@raytio/core 10.1.0 → 11.0.0

package/dist/verifications/verifyCheck/getOwnRealVerifications.js

@@ -1,64 +1,66 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getOwnRealVerifications = void 0;
-const general_1 = require("../../general");
-const maybeRereference_1 = require("../maybeRereference");
-const operations_1 = require("./operations");
-/**
- * Given a list of verifications and decrypted profile objects, this function
- * locally verifies the credibility of the signatures in the verifications.
- *
- * This function does NOT call the API, except to fetch the public key.
- * @returns a list of authentic RealVer
- */
-const getOwnRealVerifications = async ({ verifications, profileObjects, userId, }) => {
-    const realVers = [];
-    // this code is deliberaly written using for-loops instead of Promise.all,
-    // because attempting hundreds of webcrypto operations simultaneously will
-    // probably upset some heritage web browser.
-    for (const ver of verifications) {
-        for (const { data, signature } of ver.properties.verifications) {
-            const sourcePO = profileObjects.find(PO => PO.n_id === data.source_n_id);
-            if (!sourcePO)
-                continue;
-            const value = sourcePO.properties[data.field];
-            if (!value)
-                continue;
-            /**
-             * this does NOT mean that the data is correct. It means the
-             * verification is genuinely signed by raytio, but the data
-             * might be bogus (i.e. `passed: false`)
-             */
-            const isGenuine = await (0, operations_1.checkOwnVerification)({
-                verObject: data,
-                userId,
-                value: (0, maybeRereference_1.maybeRereference)(value),
-                signature,
-            });
-            if (!isGenuine)
-                continue;
-            // a "RealVer" is what the client likes to deal with,
-            // rather than the "VerificationPayload" which is stored on the API.
-            // eslint-disable-next-line fp/no-mutating-methods
-            realVers.push({
-                fieldName: data.field,
-                value,
-                provider: {
-                    dataSourceNId: data.verifier_source_id,
-                    serviceProviderNId: data.verifier_service_id,
-                    verifierNId: data.verifier_id,
-                    date: (0, general_1.repairDate)(data.verification_date),
-                },
-                expired: data.valid_until ? (0, general_1.repairDate)(data.valid_until) : false,
-                metadata: data.metadata,
-                xId: data.request_div,
-                signature,
-                verified: data.passed,
-                nID: ver.n_id,
-                belongsToNId: data.source_n_id,
-            });
-        }
-    }
-    return realVers;
-};
-exports.getOwnRealVerifications = getOwnRealVerifications;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getOwnRealVerifications = void 0;
+const general_1 = require("../../general");
+const maybeRereference_1 = require("../maybeRereference");
+const operations_1 = require("./operations");
+/**
+ * Given a list of verifications and decrypted profile objects, this function
+ * locally verifies the credibility of the signatures in the verifications.
+ *
+ * This function does NOT call the API, except to fetch the public key.
+ * @returns a list of authentic RealVer
+ */
+const getOwnRealVerifications = async ({ verifications, profileObjects, userId, }) => {
+    const realVers = [];
+    // this code is deliberaly written using for-loops instead of Promise.all,
+    // because attempting hundreds of webcrypto operations simultaneously will
+    // probably upset some heritage web browser.
+    for (const ver of verifications) {
+        for (const { data, signature } of ver.properties.verifications) {
+            const sourcePO = profileObjects.find(PO => PO.n_id === data.source_n_id);
+            if (!sourcePO)
+                continue;
+            const value = sourcePO.properties[data.field];
+            if (!value)
+                continue;
+            /**
+             * this does NOT mean that the data is correct. It means the
+             * verification is genuinely signed by raytio, but the data
+             * might be bogus (i.e. `passed: false`)
+             */
+            const isGenuine = await (0, operations_1.checkOwnVerification)({
+                verObject: data,
+                userId,
+                value: (0, maybeRereference_1.maybeRereference)(value),
+                signature,
+            });
+            if (!isGenuine)
+                continue;
+            // a "RealVer" is what the client likes to deal with,
+            // rather than the "VerificationPayload" which is stored on the API.
+            // eslint-disable-next-line fp/no-mutating-methods
+            realVers.push({
+                fieldName: data.field,
+                value,
+                provider: {
+                    dataSourceNId: data.verifier_source_id,
+                    serviceProviderNId: data.verifier_service_id,
+                    verifierNId: data.verifier_id,
+                    date: (0, general_1.repairDate)(data.verification_date),
+                },
+                expired: ver.properties.valid_until
+                    ? (0, general_1.repairDate)(ver.properties.valid_until)
+                    : false,
+                metadata: data.metadata,
+                xId: data.request_div,
+                signature,
+                verified: data.passed,
+                nID: ver.n_id,
+                belongsToNId: data.source_n_id,
+            });
+        }
+    }
+    return realVers;
+};
+exports.getOwnRealVerifications = getOwnRealVerifications;

