Socket
Socket
Sign inDemoInstall

cadu

Package Overview
Dependencies
Maintainers
17
Versions
18
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cadu - npm Package Compare versions

Comparing version 2.0.9 to 3.0.0

__tests__/middlewares/header-auth-panda.unit.js
__tests__/middlewares/utils/build-get-jwt.unit.js
__tests__/middlewares/utils/mytestkey.pem
src/middlewares/header-auth-panda.js
src/middlewares/utils/build-get-jwt.js

37

__tests__/client.unit.js
const cadujs = require('../src/client')
const fs = require('fs')
const certPriv = fs.readFileSync(`${__dirname}/middlewares/utils/mytestkey.pem`)
describe('Create client', () => {

@@ -22,7 +25,7 @@ test("should have property 'adapters'", () => {

test("when try connect without 'clientApplicationKey'", () => {
test("when try connect without 'privateKey'", () => {
expect(() => cadujs.connect({
environment: 'sandbox',
userIdentifier: 'teste@pagar.me',
secret: '1234',
clientId: 'client_id',
userAgent: 'user_agent',
}))

@@ -32,7 +35,7 @@ .toThrow()

test("when try connect without 'environment'", () => {
test("when try connect without 'clientId'", () => {
expect(() => cadujs.connect({
clientApplicationKey: '1234-1234-1234',
userIdentifier: 'teste@pagar.me',
secret: '1234',
environment: 'sandbox',
privateKey: certPriv,
userAgent: 'user_agent',
}))

@@ -42,7 +45,7 @@ .toThrow()

test("when try connect without 'secret'", () => {
test("when try connect without 'userAgent'", () => {
expect(() => cadujs.connect({
environment: 'sandbox',
clientApplicationKey: '1234-1234-1234',
userIdentifier: 'teste@pagar.me',
privateKey: certPriv,
clientId: 'client_id',
}))

@@ -52,7 +55,7 @@ .toThrow()

test("when try connect without 'userIdentifier'", () => {
test("when try connect without 'environment'", () => {
expect(() => cadujs.connect({
environment: 'sandbox',
clientApplicationKey: '1234-1234-1234',
secret: '1234',
privateKey: certPriv,
clientId: 'client_id',
userAgent: 'user_agent',
}))

@@ -65,5 +68,5 @@ .toThrow()

environment: 'sandbox',
clientApplicationKey: '1234-1234-1234',
secret: '1234',
userIdentifier: 'test@pagar.me',
privateKey: certPriv,
clientId: 'client_id',
userAgent: 'user_agent',
})

@@ -70,0 +73,0 @@

351

dist/cadu.js

@@ -51,9 +51,10 @@ module.exports =

var _require = __webpack_require__(1),
mappersmith = _require.default,
configs = _require.configs;
encodeJson = _require.default;
var _require2 = __webpack_require__(2),
encodeJson = _require2.default;
var headerAuthPandaMiddleware = __webpack_require__(2);
var buildGetJwtToken = __webpack_require__(3);
var forge = __webpack_require__(10).default;
var headerAuth = __webpack_require__(3);
var _require2 = __webpack_require__(10),
configs = _require2.configs;

@@ -66,3 +67,3 @@ var _require3 = __webpack_require__(9),

var _require4 = __webpack_require__(10),
var _require4 = __webpack_require__(11),
memberRoutes = _require4.memberRoutes,

@@ -80,11 +81,14 @@ contactRoutes = _require4.contactRoutes,

var adapters = __webpack_require__(22);
var adapters = __webpack_require__(23);
var _require5 = __webpack_require__(27),
validateConfig = _require5.validateConfig;
var _require5 = __webpack_require__(28),
validateConfig = _require5.validateConfig,
validateConnectConfig = _require5.validateConnectConfig;
configs.Promise = __webpack_require__(29);
configs.Promise = __webpack_require__(30);
var chooseHost = ifElse(equals('live'), always('https://api-cadu.stone.com.br'), always('https://api-sandbox-cadu.stone.com.br'));
configs.maxMiddlewareStackExecutionAllowed = 2;
var chooseHost = ifElse(equals('live'), always('https://api-cadu.stone.com.br'), always('https://api-staging-cadu.stone.com.br'));
var chooseHostKycProxy = ifElse(equals('live'), always('https://kyc-proxy.risco.pagar.me'), always('https://kyc-proxy.stg.risco.pagar.me'));

