UNPKG

hipay-professional-sdk

Version:

HiPay Professional SDK for JavaScript

github.com/nathan818fr/hipay-professional-sdk-js

nathan818fr/hipay-professional-sdk-js

357 lines 16.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.HipayException = exports.HipayClient = void 0; const axios_1 = __importDefault(require("axios")); const crypto_1 = __importDefault(require("crypto")); const url_1 = require("url"); const xml_js_1 = require("xml-js"); const Types_1 = require("./Types"); const utils_1 = require("./utils"); const validateStatus = (status) => status === 200 || status === 500; const transformResponse = (data) => data; class HipayClient { /** * Create a new HipayClient. * * Get your API credentials (login/password) from the dashboard [Toolbox](https://professional.hipay.com/toolbox/). * * Important: If you wan't to use the stage environment (for testing) use the sandbox site: * [test-professional.hipay.com](https://test-professional.hipay.com/toolbox/)! * Test accounts are validated automatically, just enter random (but valid) information at each step * (to validate bank information use Bank Name: "HSBC" and IBAN: "FR7630056009271234567890182"). * * @param opts */ constructor(opts) { this._environment = opts.env; this._endpoint = HipayClient.getEndpoint(opts.env); this._defaultData = { wsLogin: opts.login, wsPassword: opts.password, }; if (opts.subAccountLogin) { this._defaultData.wsSubAccountLogin = opts.subAccountLogin; } if (opts.subAccountId) { this._defaultData.wsSubAccountId = opts.subAccountId; } this._defaultReqOpts = Object.assign({ timeout: 30 * 1000 }, opts.defaultReqOpts); } static getEndpoint(env) { if (env === 'production') { return 'https://ws.hipay.com/'; } else if (env === 'stage') { return 'https://test-ws.hipay.com/'; } try { const url = (0, url_1.parse)(env); if ((url.protocol === 'http:' || url.protocol === 'https:') && url.slashes && !url.search) { url.search = null; url.query = null; url.hash = null; return (0, url_1.format)(url); } } catch (ignored) { } throw new Error('env must be "production", "stage" or a valid http(s) URL'); } /** * Returns client environment */ getEnvironment() { return this._environment; } /** * Returns client API endpoint */ getEndpoint() { return this._endpoint; } request(uri, data, dataType, opts) { return __awaiter(this, void 0, void 0, function* () { const req = Object.assign(Object.assign({ baseURL: this._endpoint, url: uri, method: 'post', responseType: 'text', data: (0, utils_1.createBody)(this._endpoint, Object.assign(Object.assign({}, this._defaultData), data), dataType), validateStatus, transformResponse }, this._defaultReqOpts), opts); if (!req.headers) { req.headers = {}; } if (typeof req.headers['User-Agent'] === 'undefined') { req.headers['User-Agent'] = 'hipay-professional-sdk-js/' + (0, utils_1.getPackageVersion)(); } if (typeof req.headers['Content-Type'] === 'undefined') { req.headers['Content-Type'] = 'text/xml;charset=UTF-8'; } if (typeof req.headers.Accept === 'undefined') { req.headers.Accept = 'text/xml;charset=UTF-8'; } let httpResponse; try { httpResponse = yield axios_1.default.request(req); } catch (e) { throw new HipayException('Error during HTTP requests to Hipay', e, e.isAxiosError ? e.response : undefined); } return this.parseResponse(httpResponse.data, dataType, httpResponse); }); } parseResponse(data, dataType, httpResponse) { let error, result; try { let res = (0, xml_js_1.xml2js)(data, { compact: true, ignoreDeclaration: true, ignoreInstruction: true, ignoreAttributes: true, ignoreComment: true, ignoreCdata: true, ignoreDoctype: true, }); res = (0, utils_1.objectGetOrThrow)(res, 'SOAP-ENV:Envelope', 'SOAP-ENV:Body', 'ns1:' + dataType.reqType + 'Response', dataType.reqType + 'Result'); result = {}; for (const k in res) { if (Object.prototype.hasOwnProperty.call(res, k) && !Object.prototype.hasOwnProperty.call(Object.prototype, k)) { result[k] = res[k]._text; } } if (result.code !