@strivve/strivve-sdk
Advanced tools
Comparing version 3.0.0 to 3.0.1
@@ -85,8 +85,8 @@ "use strict"; | ||
var package_json_1 = require("../../package.json"); | ||
var https_proxy_agent_1 = require("https-proxy-agent"); | ||
//import { HttpsProxyAgent } from "https-proxy-agent"; | ||
var CardsavrSession = /** @class */ (function () { | ||
function CardsavrSession(baseUrl, sessionKey, appName, rejectUnauthorized, cardsavrCert, proxy, debug) { | ||
var _this = this; | ||
if (rejectUnauthorized === void 0) { rejectUnauthorized = true; } | ||
if (debug === void 0) { debug = false; } | ||
var _this = this; | ||
this.setSessionHeaders = function (headersObject) { | ||
@@ -172,3 +172,3 @@ Object.assign(_this._headers, headersObject); | ||
agent = (this._proxy) ? | ||
new https_proxy_agent_1.HttpsProxyAgent(this._proxy) : | ||
/*new HttpsProxyAgent(this._proxy) */ undefined : | ||
new https_1.Agent(__assign({ rejectUnauthorized: this._rejectUnauthorized }, (this._cardsavrCert && { ca: this._cardsavrCert }))); | ||
@@ -175,0 +175,0 @@ config = Object.assign(config, { |
import { CardsavrSession } from "./CardsavrJSLibrary-2.0"; | ||
declare type MessageHandler = (message: jobMessage) => void; | ||
declare type cardholder_data = { | ||
type MessageHandler = (message: jobMessage) => void; | ||
type cardholder_data = { | ||
[k: string]: any; | ||
}; | ||
declare type account = { | ||
type account = { | ||
[k: string]: any; | ||
}; | ||
declare type card_data = { | ||
type card_data = { | ||
[k: string]: any; | ||
@@ -35,4 +35,12 @@ }; | ||
termination_type?: string; | ||
status_message: string; | ||
job_duration: number; | ||
}; | ||
error_message?: string; | ||
account_link?: { | ||
key_name: string; | ||
type: string; | ||
secret: string; | ||
label: string; | ||
}[]; | ||
} | ||
@@ -39,0 +47,0 @@ interface placeCardOnSiteParams extends placeCardParams { |
@@ -25,3 +25,5 @@ import { APIFilter } from "./CardsavrSessionUtilities"; | ||
private setSessionToken; | ||
sendRequest: (path: string, method: "get" | "GET" | "delete" | "DELETE" | "head" | "HEAD" | "options" | "OPTIONS" | "post" | "POST" | "put" | "PUT" | "patch" | "PATCH" | undefined, requestBody?: any, headersToAdd?: {}) => Promise<any>; | ||
sendRequest: (path: string, method: "get" | "GET" | "delete" | "DELETE" | "head" | "HEAD" | "options" | "OPTIONS" | "post" | "POST" | "put" | "PUT" | "patch" | "PATCH" | undefined, requestBody?: { | ||
[key: string]: unknown; | ||
} | undefined, headersToAdd?: {}) => Promise<any>; | ||
get: (path: string, filter: APIFilter, headersToAdd?: {}) => Promise<any>; | ||
@@ -58,3 +60,3 @@ post: (path: string, body: any, headersToAdd?: {}) => Promise<any>; | ||
createCard: (body: APIFilter, safeKey?: string | null, headersToAdd?: {}) => Promise<any>; | ||
updateCard: (id: number, body: any, safe_key: string | null, headersToAdd?: {}) => Promise<any>; | ||
updateCard: (id: number, body: any, safeKey: string | null, headersToAdd?: {}) => Promise<any>; | ||
deleteCard: (id: number, headersToAdd?: {}) => Promise<any>; | ||
@@ -69,3 +71,3 @@ getCardPlacementResults: (filter: APIFilter, pagingHeader?: {}, headersToAdd?: {}) => Promise<any>; | ||
registerForJobStatusUpdates: (jobId: number, headersToAdd?: {}) => Promise<any>; | ||
getCardholderMessages: (cardholderId: number, cardsavrMessagingAccessKey?: string | undefined, headersToAdd?: {}) => Promise<any>; | ||
