
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
A NodeJS wrapper for some of the RESTful methods documented at doc.revenuemonster.my
This is an Nodejs/Typescript SDK that maps some of the RESTful methods of Open API that are documented at doc.revenuemonster.my.
# using npm
npm i rm-api-sdk
# using yarn
yarn add rm-api-sdk
Import the RMSDK via require
var RMSDK = require('rm-api-sdk').RMSDK
Or ES5
var { RMSDK } = require('rm-api-sdk')
Or Import/Export convention
import { RMSDK } from 'rm-api-sdk'
Initialise a RMSDK instance by using
const SDK = RMSDK({
clientId: '5499912462549392892',
clientSecret: 'pwMapjZzHljBALIGHxfGGXmiGLxjWBKt',
privateKey: Buffer.from(fs.readFileSync('privateKey.pem')).toString(),
openApiVersion: 'v3' // default, optional
oauthApiVersion: 'v1' // default, optional
isProduction: false // default, optional
timeout: 2000, // default, optional
})
To get refresh token and access token(expired after 2 hours) with using provided clientId
and clientSecret
.
const result = await SDK.getClientCredentials();
To get new access token(expired after 2 hours) with using provided clientId and clientSecret (recommended to schedule to run this fucntion on every less than 2 hours) in order to avoid expired access token error.
const result = await SDK.refreshToken(refreshToken);
const result = await SDK.getMerchantProfile(accessToken);
const result = await SDK.getMerchantSubscriptions(accessToken)
const result = await SDK.getMerchantSubscriptions(accessToken)
const result = await SDK.getStoreById(accessToken)
const result = await SDK.createStore(accessToken, {
name: 'Revenue Monster',
addressLine1: 'B-5-30, 5th Floor, Block Bougainvillea,'
addressLine2: 'PJU 6A, Lebuhraya SPRINT, 10 Boulevard,' // optional
postCode: '47400',
city: 'Petaling Jaya',
state: 'Selangor',
country: 'Malaysia',
countryCode: '60',
phoneNumber: '377334080',
geoLocation: { // optional
Lat: 3.1349857,
Lng: 101.6136659
}
})
const result = await SDK.updateStore(accessToken, '1662168764176583360', {
name: 'Revenue Monster',
addressLine1: 'B-5-30, 5th Floor, Block Bougainvillea,'
addressLine2: 'PJU 6A, Lebuhraya SPRINT, 10 Boulevard,' // optional
postCode: '47400',
city: 'Petaling Jaya',
state: 'Selangor',
country: 'Malaysia',
countryCode: '60',
phoneNumber: '377334080',
geoLocation: { // optional
Lat: 3.1349857,
Lng: 101.6136659
}
})
const result = await SDK.deleteStore(accessToken, '1662168764176583360')
const result = await SDK.getUserProfile(accessToken)
Payment.createTransactionUrl(accessToken, transactionPayload)
const result = await SDK.Payment.createTransactionUrl(accessToken, {
amount: 100,
currencyType: 'MYR',
expiry: { type: 'PERMANENT' },
isPreFillAmount: true,
method: ['WECHATPAY'],
order: {
details: 'detail AAA',
title: 'title BBB',
},
redirectUrl: 'https://www.google.com',
storeId: '1981039839353524638',
type: 'DYNAMIC',
})
console.log(result)
Payment.getTransactionUrl(accessToken)
const result = await SDK.Payment.getTransactionUrl(accessToken)
Payment.getTransactionUrlByCode(accessToken, code)
const result = await SDK.Payment.getTransactionUrlByCode(accessToken, 'a669adc3b06fe5cef977cc762f40ce8c')
Payment.getTransactionsByCode(accessToken, code)
const result = await SDK.Payment.getTransactionsByCode(accessToken)
Payment.initQuickPay(accessToken, data)
const result = await SDK.Payment.initQuickPay(accessToken, {
authCode: '161108235812586242',
order: {
amount: 100,
currencyType: 'MYR',
id: '12344333233444',
title: 'title',
detail: 'description here',
additionalData: 'API testing',
},
ipAddress: '175.143.101.229',
storeId: '5237968049713769466'
});
Payment.refund(accessToken, data)
const result = await SDK.Payment.refund(accessToken, {
transactionId: '181203100634010427614646',
refund: {
type: 'FULL',
currencyType: 'MYR',
amount: 100,
},
reason: 'testing purpose',
});
Payment.reverse(accessToken, data)
const result = await SDK.Payment.reverse(accessToken, {
orderId: '12345678123'
});
Payment.getPaymentTransactions(accessToken)
const result = await SDK.Payment.getPaymentTransactions(accessToken);
Payment.getTransactionById(accessToken, Id)
const result = await SDK.Payment.getPaymentTransactionById(accessToken, '1805260552060011600267');
Payment.getTransactionByOrderId(accessToken, orderId)
const result = await SDK.Payment.getPaymentTransactionByOrderId(accessToken, '9809099398273542333339');
Payment.getDailySettlementReport(accessToken, data)
const result = await SDK.Payment.getDailySettlementReport(accessToken, {
date: "2019-01-06",
method: "WECHATPAY",
region: "MALAYSIA",
sequence: 1
});
const result = await SDK.giveLoyaltyPoint(accessToken, {
point: 100,
type: 'PHONENUMBER',
countryCode: '60',
phoneNumber: '176473298',
});
const result = await SDK.issueVoucher(
accessToken,
'EhQKCE1lcmNoYW50EJXVzd3wraqTORIYCgxWb3VjaGVyQmF0Y2gQkvnGweaB2uQg'
)
const result = await SDK.voidVoucher(accessToken, 'NAklEfbVdV')
const result = await SDK.getVoucherByCode(accessToken, 'NAklEfbVdV')
const result = await SDK.getVoucherBatches(accessToken)
const result = await SDK.getVoucherBatchByKey(
accessToken,
'EhQKCE1lcmNoYW50EJXVzd3wraqTORIYCgxWb3VjaGVyQmF0Y2gQxZP495jpsOla'
)
const result = await SDK.getWechatOauthUrl(
accessToken,
'user-defined-redirectUrl'
)
const result = await SDK.getWechatUserByCode(
accessToken,
'code-you-get-from-wechat-oauth-url'
)
FAQs
A NodeJS wrapper for some of the RESTful methods documented at doc.revenuemonster.my
The npm package rm-api-sdk receives a total of 62 weekly downloads. As such, rm-api-sdk popularity was classified as not popular.
We found that rm-api-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.