npm - @phygitallabs/phygital-consent - Versions diffs - 1.0.1 → 1.0.3 - Mend

@phygitallabs/phygital-consent 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/index.cjs +1 -1
package/dist/index.cjs.map +1 -1
package/dist/index.d.mts +21 -6
package/dist/index.d.ts +21 -6
package/dist/index.js +1 -1
package/dist/index.js.map +1 -1
package/dist/phygital-consent.css +31 -20
package/package.json +1 -1
package/src/components/CookieConsentBanner.tsx +397 -152
package/src/env/constant.ts +6 -0
package/src/helpers/index.ts +1 -0
package/src/helpers/sha256.ts +176 -0
package/src/hooks/useConsent.ts +29 -8
package/src/provider/PhygitalConsentProvider.tsx +5 -2

package/src/helpers/sha256.ts ADDED Viewed

@@ -0,0 +1,176 @@
+/**
+ * Hash user_id or device_id with SHA-256 for the two POST consent hooks
+ * (createUserConsent, createDeviceCookieConsent).
+ * Input: string, encoded as UTF-8 before hashing.
+ * Output: lowercase hex string.
+ * Uses Web Crypto when available; falls back to pure-JS SHA-256 for old devices.
+ */
+/** Encode hash digest bytes as lowercase hex string. */
+function arrayBufferToHex(buffer: ArrayBuffer): string {
+  return Array.from(new Uint8Array(buffer))
+    .map((b) => b.toString(16).padStart(2, "0"))
+    .join("")
+    .toLowerCase();
+}
+/**
+ * SHA-256 via Web Crypto (modern browsers, Node 19+).
+ * Input encoded as UTF-8; output lowercase hex.
+ */
+async function sha256WebCrypto(value: string): Promise<string> {
+  const utf8 = new TextEncoder().encode(value);
+  const hashBuffer = await crypto.subtle.digest("SHA-256", utf8);
+  return arrayBufferToHex(hashBuffer);
+}
+/**
+ * Pure-JS SHA-256 fallback for environments without crypto.subtle
+ * (e.g. old browsers, insecure context, Node < 19).
+ * Input encoded as UTF-8; output lowercase hex.
+ */
+function sha256Fallback(value: string): string {
+  const bytes = utf8Encode(value);
+  const K = getK();
+  const H = getH();
+  const W = new Uint32Array(64);
+  const numBlocks = bytes.length >> 6;
+  for (let block = 0; block < numBlocks; block++) {
+    const start = block << 6;
+    for (let i = 0; i < 16; i++) {
+      const o = start + (i << 2);
+      W[i] =
+        (bytes[o]! << 24) |
+        (bytes[o + 1]! << 16) |
+        (bytes[o + 2]! << 8) |
+        bytes[o + 3]!;
+    }
+    for (let i = 16; i < 64; i++) {
+      const s0 = rotr(W[i - 15]!, 7) ^ rotr(W[i - 15]!, 18) ^ (W[i - 15]! >>> 3);
+      const s1 = rotr(W[i - 2]!, 17) ^ rotr(W[i - 2]!, 19) ^ (W[i - 2]! >>> 10);
+      W[i] = (W[i - 16]! + s0 + W[i - 7]! + s1) >>> 0;
+    }
+    let a = H[0]!,
+      b = H[1]!,
+      c = H[2]!,
+      d = H[3]!,
+      e = H[4]!,
+      f = H[5]!,
+      g = H[6]!,
+      h = H[7]!;
+    for (let i = 0; i < 64; i++) {
+      const S1 = rotr(e, 6) ^ rotr(e, 11) ^ rotr(e, 25);
+      const ch = (e & f) ^ (~e & g);
+      const t1 = (h + S1 + ch + K[i]! + W[i]!) >>> 0;
+      const S0 = rotr(a, 2) ^ rotr(a, 13) ^ rotr(a, 22);
+      const maj = (a & b) ^ (a & c) ^ (b & c);
+      const t2 = (S0 + maj) >>> 0;
+      h = g;
+      g = f;
+      f = e;
+      e = (d + t1) >>> 0;
+      d = c;
+      c = b;
+      b = a;
+      a = (t1 + t2) >>> 0;
+    }
+    H[0] = (H[0]! + a) >>> 0;
+    H[1] = (H[1]! + b) >>> 0;
+    H[2] = (H[2]! + c) >>> 0;
+    H[3] = (H[3]! + d) >>> 0;
