/** * Stripe helpers — REST API via fetch (no SDK dependency) * * Used by both api/mcp.ts (HTTP) and src/stdio.ts (stdio) * Requires STRIPE_SECRET_KEY environment variable */ /** * Convert a decimal price to Stripe minor units (cents / öre). * * Plain `price * 100` produces floating-point garbage (`19.99 * 100 === * 1998.9999999999998`), which Stripe rejects as a non-integer amount and * which would silently over/undercharge by 1 unit for any price that * doesn't round cleanly. Always go through this helper. (#69) * * Throws on NaN, Infinity, or negative input — those indicate a logic bug * upstream that we never want to forward to Stripe. */ export declare function toStripeMinorUnits(price: number): number; /** * Validates a property domain before embedding it in Stripe redirect URLs. * * Accepts only bare hostnames (e.g. "villaaakerlyckan.se") — no scheme, * no path, no port, no credentials. Returns the fallback domain when the * value is absent or fails validation so callers always get a safe URL. * * Attack prevented: a malicious or compromised `properties.domain` value * such as "evil.com/x?foo=" or "evil.com@legit.se" would otherwise redirect * paying guests to an attacker-controlled page after Stripe checkout, leaking * the session_id and enabling booking impersonation. */ export declare function sanitizeDomain(domain: string | null | undefined): string; export declare function getStripeKey(): string; export declare function createCheckoutSession(params: { amount: number; currency: string; propertyName: string; checkIn: string; checkOut: string; guests: number; guestEmail: string; propertyId: string; bookingId: string; domain: string; hostStripeAccountId?: string | null; hostOnboardingComplete?: boolean | null; }): Promise<{ id: string; url: string; payment_intent: string | null; }>; export declare function retrievePaymentIntent(paymentIntentId: string): Promise<{ id: string; client_secret: string; status: string; }>; export declare function createRefund(paymentIntentId: string, amount: number): Promise<{ id: string; amount: number; status: string; }>; export declare function createPaymentIntent(params: { amount: number; currency: string; captureMethod: string; metadata: Record; hostStripeAccountId?: string | null; hostOnboardingComplete?: boolean | null; }): Promise<{ id: string; client_secret: string; status: string; }>;