== '0') { error = { code: parseInt(result.code), description: result.description }; } else { delete result.code; delete result.description; } } catch (e) { throw new HipayException("Error while parsing Hipay's response", e, httpResponse); } const ret = (error ? { httpResponse, error } : { httpResponse, result }); Object.defineProperty(ret, 'httpResponse', { enumerable: false }); return ret; } /** * Create a new order. * * At the time of payment you must create a new order then redirect the customer to the secure payment page hosted * by HiPay. * When the customer makes the payment the order is authorized and you can {@link HipayClient.captureOrder * capture it}. * * [HiPay documentation](https://developer.hipay.com/getting-started/platform-hipay-professional/overview/#soap-api-resources-request-a-new-order) * * @param req Requests parameters. * @param opts Requests options (you can set default values when creating the client: * {@link HipayClientOptions.defaultReqOpts}). * @return * - *resolved* with an {@link HipayResponse} when the request complete (with {@link HipayResponse.error * an error} or {@link HipayResponse.result the result}) * - *rejected* with an {@link HipayException} when an exception occurs (network error, malformed response, ...) */ createOrder(req, opts) { return this.request('/soap/payment-v2/generate', req, Types_1.definitions.CreateOrderRequest, opts); } /** * Capture an order. * * Instruct the payment gateway to capture a previously-authorized transaction, i.e. transfer the funds from the * customer's bank account to the merchant's bank account. This transaction is always preceded by an authorization. * * [HiPay documentation](https://developer.hipay.com/getting-started/platform-hipay-professional/overview/#soap-api-resources-maintenance-operations) * * @param req Requests parameters. * @param opts Requests options (you can set default values when creating the client: * {@link HipayClientOptions.defaultReqOpts}). * @return * - *resolved* with an {@link HipayResponse} when the request complete (with {@link HipayResponse.error * an error} or {@link HipayResponse.result the result}) * - *rejected* with an {@link HipayException} when an exception occurs (network error, malformed response, ...) */ captureOrder(req, opts) { return this.request('/soap/transaction-v2/confirm', req, Types_1.definitions.CaptureOrderRequest, opts); } /** * Cancel an order. * * [HiPay documentation](https://developer.hipay.com/getting-started/platform-hipay-professional/overview/#soap-api-resources-maintenance-operations) * * @param req Requests parameters. * @param opts Requests options (you can set default values when creating the client: * {@link HipayClientOptions.defaultReqOpts}). * @return * - *resolved* with an {@link HipayResponse} when the request complete (with {@link HipayResponse.error * an error} or {@link HipayResponse.result the result}) * - *rejected* with an {@link HipayException} when an exception occurs (network error, malformed response, ...) */ cancelOrder(req, opts) { return this.request('/soap/transaction-v2/cancel', req, Types_1.definitions.CancelOrderRequest, opts); } /** * Refund an order. * * [HiPay documentation](https://developer.hipay.com/getting-started/platform-hipay-professional/overview/#soap-api-resources-refund-an-order) * * @param req Requests parameters. * @param opts Requests options (you can set default values when creating the client: * {@link HipayClientOptions.defaultReqOpts}). * @return * - *resolved* with an {@link HipayResponse} when the request complete (with {@link HipayResponse.error * an error} or {@link HipayResponse.result the result}) * - *rejected* with an {@link HipayException} when an exception occurs (network error, malformed response, ...) */ refundOrder(req, opts) { return this.request('/soap/refund-v2/card', req, Types_1.definitions.RefundOrderRequest, opts); } /** * Parse Notification (callback) inputs. * * After a successful purchase, HiPay calls twice your Notification (callback) URL in background with comprehensive * information about the payment (the first time for the authorization notification and the second one for the * capture notification). * Information are passed through an `xml` field in the body of an http POST request (of type * `application/x-www-form-urlencoded`). * This method parses the contents of this xml field and validates