zatca-xml-ts/lib/zatca/api/index.js

An implementation of Saudi Arabia ZATCA's E-Invoicing requirements, processes, and standards.

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const axios_1 = __importDefault(require("axios"));
const signing_1 = require("../signing");
const settings = {
    API_VERSION: "V2",
    SANDBOX_BASEURL: "https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal",
    SIMULATION_BASEURL: "https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation",
    PRODUCTION_BASEURL: "https://gw-fatoora.zatca.gov.sa/e-invoicing/core",
};
class API {
    env;
    constructor(env) {
        this.env = env;
    }
    getAuthHeaders = (certificate, secret) => {
        if (certificate && secret) {
            const certificate_stripped = (0, signing_1.cleanUpCertificateString)(certificate);
            const basic = Buffer.from(`${Buffer.from(certificate_stripped).toString("base64")}:${secret}`).toString("base64");
            return {
                "Authorization": `Basic ${basic}`
            };
        }
        return {};
    };
    compliance(certificate, secret) {
        const auth_headers = this.getAuthHeaders(certificate, secret);
        const base_url = this.env == "production"
            ? settings.PRODUCTION_BASEURL
            : this.env == "simulation"
                ? settings.SIMULATION_BASEURL
                : settings.SANDBOX_BASEURL;
        const issueCertificate = async (csr, otp) => {
            const headers = {
                "Accept-Version": settings.API_VERSION,
                OTP: otp
            };
            const response = await axios_1.default.post(`${base_url}/compliance`, { csr: Buffer.from(csr).toString("base64") }, { headers: { ...auth_headers, ...headers } });
            if (response.status != 200)
                throw new Error("Error issuing a compliance certificate.");
            let issued_certificate = Buffer.from(response.data.binarySecurityToken, "base64").toString();
            issued_certificate = `-----BEGIN CERTIFICATE-----\n${issued_certificate}\n-----END CERTIFICATE-----`;
            const api_secret = response.data.secret;
            return { issued_certificate, api_secret, request_id: response.data.requestID };
        };
        const checkInvoiceCompliance = async (signed_xml_string, invoice_hash, egs_uuid) => {
            const headers = {
                "Accept-Version": settings.API_VERSION,
                "Accept-Language": "en",
            };
            const response = await axios_1.default.post(`${base_url}/compliance/invoices`, {
                invoiceHash: invoice_hash,
                uuid: egs_uuid,
                invoice: Buffer.from(signed_xml_string).toString("base64")
            }, { headers: { ...auth_headers, ...headers } });
            if (response.status != 200 && response.status != 202)
                throw new Error("Error in compliance check.");
            return response.data;
        };
        return {
            issueCertificate,
            checkInvoiceCompliance
        };
    }
    production(certificate, secret) {
        const auth_headers = this.getAuthHeaders(certificate, secret);
        const base_url = this.env == "production"
            ? settings.PRODUCTION_BASEURL
            : this.env == "simulation"
                ? settings.SIMULATION_BASEURL
                : settings.SANDBOX_BASEURL;
        const issueCertificate = async (compliance_request_id) => {
            const headers = {
                "Accept-Version": settings.API_VERSION
            };
            const response = await axios_1.default.post(`${base_url}/production/csids`, { compliance_request_id: compliance_request_id }, { headers: { ...auth_headers, ...headers } });
            if (response.status != 200)
                throw new Error("Error issuing a production certificate.");
            let issued_certificate = Buffer.from(response.data.binarySecurityToken, "base64").toString();
            issued_certificate = `-----BEGIN CERTIFICATE-----\n${issued_certificate}\n-----END CERTIFICATE-----`;
            const api_secret = response.data.secret;
            return { issued_certificate, api_secret, request_id: response.data.requestID };
        };
        const reportInvoice = async (signed_xml_string, invoice_hash, egs_uuid) => {
            const headers = {
                "Accept-Version": settings.API_VERSION,
                "Accept-Language": "en",
                "Clearance-Status": "0"
            };
            const response = await axios_1.default.post(`${base_url}/invoices/reporting/single`, {
                invoiceHash: invoice_hash,
                uuid: egs_uuid,
                invoice: Buffer.from(signed_xml_string).toString("base64"),
            }, { headers: { ...auth_headers, ...headers } });
            if (response.status != 200 && response.status !== 202)
                throw new Error("Error in reporting invoice.");
            return response.data;
        };
        const clearanceInvoice = async (signed_xml_string, invoice_hash, egs_uuid) => {
            const headers = {
                "Accept-Version": settings.API_VERSION,
                "Accept-Language": "en",
                "Clearance-Status": "1",
            };
            const response = await axios_1.default.post(`${base_url}/invoices/clearance/single`, {
                invoiceHash: invoice_hash,
                uuid: egs_uuid,
                invoice: Buffer.from(signed_xml_string).toString("base64"),
            }, { headers: { ...auth_headers, ...headers } });
            if (response.status != 200 && response.status !== 202)
                throw new Error("Error in clearance invoice.");
            return response.data;
        };
        return {
            issueCertificate,
            reportInvoice,
            clearanceInvoice,
        };
    }
}
exports.default = API;