package/dist/verifications/verifyCheck/getSomeoneElsesRealVerifications.d.ts

@@ -1,19 +1,19 @@
-import { ProfileObject, Verification, RealVer, AId } from "@raytio/types";
-declare type Props = {
-    aId: AId;
-    apiUrl: string;
-    verifications: Verification[];
-    profileObjects: ProfileObject[];
-    controller?: AbortController;
-};
-/**
- * Given a list of verifications and decrypted profile objects, this function calls
- * the Raytio API to verify the credibility of these verifications, returning only valid
- * verifications.
- *
- * ❗ prefer `getOwnRealVerifications` if the data to be verified belongs to the current user.
- *
- * @returns a list of fileNames/values that are verified.
- */
-export declare const getSomeoneElsesRealVerifications: ({ aId, apiUrl, verifications, profileObjects, controller, }: Props) => Promise<RealVer[]>;
-export {};
+import { ProfileObject, Verification, RealVer, AId } from "@raytio/types";
+type Props = {
+    aId: AId;
+    apiUrl: string;
+    verifications: Verification[];
+    profileObjects: ProfileObject[];
+    controller?: AbortController;
+};
+/**
+ * Given a list of verifications and decrypted profile objects, this function calls
+ * the Raytio API to verify the credibility of these verifications, returning only valid
+ * verifications.
+ *
+ * ❗ prefer `getOwnRealVerifications` if the data to be verified belongs to the current user.
+ *
+ * @returns a list of fileNames/values that are verified.
+ */
+export declare const getSomeoneElsesRealVerifications: ({ aId, apiUrl, verifications, profileObjects, controller, }: Props) => Promise<RealVer[]>;
+export {};

