npm - @polyguard/sdk - Versions diffs - 1.5.0 → 1.5.1 - Mend

@polyguard/sdk 1.5.0 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (134) hide show

package/LICENSE +200 -0
package/README.md +328 -0
package/package.json +7 -3
package/coverage/base.css +0 -224
package/coverage/block-navigation.js +0 -87
package/coverage/clover.xml +0 -268
package/coverage/coverage-final.json +0 -8
package/coverage/favicon.png +0 -0
package/coverage/index.html +0 -131
package/coverage/prettify.css +0 -1
package/coverage/prettify.js +0 -2
package/coverage/sort-arrow-sprite.png +0 -0
package/coverage/sorter.js +0 -210
package/coverage/src/PolyguardClient.js.html +0 -160
package/coverage/src/PolyguardWebsocketClientImpl.js.html +0 -634
package/coverage/src/__tests__/helpers/fixtures.js.html +0 -166
package/coverage/src/__tests__/helpers/index.html +0 -131
package/coverage/src/__tests__/helpers/mockWebSocket.js.html +0 -283
package/coverage/src/index.html +0 -176
package/coverage/src/messageHandler.js.html +0 -448
package/coverage/src/ticketService.js.html +0 -157
package/coverage/src/ui.js.html +0 -349
package/dist/sdk.global.js +0 -11256
package/scripts/regenerate-client.sh +0 -59
package/src/PolyguardClient.js +0 -25
package/src/PolyguardWebsocketClientImpl.js +0 -198
package/src/__tests__/PolyguardClient.test.js +0 -65
package/src/__tests__/PolyguardWebsocketClientImpl.test.js +0 -617
package/src/__tests__/helpers/fixtures.js +0 -27
package/src/__tests__/helpers/mockWebSocket.js +0 -66
package/src/__tests__/server.test.js +0 -148
package/src/__tests__/sidebar.test.js +0 -289
package/src/browser.js +0 -9
package/src/generated/.babelrc +0 -33
package/src/generated/.openapi-generator/FILES +0 -63
package/src/generated/.openapi-generator/VERSION +0 -1
package/src/generated/.openapi-generator-ignore +0 -23
package/src/generated/.travis.yml +0 -5
package/src/generated/README.md +0 -211
package/src/generated/docs/ApiControllersPslStirCallRequest.md +0 -18
package/src/generated/docs/ApiModelsApiCallModelsCallRequest.md +0 -12
package/src/generated/docs/AppId.md +0 -8
package/src/generated/docs/AppleApi.md +0 -88
package/src/generated/docs/AuthApi.md +0 -1464
package/src/generated/docs/BlockingApi.md +0 -208
package/src/generated/docs/CallsApi.md +0 -140
package/src/generated/docs/Certainty.md +0 -8
package/src/generated/docs/CreateLinkRequest.md +0 -12
package/src/generated/docs/DefaultApi.md +0 -128
package/src/generated/docs/HTTPValidationError.md +0 -9
package/src/generated/docs/InviteRequestModel.md +0 -10
package/src/generated/docs/JWTRequest.md +0 -11
package/src/generated/docs/LinksApi.md +0 -162
package/src/generated/docs/NumberVerification.md +0 -10
package/src/generated/docs/SdkApi.md +0 -54
package/src/generated/docs/SecureLinksApi.md +0 -614
package/src/generated/docs/StartAttestationRequest.md +0 -9
package/src/generated/docs/StartMeetingRequest.md +0 -9
package/src/generated/docs/StirApi.md +0 -52
package/src/generated/docs/TwilioApi.md +0 -138
package/src/generated/docs/UsersApi.md +0 -362
package/src/generated/docs/ValidationError.md +0 -11
package/src/generated/docs/ValidationErrorLocInner.md +0 -8
package/src/generated/docs/VeriffApi.md +0 -188
package/src/generated/docs/VeriffSessionRequest.md +0 -10
package/src/generated/docs/VerifyRequest.md +0 -10
