@aws-amplify/ui-react-liveness 3.0.14 → 3.0.15

package/dist/esm/components/FaceLivenessDetector/FaceLivenessDetectorCore.mjs

@@ -7,12 +7,8 @@ import '@tensorflow-models/face-detection';
 import '@tensorflow/tfjs-backend-wasm';
 import '@tensorflow/tfjs-backend-cpu';
 import '@aws-amplify/core/internals/utils';
-import 'aws-amplify/auth';
 import '@aws-sdk/client-rekognitionstreaming';
-import '@aws-sdk/util-format-url';
-import '@smithy/eventstream-serde-browser';
-import '@smithy/fetch-http-handler';
-import '@smithy/protocol-http';
+import './service/utils/createStreamingClient/createStreamingClient.mjs';
 import './service/utils/freshnessColorDisplay.mjs';
 import { View, Flex } from '@aws-amplify/ui-react';
 import { FaceLivenessDetectorProvider } from './providers/FaceLivenessDetectorProvider.mjs';

package/dist/esm/components/FaceLivenessDetector/LivenessCheck/LivenessCameraModule.mjs

@@ -10,12 +10,8 @@ import '@tensorflow/tfjs-backend-wasm';
 import '@tensorflow/tfjs-backend-cpu';
 import '@aws-amplify/core/internals/utils';
 import { drawStaticOval, clearOvalCanvas } from '../service/utils/liveness.mjs';
-import 'aws-amplify/auth';
 import '@aws-sdk/client-rekognitionstreaming';
-import '@aws-sdk/util-format-url';
-import '@smithy/eventstream-serde-browser';
-import '@smithy/fetch-http-handler';
-import '@smithy/protocol-http';
+import '../service/utils/createStreamingClient/createStreamingClient.mjs';
 import '../service/utils/freshnessColorDisplay.mjs';
 import { useLivenessActor } from '../hooks/useLivenessActor.mjs';
 import { useLivenessSelector, createLivenessSelector } from '../hooks/useLivenessSelector.mjs';

package/dist/esm/components/FaceLivenessDetector/LivenessCheck/LivenessCheck.mjs

@@ -8,12 +8,8 @@ import '@tensorflow-models/face-detection';
 import '@tensorflow/tfjs-backend-wasm';
 import '@tensorflow/tfjs-backend-cpu';
 import '@aws-amplify/core/internals/utils';
-import 'aws-amplify/auth';
 import '@aws-sdk/client-rekognitionstreaming';
-import '@aws-sdk/util-format-url';
-import '@smithy/eventstream-serde-browser';
-import '@smithy/fetch-http-handler';
-import '@smithy/protocol-http';
+import '../service/utils/createStreamingClient/createStreamingClient.mjs';
 import '../service/utils/freshnessColorDisplay.mjs';
 import { LivenessCameraModule } from './LivenessCameraModule.mjs';
 import { useLivenessActor } from '../hooks/useLivenessActor.mjs';

package/dist/esm/components/FaceLivenessDetector/service/utils/{CustomWebSocketFetchHandler.mjs → createStreamingClient/CustomWebSocketFetchHandler.mjs}

@@ -2,7 +2,7 @@ import { formatUrl } from '@aws-sdk/util-format-url';
 import { readableStreamtoIterable, iterableToReadableStream } from '@smithy/eventstream-serde-browser';
 import { FetchHttpHandler } from '@smithy/fetch-http-handler';
 import { HttpResponse } from '@smithy/protocol-http';
-import { WS_CLOSURE_CODE } from './constants.mjs';
+import { WS_CLOSURE_CODE } from '../constants.mjs';
 
 /**
  * Note: This file was copied from https://github.com/aws/aws-sdk-js-v3/blob/main/packages/middleware-websocket/src/websocket-fetch-handler.ts#L176

package/dist/esm/components/FaceLivenessDetector/service/utils/createStreamingClient/Signer.mjs