@@ -95,16 +99,21 @@

validateConfig(config);
validateConnectConfig(config);
var environment = config.environment,
secret = config.secret,
clientApplicationKey = config.clientApplicationKey,
userIdentifier = config.userIdentifier;
privateKey = config.privateKey,
clientId = config.clientId,
userAgent = config.userAgent;
var library = mappersmith({
middlewares: [encodeJson, headerAuth({
secret: secret,
clientApplicationKey: clientApplicationKey,
userIdentifier: userIdentifier
})],
var getJwtToken = buildGetJwtToken({
environment: environment,
privateKey: privateKey,
clientId: clientId,
userAgent: userAgent
});
var AuthorizationTokenHeader = headerAuthPandaMiddleware(getJwtToken);
var library = forge({
middlewares: [AuthorizationTokenHeader, encodeJson],
host: chooseHost(environment),

@@ -134,13 +143,18 @@ resources: {

var environment = config.environment,
secret = config.secret,
clientApplicationKey = config.clientApplicationKey,
userIdentifier = config.userIdentifier;
privateKey = config.privateKey,
clientId = config.clientId,
userAgent = config.userAgent;
var library = mappersmith({
middlewares: [encodeJson, headerAuth({
secret: secret,
clientApplicationKey: clientApplicationKey,
userIdentifier: userIdentifier
})],
var getJwtToken = buildGetJwtToken({
environment: environment,
privateKey: privateKey,
clientId: clientId,
userAgent: userAgent
});
var AuthorizationTokenHeader = headerAuthPandaMiddleware(getJwtToken);
var library = forge({
middlewares: [AuthorizationTokenHeader, encodeJson],
host: chooseHostKycProxy(environment),

@@ -165,3 +179,3 @@ resources: {

module.exports = require("mappersmith");
module.exports = require("mappersmith/middlewares/encode-json");

@@ -172,3 +186,36 @@ /***/ },

module.exports = require("mappersmith/middlewares/encode-json");
"use strict";
var handleAuthorizationToken = function handleAuthorizationToken(getJwtToken) {
return getJwtToken().then(function (jwtToken) {
return jwtToken;
});
};
var headerAuthPandaMiddleware = function headerAuthPandaMiddleware(getJwtToken) {
return function () {
return {
request: function request(_request) {
return Promise.resolve(handleAuthorizationToken(getJwtToken)).then(function (token) {
var headers = {
Authorization: "Bearer " + token.value
};
return _request.enhance({ headers: headers });
});
},
response: function response(next, renew) {
return next().catch(function (response) {
if (response.status() === 401) {
return renew();
}
return next();
});
}
};
};
};
module.exports = headerAuthPandaMiddleware;

