@onfido/api 2.0.1 → 2.1.1

package/CHANGELOG.md

@@ -1,9 +1,21 @@
 # Changelog
 
+## v2.1.1, 6 Jan 2022
+
+- Add `validate_image_quality` to document upload request
+
+## v2.1.0, 24 June 2021
+
+- Updated to use API v3.2
+
+## v2.0.2, 25 May 2021
+
+- Add `environments` to Webhook object 
+
 ## v2.0.1, 17 May 2021
 
-- Add `sub_result` to trigger sandbox pre-determined reponses for Document report sub-results
-- Add `consider` array functionality for sandbox pre-determined reponses 
+- Add `sub_result` to trigger sandbox pre-determined responses for Document report sub-results
+- Add `consider` array functionality for sandbox pre-determined responses 
 
 ## v2.0.0, 9 April 2021
 

package/README.md

@@ -4,9 +4,9 @@ The official Node.js library for integrating with the Onfido API.
 
 Documentation can be found at <https://documentation.onfido.com>
 
-This library is only for use on the backend, as it uses Onfido API tokens which must be kept secret. If you do need to collect applicant data in the frontend of your application, we recommend that you use one of [the Onfido SDKs](https://developers.onfido.com/sdks/).
+This library is only for use on the backend, as it uses Onfido API tokens which must be kept secret. If you do need to collect applicant data in the frontend of your application, we recommend that you use the Onfido SDKs: [iOS](https://github.com/onfido/onfido-ios-sdk), [Android](https://github.com/onfido/onfido-android-sdk), [Web](https://github.com/onfido/onfido-sdk-ui), and [React Native](https://github.com/onfido/react-native-sdk). 
 
-This version uses Onfido API v3.1. Refer to our [API versioning guide](https://developers.onfido.com/guide/api-versioning-policy#client-libraries) for details of which client library versions use which versions of the API.
+This version uses Onfido API v3.2. Refer to our [API versioning guide](https://developers.onfido.com/guide/api-versioning-policy#client-libraries) for details of which client library versions use which versions of the API.
 
 ## Installation
 

package/dist/Onfido.d.ts

@@ -0,0 +1,36 @@
+import { AxiosInstance } from "axios";
+import { Addresses } from "./resources/Addresses";
+import { Applicants } from "./resources/Applicants";
+import { Autofill } from "./resources/Autofill";
+import { Checks } from "./resources/Checks";
+import { Documents } from "./resources/Documents";
+import { LivePhotos } from "./resources/LivePhotos";
+import { LiveVideos } from "./resources/LiveVideos";
+import { Reports } from "./resources/Reports";
+import { SdkTokens } from "./resources/SdkTokens";
+import { Webhooks } from "./resources/Webhooks";
+export declare enum Region {
+    EU = "EU",
+    US = "US",
+    CA = "CA"
+}
+export declare type OnfidoOptions = {
+    apiToken: string;
+    region: Region;
+    timeout?: number;
+    unknownApiUrl?: string;
+};
+export declare class Onfido {
+    readonly axiosInstance: AxiosInstance;
+    readonly applicant: Applicants;
+    readonly document: Documents;
+    readonly livePhoto: LivePhotos;
+    readonly liveVideo: LiveVideos;
+    readonly check: Checks;
+    readonly report: Reports;
+    readonly address: Addresses;
+    readonly webhook: Webhooks;
+    readonly sdkToken: SdkTokens;
+    readonly autofill: Autofill;
+    constructor({ apiToken, region, timeout, unknownApiUrl }: OnfidoOptions);
+}

package/dist/OnfidoDownload.d.ts

@@ -0,0 +1,9 @@
+/// <reference types="node" />
+import { IncomingMessage } from "http";
+import { Readable } from "stream";
+export declare class OnfidoDownload {
+    private readonly incomingMessage;
+    constructor(incomingMessage: IncomingMessage);
+    asStream(): Readable;
+    get contentType(): string;
+}

