simplepay-js-sdk 0.6.1 → 0.8.0

package/src/recurring.spec.ts

@@ -0,0 +1,71 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest'
+import { startRecurringPayment } from './recurring'
+import { toISO8601DateString } from './utils'
+
+const setEnv = () => {
+    process.env.SIMPLEPAY_MERCHANT_ID_HUF = 'testId'
+    process.env.SIMPLEPAY_MERCHANT_KEY_HUF = 'testKey'
+    process.env.SIMPLEPAY_MERCHANT_ID_EUR = 'merchantEuroId'
+    process.env.SIMPLEPAY_MERCHANT_KEY_EUR = 'secretEuroKey'
+}
+
+const paymentData = {
+    orderRef: 'TEST123',
+    customer: 'Radharadhya Dasa',
+    customerEmail: 'test@example.com',
+    total: 1212,
+    recurring: {
+        times: 3,
+        until: toISO8601DateString(new Date(Date.now() + 6 * 30 * 24 * 60 * 60 * 1000)),
+        maxAmount: 12000
+    }
+}
+describe('SimplePay Recurring Tests', () => {
+    beforeEach(() => {
+        // Clear all environment variables before each test
+        delete process.env.SIMPLEPAY_MERCHANT_ID_HUF
+        delete process.env.SIMPLEPAY_MERCHANT_KEY_HUF
+        delete process.env.SIMPLEPAY_MERCHANT_ID_EUR
+        delete process.env.SIMPLEPAY_MERCHANT_KEY_EUR
+    })
+
+    describe('startRecurringPayment', () => {
+        it('should throw error when merchant configuration is missing', async () => {
+            await expect(startRecurringPayment(paymentData)).rejects.toThrow('Missing SimplePay configuration')
+        })
+
+        it('should handle API errors correctly', async () => {
+            setEnv()
+            global.fetch = vi.fn().mockResolvedValue({
+                ok: true,
+                headers: {
+                    get: vi.fn().mockReturnValue('mockSignature')
+                },
+                text: vi.fn().mockResolvedValue(JSON.stringify({
+                    transactionId: '123456',
+                    total: '1212',
+                    merchant: 'testId'
+                }))
+            }) as unknown as typeof fetch
+            await expect(startRecurringPayment(paymentData)).rejects.toThrow('Invalid response signature')
+        })
+
+        it('should successfully start recurring payment and card registration when API returns valid response', async () => {
+            setEnv()
+            global.fetch = vi.fn().mockResolvedValue({
+                ok: true,
+                headers: {
+                    get: vi.fn().mockReturnValue('bxSwUc0qn0oABSRcq9uawF6zncFBhRk/AbO4HznYR9Pt5SjocyxAD+9Q4bE44h0J')
+                },
+                text: vi.fn().mockResolvedValue(JSON.stringify({
+                    transactionId: '123456',
+                    total: '1212',
+                    merchant: 'testId'
+                }))
+            }) as unknown as typeof fetch
+
+            await expect(startRecurringPayment(paymentData)).resolves.toBeDefined()
+        })
+    })
+
+})

