@strivve/strivve-sdk
Advanced tools
@strivve/strivve-sdk - npm Package Compare versions
Comparing version
@@ -85,8 +85,8 @@ "use strict"; | ||
| var package_json_1 = require("../../package.json"); | ||
| var https_proxy_agent_1 = require("https-proxy-agent"); | ||
| //import { HttpsProxyAgent } from "https-proxy-agent"; | ||
| var CardsavrSession = /** @class */ (function () { | ||
| function CardsavrSession(baseUrl, sessionKey, appName, rejectUnauthorized, cardsavrCert, proxy, debug) { | ||
| var _this = this; | ||
| if (rejectUnauthorized === void 0) { rejectUnauthorized = true; } | ||
| if (debug === void 0) { debug = false; } | ||
| var _this = this; | ||
| this.setSessionHeaders = function (headersObject) { | ||
@@ -172,3 +172,3 @@ Object.assign(_this._headers, headersObject); | ||
| agent = (this._proxy) ? | ||
| new https_proxy_agent_1.HttpsProxyAgent(this._proxy) : | ||
| /*new HttpsProxyAgent(this._proxy) */ undefined : | ||
| new https_1.Agent(__assign({ rejectUnauthorized: this._rejectUnauthorized }, (this._cardsavrCert && { ca: this._cardsavrCert }))); | ||
@@ -175,0 +175,0 @@ config = Object.assign(config, { |
| import { CardsavrSession } from "./CardsavrJSLibrary-2.0"; | ||
| declare type MessageHandler = (message: jobMessage) => void; | ||
| declare type cardholder_data = { | ||
| type MessageHandler = (message: jobMessage) => void; | ||
| type cardholder_data = { | ||
| [k: string]: any; | ||
| }; | ||
| declare type account = { | ||
| type account = { | ||
| [k: string]: any; | ||
| }; | ||
| declare type card_data = { | ||
| type card_data = { | ||
| [k: string]: any; | ||
@@ -35,4 +35,12 @@ }; | ||
| termination_type?: string; | ||
| status_message: string; | ||
| job_duration: number; | ||
| }; | ||
| error_message?: string; | ||
| account_link?: { | ||
| key_name: string; | ||
| type: string; | ||
| secret: string; | ||
| label: string; | ||
| }[]; | ||
| } | ||
@@ -39,0 +47,0 @@ interface placeCardOnSiteParams extends placeCardParams { |
@@ -25,3 +25,5 @@ import { APIFilter } from "./CardsavrSessionUtilities"; | ||
| private setSessionToken; | ||
| sendRequest: (path: string, method: "get" | "GET" | "delete" | "DELETE" | "head" | "HEAD" | "options" | "OPTIONS" | "post" | "POST" | "put" | "PUT" | "patch" | "PATCH" | undefined, requestBody?: any, headersToAdd?: {}) => Promise<any>; | ||
| sendRequest: (path: string, method: "get" | "GET" | "delete" | "DELETE" | "head" | "HEAD" | "options" | "OPTIONS" | "post" | "POST" | "put" | "PUT" | "patch" | "PATCH" | undefined, requestBody?: { | ||
| [key: string]: unknown; | ||
| } | undefined, headersToAdd?: {}) => Promise<any>; | ||
| get: (path: string, filter: APIFilter, headersToAdd?: {}) => Promise<any>; | ||
@@ -58,3 +60,3 @@ post: (path: string, body: any, headersToAdd?: {}) => Promise<any>; | ||
| createCard: (body: APIFilter, safeKey?: string | null, headersToAdd?: {}) => Promise<any>; | ||
| updateCard: (id: number, body: any, safe_key: string | null, headersToAdd?: {}) => Promise<any>; | ||