package/dist/Resource.d.ts

@@ -0,0 +1,22 @@
+import { AxiosInstance } from "axios";
+import { SimpleObject } from "./formatting";
+import { OnfidoDownload } from "./OnfidoDownload";
+export declare enum Method {
+    GET = "get",
+    POST = "post",
+    PUT = "put",
+    DELETE = "delete"
+}
+export declare class Resource<T extends SimpleObject> {
+    private readonly name;
+    private readonly axiosInstance;
+    protected constructor(name: string, axiosInstance: AxiosInstance);
+    protected request({ method, path, body, query }: {
+        method: Method;
+        path?: string;
+        body?: T;
+        query?: SimpleObject;
+    }): Promise<any>;
+    protected upload(body: T): Promise<any>;
+    protected download(path: string): Promise<OnfidoDownload>;
+}

package/dist/WebhookEventVerifier.d.ts

@@ -0,0 +1,16 @@
+/// <reference types="node" />
+export declare type WebhookEvent = {
+    resourceType: string;
+    action: string;
+    object: {
+        id: string;
+        status: string;
+        href: string;
+        completedAtIso8601: string;
+    };
+};
+export declare class WebhookEventVerifier {
+    private readonly webhookToken;
+    constructor(webhookToken: string);
+    readPayload(rawEventBody: string | Buffer, hexSignature: string): WebhookEvent;
+}

package/dist/errors/OnfidoApiError.d.ts

@@ -0,0 +1,10 @@
+import { OnfidoError } from "./OnfidoError";
+export declare class OnfidoApiError extends OnfidoError {
+    readonly responseBody: unknown;
+    readonly statusCode: number;
+    readonly type: string;
+    readonly fields: unknown;
+    private constructor();
+    static fromResponse(responseBody: unknown, statusCode: number): OnfidoApiError;
+    isClientError(): boolean;
+}

package/dist/errors/OnfidoError.d.ts

@@ -0,0 +1,3 @@
+export declare class OnfidoError extends Error {
+    constructor(message?: string);
+}

package/dist/formatting.d.ts

@@ -0,0 +1,16 @@
+/// <reference types="node" />
+import { Readable } from "stream";
+import { IFormData } from "./types/formData";
+export declare type SimpleObject = {
+    [key: string]: unknown;
+};
+declare type ContentsAndOptions = {
+    contents: Readable;
+    filepath: string;
+    contentType?: string;
+};
+export declare type FileLike = Readable | ContentsAndOptions;
+export declare const convertObjectToSnakeCase: (requestBody: unknown) => unknown;
+export declare const convertObjectToCamelCase: (responseBody: SimpleObject) => SimpleObject;
+export declare const toFormData: (object: SimpleObject) => IFormData;
+export {};

package/dist/index.d.ts

@@ -0,0 +1,17 @@
+export { Onfido, OnfidoOptions, Region } from "./Onfido";
+export { OnfidoDownload } from "./OnfidoDownload";
+export { OnfidoError } from "./errors/OnfidoError";
+export { OnfidoApiError } from "./errors/OnfidoApiError";
+export { FileLike } from "./formatting";
+export { WebhookEvent, WebhookEventVerifier } from "./WebhookEventVerifier";
+export { Applicant, ApplicantRequest } from "./resources/Applicants";
+export { Address, AddressRequest } from "./resources/Addresses";
+export { IdNumber, IdNumberRequest } from "./resources/IdNumbers";
+export { Document, DocumentRequest } from "./resources/Documents";
+export { LivePhoto, LivePhotoRequest } from "./resources/LivePhotos";
+export { LiveVideo } from "./resources/LiveVideos";
+export { Check, CheckRequest } from "./resources/Checks";
+export { Report } from "./resources/Reports";
+export { Webhook, WebhookRequest } from "./resources/Webhooks";
+export { SdkTokenRequest } from "./resources/SdkTokens";
+export { Autofill, ExtractionResult } from "./resources/Autofill";