package/dist/verifications/verifyCheck/getSomeoneElsesRealVerifications.js

@@ -1,72 +1,72 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getSomeoneElsesRealVerifications = void 0;
-const ramda_1 = require("ramda");
-const operations_1 = require("./operations");
-const maybeRereference_1 = require("../maybeRereference");
-const crypto_1 = require("../../crypto");
-const general_1 = require("../../general");
-const getValuesForAField = (fieldName, POs) => (0, ramda_1.uniq)(
-// truthy only, and ignore encrypted properties. this function will be called again once they're decrypted
-POs.map(x => { var _a; return (_a = x.properties) === null || _a === void 0 ? void 0 : _a[fieldName]; }).filter(x => !!x && !(0, crypto_1.isEncrypted)(x)));
-/**
- * Given a list of verifications and decrypted profile objects, this function calls
- * the Raytio API to verify the credibility of these verifications, returning only valid
- * verifications.
- *
- * ❗ prefer `getOwnRealVerifications` if the data to be verified belongs to the current user.
- *
- * @returns a list of fileNames/values that are verified.
- */
-const getSomeoneElsesRealVerifications = async ({ aId, apiUrl, verifications, profileObjects, controller, }) => {
-    // for each verification (including passed: false), create a list of every possible that
-    // value that that verification might have been for. Flatten the list
-    // and send the whole thing to the API.
-    const toVerify = verifications.flatMap(ver => {
-        const values = getValuesForAField(ver.properties.field, profileObjects);
-        return values.flatMap(value => ver.properties.verifications.map(({ signature }) => ({
-            verifications: [
-                Object.assign({ signature }, (ver.n_id.startsWith("HASHED::")
-                    ? {
-                        hashed_n_id: ver.n_id.split("::")[1],
-                        a_id: ver.n_id.split("::")[2],
-                    }
-                    : { n_id: ver.n_id })),
-            ],
-            data_to_verify: [{ value: (0, maybeRereference_1.maybeRereference)(value) }],
-        })));
-    });
-    // the API can't cope with an empty array
-    if (!toVerify.length)
-        return [];
-    const apiResponse = await (0, operations_1.checkSomeoneElsesVerifications)({
-        apiUrl,
-        toVerify,
-        controller,
-    });
-    // do NOT expose the `verified` prop from the /verify_check API to avoid semantic confusion,
-    // since verified: true does not mean that the verification is verified!
-    const realVers = apiResponse
-        .filter(x => x.verified)
-        .map(({ signature, data, n_id: nID, valid_until }) => ({
-        fieldName: data.field,
-        value: data.value,
-        provider: {
-            dataSourceNId: data.verifier_source_id,
-            serviceProviderNId: data.verifier_service_id,
-            verifierNId: data.verifier_id,
-            date: (0, general_1.repairDate)(data.verification_date),
-        },
-        expired: valid_until ? (0, general_1.repairDate)(valid_until) : false,
-        metadata: data.metadata,
-        xId: data.request_div,
-        signature,
-        verified: data.passed,
-        nID,
-        belongsToNId: data.source_hashed_n_id
-            ? `HASHED::${data.source_hashed_n_id}::${aId}`
-            : data.source_n_id,
-    }));
-    return realVers;
-};
-exports.getSomeoneElsesRealVerifications = getSomeoneElsesRealVerifications;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getSomeoneElsesRealVerifications = void 0;
+const ramda_1 = require("ramda");
+const operations_1 = require("./operations");
+const maybeRereference_1 = require("../maybeRereference");
+const crypto_1 = require("../../crypto");
+const general_1 = require("../../general");
+const getValuesForAField = (fieldName, POs) => (0, ramda_1.uniq)(
+// truthy only, and ignore encrypted properties. this function will be called again once they're decrypted
+POs.map(x => { var _a; return (_a = x.properties) === null || _a === void 0 ? void 0 : _a[fieldName]; }).filter(x => !!x && !(0, crypto_1.isEncrypted)(x)));
+/**
+ * Given a list of verifications and decrypted profile objects, this function calls
+ * the Raytio API to verify the credibility of these verifications, returning only valid
+ * verifications.
+ *
+ * ❗ prefer `getOwnRealVerifications` if the data to be verified belongs to the current user.
+ *
+ * @returns a list of fileNames/values that are verified.
+ */
+const getSomeoneElsesRealVerifications = async ({ aId, apiUrl, verifications, profileObjects, controller, }) => {
+    // for each verification (including passed: false), create a list of every possible that
+    // value that that verification might have been for. Flatten the list
+    // and send the whole thing to the API.
+    const toVerify = verifications.flatMap(ver => {
+        const values = getValuesForAField(ver.properties.field, profileObjects);
+        return values.flatMap(value => ver.properties.verifications.map(({ signature }) => ({
+            verifications: [
+                Object.assign({ signature }, (ver.n_id.startsWith("HASHED::")
+                    ? {
+                        hashed_n_id: ver.n_id.split("::")[1],
+                        a_id: ver.n_id.split("::")[2],
+                    }
+                    : { n_id: ver.n_id })),
+            ],
+            data_to_verify: [{ value: (0, maybeRereference_1.maybeRereference)(value) }],
+        })));
+    });
+    // the API can't cope with an empty array
+    if (!toVerify.length)
+        return [];
+    const apiResponse = await (0, operations_1.checkSomeoneElsesVerifications)({
+        apiUrl,
+        toVerify,
+        controller,
+    });
+    // do NOT expose the `verified` prop from the /verify_check API to avoid semantic confusion,
+    // since verified: true does not mean that the verification is verified!
+    const realVers = apiResponse
+        .filter(x => x.verified)
+        .map(({ signature, data, n_id: nID, valid_until }) => ({
+        fieldName: data.field,
+        value: data.value,
+        provider: {
+            dataSourceNId: data.verifier_source_id,
+            serviceProviderNId: data.verifier_service_id,
+            verifierNId: data.verifier_id,
+            date: (0, general_1.repairDate)(data.verification_date),
+        },
+        expired: valid_until ? (0, general_1.repairDate)(valid_until) : false,
+        metadata: data.metadata,
+        xId: data.request_div,
+        signature,
+        verified: data.passed,
+        nID,
+        belongsToNId: data.source_hashed_n_id
+            ? `HASHED::${data.source_hashed_n_id}::${aId}`
+            : data.source_n_id,
+    }));
+    return realVers;
+};
+exports.getSomeoneElsesRealVerifications = getSomeoneElsesRealVerifications;