getCardholderMessages: (cardholderId: number, cardsavrMessagingAccessKey?: string, headersToAdd?: {}) => Promise<any>; | ||
getJobStatusUpdate: (jobId: number, cardsavrMessagingAccessKey: string, headersToAdd?: {}) => Promise<any>; | ||
@@ -84,2 +86,9 @@ getJobInformationRequest: (jobId: number, headersToAdd?: {}) => Promise<any>; | ||
authorizeCardholder: (grant: string, headersToAdd?: {}) => Promise<any>; | ||
updateCardholderSession: (filter: APIFilter, body: { | ||
cuid: string; | ||
clickstream: { | ||
url: string; | ||
timestamp: string; | ||
}[]; | ||
}) => Promise<any>; | ||
getCardholder: (filter: number, safeKey: string | null, headersToAdd?: {}) => Promise<any>; | ||
@@ -86,0 +95,0 @@ getCardholders: (filter: APIFilter, pagingHeader?: {}, headersToAdd?: {}) => Promise<any>; |
@@ -12,13 +12,16 @@ /// <reference types="node" /> | ||
static decryptResponse(key: string, body: any): Promise<any>; | ||
static decryptAES256(b64cipherText: string, b64IV: string, b64Key: string): Promise<any>; | ||
static decryptAES256(b64cipherText: string, b64IV: string, b64Key: string, alg?: string): Promise<any>; | ||
} | ||
export declare class Signing { | ||
static sha256Hash(inputString: string): Promise<ArrayBuffer>; | ||
static signRequest(path: string, appName: string, sessionKey: string, body?: any): Promise<{ | ||
"x-cardsavr-authorization": string; | ||
"x-cardsavr-nonce": string; | ||
"x-cardsavr-signature": string; | ||
static signRequest(path: string, appName: string, sessionKey: string, body?: { | ||
[key: string]: unknown; | ||
}): Promise<{ | ||
[k: string]: string; | ||
}>; | ||
static verifySignature(headers: { | ||
[k: string]: string; | ||
}, path: string, appName: string, keys: string[], body?: string): Promise<boolean>; | ||
static signSaltWithPasswordKey(sessionSalt: string, passwordKey: string): Promise<string>; | ||
static hmacSign(inputString: any, b64Key: string, b64InputString?: boolean): Promise<string>; | ||
static hmacSign(inputString: string, b64Key: string, b64InputString?: boolean): Promise<string>; | ||
} | ||
@@ -25,0 +28,0 @@ export declare class Keys { |
export declare const generateHydrationHeader: (hydrationArray: any) => any; | ||
export declare const generateTraceValue: (bytes?: number | undefined) => string; | ||
export declare type APIFilter = number | { | ||
[key: string]: string | string[]; | ||
export declare const generateTraceValue: (bytes?: number) => string; | ||
export type APIFilter = number | { | ||
[key: string]: number[] | number | string | string[]; | ||
} | null; | ||
@@ -6,0 +6,0 @@ export declare const formatPath: (path: string, filter: APIFilter) => string; |
{ | ||
"name": "@strivve/strivve-sdk", | ||
"version": "3.0.0", | ||
"version": "3.0.1", | ||
"description": "", | ||
@@ -49,9 +49,12 @@ "directories": { | ||
"eslint": "^8.52.0", | ||
"https": "^1.0.0", | ||
"https-proxy-agent": "^5.0.1", | ||
"log-timestamp": "^0.3.0", | ||
"net": "^1.0.2", | ||
"node-fetch": "^2.7.0", | ||
"node-polyfill-webpack-plugin": "^3.0.0", | ||
"readline-sync": "^1.4.10" | ||
}, | ||
"browser": { | ||
"fs": false, | ||
"tls": false | ||
} | ||
} |
@@ -11,3 +11,3 @@ "use strict"; | ||
import {version} from "../../package.json"; | ||
import { HttpsProxyAgent } from "https-proxy-agent"; | ||
//import { HttpsProxyAgent } from "https-proxy-agent"; | ||
@@ -131,3 +131,3 @@ export class CardsavrSession { | ||
const agent = (this._proxy) ? | ||