package/src/recurring.ts

@@ -0,0 +1,94 @@
+import crypto from 'crypto'
+import { SimplePayRecurringRequestBody, RecurringPaymentData, TokenPaymentData, SimplePayTokenRequestBody, SimplePayCardCancelRequestBody} from './types'
+import { getSimplePayConfig, simplepayLogger, toISO8601DateString, makeSimplePayTokenRequest, makeSimplePayRecurringRequest, makeSimplePayRequest, makeSimplePayCardCancelRequest} from './utils'
+
+const INTERVAL_IN_MONTHS = 6
+const DEFAULT_UNTIL = new Date(Date.now() + INTERVAL_IN_MONTHS * 30 * 24 * 60 * 60 * 1000)
+const DEFAULT_MAX_AMOUNT = 12000
+const DEFAULT_TIMES = 3
+
+const startRecurringPayment = async (paymentData: RecurringPaymentData) => {
+    simplepayLogger({ function: 'SimplePay/startRecurringPayment', paymentData })
+    const currency = paymentData.currency || 'HUF'
+    const { MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT, SDK_VERSION } = getSimplePayConfig(currency)
+    simplepayLogger({ function: 'SimplePay/startRecurringPayment', MERCHANT_KEY, MERCHANT_ID, API_URL_PAYMENT })
+
+    if (!MERCHANT_KEY || !MERCHANT_ID) {
+        throw new Error(`Missing SimplePay configuration for ${currency}`)
+    }
+
+    const requestBody: SimplePayRecurringRequestBody = {
+        salt: crypto.randomBytes(16).toString('hex'),
+        merchant: MERCHANT_ID,
+        orderRef: paymentData.orderRef,
+        currency,
+        customer: paymentData.customer,
+        customerEmail: paymentData.customerEmail,
+        language: paymentData.language || 'HU',
+        sdkVersion: SDK_VERSION,
+        methods: ['CARD'],
+        recurring: {
+            times: paymentData.recurring.times || DEFAULT_TIMES,
+            until: paymentData.recurring.until || toISO8601DateString(DEFAULT_UNTIL),
+            maxAmount: paymentData.recurring.maxAmount || DEFAULT_MAX_AMOUNT
+        },
+        threeDSReqAuthMethod: '02', 
+        total: String(paymentData.total),
+        timeout: toISO8601DateString(new Date(Date.now() + 30 * 60 * 1000)),
+        url: process.env.SIMPLEPAY_REDIRECT_URL || 'http://url.to.redirect',
+        invoice: paymentData.invoice,
+    }
+
+   return makeSimplePayRecurringRequest(API_URL_PAYMENT, requestBody, MERCHANT_KEY)
+}
+
+const startTokenPayment = async (paymentData: TokenPaymentData) => {
+    simplepayLogger({ function: 'SimplePay/startTokenPayment', paymentData })
+    const currency = paymentData.currency || 'HUF'
+    const { MERCHANT_KEY, MERCHANT_ID, API_URL_RECURRING, SDK_VERSION } = getSimplePayConfig(currency)
+    simplepayLogger({ function: 'SimplePay/startTokenPayment', MERCHANT_KEY, MERCHANT_ID, API_URL_RECURRING })
+
+    if (!MERCHANT_KEY || !MERCHANT_ID) {
+        throw new Error(`Missing SimplePay configuration for ${currency}`)
+    }
+
+    const requestBody: SimplePayTokenRequestBody = {
+        salt: crypto.randomBytes(16).toString('hex'),
+        merchant: MERCHANT_ID,
+        orderRef: paymentData.orderRef,
+        currency,
+        customer: paymentData.customer,
+        customerEmail: paymentData.customerEmail,
+        language: paymentData.language || 'HU',
+        sdkVersion: SDK_VERSION,
+        methods: ['CARD'],
+        token: paymentData.token,
+        type: 'MIT',
+        threeDSReqAuthMethod: '02',
+        total: String(paymentData.total),
+        timeout: toISO8601DateString(new Date(Date.now() + 30 * 60 * 1000)),
+        url: process.env.SIMPLEPAY_REDIRECT_URL || 'http://recurring.url.to.redirect',
+        invoice: paymentData.invoice,
+    }
+
+  return makeSimplePayTokenRequest(API_URL_RECURRING, requestBody, MERCHANT_KEY)
+}
+
+const cardCancel = async (cardId: string) => {
+    simplepayLogger({ function: 'SimplePay/cardCancel', cardId })
+    const {API_URL_CARD_CANCEL, MERCHANT_KEY, MERCHANT_ID, SDK_VERSION} = getSimplePayConfig('HUF')
+
+    if (!MERCHANT_KEY || !MERCHANT_ID) {
+        throw new Error(`Missing SimplePay configuration for HUF`)
+    }
+
+    const requestBody: SimplePayCardCancelRequestBody = {
+        salt: crypto.randomBytes(16).toString('hex'),
+        cardId,
+        merchant: MERCHANT_ID,
+        sdkVersion: SDK_VERSION,
+    }
+    return makeSimplePayCardCancelRequest(API_URL_CARD_CANCEL, requestBody, MERCHANT_KEY)
+}
+
+export { startRecurringPayment, startTokenPayment , cardCancel}

package/src/types.ts

@@ -1,9 +1,9 @@
-type PaymentMethod = 'CARD' | 'WIRE'
+export type PaymentMethod = 'CARD' | 'WIRE'
 