| updateCard: (id: number, body: any, safeKey: string | null, headersToAdd?: {}) => Promise<any>; | ||
| deleteCard: (id: number, headersToAdd?: {}) => Promise<any>; | ||
@@ -69,3 +71,3 @@ getCardPlacementResults: (filter: APIFilter, pagingHeader?: {}, headersToAdd?: {}) => Promise<any>; | ||
| registerForJobStatusUpdates: (jobId: number, headersToAdd?: {}) => Promise<any>; | ||
| getCardholderMessages: (cardholderId: number, cardsavrMessagingAccessKey?: string | undefined, headersToAdd?: {}) => Promise<any>; | ||
| getCardholderMessages: (cardholderId: number, cardsavrMessagingAccessKey?: string, headersToAdd?: {}) => Promise<any>; | ||
| getJobStatusUpdate: (jobId: number, cardsavrMessagingAccessKey: string, headersToAdd?: {}) => Promise<any>; | ||
@@ -84,2 +86,9 @@ getJobInformationRequest: (jobId: number, headersToAdd?: {}) => Promise<any>; | ||
| authorizeCardholder: (grant: string, headersToAdd?: {}) => Promise<any>; | ||
| updateCardholderSession: (filter: APIFilter, body: { | ||
| cuid: string; | ||
| clickstream: { | ||
| url: string; | ||
| timestamp: string; | ||
| }[]; | ||
| }) => Promise<any>; | ||
| getCardholder: (filter: number, safeKey: string | null, headersToAdd?: {}) => Promise<any>; | ||
@@ -86,0 +95,0 @@ getCardholders: (filter: APIFilter, pagingHeader?: {}, headersToAdd?: {}) => Promise<any>; |
@@ -12,13 +12,16 @@ /// <reference types="node" /> | ||
| static decryptResponse(key: string, body: any): Promise<any>; | ||
| static decryptAES256(b64cipherText: string, b64IV: string, b64Key: string): Promise<any>; | ||
| static decryptAES256(b64cipherText: string, b64IV: string, b64Key: string, alg?: string): Promise<any>; | ||
| } | ||
| export declare class Signing { | ||
| static sha256Hash(inputString: string): Promise<ArrayBuffer>; | ||
| static signRequest(path: string, appName: string, sessionKey: string, body?: any): Promise<{ | ||
| "x-cardsavr-authorization": string; | ||
| "x-cardsavr-nonce": string; | ||
| "x-cardsavr-signature": string; | ||
| static signRequest(path: string, appName: string, sessionKey: string, body?: { | ||
| [key: string]: unknown; | ||
| }): Promise<{ | ||
| [k: string]: string; | ||
| }>; | ||
| static verifySignature(headers: { | ||
| [k: string]: string; | ||
| }, path: string, appName: string, keys: string[], body?: string): Promise<boolean>; | ||
| static signSaltWithPasswordKey(sessionSalt: string, passwordKey: string): Promise<string>; | ||
| static hmacSign(inputString: any, b64Key: string, b64InputString?: boolean): Promise<string>; | ||
| static hmacSign(inputString: string, b64Key: string, b64InputString?: boolean): Promise<string>; | ||
| } | ||
@@ -25,0 +28,0 @@ export declare class Keys { |
| export declare const generateHydrationHeader: (hydrationArray: any) => any; | ||
| export declare const generateTraceValue: (bytes?: number | undefined) => string; | ||
| export declare type APIFilter = number | { | ||
| [key: string]: string | string[]; | ||
| export declare const generateTraceValue: (bytes?: number) => string; | ||