package/dist/index.es.js

@@ -0,0 +1,482 @@
+import axios from 'axios';
+import { PassThrough, Readable } from 'stream';
+
+var version = "2.1.1";
+
+class OnfidoError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "OnfidoError";
+    }
+}
+
+class OnfidoApiError extends OnfidoError {
+    constructor(message, responseBody, statusCode, type, fields) {
+        super(message);
+        this.name = "OnfidoApiError";
+        this.responseBody = responseBody;
+        this.statusCode = statusCode;
+        this.type = type;
+        this.fields = fields;
+    }
+    static fromResponse(responseBody, statusCode) {
+        const innerErrorData = responseBody instanceof Object ? responseBody.error : {};
+        const innerError = innerErrorData instanceof Object ? innerErrorData : {};
+        const type = `${innerError.type || "unknown"}`;
+        const message = `${innerError.message || responseBody}`;
+        const fields = innerError.fields;
+        const fullMessage = `${message} (status code ${statusCode})` +
+            (fields ? ` | ${JSON.stringify(fields)}` : "");
+        return new OnfidoApiError(fullMessage, responseBody, statusCode, type, fields);
+    }
+    isClientError() {
+        return this.statusCode < 500;
+    }
+}
+
+/*! *****************************************************************************
+Copyright (c) Microsoft Corporation. All rights reserved.
+Licensed under the Apache License, Version 2.0 (the "License"); you may not use
+this file except in compliance with the License. You may obtain a copy of the
+License at http://www.apache.org/licenses/LICENSE-2.0
+
+THIS CODE IS PROVIDED ON AN *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED
+WARRANTIES OR CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE,
+MERCHANTABLITY OR NON-INFRINGEMENT.
+
+See the Apache Version 2.0 License for specific language governing permissions
+and limitations under the License.
+***************************************************************************** */
+
+function __rest(s, e) {
+    var t = {};
+    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
+        t[p] = s[p];
+    if (s != null && typeof Object.getOwnPropertySymbols === "function")
+        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
+            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
+                t[p[i]] = s[p[i]];
+        }
+    return t;
+}
+
+// Using require because "form-data" exports this object as a default export which breaks integration when esModuleInterop: false
+// tslint:disable-next-line: no-var-requires
+const FormData = require("form-data");
+const snakeCase = (camelCaseString) => camelCaseString.replace(/[A-Z]/g, char => `_${char.toLowerCase()}`);
+const camelCase = (snakeCaseString) => snakeCaseString
+    .replace(/_[0-9]/g, underscoreDigit => underscoreDigit[1])
+    .replace(/_[a-z]/g, underscoreChar => underscoreChar[1].toUpperCase());
+const deepMapObjectKeys = (value, f) => {
+    if (!(value instanceof Object)) {
+        return value;
+    }
+    else if (Array.isArray(value)) {
+        return value.map(item => deepMapObjectKeys(item, f));
+    }
+    else {
+        return Object.keys(value).reduce((acc, key) => {
+            acc[f(key)] = deepMapObjectKeys(value[key], f);
+            return acc;
+        }, {});
+    }
+};
+const convertObjectToSnakeCase = (requestBody) => {
+    // Converting to JSON and back first handles things like dates, circular references etc.
+    requestBody = JSON.parse(JSON.stringify(requestBody));
+    return deepMapObjectKeys(requestBody, snakeCase);
+};
+const convertObjectToCamelCase = (responseBody) => deepMapObjectKeys(responseBody, camelCase);
+const toFormData = (object) => {
+    return Object.entries(object).reduce((formData, [key, value]) => {
+        if (value instanceof Object && "contents" in value) {
+            const _a = value, { contents } = _a, options = __rest(_a, ["contents"]);
+            formData.append(snakeCase(key), contents, options);
+        }
+        else if (value !== undefined && value !== null) {
