@raytio/core 10.1.0 → 11.1.0

package/CHANGELOG.md

@@ -7,6 +7,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## 11.1.0 (2022-04-20)
+
+- Move `expandSchema` into core
+
+## 11.0.0 (2022-04-20)
+
+- 💥 BREAKING CHANGE: Changed the input arguments of `convertInstanceToRuleInput` to only require a list of `ProfileObject`s, instead of the whole `Instance` object.
+- Any profile object with an expired field is now considered `Expired`, even if other fields are verified.
+- Fix the `valid_until` attribute being ignored on verifications
+
 ## 10.1.0 (2022-07-06)
 
 - move `repairDate` into core, and use it when processing verifications

package/README.md

@@ -16,10 +16,11 @@ If you wish to use `@raytio/core` directly, an example of configuring polyfills
 
 ## Table of contents
 
-### Type aliases
+### Type Aliases
 
 - [SafeHarbourObj](#safeharbourobj)
 - [SafeHarbourResult](#safeharbourresult)
+- [VerDetails](#verdetails)
 
 ### Functions
 
@@ -30,9 +31,13 @@ If you wish to use `@raytio/core` directly, an example of configuring polyfills
 - [convertInstanceToRuleInput](#convertinstancetoruleinput)
 - [createAA](#createaa)
 - [decryptSharedData](#decryptshareddata)
+- [evaluateRule](#evaluaterule)
+- [expandSchema](#expandschema)
 - [findSchemaLabel](#findschemalabel)
+- [findSuitableLocale](#findsuitablelocale)
 - [fromCognitoAttributes](#fromcognitoattributes)
 - [getAADecryptor](#getaadecryptor)
+- [getNidFromUrn](#getnidfromurn)
 - [getOwnRealVerifications](#getownrealverifications)
 - [getPOVerification](#getpoverification)
 - [getSomeoneElsesRealVerifications](#getsomeoneelsesrealverifications)
@@ -44,9 +49,10 @@ If you wish to use `@raytio/core` directly, an example of configuring polyfills
 - [isScoreResultValid](#isscoreresultvalid)
 - [repairDate](#repairdate)
 - [someEncrypted](#someencrypted)
+- [sortSchemaProperties](#sortschemaproperties)
 - [toCognitoAttributes](#tocognitoattributes)
 
-## Type aliases
+## Type Aliases
 
 ### SafeHarbourObj
 
@@ -69,11 +75,25 @@ the response from [calcSafeHarbourScore](#calcsafeharbourscore)
 | `flags` | [`SafeHarbourObj`](#safeharbourobj) |
 | `isSafe` | `boolean` |
 
+___
+
+### VerDetails
+
+Ƭ **VerDetails**: `Object`
+
+#### Type declaration
+
+| Name | Type | Description |
+| :------ | :------ | :------ |
+| `expiryDate?` | `Date` | field only present for expired verifications |
+| `sourceNId?` | `NId` | - |
+| `verifiers` | `VerificationProvider`[] | - |
+
 ## Functions
 
 ### calcSafeHarbourScore
 
-▸ `Const` **calcSafeHarbourScore**(`data`): `Promise`<[`SafeHarbourResult`](#safeharbourresult)\>
+▸ **calcSafeHarbourScore**(`data`): `Promise`<[`SafeHarbourResult`](#safeharbourresult)\>
 
 The Safe Harbour Score indidicates whether a person's identity has been verified
 to the extent requried for Safe Harbour Compliance. This requires multiple verifications
@@ -85,8 +105,8 @@ from different sources. For information, refer to the
 | Name | Type |
 | :------ | :------ |
 | `data` | `Object` |
-| `data.person` | `ProfileObject`<`Json`\> |
-| `data.profileObjects` | `ProfileObject`<`Json`\>[] |
+| `data.person` | `ProfileObject` |
+| `data.profileObjects` | `ProfileObject`[] |
 | `data.realVers` | `RealVer`[] |
 | `data.getSchema` | (`schemaName`: `string`) => `Promise`<`Schema`\> |
 
@@ -118,7 +138,7 @@ ___
 
 ### checkJsonSignature
 
-▸ `Const` **checkJsonSignature**(`data`, `signature`): `Promise`<`boolean`\>
+▸ **checkJsonSignature**(`data`, `signature`): `Promise`<`boolean`\>
 
 checks that a json object was signed by the provided signature. Unless you're
 dealing with bundled verifications, you should use `getOwnRealVerifications`
@@ -161,13 +181,13 @@ ___
 
