@flink-app/bankid-plugin 0.12.1-alpha.23 → 0.12.1-alpha.25

package/dist/BankIdPluginOptions.d.ts

@@ -48,18 +48,20 @@ export interface BankIdPluginOptions {
      * token. This will be relayed in the collect response to client.
      * @param userData
      * @param ip
+     * @param payload
      * @returns
      */
-    onAuthSuccess: (userData: BankIdUserData, ip?: string) => Promise<AuthSuccessCallbackResponse>;
+    onAuthSuccess: (userData: BankIdUserData, ip?: string, payload?: Record<string, any>) => Promise<AuthSuccessCallbackResponse>;
     /**
      * Callback invoked when BankID sign is successful.
      * Callback must return an object containing user information and
      * signature data. This will be relayed in the collect response to client.
      * @param userData
      * @param signature
+     * @param payload
      * @returns
      */
-    onSignSuccess?: (userData: BankIdUserData, signature: BankIdSignature) => Promise<void>;
+    onSignSuccess?: (userData: BankIdUserData, signature: BankIdSignature, payload?: Record<string, any>) => Promise<void>;
     /**
      * For how long to keep sessions in database.
      * This has nothing to do with how long the user is logged in, only

package/dist/functions/auth.d.ts

@@ -1,6 +1,7 @@
 import { BankIdInternalCtx } from "../BankIdInternalContext";
 export interface AuthOptions {
     endUserIp?: string;
+    payload?: Record<string, any>;
 }
 export interface AuthResponse {
     orderRef: string;

package/dist/functions/auth.js

@@ -87,6 +87,7 @@ function auth(ctx_1) {
                         createdAt: new Date(),
                         ip: clientIp,
                         autoStartToken: authResponse.autoStartToken,
+                        payload: options.payload,
                         qr: {
                             qrStartToken: authResponse.qrStartToken,
                             qrStartSecret: authResponse.qrStartSecret,

package/dist/functions/getAuthStatus.js

@@ -51,7 +51,7 @@ function getAuthStatus(ctx, options) {
                 case 1:
                     session = _c.sent();
                     if (!session) {
-                        throw new Error("BankId session not found");
+                        throw (0, flink_1.notFound)("BankId session not found");
                     }
                     if (!(session.status === "complete")) return [3 /*break*/, 5];
                     if (!!session.user) return [3 /*break*/, 3];
@@ -59,8 +59,8 @@ function getAuthStatus(ctx, options) {
                     return [4 /*yield*/, ctx.repos.bankIdSessionRepo.failSession(orderRef, "USER_DATA_MISSING")];
                 case 2:
                     _c.sent();
-                    throw new Error("User data is missing");
-                case 3: return [4 /*yield*/, pluginOptions.onAuthSuccess(session.user, (_a = session.device) === null || _a === void 0 ? void 0 : _a.ipAddress)];
+                    throw (0, flink_1.internalServerError)("Session is completed but user data is missing");
+                case 3: return [4 /*yield*/, pluginOptions.onAuthSuccess(session.user, (_a = session.device) === null || _a === void 0 ? void 0 : _a.ipAddress, session.payload)];
                 case 4:
                     authCallbackRes = _c.sent();
                     return [2 /*return*/, {

package/dist/functions/getSignStatus.js

@@ -73,7 +73,7 @@ function getSignStatus(ctx, options) {
                     throw new Error("Signature data is missing");
                 case 5: 
                 // Invoke host app callback
-                return [4 /*yield*/, pluginOptions.onSignSuccess(session.user, session.signature)];
+                return [4 /*yield*/, pluginOptions.onSignSuccess(session.user, session.signature, session.payload)];
                 case 6:
                     // Invoke host app callback
                     _b.sent();

package/dist/functions/sign.d.ts

@@ -3,6 +3,7 @@ export interface SignOptions {
     userVisibleData: string;
     userNonVisibleData?: string;
     endUserIp?: string;
+    payload?: Record<string, any>;
 }
 export interface SignResponse {
     orderRef: string;

package/dist/functions/sign.js

@@ -96,6 +96,7 @@ function sign(ctx, options) {
                         createdAt: new Date(),
                         ip: clientIp,
                         autoStartToken: signResponse.autoStartToken,
+                        payload: options.payload,
                         qr: {
                             qrStartToken: signResponse.qrStartToken,
                             qrStartSecret: signResponse.qrStartSecret,