package/dist/verifications/verifyCheck/index.d.ts

@@ -1,3 +1,3 @@
-export * from "./getOwnRealVerifications";
-export * from "./getSomeoneElsesRealVerifications";
-export { checkJsonSignature } from "./operations";
+export * from "./getOwnRealVerifications";
+export * from "./getSomeoneElsesRealVerifications";
+export { checkJsonSignature } from "./operations";

package/dist/verifications/verifyCheck/index.js

@@ -1,21 +1,21 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkJsonSignature = void 0;
-__exportStar(require("./getOwnRealVerifications"), exports);
-__exportStar(require("./getSomeoneElsesRealVerifications"), exports);
-var operations_1 = require("./operations");
-Object.defineProperty(exports, "checkJsonSignature", { enumerable: true, get: function () { return operations_1.checkJsonSignature; } });
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkJsonSignature = void 0;
+__exportStar(require("./getOwnRealVerifications"), exports);
+__exportStar(require("./getSomeoneElsesRealVerifications"), exports);
+var operations_1 = require("./operations");
+Object.defineProperty(exports, "checkJsonSignature", { enumerable: true, get: function () { return operations_1.checkJsonSignature; } });

package/dist/verifications/verifyCheck/operations/__tests__/checkOwnVerification.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/verifications/verifyCheck/operations/__tests__/checkOwnVerification.test.js