+            formData.append(snakeCase(key), value);
+        }
+        return formData;
+    }, new FormData());
+};
+
+class OnfidoDownload {
+    constructor(incomingMessage) {
+        this.incomingMessage = incomingMessage;
+    }
+    asStream() {
+        // Use a PassThrough stream so the IncomingMessage isn't exposed.
+        const passThroughStream = new PassThrough();
+        this.incomingMessage.pipe(passThroughStream);
+        return passThroughStream;
+    }
+    get contentType() {
+        return this.incomingMessage.headers["content-type"];
+    }
+}
+
+var Method;
+(function (Method) {
+    Method["GET"] = "get";
+    Method["POST"] = "post";
+    Method["PUT"] = "put";
+    Method["DELETE"] = "delete";
+})(Method || (Method = {}));
+const isJson = (response) => (response.headers["content-type"] || "").includes("application/json");
+const readFullStream = (stream) => new Promise((resolve) => {
+    let all = "";
+    stream.on("data", data => (all += data));
+    stream.on("error", () => resolve("An error occurred reading the response"));
+    stream.on("end", () => {
+        // Try to parse as JSON, but fall back to just returning the raw text.
+        try {
+            resolve(JSON.parse(all));
+        }
+        catch (_a) {
+            resolve(all);
+        }
+    });
+});
+const convertAxiosErrorToOnfidoError = async (error) => {
+    if (!error.response) {
+        return new OnfidoError(error.message || "An unknown error occurred making the request");
+    }
+    // Received a 4XX or 5XX response.
+    const response = error.response;
+    const data = response.data;
+    // If we were downloading a file, we will have a stream instead of a string.
+    const body = data instanceof Readable ? await readFullStream(data) : data;
+    return OnfidoApiError.fromResponse(body, response.status);
+};
+const handleResponse = async (request) => {
+    try {
+        const response = await request;
+        const data = response.data;
+        return isJson(response) ? convertObjectToCamelCase(data) : data;
+    }
+    catch (error) {
+        throw await convertAxiosErrorToOnfidoError(error);
+    }
+};
+class Resource {
+    constructor(name, axiosInstance) {
+        this.name = name;
+        this.axiosInstance = axiosInstance;
+    }
+    async request({ method, path = "", body, query }) {
+        const request = this.axiosInstance({
+            method,
+            url: `${this.name}/${path}`,
+            data: body && convertObjectToSnakeCase(body),
+            params: query && convertObjectToSnakeCase(query)
+        });
+        return handleResponse(request);
+    }
+    async upload(body) {
+        const formData = toFormData(body);
+        const request = this.axiosInstance({
+            method: Method.POST,
+            url: `${this.name}/`,
+            data: formData,
+            headers: formData.getHeaders()
+        });
+        return handleResponse(request);
+    }
+    async download(path) {
+        const request = this.axiosInstance({
+            method: Method.GET,
+            url: `${this.name}/${path}`,
+            responseType: "stream",
+            // Accept a response with any content type (e.g. image/png, application/pdf, video/mp4)
+            headers: { Accept: "*/*" }
+        });
+        const stream = await handleResponse(request);
+        return new OnfidoDownload(stream);
+    }
+}
+
+class Addresses extends Resource {
+    constructor(axiosInstance) {
+        super("addresses", axiosInstance);
+    }
+    async pick(postcode) {
+        const { addresses } = await this.request({
+            method: Method.GET,
+            path: "pick",
+            query: { postcode }
+        });
+        return addresses;
+    }
+}
+
+class Applicants extends Resource {
+    constructor(axiosInstance) {
+        super("applicants", axiosInstance);
+    }
+    async create(applicantRequest) {
+        return this.request({ method: Method.POST, body: applicantRequest });
+    }
+    async find(id) {
+        return this.request({ method: Method.GET, path: id });