| export type APIFilter = number | { | ||
| [key: string]: number[] | number | string | string[]; | ||
| } | null; | ||
@@ -6,0 +6,0 @@ export declare const formatPath: (path: string, filter: APIFilter) => string; |
| { | ||
| "name": "@strivve/strivve-sdk", | ||
| "version": "3.0.0", | ||
| "version": "3.0.1", | ||
| "description": "", | ||
@@ -49,9 +49,12 @@ "directories": { | ||
| "eslint": "^8.52.0", | ||
| "https": "^1.0.0", | ||
| "https-proxy-agent": "^5.0.1", | ||
| "log-timestamp": "^0.3.0", | ||
| "net": "^1.0.2", | ||
| "node-fetch": "^2.7.0", | ||
| "node-polyfill-webpack-plugin": "^3.0.0", | ||
| "readline-sync": "^1.4.10" | ||
| }, | ||
| "browser": { | ||
| "fs": false, | ||
| "tls": false | ||
| } | ||
| } |
@@ -11,3 +11,3 @@ "use strict"; | ||
| import {version} from "../../package.json"; | ||
| import { HttpsProxyAgent } from "https-proxy-agent"; | ||
| //import { HttpsProxyAgent } from "https-proxy-agent"; | ||
@@ -131,3 +131,3 @@ export class CardsavrSession { | ||
| const agent = (this._proxy) ? | ||
| new HttpsProxyAgent(this._proxy) : | ||
| /*new HttpsProxyAgent(this._proxy) */ undefined : | ||
| new HTTPSAgent({ | ||
@@ -134,0 +134,0 @@ rejectUnauthorized : this._rejectUnauthorized, |
@@ -148,27 +148,28 @@ import * as crypto from "crypto"; | ||
| const stringParts = body.encrypted_body.split("$"); | ||
| if (stringParts[1].length != 16) { | ||
| // Not a proper 16-byte base64-encoded IV | ||
| throw new Error("Response body is not properly encrypted."); | ||
| } | ||
| const req = this.decryptAES256(stringParts[0], stringParts[1], key); | ||
| const req = this.decryptAES256(stringParts[0], stringParts[1], key, stringParts[2]); | ||
| return await req; | ||
| } | ||
| static async decryptAES256(b64cipherText: string, b64IV: string, b64Key: string) { | ||
| static async decryptAES256(b64cipherText: string, b64IV: string, b64Key: string, alg?: string) { | ||
| if (!browserCrypto) { | ||
| const binaryEncryptionKey = Buffer.alloc(32); | ||
| binaryEncryptionKey.write(b64Key, "base64"); | ||
| // decryption has support for both gcm and cdc for backward compatibility (CU config.json) | ||
| const predicted_alg = b64IV.length === 16 ? "aes-256-gcm" : (b64IV.length === 24 ? "aes-256-cbc" : undefined); | ||
| if (!predicted_alg || (alg && alg != predicted_alg)) { | ||
| // Not a proper 16-byte base64-encoded IV, doesn't care about alg, not supported except in-browser | ||
| throw new Error("Response body is not properly encrypted."); | ||
| } | ||
| const binaryEncryptionKey = Buffer.from(b64Key, "base64"); | ||
| const iv = Buffer.from(b64IV, "base64"); | ||
| const encrypted_buf = Buffer.from(b64cipherText, "base64"); | ||
| const [encoded, auth_tag] = [ | ||
| const [encoded, auth_tag] = predicted_alg === "aes-256-gcm" ? [ | ||
| encrypted_buf.subarray(0, encrypted_buf.length - 16), | ||
| encrypted_buf.subarray(encrypted_buf.length - 16, encrypted_buf.length)]; | ||
| encrypted_buf.subarray(encrypted_buf.length - 16, encrypted_buf.length) | ||
| ] : [encrypted_buf, Buffer.from("")]; | ||