@@ -181,64 +228,88 @@ /***/ },

var hmacSha256 = __webpack_require__(4);
var encodeBase64 = __webpack_require__(5);
var encodeHex = __webpack_require__(6);
var encodeUTF8 = __webpack_require__(7);
var moment = __webpack_require__(8);
var jwt = __webpack_require__(4);
var moment = __webpack_require__(5);
var _require = __webpack_require__(9),
join = _require.join,
replace = _require.replace,
toLower = _require.toLower,
toUpper = _require.toUpper;
var _require = __webpack_require__(6),
uuidv4 = _require.v4;
var createAuthorization = function createAuthorization(request, config) {
var secret = config.secret,
clientApplicationKey = config.clientApplicationKey,
userIdentifier = config.userIdentifier;
var axios = __webpack_require__(7);
var url = __webpack_require__(8);
var _require2 = __webpack_require__(9),
always = _require2.always,
equals = _require2.equals,
ifElse = _require2.ifElse;
var schema = 'CADU';
var timestamp = moment().utc().unix();
var method = request.method();
var cleanUrl = replace(/\?.+/g, '', request.url());
var buildGetJwtToken = function buildGetJwtToken(_ref) {
var environment = _ref.environment,
privateKey = _ref.privateKey,
clientId = _ref.clientId,
userAgent = _ref.userAgent;
var token = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
var macValues = [toLower(schema), clientApplicationKey, toUpper(method), cleanUrl, timestamp];
var jwtToken = token;
var macString = join('.', macValues);
var chooseAudValueEndpoint = ifElse(equals('live'), always('https://accounts.openbank.stone.com.br/auth/realms/stone_bank'), always('https://sandbox-accounts.openbank.stone.com.br/auth/realms/stone_bank'));
var macSHA256 = hmacSha256(macString, secret);
var macHex = toUpper(macSHA256.toString(encodeHex));
var macUTF8 = encodeUTF8.parse(macHex);
var macBase64 = encodeBase64.stringify(macUTF8);
var chooseRequestTokenEndpoint = ifElse(equals('live'), always('https://accounts.openbank.stone.com.br/auth/realms/stone_bank/protocol/openid-connect/token'), always('https://sandbox-accounts.openbank.stone.com.br/auth/realms/stone_bank/protocol/openid-connect/token'));
var id = 'id="' + clientApplicationKey + '",';
var ts = 'ts="' + timestamp + '",';
var mac = 'mac="' + macBase64 + '"';
var getToken = function getToken() {
var isTokenValid = jwtToken && jwtToken.value && jwtToken.expirationDate && jwtToken.expirationDate >= moment().unix();
var authorizationValues = [schema, id, ts, mac];
if (isTokenValid) {
return Promise.resolve(jwtToken);
}
var Authorization = join(' ', authorizationValues);
var now = moment().unix();
var expirationDate = now + 15 * 60;
var header = { Authorization: Authorization };
var payload = {
exp: expirationDate,
nbf: now,
aud: chooseAudValueEndpoint(environment),
realm: 'stone_bank',
sub: clientId,
clientId: clientId,
jti: uuidv4(),
iat: now,
iss: clientId
};
if (method !== 'get') {
header['User-Identifier'] = userIdentifier;
}
try {
var internalToken = jwt.sign(payload, privateKey, { algorithm: 'RS256' });
return header;
};
var tokenPayload = {
client_id: clientId,
grant_type: 'client_credentials',
client_assertion: internalToken,
client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'
};
var HeaderAuth = function HeaderAuth(authConfig) {
return function () {
return {
request: function request(_request) {
return _request.enhance({
headers: createAuthorization(_request, authConfig)
});
}
};
var endpoint = chooseRequestTokenEndpoint(environment);
var params = new url.URLSearchParams(tokenPayload);
return axios.post(endpoint, params, {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'User-Agent': userAgent
}
}).then(function (response) {
jwtToken = {
value: response.data.access_token,
expirationDate: expirationDate
};
return jwtToken;
}).catch(function (errorResponse) {
throw new Error('Unsuccessful request - ' + errorResponse);
});
} catch (error) {
throw new Error('Could not generate new token - ' + error);
}
};
return getToken;
};
module.exports = HeaderAuth;
module.exports = buildGetJwtToken;

@@ -249,3 +320,3 @@ /***/ },

module.exports = require("crypto-js/hmac-sha256");
module.exports = require("jsonwebtoken");

@@ -256,3 +327,3 @@ /***/ },

module.exports = require("crypto-js/enc-base64");
module.exports = require("moment");

@@ -263,3 +334,3 @@ /***/ },

module.exports = require("crypto-js/enc-hex");
module.exports = require("uuid");

@@ -270,3 +341,3 @@ /***/ },

module.exports = require("crypto-js/enc-utf8");
module.exports = require("axios");

@@ -277,3 +348,3 @@ /***/ },

module.exports = require("moment");
module.exports = require("url");