-const CURRENCIES = ['HUF', 'EUR', 'USD'] as const
-type Currency = typeof CURRENCIES[number]
+export const CURRENCIES = ['HUF', 'EUR', 'USD'] as const
+export type Currency = typeof CURRENCIES[number]
 
-const LANGUAGES = [
+export const LANGUAGES = [
     'AR', // Arabic
     'BG', // Bulgarian
     'CS', // Czech
@@ -21,9 +21,9 @@ const LANGUAGES = [
     'TR', // Turkish
     'ZH', // Chinese
 ] as const
-type Language = typeof LANGUAGES[number]
+export type Language = typeof LANGUAGES[number]
 
-interface PaymentData {
+export interface PaymentData {
     orderRef: string
     total: number | string
     customerEmail: string
@@ -42,7 +42,24 @@ interface PaymentData {
     }
 }
 
-interface SimplePayRequestBody extends Omit<PaymentData, 'total'> {
+export type ISO8601DateString = string
+export interface Recurring {
+    times: number,
+    until: ISO8601DateString,
+    maxAmount: number
+}
+export interface RecurringPaymentData extends PaymentData {
+    customer: string,
+    recurring: Recurring
+}
+
+export interface TokenPaymentData extends Omit<PaymentData, 'method'> {
+    method: 'CARD',
+    customer: string,
+    token: string
+}
+
+export interface SimplePayRequestBody extends Omit<PaymentData, 'total'> {
     total: string
     salt: string
     merchant: string
@@ -52,24 +69,67 @@ interface SimplePayRequestBody extends Omit<PaymentData, 'total'> {
     url: string
 }
 
-interface SimplePayResponse {
+export interface SimplePayRecurringRequestBody extends SimplePayRequestBody {
+    customer: string
+    recurring: Recurring
+    threeDSReqAuthMethod: '02'  // only registered users can use this
+}
+
+export interface SimplePayTokenRequestBody extends SimplePayRequestBody {
+    customer: string
+    token: string
+    threeDSReqAuthMethod: '02'  // only registered users can use this
+    type: 'MIT' // Merchant Initiated Transaction
+}
+
+export interface SimplePayCardCancelRequestBody {
+    salt: string
+    cardId: string
+    merchant: string
+    sdkVersion: string
+}
+
+export interface SimplePayResponse {
     salt: string
     merchant: string
     orderRef: string
     currency: Currency
     transactionId: string
-    timeout: string
+    timeout: ISO8601DateString
     total: string
     paymentUrl: string
     errorCodes?: string[]
 }
 
-interface SimplepayResult {
+export interface SimplePayRecurringResponse extends SimplePayResponse {
+    tokens: string[]
+}
+
+export interface SimplePayTokenResponse extends Omit<SimplePayResponse, 'paymentUrl' | 'timeout'> { }
+
+export interface SimplePayCardCancelResponse {
+    salt: string
+    merchant: string
+    cardId: string
+    status: 'DISABLED'
+    expiry: string
+}
+
+export type SimplePayEvents = 'SUCCESS' | 'FAIL' | 'TIMEOUT' | 'CANCEL'
+
+export interface SimplePayAPIResult {
     r: number   // response code
     t: string   // transaction id
-    e: 'success' | 'fail' | 'timeout' | 'cancel'   // event
+    e: SimplePayEvents   // event
     m: string   // merchant id
     o: string   // order id
 }
 
-export { PaymentData, SimplePayRequestBody, SimplePayResponse, SimplepayResult, CURRENCIES, Currency, PaymentMethod, LANGUAGES, Language }
+export interface SimplePayResult {
+    responseCode: number,
+    transactionId: string,
+    event: SimplePayEvents,
+    merchantId: string,
+    orderRef: string,
+    tokens?: string[],
+}