| const iv = Buffer.from(b64IV, "base64"); | ||
| const decryptor = crypto.createDecipheriv("aes-256-gcm", binaryEncryptionKey, iv); | ||
| decryptor.setAuthTag(auth_tag); | ||
| const decryptor = crypto.createDecipheriv(predicted_alg, binaryEncryptionKey, iv); | ||
| if (auth_tag) { (decryptor as crypto.DecipherGCM).setAuthTag(auth_tag); } | ||
| const decryptedJSON = Buffer.concat([decryptor.update(encoded), decryptor.final()]); | ||
@@ -180,2 +181,7 @@ const decryptedString = decryptedJSON.toString("utf8"); | ||
| if (b64IV.length !== 16) { | ||
| // Not a proper 16-byte base64-encoded IV, doesn't care about alg, not supported except in-browser | ||
| throw new Error("Response body is not properly encrypted."); | ||
| } | ||
| const decryptKey = await browserCrypto.subtle.importKey( | ||
@@ -182,0 +188,0 @@ "raw", |
@@ -8,3 +8,3 @@ { | ||
| "outDir": "../lib/", | ||
| "rootDir": ".", | ||
| // "rootDir": ".", | ||
| "esModuleInterop": true, | ||
@@ -11,0 +11,0 @@ "strict": true, |
@@ -8,3 +8,3 @@ { | ||
| "outDir": ".", | ||
| "rootDir": ".", | ||
| // "rootDir": ".", | ||
| "esModuleInterop": true, | ||
@@ -11,0 +11,0 @@ "strict": true, |
| const path = require("path"); | ||
| const NodePolyfillPlugin = require('node-polyfill-webpack-plugin'); | ||
| module.exports = { | ||
| entry : "./src/cardsavr/CardsavrHelper.ts", | ||
| plugins: [ | ||
| new NodePolyfillPlugin() | ||
| ], | ||
| module : { | ||
@@ -6,0 +11,0 @@ rules : [ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
723929
43.99%- Dependency count
6
-14.29%- Number of package files
96
41.18%- Lines of code
11834
37.44%Dependency changes
+ Added
@jridgewell/gen-mapping@0.3.12(transitive)+ Added
@jridgewell/resolve-uri@3.1.2(transitive)+ Added
@jridgewell/source-map@0.3.10(transitive)+ Added
@jridgewell/sourcemap-codec@1.5.4(transitive)+ Added
@jridgewell/trace-mapping@0.3.29(transitive)+ Added
@types/eslint@9.6.1(transitive)+ Added
@types/eslint-scope@3.7.7(transitive)+ Added
@types/estree@1.0.8(transitive)+ Added
@types/json-schema@7.0.15(transitive)+ Added
@types/node@24.0.14(transitive)+ Added
@webassemblyjs/ast@1.14.1(transitive)+ Added
@webassemblyjs/floating-point-hex-parser@1.13.2(transitive)+ Added
@webassemblyjs/helper-api-error@1.13.2(transitive)+ Added
@webassemblyjs/helper-buffer@1.14.1(transitive)+ Added
@webassemblyjs/helper-numbers@1.13.2(transitive)+ Added
@webassemblyjs/helper-wasm-bytecode@1.13.2(transitive)+ Added
@webassemblyjs/helper-wasm-section@1.14.1(transitive)+ Added
@webassemblyjs/ieee754@1.13.2(transitive)+ Added
@webassemblyjs/leb128@1.13.2(transitive)+ Added
@webassemblyjs/utf8@1.13.2(transitive)+ Added
@webassemblyjs/wasm-edit@1.14.1(transitive)+ Added
@webassemblyjs/wasm-gen@1.14.1(transitive)+ Added
@webassemblyjs/wasm-opt@1.14.1(transitive)+ Added
@webassemblyjs/wasm-parser@1.14.1(transitive)+ Added
@webassemblyjs/wast-printer@1.14.1(transitive)+ Added
@xtuc/ieee754@1.2.0(transitive)+ Added
@xtuc/long@4.2.2(transitive)+ Added
abort-controller@3.0.0(transitive)+ Added
