diff --git a/.env.example b/.env.example
index d843ca2a..7a213dda 100644
--- a/.env.example
+++ b/.env.example
@@ -6,7 +6,6 @@
# # this is a comment:
# FOO=value
# ```
-
#
#
#
@@ -23,6 +22,7 @@ BACKEND_DOMAIN_NAME=backend.example.com
# Obtain the following 2 values on the Pi Developer Portal (open develop.pi in the Pi Browser).
# Domain validation key:
+https://github.com.munawarmojavalidation-key.txtb326b315d412570cbfa80e810e6f069e364b65eef8374a4c995264501110d518a8455d30c753c197f3aae087db225fe9f051b3080293ba45be3c0aa6b7b76435f6e156bb951c8883117f9b3a26e895fc82b6b264c9cf49f3922a3f2ab36282fcc460889388b307f90018d834b02b9c7582529014233b75a18806041b3cac821
DOMAIN_VALIDATION_KEY=todo_developer_portal
# Pi Platform API Key:
PI_API_KEY=todo_developer_portal
diff --git a/.github/ISSUE_TEMPLATE/Color b/.github/ISSUE_TEMPLATE/Color
new file mode 100644
index 00000000..bc3ab216
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/Color
@@ -0,0 +1,7 @@
+This XML file does not appear to have any style information associated with it. The document tree is shown below.
+
+
+#FFFFFF
+#000000
+#FF4081
+
diff --git a/.github/ISSUE_TEMPLATE/bug-report.md b/.github/ISSUE_TEMPLATE/bug-report.md
new file mode 100644
index 00000000..dd84ea78
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug-report.md
@@ -0,0 +1,38 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Desktop (please complete the following information):**
+ - OS: [e.g. iOS]
+ - Browser [e.g. chrome, safari]
+ - Version [e.g. 22]
+
+**Smartphone (please complete the following information):**
+ - Device: [e.g. iPhone6]
+ - OS: [e.g. iOS8.1]
+ - Browser [e.g. stock browser, safari]
+ - Version [e.g. 22]
+
+**Additional context**
+Add any other context about the problem here.
diff --git a/.github/Munawarmoja b/.github/Munawarmoja
new file mode 100644
index 00000000..42bf91fd
--- /dev/null
+++ b/.github/Munawarmoja
@@ -0,0 +1,15 @@
+# These are supported funding model platforms
+
+github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+polar: # Replace with a single Polar username
+buy_me_a_coffee: # Replace with a single Buy Me a Coffee username
+thanks_dev: # Replace with a single thanks.dev username
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
diff --git a/.github/workflows/generator-generic-ossf-slsa3-publish.yml b/.github/workflows/generator-generic-ossf-slsa3-publish.yml
new file mode 100644
index 00000000..35c829b1
--- /dev/null
+++ b/.github/workflows/generator-generic-ossf-slsa3-publish.yml
@@ -0,0 +1,66 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# This workflow lets you generate SLSA provenance file for your project.
+# The generation satisfies level 3 for the provenance requirements - see https://slsa.dev/spec/v0.1/requirements
+# The project is an initiative of the OpenSSF (openssf.org) and is developed at
+# https://github.com/slsa-framework/slsa-github-generator.
+# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier.
+# For more information about SLSA and how it improves the supply-chain, visit slsa.dev.
+
+name: SLSA generic generator
+on:
+ workflow_dispatch:
+ release:
+ types: [created]
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ outputs:
+ digests: ${{ steps.hash.outputs.digests }}
+
+ steps:
+ - uses: actions/checkout@v4
+
+ # ========================================================
+ #
+ # Step 1: Build your artifacts.
+ #
+ # ========================================================
+ - name: Build artifacts
+ run: |
+ # These are some amazing artifacts.
+ echo "artifact1" > artifact1
+ echo "artifact2" > artifact2
+
+ # ========================================================
+ #
+ # Step 2: Add a step to generate the provenance subjects
+ # as shown below. Update the sha256 sum arguments
+ # to include all binaries that you generate
+ # provenance for.
+ #
+ # ========================================================
+ - name: Generate subject for provenance
+ id: hash
+ run: |
+ set -euo pipefail
+
+ # List the artifacts the provenance will refer to.
+ files=$(ls artifact*)
+ # Generate the subjects (base64 encoded).