+    H[4] = (H[4]! + e) >>> 0;
+    H[5] = (H[5]! + f) >>> 0;
+    H[6] = (H[6]! + g) >>> 0;
+    H[7] = (H[7]! + h) >>> 0;
+  }
+  let out = "";
+  for (let i = 0; i < 8; i++) {
+    const v = H[i]!;
+    out +=
+      (v >>> 28).toString(16) +
+      ((v >>> 24) & 0xf).toString(16) +
+      ((v >>> 20) & 0xf).toString(16) +
+      ((v >>> 16) & 0xf).toString(16) +
+      ((v >>> 12) & 0xf).toString(16) +
+      ((v >>> 8) & 0xf).toString(16) +
+      ((v >>> 4) & 0xf).toString(16) +
+      (v & 0xf).toString(16);
+  }
+  return out.toLowerCase();
+}
+function rotr(n: number, b: number): number {
+  return (n >>> b) | (n << (32 - b));
+}
+/** Encode string to UTF-8 bytes (with SHA-256 padding for block processing). */
+function utf8Encode(s: string): Uint8Array {
+  const n = s.length;
+  const bytes: number[] = [];
+  for (let i = 0; i < n; i++) {
+    let c = s.charCodeAt(i);
+    if (c < 0x80) {
+      bytes.push(c);
+    } else if (c < 0x800) {
+      bytes.push(0xc0 | (c >> 6), 0x80 | (c & 0x3f));
+    } else if (c < 0xd800 || c >= 0xe000) {
+      bytes.push(0xe0 | (c >> 12), 0x80 | ((c >> 6) & 0x3f), 0x80 | (c & 0x3f));
+    } else {
+      c = 0x10000 + (((c & 0x3ff) << 10) | (s.charCodeAt(++i) & 0x3ff));
+      bytes.push(
+        0xf0 | (c >> 18),
+        0x80 | ((c >> 12) & 0x3f),
+        0x80 | ((c >> 6) & 0x3f),
+        0x80 | (c & 0x3f)
+      );
+    }
+  }
+  const len = bytes.length;
+  const pad = (64 - ((len + 9) % 64)) % 64;
+  const total = len + 9 + pad;
+  const out = new Uint8Array(total);
+  out.set(bytes);
+  out[len] = 0x80;
+  const view = new DataView(out.buffer, out.byteOffset, out.byteLength);
+  view.setUint32(total - 8, 0, false);
+  view.setUint32(total - 4, (len * 8) >>> 0, false);
+  return out;
+}
+function getK(): number[] {
+  const k: number[] = [];
+  const hex =
+    "428a2f98 71374491 b5c0fbcf e9b5dba5 3956c25b 59f111f1 923f82a4 ab1c5ed5 d807aa98 12835b01 243185be 550c7dc3 72be5d74 80deb1fe 9bdc06a7 c19bf174 e49b69c1 efbe4786 0fc19dc6 240ca1cc 2de92c6f 4a7484aa 5cb0a9dc 76f988da 983e5152 a831c66d b00327c8 bf597fc7 c6e00bf3 d5a79147 06ca6351 14292967 27b70a85 2e1b2138 4d2c6dfc 53380d13 650a7354 766a0abb 81c2c92e 92722c85 a2bfe8a1 a81a664b c24b8b70 c76c51a3 d192e819 d6990624 f40e3585 106aa070 19a4c116 1e376c08 2748774c 34b0bcb5 391c0cb3 4ed8aa4a 5b9cca4f 682e6ff3 748f82ee 78a5636f 84c87814 8cc70208 90befffa a4506ceb bef9a3f7 c67178f2";
+  hex.split(" ").forEach((h) => k.push(parseInt(h, 16)));
+  return k;
+}
+function getH(): number[] {
+  return [
+    0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c,
+    0x1f83d9ab, 0x5be0cd19,
+  ];
+}
+function hasWebCrypto(): boolean {
+  if (typeof crypto === "undefined" || !crypto.subtle) return false;
+  return true;
+}
+/**
+ * Hash a string with SHA-256.
+ * Input: encoded as UTF-8. Output: lowercase hex string.
+ * Use for user_id and device_id before calling createUserConsent / createDeviceCookieConsent.
+ * Uses Web Crypto when available; falls back to pure-JS for old devices (no crypto.subtle).
+ */
+export async function sha256(value: string): Promise<string> {
+  if (typeof value !== "string" || value.length === 0) {
+    return value;
+  }
+  if (hasWebCrypto()) {
+    return sha256WebCrypto(value);
+  }
+  return Promise.resolve(sha256Fallback(value));
+}