new HttpsProxyAgent(this._proxy) : | ||
/*new HttpsProxyAgent(this._proxy) */ undefined : | ||
new HTTPSAgent({ | ||
@@ -134,0 +134,0 @@ rejectUnauthorized : this._rejectUnauthorized, |
@@ -148,27 +148,28 @@ import * as crypto from "crypto"; | ||
const stringParts = body.encrypted_body.split("$"); | ||
if (stringParts[1].length != 16) { | ||
// Not a proper 16-byte base64-encoded IV | ||
throw new Error("Response body is not properly encrypted."); | ||
} | ||
const req = this.decryptAES256(stringParts[0], stringParts[1], key); | ||
const req = this.decryptAES256(stringParts[0], stringParts[1], key, stringParts[2]); | ||
return await req; | ||
} | ||
static async decryptAES256(b64cipherText: string, b64IV: string, b64Key: string) { | ||
static async decryptAES256(b64cipherText: string, b64IV: string, b64Key: string, alg?: string) { | ||
if (!browserCrypto) { | ||
const binaryEncryptionKey = Buffer.alloc(32); | ||
binaryEncryptionKey.write(b64Key, "base64"); | ||
// decryption has support for both gcm and cdc for backward compatibility (CU config.json) | ||
const predicted_alg = b64IV.length === 16 ? "aes-256-gcm" : (b64IV.length === 24 ? "aes-256-cbc" : undefined); | ||
if (!predicted_alg || (alg && alg != predicted_alg)) { | ||
// Not a proper 16-byte base64-encoded IV, doesn't care about alg, not supported except in-browser | ||
throw new Error("Response body is not properly encrypted."); | ||
} | ||
const binaryEncryptionKey = Buffer.from(b64Key, "base64"); | ||
const iv = Buffer.from(b64IV, "base64"); | ||
const encrypted_buf = Buffer.from(b64cipherText, "base64"); | ||
const [encoded, auth_tag] = [ | ||
const [encoded, auth_tag] = predicted_alg === "aes-256-gcm" ? [ | ||
encrypted_buf.subarray(0, encrypted_buf.length - 16), | ||
encrypted_buf.subarray(encrypted_buf.length - 16, encrypted_buf.length)]; | ||
encrypted_buf.subarray(encrypted_buf.length - 16, encrypted_buf.length) | ||
] : [encrypted_buf, Buffer.from("")]; | ||
const iv = Buffer.from(b64IV, "base64"); | ||
const decryptor = crypto.createDecipheriv("aes-256-gcm", binaryEncryptionKey, iv); | ||
decryptor.setAuthTag(auth_tag); | ||
const decryptor = crypto.createDecipheriv(predicted_alg, binaryEncryptionKey, iv); | ||
if (auth_tag) { (decryptor as crypto.DecipherGCM).setAuthTag(auth_tag); } | ||
const decryptedJSON = Buffer.concat([decryptor.update(encoded), decryptor.final()]); | ||
@@ -180,2 +181,7 @@ const decryptedString = decryptedJSON.toString("utf8"); | ||
if (b64IV.length !== 16) { | ||
// Not a proper 16-byte base64-encoded IV, doesn't care about alg, not supported except in-browser | ||
throw new Error("Response body is not properly encrypted."); | ||
} | ||
const decryptKey = await browserCrypto.subtle.importKey( | ||
@@ -182,0 +188,0 @@ "raw", |
@@ -8,3 +8,3 @@ { | ||
"outDir": "../lib/", | ||
"rootDir": ".", | ||
// "rootDir": ".", | ||
"esModuleInterop": true, | ||
@@ -11,0 +11,0 @@ "strict": true, |
@@ -8,3 +8,3 @@ { | ||
"outDir": ".", | ||
"rootDir": ".", | ||
// "rootDir": ".", | ||
"esModuleInterop": true, | ||
@@ -11,0 +11,0 @@ "strict": true, |
const path = require("path"); | ||
const NodePolyfillPlugin = require('node-polyfill-webpack-plugin'); | ||
module.exports = { | ||
entry : "./src/cardsavr/CardsavrHelper.ts", | ||
plugins: [ | ||
new NodePolyfillPlugin() | ||
], | ||
module : { | ||
@@ -6,0 +11,0 @@ rules : [ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
723929
6
96
