@mirahi/vendure-adyen-dropin-plugin/src/lib/plugin/adyen.controller.js

A Vendure plugin to integrate the Adyen payment provider to your server. This plugin only handles the flow for a drop-in integration on your storefront.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.AdyenController = void 0;
const tslib_1 = require("tslib");
// See: https://github.com/vendure-ecommerce/vendure/blob/master/packages/payments-plugin/src/mollie/mollie.controller.ts
const common_1 = require("@nestjs/common");
const core_1 = require("@vendure/core");
const adyen_service_1 = require("./adyen.service");
const hmacValidator_1 = tslib_1.__importDefault(require("@adyen/api-library/lib/src/utils/hmacValidator"));
const constant_1 = require("./constant");
const loggerCtx = "AdyenController";
let AdyenController = class AdyenController {
    constructor(adyenService, 
    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
    //@ts-ignore
    options) {
        this.adyenService = adyenService;
        this.options = options;
        this.hmacValidator = new hmacValidator_1.default();
    }
    webhook(basicAuthHeader, body) {
        var _a, _b;
        return tslib_1.__awaiter(this, void 0, void 0, function* () {
            const notificationRequestItem = (_b = (_a = body === null || body === void 0 ? void 0 : body.notificationItems) === null || _a === void 0 ? void 0 : _a[0]) === null || _b === void 0 ? void 0 : _b.NotificationRequestItem;
            if (!notificationRequestItem) {
                core_1.Logger.warn(`No body was found in request`, loggerCtx);
                return;
            }
            const { basicAuthCredendials, hmacKey, environment } = this.options;
            if (environment === "LIVE" && !hmacKey) {
                core_1.Logger.error(`HMAC key is required for LIVE environment for security reasons. Ignoring webhook.`, loggerCtx);
                return;
            }
            if (basicAuthCredendials && !this.isBasicAuthed(basicAuthHeader))
                return;
            if (hmacKey && this.hmacIsValid(notificationRequestItem, hmacKey) === false)
                return;
            try {
                yield this.adyenService.handleAdyenStatusUpdate(notificationRequestItem);
            }
            catch (error) {
                core_1.Logger.error(`Status update was unsuccessful.`, loggerCtx, error === null || error === void 0 ? void 0 : error.message);
                return "[accepted]";
            }
            return "[accepted]";
        });
    }
    isBasicAuthed(authHeader) {
        var _a, _b, _c, _d;
        if (typeof authHeader !== "string") {
            core_1.Logger.warn(`[DENIED] No Basic authentication was found in HTTP headers`, loggerCtx);
            return false;
        }
        const [authType, base64] = authHeader.split(" ");
        if (authType !== "Basic") {
            core_1.Logger.warn(`[DENIED] Authentication type isn't "Basic"`, loggerCtx);
            return false;
        }
        const [user, password] = Buffer.from(base64, "base64").toString("ascii").split(":");
        if (user === ((_b = (_a = this.options) === null || _a === void 0 ? void 0 : _a.basicAuthCredendials) === null || _b === void 0 ? void 0 : _b.username) &&
            password === ((_d = (_c = this.options) === null || _c === void 0 ? void 0 : _c.basicAuthCredendials) === null || _d === void 0 ? void 0 : _d.password)) {
            core_1.Logger.info(`Webhook is authed`, loggerCtx);
            return true;
        }
        core_1.Logger.warn(`[DENIED] Basic auth credentials are not valid`, loggerCtx);
        return false;
    }
    hmacIsValid(notificationRequestItem, hmac) {
        try {
            const isValid = this.hmacValidator.validateHMAC(notificationRequestItem, hmac);
            isValid
                ? core_1.Logger.info("HMAC signature: OK", loggerCtx)
                : core_1.Logger.warn("HMAC signature is invalid!", loggerCtx);
            return isValid;
        }
        catch (error) {
            core_1.Logger.error(`Webhook HMAC validation caused an error!`, loggerCtx, error === null || error === void 0 ? void 0 : error.message);
            return false;
        }
        // HmacValidator doc: https://docs.adyen.com/development-resources/webhooks/verify-hmac-signatures?utm_source=ca_test&tab=codeBlockhmac_validation_kRbv3_JS_4
    }
};
tslib_1.__decorate([
    common_1.Post("adyen/standard") // Handles Adyen's standard webhooks: https://docs.adyen.com/api-explorer/Webhooks/1/post/AUTHORISATION#request
    ,
    tslib_1.__param(0, common_1.Headers("authorization")),
    tslib_1.__param(1, common_1.Body()),
    tslib_1.__metadata("design:type", Function),
    tslib_1.__metadata("design:paramtypes", [Object, Function]),
    tslib_1.__metadata("design:returntype", Promise)
], AdyenController.prototype, "webhook", null);
AdyenController = tslib_1.__decorate([
    common_1.Controller("webhooks"),
    tslib_1.__param(1, common_1.Inject(constant_1.ADYEN_PLUGIN_INIT_OPTIONS)),
    tslib_1.__metadata("design:paramtypes", [adyen_service_1.AdyenService, Object])
], AdyenController);
exports.AdyenController = AdyenController;
//# sourceMappingURL=adyen.controller.js.map