package/src/{index.spec.ts → utils.spec.ts}

@@ -1,6 +1,6 @@
-import { describe, it, expect, vi, beforeEach } from 'vitest'
-import { checkSignature, generateSignature, getPaymentResponse, getSimplePayConfig, startPayment, getCurrencyFromMerchantId } from './index'
+import { describe, it, expect, beforeEach } from 'vitest'
 import { Currency } from './types'
+import { checkSignature, generateSignature, getCurrencyFromMerchantId, getSimplePayConfig } from './utils'
 
 const setEnv = () => {
     process.env.SIMPLEPAY_MERCHANT_ID_HUF = 'testId'
@@ -14,11 +14,13 @@ const paymentData = {
     customerEmail: 'test@example.com',
     total: 1212
 }
-describe('SimplePay SDK Tests', () => {
+describe('SimplePay Utils Tests', () => {
     beforeEach(() => {
         // Clear all environment variables before each test
-        delete process.env.SIMPLEPAY_MERCHANT_KEY_HUF
         delete process.env.SIMPLEPAY_MERCHANT_ID_HUF
+        delete process.env.SIMPLEPAY_MERCHANT_KEY_HUF
+        delete process.env.SIMPLEPAY_MERCHANT_ID_EUR
+        delete process.env.SIMPLEPAY_MERCHANT_KEY_EUR
     })
     describe('generateSignature', () => {
         it('should generate correct signature for sample payload from documentation', () => {
@@ -101,7 +103,6 @@ describe('SimplePay SDK Tests', () => {
         m: 'testId',
         o: 'ORDER123'
     }
-    const encodedResponse = Buffer.from(JSON.stringify(mockResponse)).toString('base64')
 
     describe('getCurrencyFromMerchantId', () => {
         it('should return correct currency for merchantId', () => {
@@ -110,77 +111,4 @@ describe('SimplePay SDK Tests', () => {
             expect(currency).toBe('HUF')
         })
     })
-
-    describe('getPaymentResponse', () => {
-        it.only('TODO: test for invalid response', () => {
-            process.env.SIMPLEPAY_MERCHANT_ID_HUF = 'P085602'
-            process.env.SIMPLEPAY_MERCHANT_KEY_HUF = 'QnJvDEEj51jdDEa1P125258p8g5gU383'
-            const r = 'eyJyIjowLCJ0Ijo1MDQyNDU5MDIsImUiOiJTVUNDRVNTIiwibSI6IlAwODU2MDIiLCJvIjoiMTczMzQ5MzQxMjA1NyJ9'
-            const s = 'apIUA%2B8cislIlgYUB7lSpoasi%2BCIRg1SMS5zVbEytnEnxcvdx%2BWDXkAznnseADiI'
-            const result = getPaymentResponse(r, s)
-        })
-
-        it('should correctly decode and parse valid response', () => {
-            setEnv()
-            const r = 'eyJyIjowLCJ0Ijo1MDQyMzM4ODEsImUiOiJTVUNDRVNTIiwibSI6Im1lcmNoYW50RXVyb0lkIiwibyI6ImMtMS1ldXIifQ=='
-            // { r: 0, t: 504233881, e: 'SUCCESS', m: 'merchantEuroId', o: 'c-1-eur' }
-            const s = 'WWx4cnBEYThqRi94VkIvck5zRUpvRnhPb0hRK0NpemlCbVdTTUloWVdIU0NKbXZMb2M2a3pBaVpQbVlEVTh6Ng=='
-            const result = getPaymentResponse(r, s)
-            expect(result).toEqual({
-                responseCode: 0,
-                transactionId: 504233881,
-                event: 'SUCCESS',
-                merchantId: 'merchantEuroId',
-                orderRef: 'c-1-eur'
-            })
-        })
-
-        it('should throw error for invalid signature', () => {
-            setEnv()
-            expect(() =>
-                getPaymentResponse(encodedResponse, 'invalid-signature')
-            ).toThrow('Invalid response signature')
-        })
-    })
-
-    describe('startPayment', () => {
-        it('should throw error when merchant configuration is missing', async () => {
-            await expect(startPayment(paymentData)).rejects.toThrow('Missing SimplePay configuration')
-        })
-
-        it('should handle API errors correctly', async () => {
-            setEnv()
-
-            global.fetch = vi.fn().mockResolvedValue({
-                ok: true,
-                headers: {
-                    get: vi.fn().mockReturnValue('mockSignature')
-                },
-                text: vi.fn().mockResolvedValue(JSON.stringify({
-                    transactionId: '123456',
-                    total: '1212',
-                    merchant: 'testId'
-                }))
-            }) as unknown as typeof fetch
-            await expect(startPayment(paymentData)).rejects.toThrow('Invalid response signature')
-        })
-
-        it('should successfully start CARD, HUF, HU payment when API returns valid response', async () => {
-            setEnv()
-            global.fetch = vi.fn().mockResolvedValue({
-                ok: true,
-                headers: {
-                    get: vi.fn().mockReturnValue('bxSwUc0qn0oABSRcq9uawF6zncFBhRk/AbO4HznYR9Pt5SjocyxAD+9Q4bE44h0J')
-                },
-                text: vi.fn().mockResolvedValue(JSON.stringify({
-                    transactionId: '123456',
-                    total: '1212',
-                    merchant: 'testId'
-                }))
-            }) as unknown as typeof fetch
-
-            await expect(startPayment(paymentData)).resolves.toBeDefined()
-        })
-    })
-
 })