package/src/generated/docs/WellKnownApi.md +0 -128
package/src/generated/docs/ZoomApi.md +0 -848
package/src/generated/git_push.sh +0 -57
package/src/generated/mocha.opts +0 -1
package/src/generated/package.json +0 -46
package/src/generated/src/ApiClient.js +0 -677
package/src/generated/src/api/AppleApi.js +0 -109
package/src/generated/src/api/AuthApi.js +0 -1512
package/src/generated/src/api/BlockingApi.js +0 -217
package/src/generated/src/api/CallsApi.js +0 -164
package/src/generated/src/api/DefaultApi.js +0 -145
package/src/generated/src/api/LinksApi.js +0 -195
package/src/generated/src/api/SdkApi.js +0 -81
package/src/generated/src/api/SecureLinksApi.js +0 -670
package/src/generated/src/api/StirApi.js +0 -80
package/src/generated/src/api/TwilioApi.js +0 -158
package/src/generated/src/api/UsersApi.js +0 -375
package/src/generated/src/api/VeriffApi.js +0 -209
package/src/generated/src/api/WellKnownApi.js +0 -145
package/src/generated/src/api/ZoomApi.js +0 -823
package/src/generated/src/index.js +0 -244
package/src/generated/src/model/ApiControllersPslStirCallRequest.js +0 -211
package/src/generated/src/model/ApiModelsApiCallModelsCallRequest.js +0 -119
package/src/generated/src/model/CreateLinkRequest.js +0 -131
package/src/generated/src/model/HTTPValidationError.js +0 -94
package/src/generated/src/model/InviteRequestModel.js +0 -109
package/src/generated/src/model/JWTRequest.js +0 -113
package/src/generated/src/model/NumberVerification.js +0 -107
package/src/generated/src/model/StartAttestationRequest.js +0 -95
package/src/generated/src/model/StartMeetingRequest.js +0 -95
package/src/generated/src/model/ValidationError.js +0 -130
package/src/generated/src/model/VeriffSessionRequest.js +0 -107
package/src/generated/src/model/VerifyRequest.js +0 -109
package/src/generated/test/api/AppleApi.spec.js +0 -73
package/src/generated/test/api/AuthApi.spec.js +0 -353
package/src/generated/test/api/BlockingApi.spec.js +0 -103
package/src/generated/test/api/CallsApi.spec.js +0 -83
package/src/generated/test/api/DefaultApi.spec.js +0 -73
package/src/generated/test/api/LinksApi.spec.js +0 -83
package/src/generated/test/api/SdkApi.spec.js +0 -63
package/src/generated/test/api/SecureLinksApi.spec.js +0 -143
package/src/generated/test/api/StirApi.spec.js +0 -63
package/src/generated/test/api/TwilioApi.spec.js +0 -83
package/src/generated/test/api/UsersApi.spec.js +0 -133
package/src/generated/test/api/VeriffApi.spec.js +0 -93
package/src/generated/test/api/WellKnownApi.spec.js +0 -83
package/src/generated/test/api/ZoomApi.spec.js +0 -213
package/src/generated/test/model/ApiControllersPslStirCallRequest.spec.js +0 -119
package/src/generated/test/model/ApiModelsApiCallModelsCallRequest.spec.js +0 -83
package/src/generated/test/model/AppId.spec.js +0 -59
package/src/generated/test/model/Certainty.spec.js +0 -59
package/src/generated/test/model/CreateLinkRequest.spec.js +0 -83
package/src/generated/test/model/HTTPValidationError.spec.js +0 -65
package/src/generated/test/model/InviteRequestModel.spec.js +0 -71
package/src/generated/test/model/JWTRequest.spec.js +0 -77
package/src/generated/test/model/NumberVerification.spec.js +0 -71
package/src/generated/test/model/StartAttestationRequest.spec.js +0 -65
package/src/generated/test/model/StartMeetingRequest.spec.js +0 -65
package/src/generated/test/model/ValidationError.spec.js +0 -77