@@ -0,0 +1,91 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const __1 = require("..");
+const util_1 = require("../../../../util");
+const checkOwnVerification_1 = require("../checkOwnVerification");
+const sampleBundle_json_1 = __importDefault(require("./sampleBundle.json"));
+Reflect.set(global, "fetch", jest.fn().mockResolvedValue({
+    text: async () => `-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAn9QtCqYa3H3ipFFU0xP3
+n6r7KHS3GMbh0h/xzel57HhCIaXDYjUeUtgUNtzm+uElb/qzGn50xQRzVqO32vKB
+ZAW2kYyZ2+R5ruk9CSxr7K4Vk1FtDMcUCzqxm0eycFD2xbLsN3feRc3BMjfdaQ7P
+OMAquVHxDqSHlL8hv3VEoPHyRz04ipGAlRzVCEQPQ8sZDNsgXo76OzLGlT4bEUGn
+mzH+FhS6DGts+X5b5ZW1iCzQTNZM3yzk947dyMsJVHwx+VyTT/o8D6/zWrZnmjK+
+lGOihted4AmvJePcF0kWP5XXpXiX12dRsluhXkIXkgmj9MuoxkdeqGuAxiZUVc5a
+zWfZao3Y3O5UwtRIEJOeZmr6EkYfdhg+JuDjacZ53Dg6WduX+5nG7/UqpepqtmHe
+R0Wsi2K8nXxkFkZmPy+s7e4+ABjN+IRrQYUJALziMjskqjxll8zKn+4Phmk8dIJw
+Gut0BoM+DIwDu0uZaUprz7fSgNmYHHEiIFbOMVHiOn8oZAZbJXXbUbFIUYXA8u9+
+J1Z+QEpgw+rhGzOf/TSeHfMC9nNbWgYglluAJusWf2XwG/t/VlhtzviHCVGEL7HQ
+jQE5DrM7vaTg6Gu9bjKuoeLIRzbOYK6qAWFoa0CLcN84PLjhDSRw2duatP08hcWg
+jTgOkLWnBFE7NyRU93uPp68CAwEAAQ==
+-----END PUBLIC KEY-----`,
+}));
+describe("checkOwnVerification", () => {
+    it("works for a real PO", async () => {
+        //
+        // This is an important integration test from ca. 2021-12-02.
+        // If it is failing, it means our code no longer matches the
+        // backend, and all existing verifications will be erroneously
+        // considered invalid
+        //
+        const signature = "e3ra4x0iwAvcLURf2Je8IpibByd6dvdIMUxsh5ZVOUvnQYsY99U2RkZWk63nBePy6bVWqnYnhrAR\n7bGbPpf2GYWq1WymKro9SGB552xWU1BIyJ5+78agWXDOqIthsnuRNoos52u46Mh6bq6taIj0vip6\nwIbnN8A0eS/Ulh2PpzrXKbjM6ITKDUOjEMSgbO7sDbRzZ1GbOm3Bh0WMvtniEk9dsN6wwAYI2XXb\nhaHjKfKGxv73DpFlv04+371VfP24NN8R6RGgD5YUqn9iFiHN17GlPmDGjzId/cSwz9tMshUgV2ZA\nylkAcRIyao6mYDQk75BQs6eK/dOlvUeWjEWgRpeYSJ3/5GkqiJn906+7Rj7iJ6P9+zSGN+OlhW3p\n7D0gS70ZqwLG5AVNB+N9PCUZYdaHHulQc5W8devQB3GImKhjHhH6sKLd2JdwTWeEW/SAnnqzTLTJ\nRrg7/XDoYIH20x+FVYVom5QYbjHvxdbHML19+zw0jJuhiPgKmm1bKt8fFv7T1nOeDEQa4hRZfdNu\nmdxZPt0ilBsIN7cXYn+X3nKZuEo3udCvNQx+zjSiJfKqBEw2grqBCDrF1u2HWyL77pXPJNMfxlRN\nkedWDSFSG5rXKDC0ffVRXs3Q2our6DCT2RgdDoZejBm3jKckUwOxnqzG5yTbjWsmGdduo/ePh/g=\n";
+        // nId of this ver is "44371109-1a5c-41e7-b213-ff3befe194fc"
+        const verObject = {
+            passed: true,
+            schema: "ss_NZ_Company",
+            verifier_div: "ff341897-b847-4a56-8669-a7bef019758a",
+            source_n_id: "f73e33bd-6673-4069-9ed4-76b57c8da2de",
+            type: null,
+            verifier_service_id: "",
+            verification_date: "2021-11-16T20:35:59.147817",
+            request_div: "95cc6670-f704-4221-beb9-3559ac47bce9",
+            source: "NZ_COMPANY",
+            field: "entity_type_description",
+            v_id: "aec1c37d-f9d7-461a-b15d-1a83e41e981a",
+            verifier_source_id: "185e9cdc-e8fb-4147-b996-3c2dd60fab59",
+            verifier_id: "185e9cdc-e8fb-4147-b996-3c2dd60fab59",
+            metadata: {
+                date_retrieved: "2021-11-16T20:36:00.732608",