11834
+ Added@jridgewell/gen-mapping@0.3.5(transitive)
+ Added@jridgewell/resolve-uri@3.1.2(transitive)
+ Added@jridgewell/set-array@1.2.1(transitive)
+ Added@jridgewell/source-map@0.3.6(transitive)
+ Added@jridgewell/sourcemap-codec@1.4.15(transitive)
+ Added@jridgewell/trace-mapping@0.3.25(transitive)
+ Added@types/eslint@8.56.10(transitive)
+ Added@types/eslint-scope@3.7.7(transitive)
+ Added@types/estree@1.0.5(transitive)
+ Added@types/json-schema@7.0.15(transitive)
+ Added@types/node@20.12.12(transitive)
+ Added@webassemblyjs/ast@1.12.1(transitive)
+ Added@webassemblyjs/floating-point-hex-parser@1.11.6(transitive)
+ Added@webassemblyjs/helper-api-error@1.11.6(transitive)
+ Added@webassemblyjs/helper-buffer@1.12.1(transitive)
+ Added@webassemblyjs/helper-numbers@1.11.6(transitive)
+ Added@webassemblyjs/helper-wasm-bytecode@1.11.6(transitive)
+ Added@webassemblyjs/helper-wasm-section@1.12.1(transitive)
+ Added@webassemblyjs/ieee754@1.11.6(transitive)
+ Added@webassemblyjs/leb128@1.11.6(transitive)
+ Added@webassemblyjs/utf8@1.11.6(transitive)
+ Added@webassemblyjs/wasm-edit@1.12.1(transitive)
+ Added@webassemblyjs/wasm-gen@1.12.1(transitive)
+ Added@webassemblyjs/wasm-opt@1.12.1(transitive)
+ Added@webassemblyjs/wasm-parser@1.12.1(transitive)
+ Added@webassemblyjs/wast-printer@1.12.1(transitive)
+ Added@xtuc/ieee754@1.2.0(transitive)
+ Added@xtuc/long@4.2.2(transitive)
+ Addedabort-controller@3.0.0(transitive)
+ Addedacorn-import-assertions@1.9.0(transitive)
+ Addedajv-keywords@3.5.2(transitive)
+ Addedasn1.js@4.10.1(transitive)
+ Addedassert@2.1.0(transitive)
+ Addedavailable-typed-arrays@1.0.7(transitive)
+ Addedbase64-js@1.5.1(transitive)
+ Addedbn.js@4.12.05.2.1(transitive)
+ Addedbrorand@1.1.0(transitive)
+ Addedbrowserify-aes@1.2.0(transitive)
+ Addedbrowserify-cipher@1.0.1(transitive)
+ Addedbrowserify-des@1.0.2(transitive)
+ Addedbrowserify-rsa@4.1.0(transitive)
+ Addedbrowserify-sign@4.2.3(transitive)
+ Addedbrowserify-zlib@0.2.0(transitive)
+ Addedbrowserslist@4.23.0(transitive)
+ Addedbuffer@6.0.3(transitive)
+ Addedbuffer-from@1.1.2(transitive)
+ Addedbuffer-xor@1.0.3(transitive)
+ Addedbuiltin-status-codes@3.0.0(transitive)
+ Addedcall-bind@1.0.7(transitive)
+ Addedcaniuse-lite@1.0.30001620(transitive)
+ Addedchrome-trace-event@1.0.3(transitive)
+ Addedcipher-base@1.0.4(transitive)
+ Addedcommander@2.20.3(transitive)
+ Addedconsole-browserify@1.2.0(transitive)
+ Addedconstants-browserify@1.0.0(transitive)
+ Addedcore-util-is@1.0.3(transitive)
+ Addedcreate-ecdh@4.0.4(transitive)
+ Addedcreate-hash@1.2.0(transitive)
+ Addedcreate-hmac@1.1.7(transitive)
+ Addedcrypto-browserify@3.12.0(transitive)
+ Addeddefine-data-property@1.1.4(transitive)
+ Addeddefine-properties@1.2.1(transitive)
+ Addeddes.js@1.1.0(transitive)
+ Addeddiffie-hellman@5.0.3(transitive)
+ Addeddomain-browser@4.23.0(transitive)
+ Addedelectron-to-chromium@1.4.774(transitive)
+ Addedelliptic@6.5.5(transitive)
+ Addedenhanced-resolve@5.16.1(transitive)
+ Addedes-define-property@1.0.0(transitive)
+ Addedes-errors@1.3.0(transitive)
+ Addedes-module-lexer@1.5.3(transitive)
+ Addedescalade@3.1.2(transitive)
+ Addedeslint-scope@5.1.1(transitive)
+ Addedestraverse@4.3.0(transitive)
+ Addedevent-target-shim@5.0.1(transitive)
+ Addedevents@3.3.0(transitive)
+ Addedevp_bytestokey@1.0.3(transitive)
+ Addedfor-each@0.3.3(transitive)
+ Addedfunction-bind@1.1.2(transitive)