+    }
+    async update(id, applicantRequest) {
+        return this.request({
+            method: Method.PUT,
+            path: id,
+            body: applicantRequest
+        });
+    }
+    async delete(id) {
+        await this.request({ method: Method.DELETE, path: id });
+    }
+    async restore(id) {
+        await this.request({ method: Method.POST, path: `${id}/restore` });
+    }
+    async list({ page, perPage, includeDeleted } = {}) {
+        const { applicants } = await this.request({
+            method: Method.GET,
+            query: { page, perPage, includeDeleted }
+        });
+        return applicants;
+    }
+}
+
+class Autofill extends Resource {
+    constructor(axiosInstance) {
+        super("extractions", axiosInstance);
+    }
+    async perform(documentId) {
+        return this.request({
+            method: Method.POST,
+            body: { documentId }
+        });
+    }
+}
+
+class Checks extends Resource {
+    constructor(axiosInstance) {
+        super("checks", axiosInstance);
+    }
+    async create(checkRequest) {
+        return this.request({ method: Method.POST, body: checkRequest });
+    }
+    async find(id) {
+        return this.request({ method: Method.GET, path: id });
+    }
+    async list(applicantId) {
+        const { checks } = await this.request({
+            method: Method.GET,
+            query: { applicantId }
+        });
+        return checks;
+    }
+    async resume(id) {
+        await this.request({ method: Method.POST, path: `${id}/resume` });
+    }
+    async download(id) {
+        return super.download(`${id}/download`);
+    }
+}
+
+class Documents extends Resource {
+    constructor(axiosInstance) {
+        super("documents", axiosInstance);
+    }
+    async upload(documentRequest) {
+        return super.upload(documentRequest);
+    }
+    async download(id) {
+        return super.download(`${id}/download`);
+    }
+    async find(id) {
+        return this.request({ method: Method.GET, path: id });
+    }
+    async list(applicantId) {
+        const { documents } = await this.request({
+            method: Method.GET,
+            query: { applicantId }
+        });
+        return documents;
+    }
+}
+
+class LivePhotos extends Resource {
+    constructor(axiosInstance) {
+        super("live_photos", axiosInstance);
+    }
+    async upload(livePhotoRequest) {
+        return super.upload(livePhotoRequest);
+    }
+    async download(id) {
+        return super.download(`${id}/download`);
+    }
+    async find(id) {
+        return this.request({ method: Method.GET, path: id });
+    }
+    async list(applicantId) {
+        const { livePhotos } = await this.request({
+            method: Method.GET,
+            query: { applicantId }
+        });
+        return livePhotos;
+    }
+}
+
+class LiveVideos extends Resource {
+    constructor(axiosInstance) {
+        super("live_videos", axiosInstance);
+    }
+    async download(id) {
+        return super.download(`${id}/download`);
+    }
+    async frame(id) {
+        return super.download(`${id}/frame`);
+    }
+    async find(id) {
+        return this.request({ method: Method.GET, path: id });
+    }
+    async list(applicantId) {
+        const { liveVideos } = await this.request({
+            method: Method.GET,
+            query: { applicantId }
+        });
+        return liveVideos;
+    }
+}
+
+class Reports extends Resource {
+    constructor(axiosInstance) {
+        super("reports", axiosInstance);
+    }
+    async find(id) {
+        return this.request({ method: Method.GET, path: id });
+    }
+    async list(checkId) {
+        const { reports } = await this.request({
+            method: Method.GET,
+            query: { checkId }
+        });
+        return reports;
+    }
+    async resume(id) {
+        await this.request({ method: Method.POST, path: `${id}/resume` });
+    }
+    async cancel(id) {
+        await this.request({ method: Method.POST, path: `${id}/cancel` });
+    }
+}
+
+class SdkTokens extends Resource {