package/src/hooks/useConsent.ts CHANGED Viewed

@@ -5,8 +5,9 @@ import {
   UseQueryOptions,
   UseMutationOptions,
 } from "@tanstack/react-query";
-import { useConsentService } from "../provider/ConsentServiceProvider";
 import { consentService } from "../api/consent";
+import { sha256 } from "../helpers/sha256";
+import { useConsentService } from "../provider/ConsentServiceProvider";
 import type {
   GetManyConsentParams,
   GetManyConsentResponse,
@@ -83,7 +84,7 @@ export const useConsentById = (
   });
 };
-/** Get latest consent for a user – GET /consent/v1/user-id */
+/** Get latest consent for a user – GET /consent/v1/user-id (user_id hashed before send) */
 export const useLatestConsentByUserId = (
   params: GetLatestConsentByUserIdParams,
   options?: UseQueryOptions<GetLatestConsentByUserIdResponse>
@@ -93,13 +94,16 @@ export const useLatestConsentByUserId = (
   return useQuery<GetLatestConsentByUserIdResponse>({
     queryKey: consentQueryKeys.latestByUserId(params.user_id),
-    queryFn: () => service.getLatestConsentByUserId(params),
+    queryFn: async () => {
+      const user_id = await sha256(params.user_id);
+      return service.getLatestConsentByUserId({ user_id });
+    },
     enabled: !!params.user_id,
     ...options,
   });
 };
-/** Get latest cookie consent for a device – GET /consent/v1/cookies/device-id */
+/** Get latest cookie consent for a device – GET /consent/v1/cookies/device-id (device_id hashed before send) */
 export const useLatestCookieConsentByDeviceId = (
   params: GetLatestCookieConsentByDeviceIdParams,
   options?: UseQueryOptions<GetLatestCookieConsentByDeviceIdResponse>
@@ -109,7 +113,10 @@ export const useLatestCookieConsentByDeviceId = (
   return useQuery<GetLatestCookieConsentByDeviceIdResponse>({
     queryKey: consentQueryKeys.latestCookieByDeviceId(params.device_id),
-    queryFn: () => service.getLatestCookieConsentByDeviceId(params),
+    queryFn: async () => {
+      const device_id = await sha256(params.device_id);
+      return service.getLatestCookieConsentByDeviceId({ device_id });
+    },
     enabled: !!params.device_id,
     ...options,
   });
@@ -130,7 +137,16 @@ export const useCreateUserConsent = (
   const service = consentService(consentApi);
   return useMutation<CreateUserConsentResponse, Error, CreateUserConsentUpsertDTO>({
-    mutationFn: (body: CreateUserConsentUpsertDTO) => service.createUserConsent(body),
+    mutationFn: async (body: CreateUserConsentUpsertDTO) => {
+      const payload = { ...body };
+      if (body.user_id != null && body.user_id !== "") {
+        payload.user_id = await sha256(body.user_id);
+      }
+      if (body.device_id != null && body.device_id !== "") {
+        payload.device_id = await sha256(body.device_id);
+      }
+      return service.createUserConsent(payload);
+    },
     onSuccess: (
       _data: CreateUserConsentResponse,
       variables: CreateUserConsentUpsertDTO
@@ -163,8 +179,13 @@ export const useCreateDeviceCookieConsent = (
     Error,
     CreateDeviceCookieConsentUpsertDTO
   >({
-    mutationFn: (body: CreateDeviceCookieConsentUpsertDTO) =>
-      service.createDeviceCookieConsent(body),
+    mutationFn: async (body: CreateDeviceCookieConsentUpsertDTO) => {
+      const payload = {
+        ...body,
+        device_id: await sha256(body.device_id),
+      };
+      return service.createDeviceCookieConsent(payload);
+    },
     onSuccess: (
       _data: CreateDeviceCookieConsentResponse,
       variables: CreateDeviceCookieConsentUpsertDTO

package/src/provider/PhygitalConsentProvider.tsx CHANGED Viewed

@@ -5,6 +5,7 @@ import { getConsentPreferenceCookie } from "../helpers/cookie";
 import { ConsentServiceProvider, ConsentServiceProviderProps } from "./ConsentServiceProvider";
 export interface PhygitalConsentContextValue {
+  deviceId: string;
   /** True when cookie phygital_cookie_consent exists and has valid deviceId + selected_preferences. Use to show/hide cookie banner. */
   hasConsentPreference: boolean;
   /** Re-read cookie and update hasConsentPreference. Call after storing preference (e.g. from CookieConsentBanner onSuccess). */
@@ -14,6 +15,7 @@ export interface PhygitalConsentContextValue {
 const PhygitalConsentContext = createContext<PhygitalConsentContextValue | undefined>(undefined);
 export interface PhygitalConsentProviderProps extends ConsentServiceProviderProps {
+  deviceId: string;
   children: React.ReactNode;
 }
@@ -23,7 +25,7 @@ export interface PhygitalConsentProviderProps extends ConsentServiceProviderProp
  * the cookie banner based on whether the user has already chosen a preference.
  */
 export function PhygitalConsentProvider(props: PhygitalConsentProviderProps) {
-  const { children, ...consentServiceProps } = props;
+  const { children, deviceId,  ...consentServiceProps } = props;
   const [hasConsentPreference, setHasConsentPreference] = useState(false);
   const refreshConsentPreference = useCallback(() => {
@@ -34,8 +36,9 @@ export function PhygitalConsentProvider(props: PhygitalConsentProviderProps) {
   useEffect(() => {
     refreshConsentPreference();
   }, [refreshConsentPreference]);
   const value: PhygitalConsentContextValue = {
+    deviceId,
     hasConsentPreference,
     refreshConsentPreference,
   };