package/src/generated/test/model/ValidationErrorLocInner.spec.js +0 -59
package/src/generated/test/model/VeriffSessionRequest.spec.js +0 -71
package/src/generated/test/model/VerifyRequest.spec.js +0 -71
package/src/index.js +0 -16
package/src/messageHandler.js +0 -121
package/src/server.js +0 -91
package/src/ticketService.js +0 -28
package/src/ui.js +0 -88
package/vitest.config.js +0 -10

package/src/__tests__/PolyguardWebsocketClientImpl.test.js DELETED Viewed

@@ -1,617 +0,0 @@
-import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
-import { buildFakeJwt, DEFAULT_PARAMS, mockTicketResponse } from './helpers/fixtures.js';
-import { MockReconnectingWebSocket } from './helpers/mockWebSocket.js';
-// ---- Module mocks (using vi.hoisted to avoid hoisting issues) ----
-const API_CLASS_NAMES = [
-  'BlockingApi', 'CallsApi', 'DefaultApi', 'LinksApi', 'SdkApi',
-  'SecureLinksApi', 'StirApi', 'TwilioApi', 'UsersApi', 'VeriffApi',
-  'WellKnownApi', 'ZoomApi',
-];
-// Use vi.hoisted so these are available when vi.mock factories run (which are hoisted)
-const { MockApiClient, generatedMock, mockQRCode } = vi.hoisted(() => {
-  class MockApiClient {
-    constructor() {
-      this.basePath = '';
-      this.authentications = { bearerAuth: { apiKey: null } };
-    }
-  }
-  const generatedMock = { ApiClient: MockApiClient };
-  const apiClassNames = [
-    'BlockingApi', 'CallsApi', 'DefaultApi', 'LinksApi', 'SdkApi',
-    'SecureLinksApi', 'StirApi', 'TwilioApi', 'UsersApi', 'VeriffApi',
-    'WellKnownApi', 'ZoomApi',
-  ];
-  for (const name of apiClassNames) {
-    generatedMock[name] = class {
-      constructor(apiClient) { this._apiClient = apiClient; }
-    };
-  }
-  const mockQRCode = {
-    toString: null, // will be set per-test via vi.fn()
-  };
-  return { MockApiClient, generatedMock, mockQRCode };
-});
-vi.mock('../generated/src', () => generatedMock);
-vi.mock('reconnecting-websocket', async () => {
-  // Import the actual mock class at runtime (not hoisted)
-  const { MockReconnectingWebSocket } = await import('./helpers/mockWebSocket.js');
-  return { default: MockReconnectingWebSocket };
-});
-vi.mock('qrcode', () => ({
-  default: mockQRCode,
-}));
-// Import after mocks
-const { PolyguardWebsocketClientImpl } = await import('../PolyguardWebsocketClientImpl.js');
-// ---- Helpers ----
-/** Flush microtasks/timers to let async code settle */
-async function flushMicrotasks() {
-  // Use a real setTimeout(0) to flush the microtask queue
-  await new Promise(resolve => setTimeout(resolve, 0));
-}
-/** Set up fetch mock that returns a valid ticket response */
-function stubFetch(ticket = 'test-ticket-123', ok = true) {
-  const mock = vi.fn().mockResolvedValue(mockTicketResponse(ticket, ok));
-  vi.stubGlobal('fetch', mock);
-  return mock;
-}
-/** Set window.location.protocol */
-function setProtocol(protocol) {
-  Object.defineProperty(window, 'location', {
-    value: { protocol, assign: vi.fn(), href: '' },
-    writable: true,
-    configurable: true,
-  });
-}
-/** Set navigator.userAgent */
-function setUserAgent(ua) {
-  Object.defineProperty(navigator, 'userAgent', {
-    value: ua,
-    writable: true,
-    configurable: true,
-  });
-}
-/**
- * Start verify and wait for the WebSocket to be created.
- * Returns { promise, ws }.