@@ -288,2 +359,8 @@ /***/ },

/* 10 */
/***/ function(module, exports) {
module.exports = require("mappersmith");
/***/ },
/* 11 */
/***/ function(module, exports, __webpack_require__) {

@@ -293,13 +370,13 @@

var memberRoutes = __webpack_require__(11);
var contactRoutes = __webpack_require__(12);
var bankAccountRoutes = __webpack_require__(13);
var emailRoutes = __webpack_require__(14);
var addressRoutes = __webpack_require__(15);
var partnerRoutes = __webpack_require__(16);
var phoneRoutes = __webpack_require__(17);
var countryRoutes = __webpack_require__(18);
var economicActivitiesRoutes = __webpack_require__(19);
var analysisRoutes = __webpack_require__(20);
var kycProxyAnalysisRoutes = __webpack_require__(21);
var memberRoutes = __webpack_require__(12);
var contactRoutes = __webpack_require__(13);
var bankAccountRoutes = __webpack_require__(14);
var emailRoutes = __webpack_require__(15);
var addressRoutes = __webpack_require__(16);
var partnerRoutes = __webpack_require__(17);
var phoneRoutes = __webpack_require__(18);
var countryRoutes = __webpack_require__(19);
var economicActivitiesRoutes = __webpack_require__(20);
var analysisRoutes = __webpack_require__(21);
var kycProxyAnalysisRoutes = __webpack_require__(22);

@@ -321,3 +398,3 @@ module.exports = {

/***/ },
/* 11 */
/* 12 */
/***/ function(module, exports) {

@@ -352,3 +429,3 @@

/***/ },
/* 12 */
/* 13 */
/***/ function(module, exports) {

@@ -388,3 +465,3 @@

/***/ },
/* 13 */
/* 14 */
/***/ function(module, exports) {

@@ -424,3 +501,3 @@

/***/ },
/* 14 */
/* 15 */
/***/ function(module, exports) {

@@ -459,3 +536,3 @@

/***/ },
/* 15 */
/* 16 */
/***/ function(module, exports) {

@@ -495,3 +572,3 @@

/***/ },
/* 16 */
/* 17 */
/***/ function(module, exports) {

@@ -531,3 +608,3 @@

/***/ },
/* 17 */
/* 18 */
/***/ function(module, exports) {

@@ -567,3 +644,3 @@

/***/ },
/* 18 */
/* 19 */
/***/ function(module, exports) {

@@ -608,3 +685,3 @@

/***/ },
/* 19 */
/* 20 */
/***/ function(module, exports) {

@@ -629,3 +706,3 @@

/***/ },
/* 20 */
/* 21 */
/***/ function(module, exports) {

@@ -635,3 +712,3 @@

var riskAPI = '/risk/v1/members';
var riskAPI = '/risk/v2/members/analyses';

@@ -641,3 +718,3 @@ module.exports = {

method: 'get',
path: riskAPI + '/{memberKey}/analyses'
path: '' + riskAPI
},

@@ -647,3 +724,3 @@

method: 'get',
path: riskAPI + '/{memberKey}/analyses/{analysisKey}'
path: riskAPI + '/{analysisKey}'
},

@@ -653,3 +730,3 @@

method: 'post',
path: riskAPI + '/{memberKey}/analyses'
path: '' + riskAPI
}

@@ -659,3 +736,3 @@ };

/***/ },
/* 21 */
/* 22 */
/***/ function(module, exports) {

@@ -665,3 +742,3 @@

var riskAPI = '/risk/v1/members';
var riskAPI = '/risk/v2/members/analyses';

@@ -671,3 +748,3 @@ module.exports = {

method: 'get',
path: riskAPI + '/{memberKey}/analyses/{analysisKey}'
path: riskAPI + '/{analysisKey}'
},

@@ -677,3 +754,3 @@

method: 'post',
path: riskAPI + '/{memberKey}/analyses'
path: '' + riskAPI
}

@@ -683,3 +760,3 @@ };

/***/ },
/* 22 */
/* 23 */
/***/ function(module, exports, __webpack_require__) {