package/src/utils.ts

@@ -0,0 +1,149 @@
+import crypto from 'crypto'
+import { CURRENCIES, Currency, ISO8601DateString, SimplePayAPIResult, SimplePayCardCancelRequestBody, SimplePayCardCancelResponse, SimplePayRecurringRequestBody, SimplePayRecurringResponse, SimplePayRequestBody, SimplePayResponse, SimplePayResult, SimplePayTokenRequestBody, SimplePayTokenResponse } from "./types"
+
+export const simplepayLogger = (...args: any[]) => {
+    if (process.env.SIMPLEPAY_LOGGER !== 'true') {
+        return
+    }
+
+    console.log('👉 ', ...args)
+}
+
+export const getSimplePayConfig = (currency: Currency) => {
+    if (!CURRENCIES.includes(currency)) {
+        throw new Error(`Unsupported currency: ${currency}`)
+    }
+
+    const SIMPLEPAY_API_URL = 'https://secure.simplepay.hu/payment/v2'
+    const SIMPLEPAY_SANDBOX_URL = 'https://sandbox.simplepay.hu/payment/v2'
+    const SDK_VERSION = 'SimplePayV2.1_Rrd_0.6.1'
+    const MERCHANT_KEY = process.env[`SIMPLEPAY_MERCHANT_KEY_${currency}`]
+    const MERCHANT_ID = process.env[`SIMPLEPAY_MERCHANT_ID_${currency}`]
+
+    const API_URL = process.env.SIMPLEPAY_PRODUCTION === 'true' ? SIMPLEPAY_API_URL : SIMPLEPAY_SANDBOX_URL
+    const API_URL_PAYMENT = API_URL + '/start'
+    const API_URL_RECURRING = API_URL + '/dorecurring'
+    const API_URL_CARD_CANCEL = API_URL + '/cancelcard'
+    return {
+        MERCHANT_KEY,
+        MERCHANT_ID,
+        API_URL_PAYMENT,
+        API_URL_RECURRING,
+        API_URL_CARD_CANCEL,
+        SDK_VERSION
+    }
+}
+
+// escaping slashes for the request body to prevent strange SimplePay API errors (eg Missing Signature)
+export const prepareRequestBody = (body: any) =>
+    JSON.stringify(body).replace(/\//g, '\\/')
+
+export const generateSignature = (body: string, merchantKey: string) => {
+    const hmac = crypto.createHmac('sha384', merchantKey.trim())
+    hmac.update(body, 'utf8')
+    return hmac.digest('base64')
+}
+
+export const checkSignature = (responseText: string, signature: string, merchantKey: string) =>
+    signature === generateSignature(responseText, merchantKey)
+
+export const toISO8601DateString = (date: Date): ISO8601DateString => date.toISOString().replace(/\.\d{3}Z$/, '+00:00')
+
+export const getCurrencyFromMerchantId = (merchantId: string) => {
+    const currency = Object.entries(process.env)
+        .find(([key, value]) =>
+            key.startsWith('SIMPLEPAY_MERCHANT_ID_') && value === merchantId
+        )?.[0]?.replace('SIMPLEPAY_MERCHANT_ID_', '') as Currency
+    if (!currency) {
+        throw new Error(`Merchant id not found in the environment: ${merchantId}`)
+    }
+    return currency
+}
+
+export const makeSimplePayRequest = async (apiUrl: string, requestBody: SimplePayRequestBody, merchantKey: string) => {
+    return makeRequest(apiUrl, requestBody, merchantKey, 'oneTime') as Promise<SimplePayResponse>
+}
+
+export const makeSimplePayRecurringRequest = async (apiUrl: string, requestBody: SimplePayRecurringRequestBody, merchantKey: string) => {
+    return makeRequest(apiUrl, requestBody, merchantKey, 'recurring') as Promise<SimplePayRecurringResponse>
+}
+