- */
-async function startVerifyAndGetWs(client, target = null, rawJwt = false) {
-  const promise = client.verify(target, rawJwt);
-  // Flush to let the async executor run through fetch + WS creation
-  await flushMicrotasks();
-  const ws = MockReconnectingWebSocket.latest();
-  return { promise, ws };
-}
-// ---- Tests ----
-describe('PolyguardWebsocketClientImpl', () => {
-  beforeEach(() => {
-    vi.clearAllMocks();
-    MockReconnectingWebSocket.reset();
-    setProtocol('https:');
-    setUserAgent('Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)');
-    stubFetch();
-    // Reset QRCode mock
-    mockQRCode.toString = vi.fn((data, opts, cb) => cb(null, '<svg>mock-qr</svg>'));
-  });
-  afterEach(() => {
-    vi.restoreAllMocks();
-    document.body.innerHTML = '';
-  });
-  // ---------- constructor ----------
-  describe('constructor', () => {
-    it('defaults requiredProofs to ["Full Name"]', () => {
-      const client = new PolyguardWebsocketClientImpl({ appId: 'x', apiServer: 'y' });
-      expect(client.requiredProofs).toEqual(['Full Name']);
-    });
-    it('defaults scanType to "single"', () => {
-      const client = new PolyguardWebsocketClientImpl({ appId: 'x', apiServer: 'y' });
-      expect(client.scanType).toBe('single');
-    });
-    it('stores custom requiredProofs', () => {
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS });
-      expect(client.requiredProofs).toEqual(['Full Name', 'Email']);
-    });
-    it('stores all params correctly', () => {
-      const params = {
-        ...DEFAULT_PARAMS,
-        redirectUrl: 'https://example.com/redirect',
-        callbackUrl: 'https://example.com/callback',
-        cookieName: 'pg_token',
-        link_uuid: 'link-abc',
-      };
-      const client = new PolyguardWebsocketClientImpl(params);
-      expect(client.appId).toBe(params.appId);
-      expect(client.apiServer).toBe(params.apiServer);
-      expect(client.scanType).toBe('single');
-      expect(client.redirectUrl).toBe(params.redirectUrl);
-      expect(client.callbackUrl).toBe(params.callbackUrl);
-      expect(client.cookieName).toBe(params.cookieName);
-      expect(client.link_uuid).toBe(params.link_uuid);
-    });
-    it('creates an ApiClient instance', () => {
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      expect(client.apiClient).toBeDefined();
-      expect(client.apiClient.authentications).toBeDefined();
-    });
-    it('sets basePath when baseUrl is provided', () => {
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, baseUrl: 'https://custom.api' });
-      expect(client.apiClient.basePath).toBe('https://custom.api');
-    });
-    it('throws when apiKey is provided in browser without iKnowThisIsInsecure flag', () => {
-      expect(() => new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, apiKey: 'my-key' })).toThrow(/apiKey is forbidden in browser code/);
-    });
-    it('accepts apiKey in browser with iKnowThisIsInsecure: true', () => {
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, apiKey: 'my-key', iKnowThisIsInsecure: true });
-      expect(client.apiClient.authentications.bearerAuth.apiKey).toBe('my-key');
-    });
-    it('also sets x-pg-api-key default header when apiKey is accepted', () => {
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, apiKey: 'my-key', iKnowThisIsInsecure: true });
-      expect(client.apiClient.defaultHeaders['x-pg-api-key']).toBe('my-key');
-    });
-    it('sets basePath from proxyUrl and strips trailing slash', () => {
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, proxyUrl: '/api/polyguard/' });
-      expect(client.apiClient.basePath).toBe('/api/polyguard');
-    });
-    it('proxyUrl takes precedence over baseUrl', () => {
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, proxyUrl: '/api/polyguard', baseUrl: 'https://other.api' });
-      expect(client.apiClient.basePath).toBe('/api/polyguard');
-    });
-    it('stores proxyUrl on the instance', () => {
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, proxyUrl: '/api/polyguard' });
-      expect(client.proxyUrl).toBe('/api/polyguard');
-    });
-    it('sets integrationType to websocket', () => {
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      expect(client.integrationType).toBe('websocket');
-    });
-    it('instantiates all 12 API service classes as lowercase-first properties', () => {