@@ -0,0 +1,18 @@
+import { SignatureV4 } from '@smithy/signature-v4';
+
+// override aws sdk default value of 60
+const REQUEST_EXPIRY = 299;
+class Signer extends SignatureV4 {
+    presign(request, options) {
+        return super.presign(request, {
+            ...options,
+            expiresIn: REQUEST_EXPIRY,
+            // `headers` that should not be signed. Liveness WebSocket
+            // request omits `headers` except for required `host` header. Signature
+            // could be a mismatch if other `headers` are signed
+            unsignableHeaders: new Set(Object.keys(request.headers).filter((header) => header !== 'host')),
+        });
+    }
+}
+
+export { REQUEST_EXPIRY, Signer };

package/dist/esm/components/FaceLivenessDetector/service/utils/createStreamingClient/createStreamingClient.mjs

@@ -0,0 +1,27 @@
+import { RekognitionStreamingClient } from '@aws-sdk/client-rekognitionstreaming';
+import { getAmplifyUserAgent } from '@aws-amplify/core/internals/utils';
+import { getLivenessUserAgent } from '../../../utils/platform.mjs';
+import { CustomWebSocketFetchHandler } from './CustomWebSocketFetchHandler.mjs';
+import { resolveCredentials } from './resolveCredentials.mjs';
+import { Signer } from './Signer.mjs';
+
+const CONNECTION_TIMEOUT = 10000;
+const CUSTOM_USER_AGENT = `${getAmplifyUserAgent()} ${getLivenessUserAgent()}`;
+async function createStreamingClient({ credentialsProvider, endpointOverride, region, }) {
+    const credentials = await resolveCredentials(credentialsProvider);
+    const clientconfig = {
+        credentials,
+        customUserAgent: CUSTOM_USER_AGENT,
+        region,
+        requestHandler: new CustomWebSocketFetchHandler({
+            connectionTimeout: CONNECTION_TIMEOUT,
+        }),
+        signerConstructor: Signer,
+    };
+    if (endpointOverride) {
+        clientconfig.endpointProvider = () => ({ url: new URL(endpointOverride) });
+    }
+    return new RekognitionStreamingClient(clientconfig);
+}
+
+export { createStreamingClient };

package/dist/esm/components/FaceLivenessDetector/service/utils/createStreamingClient/resolveCredentials.mjs

@@ -0,0 +1,38 @@
+import { fetchAuthSession } from 'aws-amplify/auth';
+
+const isCredentialsProvider = (credentialsProvider) => typeof credentialsProvider === 'function';
+// the return interface of `fetchAuthSession` includes `credentials` as
+// optional, but `credentials` is always returned. If `fetchAuthSession`
+// is called for an unauthenticated end user, values of `accessKeyId`
+// and `secretAccessKey` are `undefined`
+const isCredentials = (credentials) => !!(credentials?.accessKeyId && credentials?.secretAccessKey);
+/**
+ * Resolves the `credentials` param to be passed to `RekognitionStreamingClient` which accepts either:
+ * - a `credentials` object
+ * - a `credentialsProvider` callback
+ *
+ * @param credentialsProvider optional `credentialsProvider` callback
+ * @returns {Promise<AwsCredentials | AwsCredentialProvider>} `credentials` object or valid `credentialsProvider` callback
+ */
+async function resolveCredentials(credentialsProvider) {
+    const hasCredentialsProvider = isCredentialsProvider(credentialsProvider);
+    if (hasCredentialsProvider) {
+        return credentialsProvider;
+    }
+    if (credentialsProvider && !hasCredentialsProvider) {
+        throw new Error('Invalid credentialsProvider');
+    }
+    try {
+        const result = (await fetchAuthSession()).credentials;
+        if (isCredentials(result)) {
+            return result;
+        }
+        throw new Error('Missing credentials');
+    }
+    catch (e) {
+        const { message } = e;
+        throw new Error(`Invalid credentials: ${message}`);
+    }
+}
+
+export { resolveCredentials };

package/dist/esm/components/FaceLivenessDetector/service/utils/streamProvider.mjs