+                url: "https://api-dev.rayt.io/w-nz-mbie/v1/entities/9429033226651",
+            },
+        };
+        const value = "NZ Limited Company";
+        const userId = "fd9c4903-65c2-4b75-b454-4fda6b682f3e"; // for 27july21 🦈
+        expect(await (0, checkOwnVerification_1.checkOwnVerification)({ value, signature, userId, verObject })).toBe(true);
+    });
+    it("errors if you forget to supply the uId", async () => {
+        await expect(() => (0, checkOwnVerification_1.checkOwnVerification)({
+            value: "",
+            signature: "",
+            userId: "",
+            verObject: {},
+        })).rejects.toThrow(new Error("No userId supplied"));
+    });
+});
+describe("checkSignature", () => {
+    it("works", async () => {
+        // same test as the backend
+        // see https://gitlab.com/raytio/mono/-/blob/devo/common/signing/tests/test_sign.py#L104
+        const jwk = {
+            kty: "RSA",
+            alg: "PS512",
+            key_ops: ["verify"],
+            ext: true,
+            n: "wD6Oy9Wts0BAI7ObvxD73MNppefO3XMEMSZSxi1JTyfmavzV59rXMleRK5IBoY7ghOyy33-6131qQyh6cfbz5q67mHmTBEJmOccmw1hbl7SVSUHXOuUGUq5C7p3qnxeUhOFtxBlhMdIj0vkZ923lPHZpw9Yhit-RlLwW01Qnh-mGNmWMuUqrcj-WDb0WbIxjkaUR_DEIELkFiD9nF56mv3A6bMX_-ZJaF21ChD_b8qy_unQhNWrrUUwGzUaEMyw1dbPnvQ1iouMADlRlDBojZB0rWveK0PswqnUy3bB9dqVjpn50lN3CgdGeOPVVOcaLHhX0OLOCERpZY0hbuajfGIORMqnvF1dZJ_0OPrm-etpHK3ngK2qJ-mSjobd9DP_KISe2hAWs0FU4wbgG8U4VgcjYCkuABSh9c3xMEA5xyXV8iwGjTdmsOf4AvbBj1vY1dJVBYeGHuVRm-SxWepoVbYYDPg0366sYiim9IcQG0olxqAfkglB4yAmqYfp_kxqL2Cb8ysgyioHe9vmZDTbfTTm00qVAVKr2bctAgI787VEpS7Ou_2QTPIxYlsQCa-MbdgtUoXQ6__VdRklEaiQ_IFLBZzg5lFNBbF1Qytgav-BLfjZR31T5fhhougzrjBrtDGsSiV8qIvr5ZBfeJCatm1N_atbdjfWG7njoQMRwV5c",
+            e: "AQAB",
+        };
+        const cryptoKey = await crypto.subtle.importKey("jwk", jwk, { name: "RSA-PSS", hash: "SHA-512" }, false, ["verify"]);
+        const data = "This is definitely true";
+        const signature = "V0r2KI4TBTwyzV8fCmGIL6x3t11ROhG9UJts1VZiap94wXEnEP+TNQ6qVV1v8bWY9uoubYLNzzuVfbn4q1J1ERNJWEM469/A8zNRiptDEmrlfSMBHE2Ahrwn5h0nSjxttOGazqitX+Ir0Qo0itNINpIa5cRC4ttyumauSKFcaGhFHGCuOpQz4xPoCR6ww2UtEvfvomTI5PYedG2XzhOJioZ8P9QtgKDnt+mp5Baq5avRtDpK+gZ8zOHXW8YL5d/oO16K6HDdYe4nGjr4MQU93HJjzQVEtsZqtvwf2BznVSuChGd0kedlal2uIrDQ4H4l6Td1TqW+FJp+EHVdbdrbk+Gql2GwiDAVsIPHDDGfaeIZQSStbr9VgQSm0feqtRlI627VCQ5ewAd1+tEgRiVTz74ya8tmc62WzTF5dbSYkQtllc/SJNWxaMQ+MEBrDyatfRrurTeTXwnRROJ/idJFKGKdxQichNdiuqL/CnBQJc3oYzQNoQXAmIUGDelISY5+XgHKXDs9YX4AVbru/Ina3E86TIekLVOUqg7TJi1hLAdF3RANp48uXk7LuIffzcff5sBUQ0vtHVtyTFwd2Jmt1CiEd9DitMNQT5cjM21IC6uJ4HZ6Ni/fd0N9frZ6Svknd/MMsbM7aqt8z6IgREqYdGY2XLYZCeZ0qmCGW243v3A=";
+        const stringifiedData = (0, util_1.canonicalJsonify)(data);
+        expect(await (0, checkOwnVerification_1.checkSignature)(cryptoKey, signature, stringifiedData)).toBe(true);
+    });
+});
+describe("checkJsonSignature", () => {
+    it("can verify a bundled verification", async () => {
+        expect(await (0, __1.checkJsonSignature)(sampleBundle_json_1.default.data, sampleBundle_json_1.default.signature)).toBe(true);
+    });
+});