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      for (const name of API_CLASS_NAMES) {
-        const propName = name.charAt(0).toLowerCase() + name.slice(1);
-        expect(client[propName]).toBeDefined();
-        expect(client[propName]._apiClient).toBe(client.apiClient);
-      }
-    });
-    it('constructor with no params does not throw', () => {
-      expect(() => new PolyguardWebsocketClientImpl()).not.toThrow();
-    });
-  });
-  // ---------- buildModal ----------
-  describe('buildModal', () => {
-    let client;
-    let modal;
-    beforeEach(() => {
-      client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      modal = client.buildModal();
-    });
-    it('returns a div element', () => {
-      expect(modal.tagName).toBe('DIV');
-    });
-    it('is a fixed-position fullscreen overlay', () => {
-      expect(modal.style.position).toBe('fixed');
-      expect(modal.style.top).toBe('0px');
-      expect(modal.style.left).toBe('0px');
-      expect(modal.style.width).toBe('100vw');
-      expect(modal.style.height).toBe('100vh');
-    });
-    it('contains close button', () => {
-      expect(modal.querySelector('#polyguard-modal-close')).not.toBeNull();
-    });
-    it('contains QR div', () => {
-      expect(modal.querySelector('#polyguard-qr')).not.toBeNull();
-    });
-    it('contains cancel button', () => {
-      expect(modal.querySelector('#polyguard-modal-cancel')).not.toBeNull();
-    });
-    it('contains error div that is initially hidden', () => {
-      const errDiv = modal.querySelector('#polyguard-error');
-      expect(errDiv).not.toBeNull();
-      expect(errDiv.style.display).toBe('none');
-    });
-    it('contains modal content wrapper', () => {
-      expect(modal.querySelector('#polyguard-modal-content')).not.toBeNull();
-    });
-  });
-  // ---------- verify - ticket fetch ----------
-  describe('verify - ticket fetch', () => {
-    it('builds ticket URL without link_uuid', async () => {
-      const fetchMock = stubFetch();
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      expect(fetchMock).toHaveBeenCalled();
-      const url = fetchMock.mock.calls[0][0];
-      expect(url).toBe(`https://${DEFAULT_PARAMS.apiServer}/v2/ticket/${DEFAULT_PARAMS.appId}`);
-      if (ws) ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('builds ticket URL with link_uuid', async () => {
-      const fetchMock = stubFetch();
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, link_uuid: 'link-123' });
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      expect(fetchMock).toHaveBeenCalled();
-      const url = fetchMock.mock.calls[0][0];
-      expect(url).toBe(`https://${DEFAULT_PARAMS.apiServer}/v2/ticket/${DEFAULT_PARAMS.appId}/link-123`);
-      if (ws) ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('builds ticket URL through proxyUrl when set, bypassing apiServer', async () => {
-      const fetchMock = stubFetch();
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, proxyUrl: '/api/polyguard' });
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      const url = fetchMock.mock.calls[0][0];
-      expect(url).toBe(`/api/polyguard/v2/ticket/${DEFAULT_PARAMS.appId}`);
-      if (ws) ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('still uses apiServer for WebSocket upgrade even when proxyUrl is set', async () => {
-      stubFetch();
-      const client = new PolyguardWebsocketClientImpl({ ...DEFAULT_PARAMS, proxyUrl: '/api/polyguard' });
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      expect(ws.url).toBe(`wss://${DEFAULT_PARAMS.apiServer}/v2/realtime/test-ticket-123`);
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('sends POST with requiredProofs and scanType in body', async () => {
-      const fetchMock = stubFetch();
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      expect(fetchMock).toHaveBeenCalled();
-      const opts = fetchMock.mock.calls[0][1];
-      expect(opts.method).toBe('POST');
-      expect(opts.headers['Content-Type']).toBe('application/json');
-      const body = JSON.parse(opts.body);
-      expect(body.requiredProofs).toEqual(DEFAULT_PARAMS.requiredProofs);
-      expect(body.scanType).toBe(DEFAULT_PARAMS.scanType);
-      if (ws) ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('resolves with error presence on non-ok response', async () => {