the checksum of the request. * * Checksum or Signature verification: * TODO (wait for HiPay support information about documentations errors) * * [HiPay documentation](https://developer.hipay.com/getting-started/platform-hipay-professional/overview/#server-to-server-notifications-what-is-a-server-to-server-notification) * * @param xmlStr The value of the field `xml` (from POST request body) * @param opts * @return * - *resolved* with an {@link HipayNotificationResponse} when no error is encountered * - *rejected* with an {@link Error} when any error occurs (invalid format, bad signature, ...) */ parseNotification(xmlStr, opts) { return __awaiter(this, void 0, void 0, function* () { // NOTE: This method returns a Promise in case of parsing or signature verification become async a day! let xml; try { xml = (0, xml_js_1.xml2js)(xmlStr, { compact: true, ignoreDeclaration: true, ignoreInstruction: true, ignoreAttributes: true, ignoreComment: true, ignoreCdata: true, ignoreDoctype: true, }); } catch (e) { throw new Error("Can't decode XML content"); } if (typeof xml !== 'object' || typeof xml.mapi !== 'object' || typeof xml.mapi.mapiversion !== 'object' || typeof xml.mapi.mapiversion._text !== 'string' || typeof xml.mapi.md5content !== 'object' || typeof xml.mapi.md5content._text !== 'string' || typeof xml.mapi.result !== 'object') { throw new Error('Incomplete XML content'); } const checkMd5Content = !opts || opts.checkMd5Content !== false; // defaults to true const checkSignature = !!opts && opts.checkSignature === true; // defaults to false if (checkMd5Content || checkSignature) { const md5content = Buffer.from(xml.mapi.md5content._text, 'hex'); if (!md5content || md5content.length !== 16) { throw new Error('md5content is invalid'); } const resultBegin = xmlStr.search(/<result(\s|>)/); // istanbul ignore next if (resultBegin === -1) { throw new Error('Unable to find result begin'); } let resultEnd = xmlStr.lastIndexOf('</result>'); // istanbul ignore next if (resultEnd === -1) { throw new Error('Unable to find result end'); } resultEnd += 9; // '</result>'.length const checkMd5Content = (withPassword) => { const hash = crypto_1.default.createHash('md5'); hash.update(Buffer.from(xmlStr.substring(resultBegin, resultEnd), 'utf8')); if (withPassword) { hash.update(Buffer.from(this._defaultData.wsPassword, 'utf8')); } const signature = hash.digest(); if (!crypto_1.default.timingSafeEqual(md5content, signature)) { throw new Error(md5content.toString('hex') + '(current) != ' + signature.toString('hex') + '(expected)'); } }; try { checkMd5Content(checkSignature); } catch (e) { if (checkSignature) { throw new Error('Bad signature: ' + e.message); } else { // if the legacy md5content check fail, we need to try the new signature check try { checkMd5Content(true); } catch (e2) { throw new Error('Bad md5content: ' + e.message + ', ' + e2.message); } } } } const result = {}; for (const k in xml.mapi.result) { if (Object.prototype.hasOwnProperty.call(xml.mapi.result, k) && !Object.prototype.hasOwnProperty.call(Object.prototype, k)) { const v = xml.mapi.result[k]; if (k === 'merchantDatas') { result[k] = {}; for (const dataKey in v) { if (Object.prototype.hasOwnProperty.call(v, dataKey) && dataKey.indexOf('_aKey_') === 0) { const k2 = dataKey.substr(6); // '_aKey_'.length = 6 if (!Object.prototype.hasOwnProperty.call(Object.prototype, k2)) { result[k][k2] = v[dataKey]._text; } } } } else if (typeof v._text !== 'undefined') { result[k] = v._text; } } } return { mapiversion: xml.mapi.mapiversion._text, md5content: xml.mapi.md5content._text, result, }; }); } toString() { return 'HipayClient{environment=' + this._environment + '}'; } } exports.HipayClient = HipayClient; /** * API request exception. * * Unlike {@link HipayError errors}, exceptions are unexpected and unanticipated events (network errors, ...). */ class HipayException extends Error { constructor(message, cause, httpResponse) { super(message + (cause && cause.message ? ' (' + cause.message + ')' : '')); this.cause = cause; this.httpResponse = httpResponse; } } exports.HipayException = HipayException; //# sourceMappingURL=HipayClient.js.map