@@ -1,9 +1,6 @@
-import { getAmplifyUserAgent } from '@aws-amplify/core/internals/utils';
-import { fetchAuthSession } from 'aws-amplify/auth';
-import { RekognitionStreamingClient, StartFaceLivenessSessionCommand } from '@aws-sdk/client-rekognitionstreaming';
+import { StartFaceLivenessSessionCommand } from '@aws-sdk/client-rekognitionstreaming';
 import { VideoRecorder } from './videoRecorder.mjs';
-import { getLivenessUserAgent } from '../../utils/platform.mjs';
-import { CustomWebSocketFetchHandler } from './CustomWebSocketFetchHandler.mjs';
+import { createStreamingClient } from './createStreamingClient/createStreamingClient.mjs';
 
 const TIME_SLICE = 1000;
 function isBlob(obj) {
@@ -34,9 +31,7 @@ class LivenessStreamProvider {
         this.videoRecorder.start(TIME_SLICE);
     }
     sendClientInfo(clientInfo) {
-        this.videoRecorder.dispatch(new MessageEvent('clientSesssionInfo', {
-            data: { clientInfo },
-        }));
+        this.videoRecorder.dispatch(new MessageEvent('clientSesssionInfo', { data: { clientInfo } }));
     }
     async stopVideo() {
         await this.videoRecorder.stop();
@@ -48,32 +43,15 @@ class LivenessStreamProvider {
         if (this.videoRecorder.getState() === 'recording') {
             await this.stopVideo();
         }
-        this.videoRecorder.dispatch(new MessageEvent('endStreamWithCode', {
-            data: { code: code },
-        }));
+        this.videoRecorder.dispatch(new MessageEvent('endStreamWithCode', { data: { code } }));
         return;
     }
     async init() {
-        const credentials = this.credentialProvider ?? (await fetchAuthSession()).credentials;
-        if (!credentials) {
-            throw new Error('No credentials');
-        }
-        const clientconfig = {
-            credentials,
+        this._client = await createStreamingClient({
+            credentialsProvider: this.credentialProvider,
+            endpointOverride: this.endpointOverride,
             region: this.region,
-            customUserAgent: `${getAmplifyUserAgent()} ${getLivenessUserAgent()}`,
-            requestHandler: new CustomWebSocketFetchHandler({
-                connectionTimeout: 10000,
-            }),
-        };
-        if (this.endpointOverride) {
-            const override = this.endpointOverride;
-            clientconfig.endpointProvider = () => {
-                const url = new URL(override);
-                return { url };
-            };
-        }
-        this._client = new RekognitionStreamingClient(clientconfig);
+        });
         this.responseStream = await this.startLivenessVideoConnection();
     }
     // Creates a generator from a stream of video chunks and livenessActionDocuments and yields VideoEvent and ClientEvents

package/dist/esm/components/FaceLivenessDetector/shared/DefaultStartScreenComponents.mjs

@@ -9,12 +9,8 @@ import '@tensorflow-models/face-detection';
 import '@tensorflow/tfjs-backend-wasm';
 import '@tensorflow/tfjs-backend-cpu';
 import '@aws-amplify/core/internals/utils';
-import 'aws-amplify/auth';
 import '@aws-sdk/client-rekognitionstreaming';
-import '@aws-sdk/util-format-url';
-import '@smithy/eventstream-serde-browser';
-import '@smithy/fetch-http-handler';
-import '@smithy/protocol-http';
+import '../service/utils/createStreamingClient/createStreamingClient.mjs';
 import '../service/utils/freshnessColorDisplay.mjs';
 import '@xstate/react';
 import '../providers/FaceLivenessDetectorProvider.mjs';

package/dist/esm/components/FaceLivenessDetector/shared/FaceLivenessErrorModal.mjs