 ### convertInstanceToRuleInput
 
-▸ `Const` **convertInstanceToRuleInput**(`instance`, `realVers`, `getSchema`): `Promise`<`RuleData`\>
+▸ **convertInstanceToRuleInput**(`POs`, `realVers`, `getSchema`): `Promise`<`RuleData`\>
 
 #### Parameters
 
 | Name | Type |
 | :------ | :------ |
-| `instance` | `Instance` |
+| `POs` | `ProfileObject`[] |
 | `realVers` | `RealVer`[] |
 | `getSchema` | (`schemaName`: `string`) => `Promise`<`Schema`\> |
 
@@ -179,7 +199,7 @@ ___
 
 ### createAA
 
-▸ **createAA**(`__namedParameters`): `Promise`<`AA`\>
+▸ **createAA**(`«destructured»`): `Promise`<`AA`\>
 
 Creates an Access Application and associated public+private keys.
 
@@ -192,12 +212,12 @@ as well as the `userDoc` data which is stored in the user's cognito attributes.
 
 | Name | Type |
 | :------ | :------ |
-| `__namedParameters` | `Object` |
-| `__namedParameters.apiToken` | `string` |
-| `__namedParameters.apiUrl` | `string` |
-| `__namedParameters.application` | `Omit`<`AA`, ``"a_id"``\> |
-| `__namedParameters.maxcryptor` | `DataEncryptorI` |
-| `__namedParameters.userDoc` | `UserDoc` |
+| `«destructured»` | `Object` |
+| › `apiToken` | `string` |
+| › `apiUrl` | `string` |
+| › `application` | `Omit`<`AA`, ``"a_id"``\> |
+| › `maxcryptor` | `DataEncryptorI` |
+| › `userDoc` | `UserDoc` |
 
 #### Returns
 
@@ -207,7 +227,7 @@ ___
 
 ### decryptSharedData
 
-▸ `Const` **decryptSharedData**(`__namedParameters`): `Promise`<`Object`\>
+▸ **decryptSharedData**(`«destructured»`): `Promise`<{ `applicationDecryptor`: `ApplicationDataEncryptorI` ; `instance`: `Instance`  }\>
 
 Decrypts any encrypted properties included in the supplied `instanceData`.
 If nothing is encrypted the supplied `instanceData` is returned.
@@ -220,24 +240,70 @@ supply a `onCorruptedData` function which returns a value to use instead.
 
 | Name | Type |
 | :------ | :------ |
-| `__namedParameters` | `Object` |
-| `__namedParameters.apiToken` | `string` |
-| `__namedParameters.apiUrl` | `string` |
-| `__namedParameters.instanceData` | `Instance` |
-| `__namedParameters.maxcryptor` | `DataEncryptorI` |
-| `__namedParameters.onCorruptedData?` | (`fieldName`: `string`, `fieldValue`: `Encrypted`<`string`\>, `error`: `Error`) => `any` |
+| `«destructured»` | `Object` |
+| › `apiToken` | `string` |
+| › `apiUrl` | `string` |
+| › `instanceData` | `Instance` |
+| › `maxcryptor` | `DataEncryptorI` |
+| › `onCorruptedData?` | (`fieldName`: `string`, `fieldValue`: `Encrypted`, `error`: `Error`) => `any` |
 
 #### Returns
 
-`Promise`<`Object`\>
+`Promise`<{ `applicationDecryptor`: `ApplicationDataEncryptorI` ; `instance`: `Instance`  }\>
 
 a copy of `instanceData` with all properties decrypted.
 
 ___
 
+### evaluateRule
+
+▸ **evaluateRule**(`rule`, `data`): `Object`
+
+evaluates an individual rule, normally you should use [calculateScore](#calculatescore)
+
+#### Parameters
+
+| Name | Type |
+| :------ | :------ |
+| `rule` | `ScoreRule` |
+| `data` | `RuleData` |
+
+#### Returns
+
+`Object`
+
+| Name | Type |
+| :------ | :------ |
+| `passed` | `boolean` |
+| `score` | `number` |
+
+___
+
+### expandSchema
+
+▸ **expandSchema**(`wrappedSchema`, `allUnexpandedSchemas`, `userLocales`): `Schema`
+
+❣️ This is the main function to transform a schema from
+the JSON that the API returns, into a `Schema` object that's useful
+to the client.
+
+#### Parameters
+
+| Name | Type |
+| :------ | :------ |
+| `wrappedSchema` | `WrappedSchema` |
+| `allUnexpandedSchemas` | `WrappedSchema`[] |
+| `userLocales` | readonly `string`[] |
+
+#### Returns
+
+`Schema`
+
+___
+
 ### findSchemaLabel
 
