fintecture-client - npm Package Compare versions

Comparing version 1.0.26 to 2.0.0

CODE_OF_CONDUCT.md

@@ -0,0 +0,0 @@ # Contributor Covenant Code of Conduct

fintecture-client.ts

@@ -6,3 +6,3 @@ import { AIS } from './src/Ais';
 
-import { Constants } from './src/utils/Constants';
+import { Constants, environment } from './src/utils/Constants';
 import { Connect } from './src/Connect';
@@ -109,3 +109,3 @@ import { PIS } from './src/Pis';
 
-    public getAisConnect(accessToken: string, connectConfig: any): IAisConnect {
+    public async getAisConnect(accessToken: string, connectConfig: any): Promise<IAisConnect> {
         return this.connect.getAisConnect(accessToken, connectConfig);
@@ -143,4 +143,4 @@ }
 
-        if (config.env && !['sandbox', 'production'].includes(config.env)) {
-            throw Error('environment is badly configured.');
+        if (config.env && !Object.keys(environment).includes(config.env)) {
+            throw Error(`environment is badly configured. Environments are ${Object.keys(environment).join(", ")}.`);
         }
@@ -147,0 +147,0 @@

lib/fintecture-client.d.ts

@@ -37,5 +37,5 @@ import { IPisConnect, IAisConnect } from './src/interfaces/connect/ConnectInterface';
     getPisConnect(accessToken: string, connectConfig: any): Promise<IPisConnect>;
-    getAisConnect(accessToken: string, connectConfig: any): IAisConnect;
+    getAisConnect(accessToken: string, connectConfig: any): Promise<IAisConnect>;
     deleteCustomer(accessToken: string, customerId: string): Promise<object>;
     private _validateConfigIntegrity;
 }

lib/fintecture-client.js

@@ -123,3 +123,5 @@ "use strict";
     getAisConnect(accessToken, connectConfig) {
-        return this.connect.getAisConnect(accessToken, connectConfig);
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.connect.getAisConnect(accessToken, connectConfig);
+        });
     }
@@ -148,4 +150,4 @@ deleteCustomer(accessToken, customerId) {
         }
-        if (config.env && !['sandbox', 'production'].includes(config.env)) {
-            throw Error('environment is badly configured.');
+        if (config.env && !Object.keys(Constants_1.environment).includes(config.env)) {
+            throw Error(`environment is badly configured. Environments are ${Object.keys(Constants_1.environment).join(", ")}.`);
         }
@@ -152,0 +154,0 @@ if (!config.env) {

lib/package.json

 {
     "name": "fintecture-client",
-    "version": "1.0.26",
+    "version": "2.0.0",
     "description": "Fintecture Open Banking API Gateway enabling secure bank connections and payments",
@@ -5,0 +5,0 @@ "main": "lib/fintecture-client.js",

lib/spec/connect.spec.js

@@ -13,3 +13,2 @@ "use strict";
 const fintecture_client_1 = require("../fintecture-client");
-const BaseUrls_1 = require("./../src/utils/URLBuilders/BaseUrls");
 const config_1 = require("./constants/config");
@@ -42,9 +41,6 @@ const connectPisConfigMin = {
     it('#PIS getPisConnect', (done) => __awaiter(void 0, void 0, void 0, function* () {
-        const mockConnectUrl = BaseUrls_1.BaseUrls.FINTECTURECONNECTURL_SBX + '/pis?config=';
         const tokens = yield client.getAccessToken();
         const connectMin = yield client.getPisConnect(tokens.access_token, connectPisConfigMin);
-        expect(connectMin.url).toContain(mockConnectUrl);
         expect(!!connectMin.session_id).toBe(true);
         const connectFull = yield client.getPisConnect(tokens.access_token, connectPisConfigFull);
-        expect(connectFull.url).toContain(mockConnectUrl);
         expect(!!connectFull.session_id).toBe(true);
@@ -54,7 +50,7 @@ expect(connectFull.url.length).toBeGreaterThan(connectMin.url.length);
     }));
-    it('#AIS getAisConnectUrl', (done) => {
-        const connect = client.getAisConnect(null, connectAisMin);
+    it('#AIS getAisConnectUrl', (done) => __awaiter(void 0, void 0, void 0, function* () {
+        const connect = yield client.getAisConnect(null, connectAisMin);
         expect(!!connect.url).toBe(true);
         done();
-    });
+    }));
     it('#PIS getConnectUrl Error no amount', (done) => __awaiter(void 0, void 0, void 0, function* () {
@@ -61,0 +57,0 @@ let errorMessage = 'No error thrown.';