+ echo "hashes=$(sha256sum $files | base64 -w0)" >> "${GITHUB_OUTPUT}"
+
+ provenance:
+ needs: [build]
+ permissions:
+ actions: read # To read the workflow path.
+ id-token: write # To sign the provenance.
+ contents: write # To add assets to a release.
+ uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.4.0
+ with:
+ base64-subjects: "${{ needs.build.outputs.digests }}"
+ upload-assets: true # Optional: Upload to a new release
diff --git a/Munawarmoja b/Munawarmoja
new file mode 100644
index 00000000..f554f130
--- /dev/null
+++ b/Munawarmoja
@@ -0,0 +1,141 @@
+
+Pi Demo App Flows
+
+- [Authentication](#authentication)
+ - [Pi.authenticate()](#1-obtain-user-data-with-piauthenticate-sdk-method)
+ - [GET /me Platform API endpoint](#2-verify-the-user-by-calling-pi-platform-api-get-me-endpoint)
+- [Payments](#payments)
+ - [onReadyForServerApproval](#1-onreadyforserverapproval)
+ - [onReadyForServerCompletion](#2-onreadyforservercompletion)
+ - [onCancel](#3-oncancel)
+ - [onError](#4-onerror)
+ - [onIncompletePaymentFound](#onincompletepaymentfound)
+
+## Authentication
+
+User authentication consists of two steps:
+
+1. obtaining user accessToken using Pi SDK
+2. verifying accessToken using Pi Platform API
+
+
+
+> Disclaimer:
+>
+> Pi SDK method Pi.authenticate() should only be used to retrieve user accessToken and MUST be verified on the backend side of your app.
+>
+> For a detailed guide on how to use Pi SDK, please refer to [SDK Docs](https://github.com/pi-apps/pi-platform-docs/blob/master/SDK_reference.md)
+>
+> Pi Platform API should remain the only source of truth about user data in your app (a malicious user could tamper with the requests and send you wrong data).
+>
+> For a detailed guide on how to use Pi Platform API, please refer to [Platform API Docs](https://github.com/pi-apps/pi-platform-docs/blob/master/platform_API.md)
+
+
+
+### 1. Obtain user data with Pi.authenticate() SDK method
+
+Pi.authenticate() method takes in two arguments: scopes and onIncompletePaymentFound and returns AuthResult object with different keys available.
+
+scopes determine what keys are available on the AuthResult object. For full documentation on available scopes, please refer to [SDK Docs](https://github.com/pi-apps/pi-platform-docs/blob/master/SDK_reference.md#scopes).
+
+onIncompletePaymentFound is a function that connects both Authorization and Payments flows. To preview example implementation, proceed to [onIncompletePaymentFound](#onincompletepaymentfound) section.
+
+// frontend/src/shop/index.ts
+
+const signIn = async () => {
+ const scopes = ["username", "payments"];
+ const authResponse = await window.Pi.authenticate(scopes, onIncompletePaymentFound);
+
+ /* pass obtained data to backend */
+ await signInUser(authResponse);
+
+ /* use the obtained data however you want */
+ setUser(authResponse.user);
+};
+
+const signInUser = (authResult: any) => {
+ axiosClient.post("/signin", { authResult }, config);
+
+ return setShowModal(false);
+};
+
+
+### 2. Verify the user by calling Pi Platform API GET /me endpoint
+
+
+
+
+
+Pi Demo App
+
+https://github.com/Munawarmoja/demo
+Pi Demo App is an example of how you can implement the various required flows in your app's code.
+It aims to show you how to use Pi Platform API on the backend side and Pi SDK on the frontend side of your app.
+
+
+It is composed of two major parts:
+
+* **backend**: a backend app (a very simple JSON API built using Node and ExpressJS)
+* **frontend**: a single-page frontend app (built using React and create-react-app)
+
+
+Read [`doc/development.md`](./doc/development.md) to get started and learn how to run this app in development.
+
+> **WARNING**
+>
+> The demo app uses express session cookies which, in the Sandbox environment, are not correctly saved on the client on some browsers.
+> To properly test all of the features of the Demo App, we recommend you to open the sandbox app using Mozilla Firefox.
+
+
+## Deployment
+
+Read [`doc/deployment.md`](./doc/deployment.md) to learn how to deploy this app on a server using Docker and docker-compose.
+
+
+## Flows
+
+To dive into the implementation of the flows that support the demo app features, please refer to
+[Pi Demo App Flows](./FLOWS.md).