package/dist/handlers/GetBankIdAuth.js

@@ -44,28 +44,18 @@ exports.Route = {
     method: flink_1.HttpMethod.get,
 };
 var GetBankIdAuth = function (_a) { return __awaiter(void 0, [_a], void 0, function (_b) {
-    var orderRef, authStatus, error_1;
+    var orderRef, authStatus;
     var ctx = _b.ctx, req = _b.req;
     return __generator(this, function (_c) {
         switch (_c.label) {
             case 0:
                 orderRef = req.params.orderRef;
-                _c.label = 1;
-            case 1:
-                _c.trys.push([1, 3, , 4]);
                 return [4 /*yield*/, (0, getAuthStatus_1.getAuthStatus)(ctx, { orderRef: orderRef })];
-            case 2:
+            case 1:
                 authStatus = _c.sent();
                 return [2 /*return*/, {
                         data: authStatus,
                     }];
-            case 3:
-                error_1 = _c.sent();
-                if (error_1.message === "BankId session not found") {
-                    return [2 /*return*/, (0, flink_1.notFound)("BankId session not found")];
-                }
-                return [2 /*return*/, (0, flink_1.internalServerError)(error_1.message || "Failed to get auth status")];
-            case 4: return [2 /*return*/];
         }
     });
 }); };

package/dist/handlers/GetBankIdSign.js

@@ -44,28 +44,18 @@ exports.Route = {
     method: flink_1.HttpMethod.get,
 };
 var GetBankIdSign = function (_a) { return __awaiter(void 0, [_a], void 0, function (_b) {
-    var orderRef, signStatus, error_1;
+    var orderRef, signStatus;
     var ctx = _b.ctx, req = _b.req;
     return __generator(this, function (_c) {
         switch (_c.label) {
             case 0:
                 orderRef = req.params.orderRef;
-                _c.label = 1;
-            case 1:
-                _c.trys.push([1, 3, , 4]);
                 return [4 /*yield*/, (0, getSignStatus_1.getSignStatus)(ctx, { orderRef: orderRef })];
-            case 2:
+            case 1:
                 signStatus = _c.sent();
                 return [2 /*return*/, {
                         data: signStatus,
                     }];
-            case 3:
-                error_1 = _c.sent();
-                if (error_1.message === "BankId session not found") {
-                    return [2 /*return*/, (0, flink_1.notFound)("BankId session not found")];
-                }
-                return [2 /*return*/, (0, flink_1.internalServerError)(error_1.message || "Failed to get sign status")];
-            case 4: return [2 /*return*/];
         }
     });
 }); };

package/dist/handlers/PostBankIdAuth.js

@@ -56,7 +56,10 @@ var PostBankIdAuth = function (_a) { return __awaiter(void 0, [_a], void 0, func
                 return [4 /*yield*/, options.onGetEndUserIp(req)];
             case 2:
                 clientIp = _c.sent();
-                return [4 /*yield*/, (0, auth_1.auth)(ctx, { endUserIp: clientIp })];
+                return [4 /*yield*/, (0, auth_1.auth)(ctx, {
+                        endUserIp: clientIp,
+                        payload: req.body.payload
+                    })];
             case 3:
                 authResponse = _c.sent();
                 return [2 /*return*/, {

package/dist/schemas/AuthInitiateReq.d.ts

@@ -1,2 +1,3 @@
 export default interface AuthInitiateReq {
+    payload?: Record<string, any>;
 }

package/dist/schemas/BankIdSession.d.ts

@@ -22,6 +22,7 @@ export default interface BankIdSession {
     hintCode?: string | null;
     ip: string;
     autoStartToken: string;
+    payload?: Record<string, any>;
     qr?: {
         qrStartToken: string;
         qrStartSecret: string;

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@flink-app/bankid-plugin",
-    "version": "0.12.1-alpha.23",
+    "version": "0.12.1-alpha.25",
     "description": "Flink plugin for Swedish BankID authentication and document signing",
     "scripts": {
         "test": "node --preserve-symlinks -r ts-node/register -- node_modules/jasmine/bin/jasmine --config=./spec/support/jasmine.json",
@@ -32,5 +32,5 @@
         "tsc-watch": "^4.2.9",
         "typescript": "5.4.5"
     },
-    "gitHead": "ab25ba2532fd79e5452390591c1899fbe3eae230"
+    "gitHead": "44a1bf5bb2b2c7d18e4cecc06da626700639f82a"
 }

package/spec/bankid-plugin.spec.ts

@@ -0,0 +1,5 @@
+describe("BankID Plugin", () => {
+    it("should be testable", () => {
+        expect(true).toBe(true);
+    });
+});

package/spec/support/jasmine.json

@@ -0,0 +1,7 @@
+{
+  "spec_dir": "spec",
+  "spec_files": ["**/*[sS]pec.ts"],
+  "helpers": ["helpers/**/*.ts"],
+  "stopSpecOnExpectationFailure": false,
+  "random": true
+}

package/src/BankIdPluginOptions.ts

@@ -57,9 +57,10 @@ export interface BankIdPluginOptions {
      * token. This will be relayed in the collect response to client.
      * @param userData
      * @param ip
+     * @param payload
      * @returns
      */
-    onAuthSuccess: (userData: BankIdUserData, ip?: string) => Promise<AuthSuccessCallbackResponse>;
+    onAuthSuccess: (userData: BankIdUserData, ip?: string, payload?: Record<string, any>) => Promise<AuthSuccessCallbackResponse>;
 
     /**
      * Callback invoked when BankID sign is successful.
@@ -67,9 +68,10 @@ export interface BankIdPluginOptions {
      * signature data. This will be relayed in the collect response to client.
      * @param userData
      * @param signature
+     * @param payload
      * @returns
      */
-    onSignSuccess?: (userData: BankIdUserData, signature: BankIdSignature) => Promise<void>;
+    onSignSuccess?: (userData: BankIdUserData, signature: BankIdSignature, payload?: Record<string, any>) => Promise<void>;
 
     /**
      * For how long to keep sessions in database.

package/src/functions/auth.ts

@@ -5,6 +5,7 @@ import { checkAndGenerateQr } from "../bankid-utils";
 
 export interface AuthOptions {
     endUserIp?: string;
+    payload?: Record<string, any>;
 }
 
 export interface AuthResponse {
@@ -55,6 +56,7 @@ export async function auth(ctx: BankIdInternalCtx, options: AuthOptions = {}): P
         createdAt: new Date(),
         ip: clientIp,
         autoStartToken: authResponse.autoStartToken,
+        payload: options.payload,
         qr: {
             qrStartToken: authResponse.qrStartToken,
             qrStartSecret: authResponse.qrStartSecret,

package/src/functions/getAuthStatus.ts

@@ -1,4 +1,4 @@
-import { log } from "@flink-app/flink";
+import { internalServerError, log, notFound } from "@flink-app/flink";
 import { BankIdInternalCtx } from "../BankIdInternalContext";
 
 export interface AuthStatusOptions {
@@ -23,7 +23,7 @@ export async function getAuthStatus(ctx: BankIdInternalCtx, options: AuthStatusO
     const session = await ctx.repos.bankIdSessionRepo.getSession(orderRef, "auth");
 
     if (!session) {
-        throw new Error("BankId session not found");
+        throw notFound("BankId session not found");
     }
 
     // Session is completed, create tokens
@@ -32,7 +32,7 @@ export async function getAuthStatus(ctx: BankIdInternalCtx, options: AuthStatusO
         if (!session.user) {
             log.error(`Auth session ${orderRef} marked complete but user data is missing`);
             await ctx.repos.bankIdSessionRepo.failSession(orderRef, "USER_DATA_MISSING");
-            throw new Error("User data is missing");
+            throw internalServerError("Session is completed but user data is missing");
         }
 
         // Invoke host app callback which will (probably) do the following:
@@ -40,7 +40,7 @@ export async function getAuthStatus(ctx: BankIdInternalCtx, options: AuthStatusO
         // - Create user if not found
         // - Create access token
         // If host app throws for example notFound error, this will be propagated as response here
-        const authCallbackRes = await pluginOptions.onAuthSuccess(session.user, session.device?.ipAddress);
+        const authCallbackRes = await pluginOptions.onAuthSuccess(session.user, session.device?.ipAddress, session.payload);
 
         return {
             status: "complete",
@@ -65,4 +65,4 @@ export async function getAuthStatus(ctx: BankIdInternalCtx, options: AuthStatusO
         hintCode: session.hintCode || undefined,
         qr: session.qr?.qr,
     };
-}
+}

package/src/functions/getSignStatus.ts

@@ -48,7 +48,7 @@ export async function getSignStatus(ctx: BankIdInternalCtx, options: SignStatusO
         }
 
         // Invoke host app callback
-        await pluginOptions.onSignSuccess(session.user, session.signature);
+        await pluginOptions.onSignSuccess(session.user, session.signature, session.payload);
 
         return {
             status: "complete",

package/src/functions/sign.ts

@@ -7,6 +7,7 @@ export interface SignOptions {
     userVisibleData: string;
     userNonVisibleData?: string;
     endUserIp?: string;
+    payload?: Record<string, any>;
 }
 
 export interface SignResponse {
@@ -69,6 +70,7 @@ export async function sign(ctx: BankIdInternalCtx, options: SignOptions): Promis
         createdAt: new Date(),
         ip: clientIp,
         autoStartToken: signResponse.autoStartToken,
+        payload: options.payload,
         qr: {
             qrStartToken: signResponse.qrStartToken,
             qrStartSecret: signResponse.qrStartSecret,

package/src/handlers/GetBankIdAuth.ts

@@ -1,7 +1,7 @@
-import { Handler, HttpMethod, RouteProps, internalServerError, notFound } from "@flink-app/flink";
+import { Handler, HttpMethod, RouteProps } from "@flink-app/flink";
 import { BankIdInternalCtx } from "../BankIdInternalContext";
-import AuthStatusRes from "../schemas/AuthStatusRes";
 import { getAuthStatus } from "../functions/getAuthStatus";
+import AuthStatusRes from "../schemas/AuthStatusRes";
 
 export const Route: RouteProps = {
     path: "/bankid/auth/:orderRef",
@@ -11,18 +11,11 @@ export const Route: RouteProps = {
 const GetBankIdAuth: Handler<BankIdInternalCtx, any, AuthStatusRes, { orderRef: string }> = async ({ ctx, req }) => {
     const { orderRef } = req.params;
 
-    try {
-        const authStatus = await getAuthStatus(ctx, { orderRef });
+    const authStatus = await getAuthStatus(ctx, { orderRef });
 
-        return {
-            data: authStatus,
-        };
-    } catch (error: any) {
-        if (error.message === "BankId session not found") {
-            return notFound("BankId session not found");
-        }
-        return internalServerError(error.message || "Failed to get auth status");
-    }
+    return {
+        data: authStatus,
+    };
 };
 
 export default GetBankIdAuth;

package/src/handlers/GetBankIdSign.ts

@@ -1,7 +1,7 @@
-import { Handler, HttpMethod, RouteProps, internalServerError, notFound } from "@flink-app/flink";
+import { Handler, HttpMethod, RouteProps } from "@flink-app/flink";
 import { BankIdInternalCtx } from "../BankIdInternalContext";
-import SignStatusRes from "../schemas/SignStatusRes";
 import { getSignStatus } from "../functions/getSignStatus";
+import SignStatusRes from "../schemas/SignStatusRes";
 
 export const Route: RouteProps = {
     path: "/bankid/sign/:orderRef",
@@ -11,18 +11,11 @@ export const Route: RouteProps = {
 const GetBankIdSign: Handler<BankIdInternalCtx, any, SignStatusRes, { orderRef: string }> = async ({ ctx, req }) => {
     const { orderRef } = req.params;
 
-    try {
-        const signStatus = await getSignStatus(ctx, { orderRef });
+    const signStatus = await getSignStatus(ctx, { orderRef });
 
-        return {
-            data: signStatus,
-        };
-    } catch (error: any) {
-        if (error.message === "BankId session not found") {
-            return notFound("BankId session not found");
-        }
-        return internalServerError(error.message || "Failed to get sign status");
-    }
+    return {
+        data: signStatus,
+    };
 };
 
 export default GetBankIdSign;

package/src/handlers/PostBankIdAuth.ts

@@ -15,7 +15,10 @@ const PostBankIdAuth: Handler<BankIdInternalCtx, AuthInitiateReq, AuthInitiateRe
     try {
         let clientIp = await options.onGetEndUserIp(req);
 
-        const authResponse = await auth(ctx, { endUserIp: clientIp });
+        const authResponse = await auth(ctx, { 
+            endUserIp: clientIp,
+            payload: req.body.payload 
+        });
 
         return {
             data: authResponse,

package/src/schemas/AuthInitiateReq.ts

@@ -1 +1,3 @@
-export default interface AuthInitiateReq {}
+export default interface AuthInitiateReq {
+    payload?: Record<string, any>;
+}

package/src/schemas/BankIdSession.ts

@@ -24,6 +24,7 @@ export default interface BankIdSession {
     hintCode?: string | null;
     ip: string;
     autoStartToken: string;
+    payload?: Record<string, any>;
     qr?: {
         qrStartToken: string;
         qrStartSecret: string;