Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
gateway-mv-js
Advanced tools
Readme
This library provides a class with methods to generate transaction requests to the bank's endpoint and parse subsequent responses from the bank posted to the merchant's callback url.
Although this is a javascript library, it is meant to be used on the server-side, specifically in a node js environment. Please do NOT attempt to use this in a client-side application as it would expose the shared secret between you and the bank to the client.
npm install gateway-mv-js
The main class can be imported by simply requiring the package. The class can be instantiated by calling it with the new
operator. The constructor expects two arguments. The first argument is a string that represents the bank, which can be either 'BML' for the Bank of Maldives endpoint, or 'MIB' for the Maldives Islamic Bank endpoint. The second argument is a configuration object.
const Gateway = require('gateway-mv-js')
const config = {
// Required Fields
Host: 'bml.com.mv',
MerRespURL: 'https://thebackdoor.ca/response',
AcqID: '0123',
MerID: '3210',
MerPassword: 'some password',
// Optional Fields Set to Defaults
PurchaseCurrency: '462',
PurchaseCurrencyExponent: '2',
Version: '1.1', // for MIB the default is '1'
SignatureMethod: 'SHA1'
}
let gateway = new Gateway('BML', config)
A new transaction request can be generated by calling generateTransactionRequest
. It expects the first argument to be the value of the transaction in the currency that was set in the configuration step. The second argument is a unique transaction ID. The transaction ID should never be repeated, even for transactions that are being retried. The function returns an object containing the POST parameters that should be included in the POST request to the bank's endpoint
const transaction = gateway.generateTransactionRequest(150.99, 'XD09928')
The verification method, verifyResponseSignature
is called once the bank calls back with its response to a particular transaction request. The first argument is the relevant transaction id. The second argument is an object containing POST parameters sent back by the bank to the callback url. The function returns a boolean; true if the signature sent by the bank checks out, false if not.
const verified = gateway.verifyResponseSignature('XD09928', response)
FAQs
javascript api to generate transaction requests for the Bank of Maldives and Maldives Islamic Bank online payment gateway endpoints
The npm package gateway-mv-js receives a total of 1 weekly downloads. As such, gateway-mv-js popularity was classified as not popular.
We found that gateway-mv-js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.