lib/src/Connect.d.ts

@@ -6,6 +6,5 @@ import { IPisSetup } from './interfaces/connect/ConnectInterface';
     pis: PIS;
-    axios: any;
+    axiosInstance: any;
     config: IFintectureConfig;
     connectConfig: IPisSetup;
-    private signatureType;
     constructor(config: IFintectureConfig);
@@ -18,5 +17,5 @@ /**
      */
-    getAisConnect(accessToken: string, connectConfig: any): {
-        url: string;
-    };
+    getAisConnect(accessToken: string, connectConfig: any): Promise<{
+        url: any;
+    }>;
     /**
@@ -29,10 +28,8 @@ * Generates a connect URL based on the PIS parameters
     getPisConnect(accessToken: string, connectConfig: any): Promise<{
-        url: string;
         session_id: any;
+        url: any;
     }>;
     private _validatePisConnectConfigIntegrity;
-    private _buildHeaders;
     private _buildPaymentPayload;
-    private _buildSessionPayload;
     private _validateConfigIntegrity;
 }

lib/src/Connect.js

@@ -11,2 +11,5 @@ "use strict";
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 var __importStar = (this && this.__importStar) || function (mod) {
@@ -20,5 +23,4 @@ if (mod && mod.__esModule) return mod;
 Object.defineProperty(exports, "__esModule", { value: true });
-const UtilsCrypto = __importStar(require("./utils/Crypto.js"));
-const BaseUrls_1 = require("./utils/URLBuilders/BaseUrls");
-const connectService = __importStar(require("./services/ConnectService"));
+const qs_1 = __importDefault(require("qs"));
+const Endpoints_1 = require("./utils/URLBuilders/Endpoints");
 const Constants_js_1 = require("./utils/Constants.js");
@@ -30,5 +32,4 @@ const Pis_1 = require("./Pis");
         this.pis = new Pis_1.PIS(config);
-        this.axios = connectService;
+        this.axiosInstance = apiService.getInstance(config.env);
         this.config = config;
-        this.signatureType = 'rsa-sha256';
     }
@@ -42,29 +43,22 @@ /**
     getAisConnect(accessToken, connectConfig) {
-        this.config = this._validateConfigIntegrity(this.config);
-        const headers = this._buildHeaders(accessToken, 'get', null, this.config.private_key, this.signatureType);
-        const config = {
-            app_id: this.config.app_id,
-            signature_type: this.signatureType,
-            signature: headers['Signature'],
-            redirect_uri: connectConfig.redirect_uri,
-            origin_uri: connectConfig.origin_uri,
-            state: connectConfig.state,
-            psu_type: connectConfig.psu_type,
-            country: connectConfig.country,
-            date: headers['Date'],
-            request_id: headers['X-Request-ID'],
-            provider: connectConfig.provider
-        };
-        if (accessToken) {
-            config.access_token = accessToken;
-        }
-        const psuType = connectConfig.psu_type ? connectConfig.psu_type : 'retail';
-        const country = connectConfig.country ? connectConfig.country : 'fr';
-        const url = `${this.config.env === Constants_js_1.Constants.SANDBOXENVIRONMENT
-            ? BaseUrls_1.BaseUrls.FINTECTURECONNECTURL_SBX
-            : BaseUrls_1.BaseUrls.FINTECTURECONNECTURL_PRD}/ais/${psuType}/${country}`;
-        const connect = {
-            url: `${url}?config=${Buffer.from(JSON.stringify(config)).toString('base64')}`,
-        };
-        return connect;
+        return __awaiter(this, void 0, void 0, function* () {
+            this.config = this._validateConfigIntegrity(this.config);
+            const queryParameters = qs_1.default.stringify({
+                redirect_uri: connectConfig.redirect_uri,
+                state: connectConfig.state
+            });
+            const url = `${Endpoints_1.Endpoints.AISCONNECT}?${queryParameters}`;
+            // Extend the headers with Connect specific headers if they are defined
+            const extraHeaders = {
+                'x-provider': connectConfig.provider,
+                'x-psu-type': connectConfig.psu_type,
+                'x-country': connectConfig.country,
+                'x-language': connectConfig.language,
+            };
+            const headers = apiService.getHeaders('get', url, null, this.config, null, extraHeaders);
+            const { data } = yield this.axiosInstance.get(url, { headers });
+            return {
+                url: data.meta.url
+            };
+        });
     }
@@ -82,28 +76,21 @@ /**
             const paymentPayload = this._buildPaymentPayload(connectConfig);
-            const prepare = yield this.pis.prepare(accessToken, paymentPayload);
-            const sessionPayload = this._buildSessionPayload(prepare);
-            const headers = this._buildHeaders(accessToken, 'post', sessionPayload, this.config.private_key, this.signatureType);
-            const config = {
-                app_id: this.config.app_id,
-                access_token: accessToken,
-                signature_type: this.signatureType,
-                signature: headers['Signature'],
+            const queryParameters = qs_1.default.stringify({
+                origin_uri: connectConfig.origin_uri,
                 redirect_uri: connectConfig.redirect_uri,
-                origin_uri: connectConfig.origin_uri,
-                state: connectConfig.state,
-                payload: sessionPayload,
-                psu_type: connectConfig.psu_type,
-                country: connectConfig.country,
-                date: headers['Date'],
-                request_id: headers['X-Request-ID'],
-                provider: connectConfig.provider
+                state: connectConfig.state
+            });
+            const url = `${Endpoints_1.Endpoints.PISCONNECT}?${queryParameters}`;
+            // Extend the headers with Connect specific headers if they are defined
+            const extraHeaders = {
+                'x-provider': connectConfig.provider,
+                'x-psu-type': connectConfig.psu_type,
+                'x-country': connectConfig.country,
+                'x-language': connectConfig.language,
             };
-            const url = `${this.config.env === Constants_js_1.Constants.SANDBOXENVIRONMENT
-                ? BaseUrls_1.BaseUrls.FINTECTURECONNECTURL_SBX
-                : BaseUrls_1.BaseUrls.FINTECTURECONNECTURL_PRD}/pis`;
-            const connect = {
-                url: `${url}?config=${Buffer.from(JSON.stringify(config)).toString('base64')}`,
-                session_id: prepare.meta.session_id
+            const headers = apiService.getHeaders('post', url, accessToken, this.config, paymentPayload, extraHeaders);
+            const { data } = yield this.axiosInstance.post(url, paymentPayload, { headers });
+            return {
+                session_id: data.meta.session_id,
+                url: data.meta.url,
             };
-            return connect;
         });
@@ -135,8 +122,2 @@ }
     }
-    _buildHeaders(accessToken, method, payload, privateKey, algorithm) {
-        const headers = apiService.getHeaders(method, '', accessToken, this.config, payload);
-        const signingString = UtilsCrypto.buildSigningString(headers, Constants_js_1.Constants.CONNECTHEADERPARAMETERLIST);
-        headers["Signature"] = UtilsCrypto.signPayload(signingString, this.config.private_key);
-        return headers;
-    }
     _buildPaymentPayload(payment) {
@@ -170,22 +151,2 @@ const attributes = {
     }
-    _buildSessionPayload(payment) {
-        const payload = {
-            meta: {
-                session_id: payment.meta.session_id,
-            },
-            data: {
-                attributes: {
-                    amount: payment.data.attributes.amount,
-                    currency: payment.data.attributes.currency
-                }
-            }
-        };
-        if (payment.data.attributes.beneficiary) {
-            payload.data.attributes.beneficiary = { name: payment.data.attributes.beneficiary.name };
-        }
-        if (payment.data.attributes.execution_date) {
-            payload.data.attributes.execution_date = payment.data.attributes.execution_date;
-        }
-        return payload;
-    }
     _validateConfigIntegrity(config) {
@@ -192,0 +153,0 @@ if (!config.private_key) {