@@ -689,6 +766,6 @@

var pagarmeRecipientAdapter = __webpack_require__(23);
var pagarmeBankAccountAdapter = __webpack_require__(24);
var pagarmeAddressAdapter = __webpack_require__(25);
var pagarmeRiskAnalysisAdapter = __webpack_require__(26);
var pagarmeRecipientAdapter = __webpack_require__(24);
var pagarmeBankAccountAdapter = __webpack_require__(25);
var pagarmeAddressAdapter = __webpack_require__(26);
var pagarmeRiskAnalysisAdapter = __webpack_require__(27);

@@ -705,3 +782,3 @@ module.exports = {

/***/ },
/* 23 */
/* 24 */
/***/ function(module, exports, __webpack_require__) {

@@ -711,5 +788,5 @@

var moment = __webpack_require__(8);
var bankAccountAdapter = __webpack_require__(24);
var addressAdapter = __webpack_require__(25);
var moment = __webpack_require__(5);
var bankAccountAdapter = __webpack_require__(25);
var addressAdapter = __webpack_require__(26);

@@ -826,3 +903,3 @@ var _require = __webpack_require__(9),

/***/ },
/* 24 */
/* 25 */
/***/ function(module, exports, __webpack_require__) {

@@ -855,3 +932,3 @@

/***/ },
/* 25 */
/* 26 */
/***/ function(module, exports, __webpack_require__) {

@@ -902,3 +979,3 @@

/***/ },
/* 26 */
/* 27 */
/***/ function(module, exports, __webpack_require__) {

@@ -908,3 +985,3 @@

var recipientAdapter = __webpack_require__(23);
var recipientAdapter = __webpack_require__(24);

@@ -952,3 +1029,3 @@ var _require = __webpack_require__(9),

/***/ },
/* 27 */
/* 28 */
/***/ function(module, exports, __webpack_require__) {

@@ -962,3 +1039,3 @@

var Joi = __webpack_require__(28);
var Joi = __webpack_require__(29);

@@ -972,2 +1049,9 @@ var configSchema = Joi.object().keys({

var connectConfigSchema = Joi.object().keys({
environment: Joi.string().required().valid(['live', 'sandbox', 'test']),
privateKey: Joi.object().required(),
clientId: Joi.string().required(),
userAgent: Joi.string().required()
}).required();
var validateConfig = function validateConfig(config) {

@@ -981,8 +1065,17 @@ var result = Joi.validate(config, configSchema);

var validateConnectConfig = function validateConnectConfig(config) {
var result = Joi.validate(config, connectConfigSchema);
if (!isNil(result.error)) {
throw new Error(pluck('message', result.error.details));
}
};
module.exports = {
validateConfig: validateConfig
validateConfig: validateConfig,
validateConnectConfig: validateConnectConfig
};
/***/ },
/* 28 */
/* 29 */
/***/ function(module, exports) {

@@ -993,3 +1086,3 @@

/***/ },
/* 29 */
/* 30 */
/***/ function(module, exports) {

@@ -996,0 +1089,0 @@

9

package.json
{
"name": "cadu",
"version": "2.0.9",
"version": "3.0.0",
"description": "A JavaScript library to interface with CADU",

@@ -24,8 +24,11 @@ "main": "src/client.js",

"dependencies": {
"axios": "^0.21.4",
"bluebird": "3.5.1",
"crypto-js": "3.1.8",
"joi": "12.0.0",
"mappersmith": "2.9.1",
"jsonwebtoken": "^8.5.1",
"mappersmith": "^2.34.0",
"moment": "2.19.3",
"ramda": "0.25.0"
"ramda": "0.25.0",
"uuid": "^3.1.0"
},

@@ -32,0 +35,0 @@ "devDependencies": {

59

src/client.js

@@ -1,4 +0,6 @@

const { default: mappersmith, configs } = require('mappersmith')
const { default: encodeJson } = require('mappersmith/middlewares/encode-json')
const headerAuth = require('./middlewares/header-auth')
const headerAuthPandaMiddleware = require('./middlewares/header-auth-panda')
const buildGetJwtToken = require('./middlewares/utils/build-get-jwt')
const forge = require('mappersmith').default
const { configs } = require('mappersmith')