package/dist/verifications/verifyCheck/operations/__tests__/checkSomeoneElsesVerifications.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/verifications/verifyCheck/operations/__tests__/checkSomeoneElsesVerifications.test.js

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const checkSomeoneElsesVerifications_1 = require("../checkSomeoneElsesVerifications");
+const toVerify = [
+    {
+        verifications: [{ signature: "sig1", n_id: "nid1" }],
+        data_to_verify: [{ value: "val1" }],
+    },
+    {
+        verifications: [{ signature: "sig2", n_id: "nid2" }],
+        data_to_verify: [{ value: "val2" }],
+    },
+];
+describe("checkSomeoneElsesVerifications", () => {
+    it("calls the API and filters out garbage", async () => {
+        global.fetch = jest
+            .fn()
+            .mockImplementation()
+            // first fetch request
+            .mockImplementationOnce(async () => ({
+            json: async () => [{ verified: true }, { verified: false }, {}, {}],
+        }));
+        const result = await (0, checkSomeoneElsesVerifications_1.checkSomeoneElsesVerifications)({
+            apiUrl: "https://example.com",
+            toVerify,
+        });
+        expect(fetch).toHaveBeenCalledTimes(1);
+        expect(fetch).toHaveBeenCalledWith("https://example.com/extract_verify/v2/verify_check", {
+            body: JSON.stringify(toVerify),
+            method: "POST",
+            signal: undefined,
+        });
+        // note how empty objects were filtered out
+        expect(result).toStrictEqual([{ verified: true }, { verified: false }]);
+    });
+    it("throws an error if the API rejects", async () => {
+        global.fetch = jest
+            .fn()
+            .mockImplementation()
+            // first fetch request
+            .mockImplementationOnce(async () => ({
+            json: async () => ({ message: "An API error" }),
+        }));
+        await expect(() => (0, checkSomeoneElsesVerifications_1.checkSomeoneElsesVerifications)({
+            apiUrl: "https://example.com",
+            toVerify,
+        })).rejects.toThrow(new Error("An API error"));
+    });
+});