-▸ `Const` **findSchemaLabel**(`labels`): `undefined` \| `string`
+▸ **findSchemaLabel**(`labels`): `undefined` \| `string`
 
 Finds the label (on a profile object) which is the schema name
 
@@ -253,9 +319,29 @@ Finds the label (on a profile object) which is the schema name
 
 ___
 
+### findSuitableLocale
+
+▸ **findSuitableLocale**(`options`, `langs`): `undefined` \| `string`
+
+Selects the most suitable locale to use from a list of options.
+Returns undefined if there is no language that the user speaks
+
+#### Parameters
+
+| Name | Type |
+| :------ | :------ |
+| `options` | `string`[] |
+| `langs` | readonly `string`[] |
+
+#### Returns
+
+`undefined` \| `string`
+
+___
+
 ### fromCognitoAttributes
 
-▸ `Const` **fromCognitoAttributes**(`attributes`): `UserDoc`
+▸ **fromCognitoAttributes**(`attributes`): `UserDoc`
 
 This function converts Cognito's userAttributes into a maxcryptor UserDoc.
 The userAttributes come from `const attributes = await Auth.userAttributes(user)`
@@ -274,32 +360,64 @@ ___
 
 ### getAADecryptor
 
-▸ **getAADecryptor**(`__namedParameters`): `Promise`<`Object`\>
+▸ **getAADecryptor**(`«destructured»`): `Promise`<{ `decryptor`: `ApplicationEncryptor` ; `publicKeyNId`: `NId`  }\>
 
 Fetchs the public and private keys for an Access Application, then initializes
-the [Maxcryptor](https://npm.im/@raytio/maxcryptor)'s `ApplicationEncryptor`.
+the [https://npm.im/@raytio/maxcryptor|Maxcryptor](https://npm.im/@raytio/maxcryptor|Maxcryptor)'s `ApplicationEncryptor`.
 
 #### Parameters
 
 | Name | Type |
 | :------ | :------ |
-| `__namedParameters` | `Object` |
-| `__namedParameters.aId` | `AId` |
-| `__namedParameters.apiToken` | `string` |
-| `__namedParameters.apiUrl` | `string` |
-| `__namedParameters.maxcryptor` | `DataEncryptorI` |
+| `«destructured»` | `Object` |
+| › `aId` | `AId` |
+| › `apiToken` | `string` |
+| › `apiUrl` | `string` |
+| › `maxcryptor` | `DataEncryptorI` |
 
 #### Returns
 
-`Promise`<`Object`\>
+`Promise`<{ `decryptor`: `ApplicationEncryptor` ; `publicKeyNId`: `NId`  }\>
 
 an `ApplicationEncryptor` and the public key of the Access Application
 
 ___
 
+### getNidFromUrn
+
+▸ **getNidFromUrn**(`urn`): `NId`
+
+two overloads - if you provide undefined, you might get undefined back
+
+#### Parameters
+
+| Name | Type |
+| :------ | :------ |
+| `urn` | \`urn:user:${string}\` \| \`urn:profile\_object:${string}\` \| \`urn:instance:${string}\` \| \`urn:schema:${string}\` \| \`urn:temp\_object:${string}\` \| \`urn:document:${string}\` |
+
+#### Returns
+
+`NId`
+
+▸ **getNidFromUrn**(`urn`): `undefined` \| `NId`
+
+two overloads - if you provide undefined, you might get undefined back
+
+#### Parameters
+
+| Name | Type |
+| :------ | :------ |
+| `urn` | `undefined` \| \`urn:user:${string}\` \| \`urn:profile\_object:${string}\` \| \`urn:instance:${string}\` \| \`urn:schema:${string}\` \| \`urn:temp\_object:${string}\` \| \`urn:document:${string}\` |
+
+#### Returns
+
+`undefined` \| `NId`
+
+___
+
 ### getOwnRealVerifications
 
-▸ `Const` **getOwnRealVerifications**(`__namedParameters`): `Promise`<`RealVer`[]\>
+▸ **getOwnRealVerifications**(`«destructured»`): `Promise`<`RealVer`[]\>
 
 Given a list of verifications and decrypted profile objects, this function
 locally verifies the credibility of the signatures in the verifications.
@@ -310,10 +428,10 @@ This function does NOT call the API, except to fetch the public key.
 
 | Name | Type |
 | :------ | :------ |
-| `__namedParameters` | `Object` |
-| `__namedParameters.profileObjects` | `ProfileObject`<`Json`\>[] |
-| `__namedParameters.userId` | `UId` |
-| `__namedParameters.verifications` | `Verification`<``false``\>[] |
+| `«destructured»` | `Object` |
+| › `profileObjects` | `ProfileObject`[] |
+| › `userId` | `UId` |
+| › `verifications` | `Verification`[] |
 
 #### Returns
 
@@ -325,7 +443,7 @@ ___
 
 ### getPOVerification
 
-▸ **getPOVerification**(`__namedParameters`): `Object`
+▸ **getPOVerification**(`«destructured»`): `Object`
 
 Determines the verification status of a profile object, and its individual fields.
 