+
+
+
+
+Frontend Javascript SDK
+
+The JS SDK is the frontend SDK, designed to be used in your HTML pages or Single-Page Apps, served in the Pi Browser.
+
+In order to enable the SDK to function correctly, you need to declare your apps on the Developer Portal (open
+develop.pi in the Pi Browser to access the Developer Portal).
+
+This SDK is not for a server-side NodeJS app.
+
+
+In order to make sure that all involved parties (your app, your server, the Pi servers, and the Pi Blockchain) are in sync,
+the payment needs to go through a Server-Side Approval flow (for User-to-App payment) and/or a Server-Side Completion
+flow (for all types of payments).
+
+Please refer to:
+* [the full Payments documentation](./payments.md) to learn about the complete payment flow
+* [the Advanced Payments documentation](./payments_advanced.md) to learn about App-to-User payment flow
+* [the Platform API documentation](./platform_API.md) to learn how to confirm the payment and acknowledge it from your
+ server
+* [the client SDK documentation](./SDK_reference.md) to learn about Pi Apps SDK and provided methods in detail
+* [the Demo App](https://github.com/pi-apps/demo) to view an example of how you can implement the various required flows in your app's code
+
+
+
+# These are supported funding model platforms
+
+github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+polar: # Replace with a single Polar username
+buy_me_a_coffee: # Replace with a single Buy Me a Coffee username
+thanks_dev: # Replace with a single thanks.dev username
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
diff --git a/README.md b/README.md
index fdb78603..1fc506ee 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# Pi Demo App
+
Pi Demo App is an example of how you can implement the various required flows in your app's code.
It aims to show you how to use Pi Platform API on the backend side and Pi SDK on the frontend side of your app.
@@ -10,8 +10,6 @@ It is composed of two major parts:
* **frontend**: a single-page frontend app (built using React and create-react-app)
-## Initial Development
-
Read [`doc/development.md`](./doc/development.md) to get started and learn how to run this app in development.
> **WARNING**
@@ -29,3 +27,29 @@ Read [`doc/deployment.md`](./doc/deployment.md) to learn how to deploy this app
To dive into the implementation of the flows that support the demo app features, please refer to
[Pi Demo App Flows](./FLOWS.md).
+
+
+
+
+Frontend Javascript SDK
+
+The JS SDK is the frontend SDK, designed to be used in your HTML pages or Single-Page Apps, served in the Pi Browser.
+
+In order to enable the SDK to function correctly, you need to declare your apps on the Developer Portal (open
+develop.pi in the Pi Browser to access the Developer Portal).
+
+This SDK is not for a server-side NodeJS app.
+
+
+In order to make sure that all involved parties (your app, your server, the Pi servers, and the Pi Blockchain) are in sync,
+the payment needs to go through a Server-Side Approval flow (for User-to-App payment) and/or a Server-Side Completion
+flow (for all types of payments).
+
+Please refer to:
+* [the full Payments documentation](./payments.md) to learn about the complete payment flow
+* [the Advanced Payments documentation](./payments_advanced.md) to learn about App-to-User payment flow
+* [the Platform API documentation](./platform_API.md) to learn how to confirm the payment and acknowledge it from your
+ server
+* [the client SDK documentation](./SDK_reference.md) to learn about Pi Apps SDK and provided methods in detail
+* [the Demo App](https://github.com/pi-apps/demo) to view an example of how you can implement the various required flows in your app's code
+
diff --git a/docker-compose.yml b/docker-compose.yml
index 0c34b211..71c7c72a 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,5 +1,28 @@
+apt-get update && \
+apt-get install -y zip apt-transport-https ca-certificates curl gnupg-agent software-properties-common && \
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \
+add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" && \
+apt-get update && \
+apt-get install -y docker-ce docker-ce-cli containerd.io && \
+curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose && \
+chmod +x /usr/local/bin/docker-compose
+
+
+
+
+
version: "3.9"
services:
+
+apt-get update && \
+apt-get install -y zip apt-transport-https ca-certificates curl gnupg-agent software-properties-common && \
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \
+add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" && \
+apt-get update && \
+apt-get install -y docker-ce docker-ce-cli containerd.io && \
+curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose && \
+chmod +x /usr/local/bin/docker-compose
+
reverse-proxy:
build: ./reverse-proxy
environment: