🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

node-nowpayments-api

Package Overview
Dependencies
Maintainers
1
Versions
10
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

node-nowpayments-api - npm Package Compare versions

Comparing version

0.2.4
to
0.2.5

21

dist/index.d.ts

@@ -1,3 +0,1 @@

type PaymentStatus = "waiting" | "confirming" | "confirmed" | "sending" | "partially_paid" | "finished" | "failed" | "refunded" | "expired";
interface WebhookBody {

@@ -23,10 +21,17 @@ payment_id: number;

type VerifyWebhookResult = {
isVerified: boolean;
error?: "NO_SIGNATURE" | "INVALID_SIGNATURE";
rawBody: unknown;
typedBody?: WebhookBody;
isVerified: true;
typedBody: WebhookBody;
} | {
isVerified: false;
error: "NO_SIGNATURE" | "INVALID_SIGNATURE";
};
declare const verifyWebhook: (rawBody: object, signature: string | string[] | undefined, ipnSecret: string) => VerifyWebhookResult;
type Result<T> = {
result?: T;
error?: unknown;
};
type PaymentStatus = "waiting" | "confirming" | "confirmed" | "sending" | "partially_paid" | "finished" | "failed" | "refunded" | "expired";
export { verifyWebhook };
declare const verifyWebhook: (rawBody: any, signature: string | string[] | undefined, ipnSecret: string) => VerifyWebhookResult;
export { PaymentStatus, Result, VerifyWebhookResult, WebhookBody, verifyWebhook };

9

dist/index.js

@@ -41,11 +41,10 @@ "use strict";

if (!signature) {
return { isVerified: false, rawBody, error: "NO_SIGNATURE" };
return { isVerified: false, error: "NO_SIGNATURE" };
}
const coinBaseSignature = import_crypto.default.createHmac("sha256", ipnSecret).update(JSON.stringify(rawBody, Object.keys(rawBody).sort())).digest("hex");
if (signature !== coinBaseSignature) {
return { isVerified: false, rawBody, error: "INVALID_SIGNATURE" };
const npSignature = import_crypto.default.createHmac("sha512", ipnSecret).update(JSON.stringify(rawBody, Object.keys(rawBody).sort())).digest("hex");
if (signature !== npSignature) {
return { isVerified: false, error: "INVALID_SIGNATURE" };
}
return {
isVerified: true,
rawBody,
typedBody: rawBody

@@ -52,0 +51,0 @@ };

2

package.json
{
"name": "node-nowpayments-api",
"version": "0.2.4",
"version": "0.2.5",
"description": "Node NowPayments API client",

@@ -5,0 +5,0 @@ "main": "dist/index.js",

1

src/index.ts
export * from "./";
export * from "./client";
export * from "./types";
export * from "./webhook";

15

src/types/webhook.ts

@@ -23,7 +23,10 @@ import { PaymentStatus } from "./";

export type VerifyWebhookResult = {
isVerified: boolean;
error?: "NO_SIGNATURE" | "INVALID_SIGNATURE";
rawBody: unknown;
typedBody?: WebhookBody;
};
export type VerifyWebhookResult =
| {
isVerified: true;
typedBody: WebhookBody;
}
| {
isVerified: false;
error: "NO_SIGNATURE" | "INVALID_SIGNATURE";
};

5

src/webhook.ts

@@ -10,3 +10,3 @@ import crypto from "crypto";

if (!signature) {
return { isVerified: false, rawBody: rawBody, error: "NO_SIGNATURE" };
return { isVerified: false, error: "NO_SIGNATURE" };
}

@@ -18,9 +18,8 @@ const npSignature = crypto

if (signature !== npSignature) {
return { isVerified: false, rawBody: rawBody, error: "INVALID_SIGNATURE" };
return { isVerified: false, error: "INVALID_SIGNATURE" };
}
return {
isVerified: true,
rawBody: rawBody,
typedBody: rawBody as WebhookBody,
};
};
dist/index.mjs

Sorry, the diff of this file is not supported yet