@@ -9,12 +9,8 @@ import '@tensorflow-models/face-detection';
 import '@tensorflow/tfjs-backend-wasm';
 import '@tensorflow/tfjs-backend-cpu';
 import '@aws-amplify/core/internals/utils';
-import 'aws-amplify/auth';
 import '@aws-sdk/client-rekognitionstreaming';
-import '@aws-sdk/util-format-url';
-import '@smithy/eventstream-serde-browser';
-import '@smithy/fetch-http-handler';
-import '@smithy/protocol-http';
+import '../service/utils/createStreamingClient/createStreamingClient.mjs';
 import '../service/utils/freshnessColorDisplay.mjs';
 import { Toast } from './Toast.mjs';
 import { Overlay } from './Overlay.mjs';

package/dist/esm/components/FaceLivenessDetector/shared/Hint.mjs

@@ -7,12 +7,8 @@ import '@tensorflow-models/face-detection';
 import '@tensorflow/tfjs-backend-wasm';
 import '@tensorflow/tfjs-backend-cpu';
 import '@aws-amplify/core/internals/utils';
-import 'aws-amplify/auth';
 import '@aws-sdk/client-rekognitionstreaming';
-import '@aws-sdk/util-format-url';
-import '@smithy/eventstream-serde-browser';
-import '@smithy/fetch-http-handler';
-import '@smithy/protocol-http';
+import '../service/utils/createStreamingClient/createStreamingClient.mjs';
 import '../service/utils/freshnessColorDisplay.mjs';
 import { useLivenessActor } from '../hooks/useLivenessActor.mjs';
 import { createLivenessSelector, useLivenessSelector } from '../hooks/useLivenessSelector.mjs';

package/dist/esm/version.mjs

@@ -1,3 +1,3 @@
-const VERSION = '3.0.14';
+const VERSION = '3.0.15';
 
 export { VERSION };

package/dist/index.js

@@ -17,6 +17,7 @@ var utilFormatUrl = require('@aws-sdk/util-format-url');
 var eventstreamSerdeBrowser = require('@smithy/eventstream-serde-browser');
 var fetchHttpHandler = require('@smithy/fetch-http-handler');
 var protocolHttp = require('@smithy/protocol-http');
+var signatureV4 = require('@smithy/signature-v4');
 var uiReact = require('@aws-amplify/ui-react');
 var ui = require('@aws-amplify/ui');
 var internal = require('@aws-amplify/ui-react/internal');
@@ -781,7 +782,7 @@ class VideoRecorder {
     }
 }
 
-const VERSION = '3.0.14';
+const VERSION = '3.0.15';
 
 const BASE_USER_AGENT = `ui-react-liveness/${VERSION}`;
 const getLivenessUserAgent = () => {
@@ -980,6 +981,75 @@ class CustomWebSocketFetchHandler {
     }
 }
 