+    constructor(axiosInstance) {
+        super("sdk_token", axiosInstance);
+    }
+    async generate(sdkTokenRequest) {
+        const { token } = await this.request({
+            method: Method.POST,
+            body: sdkTokenRequest
+        });
+        return token;
+    }
+}
+
+class Webhooks extends Resource {
+    constructor(axiosInstance) {
+        super("webhooks", axiosInstance);
+    }
+    async create(webhookRequest) {
+        return this.request({ method: Method.POST, body: webhookRequest });
+    }
+    async find(id) {
+        return this.request({ method: Method.GET, path: id });
+    }
+    async update(id, webhookRequest) {
+        return this.request({
+            method: Method.PUT,
+            path: id,
+            body: webhookRequest
+        });
+    }
+    async delete(id) {
+        await this.request({ method: Method.DELETE, path: id });
+    }
+    async list() {
+        const { webhooks } = await this.request({ method: Method.GET });
+        return webhooks;
+    }
+}
+
+var Region;
+(function (Region) {
+    Region["EU"] = "EU";
+    Region["US"] = "US";
+    Region["CA"] = "CA";
+})(Region || (Region = {}));
+class Onfido {
+    constructor({ apiToken, region, timeout = 30000, unknownApiUrl }) {
+        if (!apiToken) {
+            throw new Error("No apiToken provided");
+        }
+        if (!region || !Object.values(Region).includes(region)) {
+            throw new Error(`Unknown or missing region '${region}'. ` +
+                "We previously defaulted to region 'EU', so if you previously didn’t " +
+                "set a region or used api.onfido.com, please set your region to 'EU'");
+        }
+        const regionUrl = `https://api.${region.toLowerCase()}.onfido.com/v3.2/`;
+        this.axiosInstance = axios.create({
+            baseURL: unknownApiUrl || regionUrl,
+            headers: {
+                Authorization: `Token token=${apiToken}`,
+                Accept: "application/json",
+                "User-Agent": `onfido-node/${version}`
+            },
+            timeout
+        });
+        // Core resources
+        this.applicant = new Applicants(this.axiosInstance);
+        this.document = new Documents(this.axiosInstance);
+        this.livePhoto = new LivePhotos(this.axiosInstance);
+        this.liveVideo = new LiveVideos(this.axiosInstance);
+        this.check = new Checks(this.axiosInstance);
+        this.report = new Reports(this.axiosInstance);
+        // Other endpoints
+        this.address = new Addresses(this.axiosInstance);
+        this.webhook = new Webhooks(this.axiosInstance);
+        this.sdkToken = new SdkTokens(this.axiosInstance);
+        this.autofill = new Autofill(this.axiosInstance);
+    }
+}
+
+// Require crypto instead of importing, because Node can be built without crypto support.
+let crypto;
+try {
+    // tslint:disable-next-line: no-var-requires
+    crypto = require("crypto");
+}
+catch (_a) {
+    // We throw an error when verifying webhooks instead.
+}
+class WebhookEventVerifier {
+    constructor(webhookToken) {
+        this.webhookToken = webhookToken;
+    }
+    readPayload(rawEventBody, hexSignature) {
+        if (!crypto) {
+            throw new Error("Verifying webhook events requires crypto support");
+        }
+        const givenSignature = Buffer.from(hexSignature, "hex");
+        // Compute the the actual HMAC signature from the raw request body.
+        const hmac = crypto.createHmac("sha256", this.webhookToken);
+        hmac.update(rawEventBody);
+        const eventSignature = hmac.digest();
+        // Use timingSafeEqual to prevent against timing attacks.
+        if (!crypto.timingSafeEqual(givenSignature, eventSignature)) {
+            throw new OnfidoError("Invalid signature for webhook event");
+        }
+        const { payload } = JSON.parse(rawEventBody.toString());
+        return convertObjectToCamelCase(payload);
+    }
+}
+
+export { Autofill, Onfido, OnfidoApiError, OnfidoDownload, OnfidoError, Region, WebhookEventVerifier };
+//# sourceMappingURL=index.es.js.map