-      stubFetch('test-ticket', false);
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      document.body.innerHTML = '<div id="test-target"></div>';
-      const result = await client.verify('test-target');
-      expect(result).toEqual({ presence: { score: 'OFFLINE', msg: 'Failed to get ticket' } });
-    });
-    it('resolves with error presence when no ticket in response', async () => {
-      stubFetch(null, true);
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      document.body.innerHTML = '<div id="test-target"></div>';
-      const result = await client.verify('test-target');
-      expect(result).toEqual({ presence: { score: 'OFFLINE', msg: 'No ticket returned from server' } });
-    });
-    it('resolves with error presence on fetch exception', async () => {
-      vi.stubGlobal('fetch', vi.fn().mockRejectedValue(new Error('Network error')));
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      document.body.innerHTML = '<div id="test-target"></div>';
-      const result = await client.verify('test-target');
-      expect(result).toEqual({ presence: { score: 'OFFLINE', msg: 'Failed to connect to WebSocket' } });
-    });
-  });
-  // ---------- verify - WebSocket ----------
-  describe('verify - WebSocket', () => {
-    let client;
-    beforeEach(() => {
-      stubFetch();
-      client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-    });
-    it('uses wss protocol on https', async () => {
-      setProtocol('https:');
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      expect(ws).toBeDefined();
-      expect(ws.url).toMatch(/^wss:\/\//);
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('uses ws protocol on http', async () => {
-      setProtocol('http:');
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      expect(ws).toBeDefined();
-      expect(ws.url).toMatch(/^ws:\/\//);
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('builds correct WebSocket URL', async () => {
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      expect(ws).toBeDefined();
-      expect(ws.url).toBe(`wss://${DEFAULT_PARAMS.apiServer}/v2/realtime/test-ticket-123`);
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('responds pong to ping with matching seq', async () => {
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      ws.simulateMessage({ type: 'ping', seq: 42 });
-      expect(ws.sent).toHaveLength(1);
-      expect(JSON.parse(ws.sent[0])).toEqual({ type: 'pong', seq: 42 });
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('jwt message resolves promise with JWT string', async () => {
-      const fakeJwt = buildFakeJwt({ 'Full Name': 'Alice' });
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      ws.simulateMessage({ jwt: fakeJwt });
-      const result = await promise;
-      expect(result).toBe(fakeJwt);
-    });
-    it('jwt message with rawJwt=true resolves with full data object', async () => {
-      const fakeJwt = buildFakeJwt({ 'Full Name': 'Alice' });
-      const { promise, ws } = await startVerifyAndGetWs(client, null, true);
-      ws.simulateMessage({ jwt: fakeJwt });
-      const result = await promise;
-      expect(result).toEqual({ jwt: fakeJwt });
-    });
-    it('jwt message closes WebSocket', async () => {
-      const fakeJwt = buildFakeJwt({});
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      ws.simulateMessage({ jwt: fakeJwt });
-      await promise;
-      expect(ws.readyState).toBe(3); // CLOSED
-    });
-    it('error message resolves with error presence', async () => {
-      document.body.innerHTML = '<div id="test-target"></div>';
-      const c = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(c, 'test-target');
-      ws.simulateMessage({ error: 'Something went wrong' });
-      const result = await promise;
-      expect(result).toEqual({ presence: { score: 'OFFLINE', msg: 'Something went wrong' } });
-    });
-    it('url message calls window.location.assign', async () => {
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      ws.simulateMessage({ url: 'https://example.com/redirect' });
-      expect(window.location.assign).toHaveBeenCalledWith('https://example.com/redirect');
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('status message resets QR div to spinner', async () => {
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      // First send a qr_url to populate the div