package/dist/verifications/verifyCheck/operations/__tests__/sampleBundle.json

@@ -0,0 +1,43 @@
+{
+    "__comment": "This belongs to 10feb22 🦈",
+    "bundle_version": 1,
+    "data": {
+        "n_id": "f4220899-4af7-4f66-8a00-1bc13936096b",
+        "schema": "ss_NZ_Company",
+        "fields": {
+            "nzbn": {
+                "verifiers": [
+                    { "verifier_id": "185e9cdc-e8fb-4147-b996-3c2dd60fab59" },
+                    { "verifier_id": "185e9cdc-e8fb-4147-b996-3c2dd60fab59" }
+                ],
+                "derivations": []
+            },
+            "entity_type_description": {
+                "verifiers": [
+                    { "verifier_id": "185e9cdc-e8fb-4147-b996-3c2dd60fab59" },
+                    { "verifier_id": "185e9cdc-e8fb-4147-b996-3c2dd60fab59" }
+                ],
+                "derivations": [],
+                "value": "NZ Limited Company"
+            },
+            "entity_status_description": {
+                "verifiers": [
+                    { "verifier_id": "185e9cdc-e8fb-4147-b996-3c2dd60fab59" },
+                    { "verifier_id": "185e9cdc-e8fb-4147-b996-3c2dd60fab59" }
+                ],
+                "derivations": [],
+                "value": "Registered"
+            },
+            "nz_legal_entity_name": {
+                "verifiers": [
+                    { "verifier_id": "185e9cdc-e8fb-4147-b996-3c2dd60fab59" },
+                    { "verifier_id": "185e9cdc-e8fb-4147-b996-3c2dd60fab59" }
+                ],
+                "derivations": [],
+                "value": "DEPARTMENT OF CONVERSATION LIMITED"
+            }
+        },
+        "valid_until": "2022-03-13T02:26:20.468171"
+    },
+    "signature": "AiWWrL+S1paYOqJiOtU3qwLTCkkZjwDq3FuHl7oy14IATYOhCeHLf+ca44X1Wc6pYpTQckjKnJZL\nkfgiwNE97aymWIOc+ZZGEb5YhXRNO+inTV4k5zppaDN3n3YAGzn7zMxleh3+opzJqncNaJtpZ0Wv\na9Pu/m4WjyT5ee3Myz6VOOMuVkcaTL4FD8XT7NdCh0ybRevAZ5R9xl0YuWMhvNpf3P6ieTikHXYN\nkKbPTnAhNdBmqV4njSIR66M82Ek0d9VcsX4zhmlhpdCmGRlXLgHEyMCF4iHlCIxSeKtGaOm2QK2R\nOV/lN3VScDNWyD8lPBipcj++5ZGII6BnFFG8LlT3gY/Y/wt8KeH/xgdu0a7Lt6J/BOiGLFfscUmb\nH5K5t48gnQ5BQS+Cf/yhayMV49LlGiK9m1iPlbmuJH1L2/ZM+iLsIrSTGCU0Rpbkw7qvm0dkUNYf\nhvlj/RnUxcy0Lr/84CzLvBhFMmBX+RHlcPrCWpIiibsdaD81kRyvLY2TASLFTeHajfr+UvtP3LVs\n8NGwRQHd6c2/ptxv3ERRUnDtNASatsLe67ZHg9SeF3BDhMHZwU1neYyrBI1TMECasFli5rP5gviq\nC8ZwFQ9lnDDTidWBF8GjRl6ope4wIuNBBkOsIIeyqIJE5BRUH4LhVUnN1be696uCKnWOyOo7fkc=\n"
+}

package/dist/verifications/verifyCheck/operations/checkOwnVerification.d.ts

@@ -1,15 +1,15 @@
-import { UId, VerificationPayload } from "@raytio/types";
-declare type SingleVerToCheck = {
-    verObject: VerificationPayload<false>;
-    signature: string;
-    userId: UId;
-    value: unknown;
-};
-/**
- * checks that a json object was signed by the provided signature. Unless you're
- * dealing with bundled verifications, you should use `getOwnRealVerifications`
- * or `getSomeoneElsesRealVerifications` instead.
- */
-export declare const checkJsonSignature: (data: unknown, signature: string) => Promise<boolean>;
-export declare const checkOwnVerification: ({ verObject, signature, userId, value, }: SingleVerToCheck) => Promise<boolean>;
-export {};
+import { UId, VerificationPayload } from "@raytio/types";
+type SingleVerToCheck = {
+    verObject: VerificationPayload<false>;
+    signature: string;
+    userId: UId;
+    value: unknown;
+};
+/**
+ * checks that a json object was signed by the provided signature. Unless you're
+ * dealing with bundled verifications, you should use `getOwnRealVerifications`
+ * or `getSomeoneElsesRealVerifications` instead.
+ */
+export declare const checkJsonSignature: (data: unknown, signature: string) => Promise<boolean>;
+export declare const checkOwnVerification: ({ verObject, signature, userId, value, }: SingleVerToCheck) => Promise<boolean>;
+export {};