acorn-import-phases@1.0.4(transitive)+ Added
ajv@8.17.1(transitive)+ Added
ajv-formats@2.1.1(transitive)+ Added
ajv-keywords@5.1.0(transitive)+ Added
asn1.js@4.10.1(transitive)+ Added
assert@2.1.0(transitive)+ Added
available-typed-arrays@1.0.7(transitive)+ Added
base64-js@1.5.1(transitive)+ Added
bn.js@4.12.25.2.2(transitive)+ Added
brorand@1.1.0(transitive)+ Added
browserify-aes@1.2.0(transitive)+ Added
browserify-cipher@1.0.1(transitive)+ Added
browserify-des@1.0.2(transitive)+ Added
browserify-rsa@4.1.1(transitive)+ Added
browserify-sign@4.2.3(transitive)+ Added
browserify-zlib@0.2.0(transitive)+ Added
browserslist@4.25.1(transitive)+ Added
buffer@6.0.3(transitive)+ Added
buffer-from@1.1.2(transitive)+ Added
buffer-xor@1.0.3(transitive)+ Added
builtin-status-codes@3.0.0(transitive)+ Added
call-bind@1.0.8(transitive)+ Added
call-bind-apply-helpers@1.0.2(transitive)+ Added
call-bound@1.0.4(transitive)+ Added
caniuse-lite@1.0.30001727(transitive)+ Added
chrome-trace-event@1.0.4(transitive)+ Added
cipher-base@1.0.6(transitive)+ Added
commander@2.20.3(transitive)+ Added
console-browserify@1.2.0(transitive)+ Added
constants-browserify@1.0.0(transitive)+ Added
core-util-is@1.0.3(transitive)+ Added
create-ecdh@4.0.4(transitive)+ Added
create-hash@1.1.31.2.0(transitive)+ Added
create-hmac@1.1.7(transitive)+ Added
crypto-browserify@3.12.1(transitive)+ Added
define-data-property@1.1.4(transitive)+ Added
define-properties@1.2.1(transitive)+ Added
des.js@1.1.0(transitive)+ Added
diffie-hellman@5.0.3(transitive)+ Added
domain-browser@4.23.0(transitive)+ Added
dunder-proto@1.0.1(transitive)+ Added
electron-to-chromium@1.5.186(transitive)+ Added
elliptic@6.6.1(transitive)+ Added
enhanced-resolve@5.18.2(transitive)+ Added
es-define-property@1.0.1(transitive)+ Added
es-errors@1.3.0(transitive)+ Added
es-module-lexer@1.7.0(transitive)+ Added
es-object-atoms@1.1.1(transitive)+ Added
escalade@3.2.0(transitive)+ Added
eslint-scope@5.1.1(transitive)+ Added
estraverse@4.3.0(transitive)+ Added
event-target-shim@5.0.1(transitive)+ Added
events@3.3.0(transitive)+ Added
evp_bytestokey@1.0.3(transitive)+ Added
fast-uri@3.0.6(transitive)+ Added
for-each@0.3.5(transitive)+ Added
function-bind@1.1.2(transitive)+ Added
get-intrinsic@1.3.0(transitive)+ Added
get-proto@1.0.1(transitive)+ Added
glob-to-regexp@0.4.1(transitive)+ Added
gopd@1.2.0(transitive)+ Added
graceful-fs@4.2.11(transitive)+ Added
has-property-descriptors@1.0.2(transitive)+ Added
has-symbols@1.1.0(transitive)+ Added
has-tostringtag@1.0.2(transitive)+ Added
hash-base@3.0.5(transitive)+ Added
hash.js@1.1.7(transitive)+ Added
hasown@2.0.2(transitive)+ Added
hmac-drbg@1.0.1(transitive)+ Added
https-browserify@1.0.0(transitive)+ Added
ieee754@1.2.1(transitive)+ Added
is-arguments@1.2.0(transitive)+ Added
is-callable@1.2.7(transitive)+ Added
is-generator-function@1.1.0(transitive)+ Added
is-nan@1.3.2(transitive)+ Added
is-regex@1.2.1(transitive)+ Added
is-typed-array@1.1.15(transitive)+ Added
isarray@1.0.02.0.5(transitive)+ Added
jest-worker@27.5.1(transitive)+ Added