-      ws.simulateMessage({ qr_url: 'https://app.polyguard.ai/qr?pcre=abc123' });
-      const qrDiv = document.querySelector('#polyguard-qr');
-      expect(qrDiv.innerHTML).toContain('mock-qr');
-      // Then status message should reset to spinner
-      ws.simulateMessage({ status: 'pending' });
-      expect(qrDiv.innerHTML).toContain('spinner-circle');
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('unknown message type resolves with error', async () => {
-      document.body.innerHTML = '<div id="test-target"></div>';
-      const c = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(c, 'test-target');
-      ws.simulateMessage({ unknown_field: true });
-      const result = await promise;
-      expect(result).toEqual({ presence: { score: 'OFFLINE', msg: 'Unknown message type from server' } });
-    });
-    it('qr_url extracts pcre param and sends pong', async () => {
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      ws.simulateMessage({ qr_url: 'https://app.polyguard.ai/qr?pcre=xyz789&other=1' });
-      const pongMsg = ws.sent.find(s => {
-        const parsed = JSON.parse(s);
-        return parsed.type === 'pong' && parsed.seq === 'xyz789';
-      });
-      expect(pongMsg).toBeDefined();
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-  });
-  // ---------- verify - modal vs target mode ----------
-  describe('verify - modal vs target mode', () => {
-    it('target mode renders into specified element', async () => {
-      document.body.innerHTML = '<div id="my-target"></div>';
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(client, 'my-target');
-      const target = document.getElementById('my-target');
-      expect(target.innerHTML).toContain('spinner-circle');
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('target mode throws if element not found', async () => {
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      await expect(client.verify('nonexistent-id')).rejects.toThrow("Target element with ID 'nonexistent-id' not found");
-    });
-    it('modal mode appends to document.body', async () => {
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      expect(document.querySelector('#polyguard-modal-content')).not.toBeNull();
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('close button rejects with User cancelled', async () => {
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise } = await startVerifyAndGetWs(client);
-      document.querySelector('#polyguard-modal-close').click();
-      await expect(promise).rejects.toThrow('User cancelled');
-    });
-    it('cancel button rejects with User cancelled', async () => {
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise } = await startVerifyAndGetWs(client);
-      document.querySelector('#polyguard-modal-cancel').click();
-      await expect(promise).rejects.toThrow('User cancelled');
-    });
-    it('jwt message cleans up modal from DOM', async () => {
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      expect(document.querySelector('#polyguard-modal-content')).not.toBeNull();
-      ws.simulateMessage({ jwt: buildFakeJwt({}) });
-      await promise;
-      expect(document.querySelector('#polyguard-modal-content')).toBeNull();
-    });
-  });
-  // ---------- verify - mobile detection ----------
-  describe('verify - mobile detection', () => {
-    it('mobile UA renders button instead of QR code', async () => {
-      setUserAgent('Mozilla/5.0 (iPhone; CPU iPhone OS 16_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148');
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      ws.simulateMessage({ qr_url: 'https://app.polyguard.ai/qr?pcre=abc' });
-      const btn = document.querySelector('#polyguard-open-app-button');
-      expect(btn).not.toBeNull();
-      expect(btn.textContent).toBe('Open Polyguard App');
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('desktop UA calls QRCode.toString', async () => {
-      setUserAgent('Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)');
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      ws.simulateMessage({ qr_url: 'https://app.polyguard.ai/qr?pcre=abc' });
-      expect(mockQRCode.toString).toHaveBeenCalledWith(
-        'https://app.polyguard.ai/qr?pcre=abc',
-        { type: 'svg' },
-        expect.any(Function),
-      );