lib/src/interfaces/ConfigInterface.d.ts

@@ -6,2 +6,3 @@ /**
  */
+import { environment } from "../utils/Constants";
 export interface IFintectureConfig {
@@ -11,3 +12,3 @@ app_id: string;
     private_key: string;
-    env?: string;
+    env?: environment;
 }

lib/src/Pis.d.ts

@@ -50,5 +50,6 @@ import { IFintectureConfig } from './interfaces/ConfigInterface';
      * @param {string} sessionId
+     * @param {number} amount (optional)
      * @returns {Promise<object>}
      */
-    initiateRefund(accessToken: string, sessionId: string): Promise<object>;
+    initiateRefund(accessToken: string, sessionId: string, amount?: number): Promise<object>;
     /**
@@ -55,0 +56,0 @@ * This endpoint returns the details of all transfers or of a specific transfer

lib/src/Pis.js

@@ -96,8 +96,16 @@ "use strict";
      * @param {string} sessionId
+     * @param {number} amount (optional)
      * @returns {Promise<object>}
      */
-    initiateRefund(accessToken, sessionId) {
+    initiateRefund(accessToken, sessionId, amount) {
         return __awaiter(this, void 0, void 0, function* () {
             const url = `${Endpoints_1.Endpoints.PIS}/refund`;
             const payload = this._buildSessionPayload(sessionId);
+            if (amount) {
+                payload.data = {
+                    attributes: {
+                        amount
+                    }
+                };
+            }
             const headers = apiService.getHeaders('post', url, accessToken, this.config, payload);
@@ -104,0 +112,0 @@ const response = yield this.axiosInstance.post(url, payload, { headers });

