[`SIMPLEPAY_MERCHANT_ID_${currency}`]
@@ -155,9 +155,19 @@ export const getPaymentResponse = (r: string, signature: string) => {
  *
  * This function implements the IPN flow according to SimplePay requirements:
  * 1. Validates the incoming signature
- * 2. Adds receiveDate property to the response
+ * 2. Adds receiveDate property to the response (preserving original field order and data types)
  * 3. Generates response signature
  *
+ * **IMPORTANT**: The responseBody must be sent EXACTLY as returned, without any modifications.
+ * Do NOT:
+ * - Re-format or pretty-print the JSON
+ * - Parse and re-stringify the JSON
+ * - Add any whitespace or formatting
+ * - Modify the Content-Type header (must be 'application/json')
+ *
+ * The signature is calculated on the exact string that will be sent in the HTTP body.
+ * Any modification to the responseBody will invalidate the signature.
+ *
  * @param ipnBody - The raw IPN request body as string (must be the exact string received, not parsed JSON)
  * @param incomingSignature - The signature from the 'Signature' HTTP header
  * @param merchantKey - The merchant secret key for signature validation and generation
@@ -165,11 +175,12 @@ export const getPaymentResponse = (r: string, signature: string) => {
  *
  * @example
  * // In your IPN endpoint handler:
- * const ipnBody = await request.text() // Get raw body as string
+ * const ipnBody = await request.text() // Get raw body as string (IMPORTANT: use .text(), not JSON.parse())
  * const incomingSignature = request.headers.get('Signature')
  * const { responseBody, signature } = handleIpnRequest(ipnBody, incomingSignature, MERCHANT_KEY)
  *
  * // Send response with HTTP 200 status
+ * // CRITICAL: Send responseBody exactly as returned, do not modify it!
  * return new Response(responseBody, {
  *   status: 200,
  *   headers: {
@@ -186,30 +197,25 @@ export const handleIpnRequest = (ipnBody: string, incomingSignature: string, mer
         throw new Error('Invalid IPN request signature')
     }
-    // Step 2: Validate it's valid JSON (but don't use parsed object to preserve field order)
+    // Step 2: Validate it's valid JSON (but don't use parsed object to preserve field order and data types)
     JSON.parse(ipnBody) // Just validate, don't use the result
-    // Step 3: Add receiveDate to the original JSON string while preserving field order
-    // We insert receiveDate before the closing brace to maintain the original field order
-    // This ensures the field order in the response matches the original request
+    // Step 3: Add receiveDate to the original JSON string while preserving:
+    // - Exact field order
+    // - Exact data types (numeric vs string)
+    // - No whitespace (compact JSON)
+    //
+    // Use the same simple approach as the working solution:
+    // Replace the closing brace with: ,"receiveDate":"${receiveDate}"}
+    // This preserves the exact original format and field order
     const receiveDate = toISO8601DateString(new Date())
-    const trimmedBody = ipnBody.trim()
-    if (!trimmedBody.endsWith('}')) {
-        throw new Error('Invalid IPN body format')
-    }
-    // Remove the closing brace, add receiveDate with comma, then add closing brace back
-    const lastBraceIndex = trimmedBody.lastIndexOf('}')
-    const beforeLastBrace = trimmedBody.substring(0, lastBraceIndex).trim()
-    const receiveDateJson = `"receiveDate":"${receiveDate}"`
-    // Add comma before receiveDate if there's already content
-    const responseBody = beforeLastBrace.length > 1
-        ? `${beforeLastBrace},${receiveDateJson}}`
-        : `{${receiveDateJson}}`
+    // Simple string replacement: replace the first (and only) closing brace
+    // This is the same approach as the working solution
+    const responseBody = ipnBody.replace('}', `,"receiveDate":"${receiveDate}"}`)
     // Step 4: Generate response signature using SHA384 HMAC + Base64
+    // The signature must be calculated on the exact string that will be sent
     const responseSignature = generateSignature(responseBody, merchantKey)
     simplepayLogger({ function: 'SimplePay/handleIpnRequest', responseBody, responseSignature })