@@ -333,10 +451,10 @@ Determines the verification status of a profile object, and its individual field
 
 | Name | Type |
 | :------ | :------ |
-| `__namedParameters` | `Object` |
-| `__namedParameters.PO` | `ProfileObject`<`Json`\> \| `ProfileObjectForUpload`<`Json`\> |
-| `__namedParameters.realVers` | `RealVer`[] |
-| `__namedParameters.schema` | `Schema` |
+| `«destructured»` | `Object` |
+| › `PO` | `ProfileObject` \| `ProfileObjectForUpload` |
+| › `realVers` | `RealVer`[] |
+| › `schema` | `Schema` |
 
 #### Returns
 
@@ -344,9 +462,7 @@ Determines the verification status of a profile object, and its individual field
 
 | Name | Type |
 | :------ | :------ |
-| `details` | `Object` |
-| `details.sourceNId?` | `NId` |
-| `details.verifiers` | `VerificationProvider`[] |
+| `details` | [`VerDetails`](#verdetails) |
 | `fieldVerifications` | `Record`<`string`, `FieldVerification`\> |
 | `status` | `POVerification` |
 
@@ -354,7 +470,7 @@ ___
 
 ### getSomeoneElsesRealVerifications
 
-▸ `Const` **getSomeoneElsesRealVerifications**(`__namedParameters`): `Promise`<`RealVer`[]\>
+▸ **getSomeoneElsesRealVerifications**(`«destructured»`): `Promise`<`RealVer`[]\>
 
 Given a list of verifications and decrypted profile objects, this function calls
 the Raytio API to verify the credibility of these verifications, returning only valid
@@ -366,7 +482,7 @@ verifications.
 
 | Name | Type |
 | :------ | :------ |
-| `__namedParameters` | `Props` |
+| `«destructured»` | `Props` |
 
 #### Returns
 
@@ -380,7 +496,9 @@ ___
 
 ▸ **hashPassword**(`password`): `Promise`<`string`\>
 
-**`deprecated`** legacy feature, see #1252
+**`Deprecated`**
+
+legacy feature, see #1252
 
 AWS Cognito never gets the raw password. We send them
 a hashed verison using PBKDF2 with SHA-256 and 10,000
@@ -402,12 +520,13 @@ ___
 
 ### isConditionMet
 
-▸ `Const` **isConditionMet**(`condition`, `formValues`): `boolean`
+▸ **isConditionMet**(`condition`, `formValues`): `boolean`
 
 Checks all other form values in case any have a
 trigger value that makes this field required.
 