lib/src/services/ApiService.js

@@ -53,4 +53,10 @@ "use strict";
     delete headers['(request-target)'];
+    // Extend with extra headers in case they are not undefined. `undefined` as value of a header
+    // is not allowed by Node.js
     if (extraHeaders) {
-        Object.assign(headers, extraHeaders);
+        Object.entries(extraHeaders).forEach(([headerName, headerValue]) => {
+            if (headerValue !== undefined) {
+                headers[headerName] = headerValue;
+            }
+        });
     }
@@ -57,0 +63,0 @@ return headers;

lib/src/utils/Constants.d.ts

 /**
+ * @enum environment
+ */
+export declare enum environment {
+    sandbox = "sandbox",
+    production = "production"
+}
+/**
  * Project wide constants
@@ -3,0 +10,0 @@ *

lib/src/utils/Constants.js

@@ -12,2 +12,10 @@ "use strict";
 /**
+ * @enum environment
+ */
+var environment;
+(function (environment) {
+    environment["sandbox"] = "sandbox";
+    environment["production"] = "production";
+})(environment = exports.environment || (exports.environment = {}));
+/**
  * Project wide constants
@@ -21,5 +29,5 @@ *
 Constants.FINTECTURESDKVERSION = pjson.version;
-Constants.DEFAULTENVIRONMENT = 'sandbox';
-Constants.SANDBOXENVIRONMENT = 'sandbox';
-Constants.PRODUCTIONENVIRONMENT = 'production';
+Constants.DEFAULTENVIRONMENT = environment.sandbox;
+Constants.SANDBOXENVIRONMENT = environment.sandbox;
+Constants.PRODUCTIONENVIRONMENT = environment.production;
 Constants.DECOUPLEDMODEL = 'decoupled';
@@ -26,0 +34,0 @@ Constants.SIGNEDHEADERPARAMETERLIST = ['(request-target)', 'Date', 'Digest', 'X-Request-ID'];

lib/src/utils/URLBuilders/BaseUrls.d.ts

@@ -9,6 +9,4 @@ /**
     static readonly FINTECTUREAPIURL_SBX: string;
-    static readonly FINTECTURECONNECTURL_SBX: string;
     static readonly FINTECTUREOAUTHURL_PRD: string;
     static readonly FINTECTUREAPIURL_PRD: string;
-    static readonly FINTECTURECONNECTURL_PRD: string;
 }

lib/src/utils/URLBuilders/BaseUrls.js

@@ -23,6 +23,4 @@ "use strict";
 BaseUrls.FINTECTUREAPIURL_SBX = process.env.FINTECTUREAPIURL_DEV || 'https://api-sandbox.fintecture.com';
-BaseUrls.FINTECTURECONNECTURL_SBX = process.env.FINTECTURECONNECTURL_DEV || 'https://connect-sandbox.fintecture.com';
 BaseUrls.FINTECTUREOAUTHURL_PRD = process.env.FINTECTUREOAUTHURL_DEV || 'https://oauth.fintecture.com';
 BaseUrls.FINTECTUREAPIURL_PRD = process.env.FINTECTUREAPIURL_DEV || 'https://api.fintecture.com';
-BaseUrls.FINTECTURECONNECTURL_PRD = process.env.FINTECTURECONNECTURL_DEV || 'https://connect.fintecture.com';
 //# sourceMappingURL=BaseUrls.js.map

lib/src/utils/URLBuilders/Endpoints.d.ts

@@ -18,2 +18,4 @@ /**
     static readonly AISCUSTOMER: string;
+    static readonly AISCONNECT: string;
+    static readonly PISCONNECT: string;
 }

lib/src/utils/URLBuilders/Endpoints.js

@@ -22,2 +22,4 @@ "use strict";
 Endpoints.AISCUSTOMER = '/ais/v1/customer';
+Endpoints.AISCONNECT = '/ais/v2/connect';
+Endpoints.PISCONNECT = '/pis/v2/connect';
 //# sourceMappingURL=Endpoints.js.map

package.json

 {
   "name": "fintecture-client",
-  "version": "1.0.26",
+  "version": "2.0.0",
   "description": "Fintecture Open Banking API Gateway enabling secure bank connections and payments",
@@ -5,0 +5,0 @@ "main": "lib/fintecture-client.js",

README.md

@@ -147,3 +147,3 @@ # Fintecture
 
-let connect = client.getAisConnect(null, config)
+let connect = await client.getAisConnect(null, config)
 window.href.location = connect.url;
@@ -150,0 +150,0 @@ ```

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

7

decreased by-22.22%

Worsened metrics

Total package byte prevSize

171868

decreased by-1.44%

Lines of code

2486

decreased by-0.52%

No dependency changes