+export const makeSimplePayTokenRequest = async (apiUrl: string, requestBody: SimplePayTokenRequestBody, merchantKey: string) => {
+    return makeRequest(apiUrl, requestBody, merchantKey, 'token') as Promise<SimplePayTokenResponse>
+}
+
+export const makeSimplePayCardCancelRequest = async (apiUrl: string, requestBody: SimplePayCardCancelRequestBody, merchantKey: string) => {
+    return makeRequest(apiUrl, requestBody, merchantKey, 'cardCancel') as Promise<SimplePayCardCancelResponse>
+}
+
+const makeRequest = async (apiUrl: string, requestBody: SimplePayRequestBody | SimplePayRecurringRequestBody | SimplePayTokenRequestBody | SimplePayCardCancelRequestBody, merchantKey: string, type: 'oneTime' | 'recurring' | 'token' | 'cardCancel') => {
+    const bodyString = prepareRequestBody(requestBody)
+    const signature = generateSignature(bodyString, merchantKey)
+    simplepayLogger({ function: `SimplePay/makeRequest/${type}`, bodyString, signature })
+
+    try {
+        const response = await fetch(apiUrl, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Signature': signature,
+            },
+            body: bodyString,
+        })
+
+        simplepayLogger({ function: `SimplePay/makeRequest/${type}`, response })
+
+        if (!response.ok) {
+            throw new Error(`SimplePay API error: ${response.status}`)
+        }
+
+        const responseSignature = response.headers.get('Signature')
+        simplepayLogger({ function: `SimplePay/makeRequest/${type}`, responseSignature })
+        if (!responseSignature) {
+            throw new Error('Missing response signature')
+        }
+
+        const responseText = await response.text()
+        const responseJSON = JSON.parse(responseText) as { errorCodes?: string[] }
+        simplepayLogger({ function: `SimplePay/makeRequest/${type}`, responseText, responseJSON })
+
+        if (responseJSON.errorCodes) {
+            throw new Error(`SimplePay API error: ${responseJSON.errorCodes}`)
+        }
+
+        if (!checkSignature(responseText, responseSignature, merchantKey)) {
+            throw new Error('Invalid response signature')
+        }
+
+        return responseJSON
+
+    } catch (error) {
+        throw error
+    }
+}
+
+export const getPaymentResponse = (r: string, signature: string) => {
+    simplepayLogger({ function: 'SimplePay/getPaymentResponse', r, signature })
+    signature = decodeURIComponent(signature)
+    const rDecoded = Buffer.from(r, 'base64').toString('utf-8')
+    const rDecodedJSON = JSON.parse(rDecoded) as SimplePayAPIResult
+    const currency = getCurrencyFromMerchantId(rDecodedJSON.m)
+    const { MERCHANT_KEY } = getSimplePayConfig(currency as Currency)
+
+    if (!checkSignature(rDecoded, signature, MERCHANT_KEY || '')) {
+        simplepayLogger({ function: 'SimplePay/getPaymentResponse', rDecoded, signature })
+        throw new Error('Invalid response signature')
+    }
+
+    const responseJson = JSON.parse(rDecoded)
+    const response: SimplePayResult = {
+        responseCode: responseJson.r,
+        transactionId: responseJson.t,
+        event: responseJson.e,
+        merchantId: responseJson.m,
+        orderRef: responseJson.o,
+        tokens: responseJson.tokens,
+    }
+
+    return response
+}