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('mobile button click calls window.location.assign with qr_url', async () => {
-      setUserAgent('Mozilla/5.0 (Linux; Android 12) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100 Mobile');
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      ws.simulateMessage({ qr_url: 'https://app.polyguard.ai/qr?pcre=abc' });
-      const btn = document.querySelector('#polyguard-open-app-button');
-      btn.click();
-      expect(window.location.assign).toHaveBeenCalledWith('https://app.polyguard.ai/qr?pcre=abc');
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-    it('Android UA also detected as mobile', async () => {
-      setUserAgent('Mozilla/5.0 (Linux; Android 13; Pixel 7) AppleWebKit/537.36');
-      const client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-      const { promise, ws } = await startVerifyAndGetWs(client);
-      ws.simulateMessage({ qr_url: 'https://app.polyguard.ai/qr?pcre=abc' });
-      expect(document.querySelector('#polyguard-open-app-button')).not.toBeNull();
-      ws.simulateMessage({ jwt: 'cleanup' });
-      await promise.catch(() => {});
-    });
-  });
-  // ---------- require ----------
-  describe('require', () => {
-    let client;
-    beforeEach(() => {
-      client = new PolyguardWebsocketClientImpl(DEFAULT_PARAMS);
-    });
-    it('returns true when all proofs match JWT payload', async () => {
-      const jwt = buildFakeJwt({ 'Full Name': 'Alice Smith', 'Email': 'alice@example.com' });
-      vi.spyOn(client, 'verify').mockResolvedValue(jwt);
-      const result = await client.require({ 'Full Name': 'Alice Smith', 'Email': 'alice@example.com' });
-      expect(result).toBe(true);
-    });
-    it('returns false on proof value mismatch', async () => {
-      const jwt = buildFakeJwt({ 'Full Name': 'Alice Smith' });
-      vi.spyOn(client, 'verify').mockResolvedValue(jwt);
-      const result = await client.require({ 'Full Name': 'Bob Jones' });
-      expect(result).toBe(false);
-    });
-    it('returns false when expected key is missing from JWT', async () => {
-      const jwt = buildFakeJwt({ 'Full Name': 'Alice' });
-      vi.spyOn(client, 'verify').mockResolvedValue(jwt);
-      const result = await client.require({ 'Email': 'alice@example.com' });
-      expect(result).toBe(false);
-    });
-    it('returns false when verify returns falsy JWT', async () => {
-      vi.spyOn(client, 'verify').mockResolvedValue(null);
-      const result = await client.require({ 'Full Name': 'Alice' });
-      expect(result).toBe(false);
-    });
-    it('returns false when verify rejects (cancellation)', async () => {
-      vi.spyOn(client, 'verify').mockRejectedValue(new Error('User cancelled'));
-      const result = await client.require({ 'Full Name': 'Alice' });
-      expect(result).toBe(false);
-    });
-    it('correctly decodes base64 JWT payload', async () => {
-      const payload = { 'Full Name': 'Test User', score: 99 };
-      const jwt = buildFakeJwt(payload);
-      vi.spyOn(client, 'verify').mockResolvedValue(jwt);
-      const result = await client.require({ 'Full Name': 'Test User', score: 99 });
-      expect(result).toBe(true);
-    });
-    it('passes target through to verify', async () => {
-      const jwt = buildFakeJwt({ 'Full Name': 'Alice' });
-      const spy = vi.spyOn(client, 'verify').mockResolvedValue(jwt);
-      await client.require({ 'Full Name': 'Alice' }, 'my-element');
-      expect(spy).toHaveBeenCalledWith('my-element');
-    });
-  });
-});

package/src/__tests__/helpers/fixtures.js DELETED Viewed

@@ -1,27 +0,0 @@
-/**
- * Build a fake JWT with the given payload.
- * Structure: header.payload.signature (base64url encoded)
- */
-export function buildFakeJwt(payload = {}) {
-  const header = btoa(JSON.stringify({ alg: 'HS256', typ: 'JWT' }));
-  const body = btoa(JSON.stringify(payload));
-  const sig = btoa('fakesignature');
-  return `${header}.${body}.${sig}`;
-}
-export const DEFAULT_PARAMS = {
-  appId: 'test-app-id',
-  apiServer: 'api.test.polyguard.ai',
-  requiredProofs: ['Full Name', 'Email'],
-  scanType: 'single',
-};
-/**
- * Create a mock Response for the ticket fetch.
- */
-export function mockTicketResponse(ticket = 'test-ticket-123', ok = true) {
-  return {
-    ok,
-    json: async () => (ticket ? { ticket } : {}),
-  };
-}