-**`example`**
+**`Example`**
+
 ```json
 [
   { "if": { "age": [17, 18], "city": ["Taupō"] } },
@@ -432,7 +551,7 @@ ___
 
 ### isEncrypted
 
-▸ `Const` **isEncrypted**(`value`): value is Encrypted<string\>
+▸ **isEncrypted**(`value`): value is Encrypted
 
 Determines where the input is an encrypted Raytio object
 
@@ -444,7 +563,7 @@ Determines where the input is an encrypted Raytio object
 
 #### Returns
 
-value is Encrypted<string\>
+value is Encrypted
 
 true or false depending on whether the input is an encrypted Raytio object
 
@@ -452,7 +571,7 @@ ___
 
 ### isEncryptedFile
 
-▸ `Const` **isEncryptedFile**(`value`): value is Encrypted<string\>
+▸ **isEncryptedFile**(`value`): value is Encrypted
 
 Determines where the input is an encrypted Raytio file
 
@@ -464,7 +583,7 @@ Determines where the input is an encrypted Raytio file
 
 #### Returns
 
-value is Encrypted<string\>
+value is Encrypted
 
 true or false depending on whether the input is an encrypted Raytio file
 
@@ -472,7 +591,7 @@ ___
 
 ### isScoreConfigValid
 
-▸ `Const` **isScoreConfigValid**(`x`): x is ScoreConfig
+▸ **isScoreConfigValid**(`x`): x is ScoreConfig
 
 determines whether a `ScoreConfig` object is valid
 
@@ -490,7 +609,7 @@ ___
 
 ### isScoreResultValid
 
-▸ `Const` **isScoreResultValid**(`x`): x is ScoreResult
+▸ **isScoreResultValid**(`x`): x is ScoreResult
 
 determines whether a `ScoreResult` object is valid
 
@@ -526,7 +645,7 @@ ___
 
 ### someEncrypted
 
-▸ `Const` **someEncrypted**<`T`, `K`\>(...`args`): `number`
+▸ **someEncrypted**<`T`, `K`\>(`...args`): `number`
 
 Given a profile object's properties, returns the number
 of properties that are encryted.
@@ -550,9 +669,29 @@ of properties that are encryted.
 
 ___
 
+### sortSchemaProperties
+
+▸ **sortSchemaProperties**(`properties`): `Section`[]
+
+Schema properties are an object, so they need to be converted into an
+array, grouped by the group tag, and then sorted based on the `priority`
+attribute within their group.
+
+#### Parameters
+
+| Name | Type |
+| :------ | :------ |
+| `properties` | `Record`<`string`, `SchemaField`\> |
+
+#### Returns
+
+`Section`[]
+
+___
+
 ### toCognitoAttributes
 
-▸ `Const` **toCognitoAttributes**(`userDoc`): `Object`
+▸ **toCognitoAttributes**(`userDoc`): `Object`
 
 Given a `UserDoc` from the maxcryptor, this returns an object
 which you can provide to `Auth.updateUserAttributes()`. It is

package/dist/{util/hash.d.ts → __tests__/docs.test.d.ts}

@@ -1 +1 @@
-export {};
+export {};

package/dist/__tests__/docs.test.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+/* eslint-disable no-console */
+const child_process_1 = require("child_process");
+const fs_1 = require("fs");
+const util_1 = require("util");
+const execAsync = (0, util_1.promisify)(child_process_1.exec);
+describe("docs", () => {
+    it("generates a nice README for @raytio/core & @raytio/types", async () => {
+        console.log("(1/4) Running `yarn docs` for core...");
+        console.log(Object.values(await execAsync("yarn docs")).join("\n"));
+        console.log("(2/4) Reading README.md for core...");
+        const readmeCore = await fs_1.promises.readFile("README.md", { encoding: "utf-8" });
+        expect(readmeCore).toMatchSnapshot();
+        // types & core are in the same test to avoid jest parallelizing them
+        console.log("(3/4) Running `yarn docs` for types...");
+        console.log(Object.values(await execAsync("cd ../types && yarn docs")).join("\n"));
+        console.log("(4/4) Reading README.md for types...");
+        const readmeTypes = await fs_1.promises.readFile("../types/README.md", {
+            encoding: "utf-8",
+        });
+        expect(readmeTypes).toMatchSnapshot();
+    }, 30000);
+});

package/dist/accessApplication/createAA.d.ts

@@ -1,17 +1,17 @@
-import type { Maxcryptor, UserDoc } from "@raytio/maxcryptor";
-import type { AA } from "@raytio/types";
-/**
- * Creates an Access Application and associated public+private keys.
- *
- * The user must be part of an organization, and you need to include the `orgId`.
- *
- * You must also supply an apiToken and an instance of the maxcryptor for that user,
- * as well as the `userDoc` data which is stored in the user's cognito attributes.
- */
-export declare function createAA({ apiUrl, apiToken, userDoc, maxcryptor, application, }: {
-    apiUrl: string;
-    apiToken: string;
-    application: Omit<AA, "a_id">;
-    userDoc: UserDoc;
-    maxcryptor: Maxcryptor;
-}): Promise<AA>;
+import type { Maxcryptor, UserDoc } from "@raytio/maxcryptor";
+import type { AA } from "@raytio/types";
+/**
+ * Creates an Access Application and associated public+private keys.
+ *
+ * The user must be part of an organization, and you need to include the `orgId`.
+ *
+ * You must also supply an apiToken and an instance of the maxcryptor for that user,
+ * as well as the `userDoc` data which is stored in the user's cognito attributes.
+ */
+export declare function createAA({ apiUrl, apiToken, userDoc, maxcryptor, application, }: {
+    apiUrl: string;
+    apiToken: string;
+    application: Omit<AA, "a_id">;
+    userDoc: UserDoc;
+    maxcryptor: Maxcryptor;
+}): Promise<AA>;