+const isCredentialsProvider = (credentialsProvider) => typeof credentialsProvider === 'function';
+// the return interface of `fetchAuthSession` includes `credentials` as
+// optional, but `credentials` is always returned. If `fetchAuthSession`
+// is called for an unauthenticated end user, values of `accessKeyId`
+// and `secretAccessKey` are `undefined`
+const isCredentials = (credentials) => !!(credentials?.accessKeyId && credentials?.secretAccessKey);
+/**
+ * Resolves the `credentials` param to be passed to `RekognitionStreamingClient` which accepts either:
+ * - a `credentials` object
+ * - a `credentialsProvider` callback
+ *
+ * @param credentialsProvider optional `credentialsProvider` callback
+ * @returns {Promise<AwsCredentials | AwsCredentialProvider>} `credentials` object or valid `credentialsProvider` callback
+ */
+async function resolveCredentials(credentialsProvider) {
+    const hasCredentialsProvider = isCredentialsProvider(credentialsProvider);
+    if (hasCredentialsProvider) {
+        return credentialsProvider;
+    }
+    if (credentialsProvider && !hasCredentialsProvider) {
+        throw new Error('Invalid credentialsProvider');
+    }
+    try {
+        const result = (await auth.fetchAuthSession()).credentials;
+        if (isCredentials(result)) {
+            return result;
+        }
+        throw new Error('Missing credentials');
+    }
+    catch (e) {
+        const { message } = e;
+        throw new Error(`Invalid credentials: ${message}`);
+    }
+}
+
+// override aws sdk default value of 60
+const REQUEST_EXPIRY = 299;
+class Signer extends signatureV4.SignatureV4 {
+    presign(request, options) {
+        return super.presign(request, {
+            ...options,
+            expiresIn: REQUEST_EXPIRY,
+            // `headers` that should not be signed. Liveness WebSocket
+            // request omits `headers` except for required `host` header. Signature
+            // could be a mismatch if other `headers` are signed
+            unsignableHeaders: new Set(Object.keys(request.headers).filter((header) => header !== 'host')),
+        });
+    }
+}
+
+const CONNECTION_TIMEOUT = 10000;
+const CUSTOM_USER_AGENT = `${utils.getAmplifyUserAgent()} ${getLivenessUserAgent()}`;
+async function createStreamingClient({ credentialsProvider, endpointOverride, region, }) {
+    const credentials = await resolveCredentials(credentialsProvider);
+    const clientconfig = {
+        credentials,
+        customUserAgent: CUSTOM_USER_AGENT,
+        region,
+        requestHandler: new CustomWebSocketFetchHandler({
+            connectionTimeout: CONNECTION_TIMEOUT,
+        }),
+        signerConstructor: Signer,
+    };
+    if (endpointOverride) {
+        clientconfig.endpointProvider = () => ({ url: new URL(endpointOverride) });
+    }
+    return new clientRekognitionstreaming.RekognitionStreamingClient(clientconfig);
+}
+
 const TIME_SLICE = 1000;
 function isBlob(obj) {
     return obj.arrayBuffer !== undefined;
@@ -1009,9 +1079,7 @@ class LivenessStreamProvider {
         this.videoRecorder.start(TIME_SLICE);
     }
     sendClientInfo(clientInfo) {
-        this.videoRecorder.dispatch(new MessageEvent('clientSesssionInfo', {
-            data: { clientInfo },
-        }));
+        this.videoRecorder.dispatch(new MessageEvent('clientSesssionInfo', { data: { clientInfo } }));
     }
     async stopVideo() {
         await this.videoRecorder.stop();
@@ -1023,32 +1091,15 @@ class LivenessStreamProvider {
         if (this.videoRecorder.getState() === 'recording') {
             await this.stopVideo();
         }
-        this.videoRecorder.dispatch(new MessageEvent('endStreamWithCode', {
-            data: { code: code },
-        }));
+        this.videoRecorder.dispatch(new MessageEvent('endStreamWithCode', { data: { code } }));
         return;
     }
     async init() {
-        const credentials = this.credentialProvider ?? (await auth.fetchAuthSession()).credentials;
-        if (!credentials) {
-            throw new Error('No credentials');
-        }
-        const clientconfig = {
-            credentials,
+        this._client = await createStreamingClient({
+            credentialsProvider: this.credentialProvider,
+            endpointOverride: this.endpointOverride,
             region: this.region,
-            customUserAgent: `${utils.getAmplifyUserAgent()} ${getLivenessUserAgent()}`,
-            requestHandler: new CustomWebSocketFetchHandler({
-                connectionTimeout: 10000,
-            }),
-        };
-        if (this.endpointOverride) {
-            const override = this.endpointOverride;
-            clientconfig.endpointProvider = () => {
-                const url = new URL(override);
-                return { url };
-            };
-        }
-        this._client = new clientRekognitionstreaming.RekognitionStreamingClient(clientconfig);
+        });
         this.responseStream = await this.startLivenessVideoConnection();
     }
     // Creates a generator from a stream of video chunks and livenessActionDocuments and yields VideoEvent and ClientEvents

package/dist/types/components/FaceLivenessDetector/service/types/credentials.d.ts