json-parse-even-better-errors@2.3.1(transitive)+ Added
json-schema-traverse@1.0.0(transitive)+ Added
loader-runner@4.3.0(transitive)+ Added
math-intrinsics@1.1.0(transitive)+ Added
md5.js@1.3.5(transitive)+ Added
merge-stream@2.0.0(transitive)+ Added
miller-rabin@4.0.1(transitive)+ Added
mime-db@1.52.0(transitive)+ Added
mime-types@2.1.35(transitive)+ Added
minimalistic-assert@1.0.1(transitive)+ Added
minimalistic-crypto-utils@1.0.1(transitive)+ Added
neo-async@2.6.2(transitive)+ Added
node-polyfill-webpack-plugin@3.0.0(transitive)+ Added
node-releases@2.0.19(transitive)+ Added
object-inspect@1.13.4(transitive)+ Added
object-is@1.1.6(transitive)+ Added
object-keys@1.1.1(transitive)+ Added
object.assign@4.1.7(transitive)+ Added
os-browserify@0.3.0(transitive)+ Added
pako@1.0.11(transitive)+ Added
parse-asn1@5.1.7(transitive)+ Added
path-browserify@1.0.1(transitive)+ Added
pbkdf2@3.1.3(transitive)+ Added
picocolors@1.1.1(transitive)+ Added
possible-typed-array-names@1.1.0(transitive)+ Added
process@0.11.10(transitive)+ Added
process-nextick-args@2.0.1(transitive)+ Added
public-encrypt@4.0.3(transitive)+ Added
punycode@1.4.1(transitive)+ Added
qs@6.14.0(transitive)+ Added
querystring-es3@0.2.1(transitive)+ Added
randombytes@2.1.0(transitive)+ Added
randomfill@1.0.4(transitive)+ Added
readable-stream@2.3.83.6.24.7.0(transitive)+ Added
require-from-string@2.0.2(transitive)+ Added
ripemd160@2.0.2(transitive)+ Added
safe-buffer@5.1.25.2.1(transitive)+ Added
safe-regex-test@1.1.0(transitive)+ Added
schema-utils@4.3.2(transitive)+ Added
serialize-javascript@6.0.2(transitive)+ Added
set-function-length@1.2.2(transitive)+ Added
setimmediate@1.0.5(transitive)+ Added
sha.js@2.4.12(transitive)+ Added
side-channel@1.1.0(transitive)+ Added
side-channel-list@1.0.0(transitive)+ Added
side-channel-map@1.0.1(transitive)+ Added
side-channel-weakmap@1.0.2(transitive)+ Added
source-map@0.6.1(transitive)+ Added
source-map-support@0.5.21(transitive)+ Added
stream-browserify@3.0.0(transitive)+ Added
stream-http@3.2.0(transitive)+ Added
string_decoder@1.1.11.3.0(transitive)+ Added
supports-color@8.1.1(transitive)+ Added
tapable@2.2.2(transitive)+ Added
terser@5.43.1(transitive)+ Added
terser-webpack-plugin@5.3.14(transitive)+ Added
timers-browserify@2.0.12(transitive)+ Added
to-buffer@1.2.1(transitive)+ Added
tty-browserify@0.0.1(transitive)+ Added
type-fest@4.41.0(transitive)+ Added
typed-array-buffer@1.0.3(transitive)+ Added
undici-types@7.8.0(transitive)+ Added
update-browserslist-db@1.1.3(transitive)+ Added
url@0.11.4(transitive)+ Added
util@0.12.5(transitive)+ Added
util-deprecate@1.0.2(transitive)+ Added
vm-browserify@1.1.2(transitive)+ Added
watchpack@2.4.4(transitive)+ Added
webpack@5.100.2(transitive)+ Added
webpack-sources@3.3.3(transitive)+ Added
which-typed-array@1.1.19(transitive)+ Added
xtend@4.0.2(transitive)- Removed
https@^1.0.0- Removed
https-proxy-agent@^5.0.1- Removed
agent-base@6.0.2(transitive)- Removed
https@1.0.0(transitive)- Removed
https-proxy-agent@5.0.1(transitive)