+ Addedget-intrinsic@1.2.4(transitive)
+ Addedglob-to-regexp@0.4.1(transitive)
+ Addedgopd@1.0.1(transitive)
+ Addedgraceful-fs@4.2.11(transitive)
+ Addedhas-property-descriptors@1.0.2(transitive)
+ Addedhas-proto@1.0.3(transitive)
+ Addedhas-symbols@1.0.3(transitive)
+ Addedhas-tostringtag@1.0.2(transitive)
+ Addedhash-base@3.0.4(transitive)
+ Addedhash.js@1.1.7(transitive)
+ Addedhasown@2.0.2(transitive)
+ Addedhmac-drbg@1.0.1(transitive)
+ Addedhttps-browserify@1.0.0(transitive)
+ Addedieee754@1.2.1(transitive)
+ Addedis-arguments@1.1.1(transitive)
+ Addedis-callable@1.2.7(transitive)
+ Addedis-generator-function@1.0.10(transitive)
+ Addedis-nan@1.3.2(transitive)
+ Addedis-typed-array@1.1.13(transitive)
+ Addedisarray@1.0.0(transitive)
+ Addedjest-worker@27.5.1(transitive)
+ Addedjson-parse-even-better-errors@2.3.1(transitive)
+ Addedloader-runner@4.3.0(transitive)
+ Addedmd5.js@1.3.5(transitive)
+ Addedmerge-stream@2.0.0(transitive)
+ Addedmiller-rabin@4.0.1(transitive)
+ Addedmime-db@1.52.0(transitive)
+ Addedmime-types@2.1.35(transitive)
+ Addedminimalistic-assert@1.0.1(transitive)
+ Addedminimalistic-crypto-utils@1.0.1(transitive)
+ Addedneo-async@2.6.2(transitive)
+ Addednode-polyfill-webpack-plugin@3.0.0(transitive)
+ Addednode-releases@2.0.14(transitive)
+ Addedobject-inspect@1.13.1(transitive)
+ Addedobject-is@1.1.6(transitive)
+ Addedobject-keys@1.1.1(transitive)
+ Addedobject.assign@4.1.5(transitive)
+ Addedos-browserify@0.3.0(transitive)
+ Addedpako@1.0.11(transitive)
+ Addedparse-asn1@5.1.7(transitive)
+ Addedpath-browserify@1.0.1(transitive)
+ Addedpbkdf2@3.1.2(transitive)
+ Addedpicocolors@1.0.1(transitive)
+ Addedpossible-typed-array-names@1.0.0(transitive)
+ Addedprocess@0.11.10(transitive)
+ Addedprocess-nextick-args@2.0.1(transitive)
+ Addedpublic-encrypt@4.0.3(transitive)
+ Addedpunycode@1.4.1(transitive)
+ Addedqs@6.12.1(transitive)
+ Addedquerystring-es3@0.2.1(transitive)
+ Addedrandombytes@2.1.0(transitive)
+ Addedrandomfill@1.0.4(transitive)
+ Addedreadable-stream@2.3.83.6.24.5.2(transitive)
+ Addedripemd160@2.0.2(transitive)
+ Addedsafe-buffer@5.1.25.2.1(transitive)
+ Addedschema-utils@3.3.0(transitive)
+ Addedserialize-javascript@6.0.2(transitive)
+ Addedset-function-length@1.2.2(transitive)
+ Addedsetimmediate@1.0.5(transitive)
+ Addedsha.js@2.4.11(transitive)
+ Addedside-channel@1.0.6(transitive)
+ Addedsource-map@0.6.1(transitive)
+ Addedsource-map-support@0.5.21(transitive)
+ Addedstream-browserify@3.0.0(transitive)
+ Addedstream-http@3.2.0(transitive)
+ Addedstring_decoder@1.1.11.3.0(transitive)
+ Addedsupports-color@8.1.1(transitive)
+ Addedtapable@2.2.1(transitive)
+ Addedterser@5.31.0(transitive)
+ Addedterser-webpack-plugin@5.3.10(transitive)
+ Addedtimers-browserify@2.0.12(transitive)
+ Addedtty-browserify@0.0.1(transitive)
+ Addedtype-fest@4.18.2(transitive)
+ Addedundici-types@5.26.5(transitive)
+ Addedupdate-browserslist-db@1.0.16(transitive)
+ Addedurl@0.11.3(transitive)
+ Addedutil@0.12.5(transitive)
+ Addedutil-deprecate@1.0.2(transitive)
+ Addedvm-browserify@1.1.2(transitive)
+ Addedwatchpack@2.4.1(transitive)
+ Addedwebpack@5.91.0(transitive)
+ Addedwebpack-sources@3.2.3(transitive)
+ Addedwhich-typed-array@1.1.15(transitive)
+ Addedxtend@4.0.2(transitive)
- Removedhttps@^1.0.0
- Removedhttps-proxy-agent@^5.0.1
- Removedagent-base@6.0.2(transitive)
- Removedhttps@1.0.0(transitive)
- Removedhttps-proxy-agent@5.0.1(transitive)