@@ -1,16 +1,15 @@
+import { CredentialsAndIdentityId } from 'aws-amplify/auth';
+export type AwsCredentials = CredentialsAndIdentityId['credentials'];
+export interface IdentityProvider<IdentityT extends AwsCredentials> {
+    (identityProperties?: Record<string, any>): Promise<IdentityT>;
+}
 /**
- * These types are copied over / adapted from the aws-sdk/types package as they do not semantic versioning and we do not want these changing unexpectedly.
- * When Amplify Auth exports these types this file should be removed and the type definitions should come from the Amplify auth package
+ * @deprecated `AwsTemporaryCredentials` has been replaced with `AwsCredentials`.
+ *
+ * The `AwsTemporaryCredentials` type may be removed in a future major version of _@aws-amplify/ui-react-liveness_.
  */
-export interface AwsCredentials {
-    readonly accessKeyId: string;
-    readonly secretAccessKey: string;
-}
 export interface AwsTemporaryCredentials extends AwsCredentials {
     readonly sessionToken?: string;
     readonly expiration?: Date;
 }
-export interface IdentityProvider<IdentityT extends AwsTemporaryCredentials> {
-    (identityProperties?: Record<string, any>): Promise<IdentityT>;
-}
-export type AwsCredentialProvider = IdentityProvider<AwsTemporaryCredentials>;
+export type AwsCredentialProvider = IdentityProvider<AwsCredentials>;

package/dist/types/components/FaceLivenessDetector/service/utils/createStreamingClient/Signer.d.ts

@@ -0,0 +1,6 @@
+import { SignatureV4 } from '@smithy/signature-v4';
+import { HttpRequest as HttpRequest, RequestPresigningArguments } from '@smithy/types';
+export declare const REQUEST_EXPIRY = 299;
+export declare class Signer extends SignatureV4 {
+    presign(request: HttpRequest, options?: Omit<RequestPresigningArguments, 'expiresIn'>): Promise<HttpRequest>;
+}

package/dist/types/components/FaceLivenessDetector/service/utils/createStreamingClient/createStreamingClient.d.ts

@@ -0,0 +1,9 @@
+import { RekognitionStreamingClient } from '@aws-sdk/client-rekognitionstreaming';
+import { AwsCredentialProvider } from '../../types';
+interface CreateClientConfig {
+    credentialsProvider?: AwsCredentialProvider;
+    endpointOverride?: string;
+    region: string;
+}
+export declare function createStreamingClient({ credentialsProvider, endpointOverride, region, }: CreateClientConfig): Promise<RekognitionStreamingClient>;
+export {};

package/dist/types/components/FaceLivenessDetector/service/utils/createStreamingClient/index.d.ts

@@ -0,0 +1 @@
+export { createStreamingClient } from './createStreamingClient';

package/dist/types/components/FaceLivenessDetector/service/utils/createStreamingClient/resolveCredentials.d.ts

@@ -0,0 +1,10 @@
+import { AwsCredentialProvider, AwsCredentials } from '../../types';
+/**
+ * Resolves the `credentials` param to be passed to `RekognitionStreamingClient` which accepts either:
+ * - a `credentials` object
+ * - a `credentialsProvider` callback
+ *
+ * @param credentialsProvider optional `credentialsProvider` callback
+ * @returns {Promise<AwsCredentials | AwsCredentialProvider>} `credentials` object or valid `credentialsProvider` callback
+ */
+export declare function resolveCredentials(credentialsProvider?: AwsCredentialProvider): Promise<AwsCredentials | AwsCredentialProvider>;

package/dist/types/version.d.ts

@@ -1 +1 @@
-export declare const VERSION = "3.0.14";
+export declare const VERSION = "3.0.15";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aws-amplify/ui-react-liveness",
-  "version": "3.0.14",
+  "version": "3.0.15",
   "main": "dist/index.js",
   "module": "dist/esm/index.mjs",
   "exports": {
@@ -54,6 +54,7 @@
     "@smithy/eventstream-serde-browser": "^2.0.4",
     "@smithy/fetch-http-handler": "^2.1.3",
     "@smithy/protocol-http": "^3.0.3",
+    "@smithy/signature-v4": "2.1.4",
     "@mediapipe/face_detection": "~0.4.0",
     "@tensorflow-models/face-detection": "1.0.2",
     "@tensorflow/tfjs-backend-cpu": "4.11.0",
@@ -80,7 +81,7 @@
       "name": "FaceLivenessDetector",
       "path": "dist/esm/index.mjs",
       "import": "{ FaceLivenessDetector }",
-      "limit": "275 kB"
+      "limit": "280 kB"
     }
   ]
 }