@@ -30,2 +32,3 @@ const {

validateConfig,
validateConnectConfig,
} = require('./validations/client')

@@ -35,6 +38,8 @@

configs.maxMiddlewareStackExecutionAllowed = 2
const chooseHost = ifElse(
equals('live'),
always('https://api-cadu.stone.com.br'),
always('https://api-sandbox-cadu.stone.com.br')
always('https://api-staging-cadu.stone.com.br')
)

@@ -49,19 +54,24 @@

const connect = (config = {}) => {
validateConfig(config)
validateConnectConfig(config)
const {
environment,
secret,
clientApplicationKey,
userIdentifier,
privateKey,
clientId,
userAgent,
} = config
const library = mappersmith({
const getJwtToken = buildGetJwtToken({
environment,
privateKey,
clientId,
userAgent,
})
const AuthorizationTokenHeader = headerAuthPandaMiddleware(getJwtToken)
const library = forge({
middlewares: [
AuthorizationTokenHeader,
encodeJson,
headerAuth({
secret,
clientApplicationKey,
userIdentifier,
}),
],

@@ -91,15 +101,20 @@ host: chooseHost(environment),

environment,
secret,
clientApplicationKey,
userIdentifier,
privateKey,
clientId,
userAgent,
} = config
const library = mappersmith({
const getJwtToken = buildGetJwtToken({
environment,
privateKey,
clientId,
userAgent,
})
const AuthorizationTokenHeader = headerAuthPandaMiddleware(getJwtToken)
const library = forge({
middlewares: [
AuthorizationTokenHeader,
encodeJson,
headerAuth({
secret,
clientApplicationKey,
userIdentifier,
}),
],

@@ -106,0 +121,0 @@ host: chooseHostKycProxy(environment),

6

src/routes/kyc-proxy/analysis.js

@@ -1,2 +0,2 @@

const riskAPI = '/risk/v1/members'
const riskAPI = '/risk/v2/members/analyses'

@@ -6,3 +6,3 @@ module.exports = {

method: 'get',
path: `${riskAPI}/{memberKey}/analyses/{analysisKey}`,
path: `${riskAPI}/{analysisKey}`,
},

@@ -12,4 +12,4 @@

method: 'post',
path: `${riskAPI}/{memberKey}/analyses`,
path: `${riskAPI}`,
},
}

8

src/routes/risk/analysis.js

@@ -1,2 +0,2 @@

const riskAPI = '/risk/v1/members'
const riskAPI = '/risk/v2/members/analyses'

@@ -6,3 +6,3 @@ module.exports = {

method: 'get',
path: `${riskAPI}/{memberKey}/analyses`,
path: `${riskAPI}`,
},

@@ -12,3 +12,3 @@

method: 'get',
path: `${riskAPI}/{memberKey}/analyses/{analysisKey}`,
path: `${riskAPI}/{analysisKey}`,
},

@@ -18,4 +18,4 @@

method: 'post',
path: `${riskAPI}/{memberKey}/analyses`,
path: `${riskAPI}`,
},
}

16

src/validations/client.js

@@ -11,2 +11,9 @@ const { pluck, isNil } = require('ramda')

const connectConfigSchema = Joi.object().keys({
environment: Joi.string().required().valid(['live', 'sandbox', 'test']),
privateKey: Joi.object().required(),
clientId: Joi.string().required(),
userAgent: Joi.string().required(),
}).required()
const validateConfig = (config) => {

@@ -20,4 +27,13 @@ const result = Joi.validate(config, configSchema)

const validateConnectConfig = (config) => {
const result = Joi.validate(config, connectConfigSchema)
if (!isNil(result.error)) {
throw new Error(pluck('message', result.error.details))
}
}
module.exports = {
validateConfig,
validateConnectConfig,
}
dist/cadu.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc