@raytio/core 8.1.2 → 9.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (77) hide show
  1. package/README.md +482 -1
  2. package/dist/accessApplication/createAA.js +0 -1
  3. package/dist/crypto/decryptKeys.js +0 -2
  4. package/dist/crypto/helpers.d.ts +1 -1
  5. package/dist/general/index.d.ts +1 -0
  6. package/dist/general/index.js +1 -0
  7. package/dist/general/types.d.ts +6 -0
  8. package/dist/general/types.js +13 -0
  9. package/dist/index.d.ts +1 -0
  10. package/dist/index.js +1 -0
  11. package/dist/rules/calculateScore.d.ts +11 -0
  12. package/dist/rules/calculateScore.js +52 -0
  13. package/dist/rules/convertInstanceToRuleInput.d.ts +3 -0
  14. package/dist/rules/convertInstanceToRuleInput.js +139 -0
  15. package/dist/rules/evaluateScoreCondition.d.ts +2 -0
  16. package/dist/rules/evaluateScoreCondition.js +45 -0
  17. package/dist/rules/helpers/addInfiniteThresholdBoundaries.d.ts +8 -0
  18. package/dist/rules/helpers/addInfiniteThresholdBoundaries.js +11 -0
  19. package/dist/rules/helpers/checkTypeofValue.d.ts +3 -0
  20. package/dist/rules/helpers/checkTypeofValue.js +43 -0
  21. package/dist/rules/helpers/getValuesFromPath.d.ts +3 -0
  22. package/dist/rules/helpers/getValuesFromPath.js +50 -0
  23. package/dist/rules/helpers/index.d.ts +5 -0
  24. package/dist/rules/helpers/index.js +17 -0
  25. package/dist/rules/helpers/symbols.d.ts +2 -0
  26. package/dist/rules/helpers/symbols.js +5 -0
  27. package/dist/rules/helpers/thresholds.d.ts +5 -0
  28. package/dist/rules/helpers/thresholds.js +47 -0
  29. package/dist/rules/index.d.ts +6 -0
  30. package/dist/rules/index.js +20 -0
  31. package/dist/rules/operators/bool.d.ts +2 -0
  32. package/dist/rules/operators/bool.js +17 -0
  33. package/dist/rules/operators/date.d.ts +2 -0
  34. package/dist/rules/operators/date.js +91 -0
  35. package/dist/rules/operators/hfield.d.ts +2 -0
  36. package/dist/rules/operators/hfield.js +33 -0
  37. package/dist/rules/operators/hschema.d.ts +2 -0
  38. package/dist/rules/operators/hschema.js +21 -0
  39. package/dist/rules/operators/index.d.ts +3 -0
  40. package/dist/rules/operators/index.js +11 -0
  41. package/dist/rules/operators/number.d.ts +2 -0
  42. package/dist/rules/operators/number.js +41 -0
  43. package/dist/rules/operators/string.d.ts +2 -0
  44. package/dist/rules/operators/string.js +58 -0
  45. package/dist/rules/types/config.d.ts +86 -0
  46. package/dist/rules/types/config.js +2 -0
  47. package/dist/rules/types/dataValueTypes.d.ts +19 -0
  48. package/dist/rules/types/dataValueTypes.js +4 -0
  49. package/dist/rules/types/index.d.ts +3 -0
  50. package/dist/rules/types/index.js +15 -0
  51. package/dist/rules/types/internal.d.ts +20 -0
  52. package/dist/rules/types/internal.js +2 -0
  53. package/dist/{verifications/checkVerifications.d.ts → util/canonicalJsonify.d.ts} +0 -0
  54. package/dist/util/canonicalJsonify.js +48 -0
  55. package/dist/util/handleResponse.js +0 -1
  56. package/dist/util/index.d.ts +1 -0
  57. package/dist/util/index.js +1 -0
  58. package/dist/verifications/getPOVerification.d.ts +5 -2
  59. package/dist/verifications/getPOVerification.js +3 -4
  60. package/dist/verifications/index.d.ts +1 -1
  61. package/dist/verifications/index.js +1 -2
  62. package/dist/verifications/safeHarbour.d.ts +1 -1
  63. package/dist/verifications/safeHarbour.js +2 -2
  64. package/dist/verifications/verifyCheck/getOwnRealVerifications.d.ts +13 -0
  65. package/dist/verifications/verifyCheck/getOwnRealVerifications.js +63 -0
  66. package/dist/verifications/verifyCheck/getSomeoneElsesRealVerifications.d.ts +19 -0
  67. package/dist/verifications/{getRealVerifications.js → verifyCheck/getSomeoneElsesRealVerifications.js} +21 -19
  68. package/dist/verifications/verifyCheck/index.d.ts +3 -0
  69. package/dist/verifications/verifyCheck/index.js +17 -0
  70. package/dist/verifications/verifyCheck/operations/checkOwnVerification.d.ts +15 -0
  71. package/dist/verifications/verifyCheck/operations/checkOwnVerification.js +39 -0
  72. package/dist/verifications/verifyCheck/operations/checkSomeoneElsesVerifications.d.ts +1 -0
  73. package/dist/verifications/{checkVerifications.js → verifyCheck/operations/checkSomeoneElsesVerifications.js} +4 -4
  74. package/dist/verifications/verifyCheck/operations/index.d.ts +2 -0
  75. package/dist/verifications/verifyCheck/operations/index.js +14 -0
  76. package/package.json +8 -8
  77. package/dist/verifications/getRealVerifications.d.ts +0 -22
package/dist/verifications/verifyCheck/operations/checkOwnVerification.d.ts ADDED
@@ -0,0 +1,15 @@
1
+ import { UId, VerificationPayload } from "@raytio/types";
2
+ declare type SingleVerToCheck = {
3
+ verObject: VerificationPayload<false>;
4
+ signature: string;
5
+ userId: UId;
6
+ value: unknown;
7
+ };
8
+ /**
9
+ * checks that a json object was signed by the provided signature. Unless you're
10
+ * dealing with bundled verifications, you should use `getOwnRealVerifications`
11
+ * or `getSomeoneElsesRealVerifications` instead.
12
+ */
13
+ export declare const checkJsonSignature: (data: unknown, signature: string) => Promise<boolean>;
14
+ export declare const checkOwnVerification: ({ verObject, signature, userId, value, }: SingleVerToCheck) => Promise<boolean>;
15
+ export {};
package/dist/verifications/verifyCheck/operations/checkOwnVerification.js ADDED
@@ -0,0 +1,39 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.checkOwnVerification = exports.checkJsonSignature = exports.checkSignature = void 0;
4
+ const util_1 = require("../../../util");
5
+ let cache; // eslint-disable-line fp/no-let
6
+ const base64ToArrayBuffer = (str) => Uint8Array.from(atob(str), c => c.charCodeAt(0));
7
+ async function getJwk() {
8
+ // eslint-disable-next-line fp/no-mutation
9
+ cache || (cache = fetch("https://api-docs.rayt.io/lookups/raytio.pem")
10
+ .then(r => r.text())
11
+ .then(pem => crypto.subtle.importKey("spki", base64ToArrayBuffer(pem.split("-----")[2].trim()), { name: "RSA-PSS", hash: "SHA-512" }, false, ["verify"])));
12
+ return cache;
13
+ }
14
+ /** @internal exported only for tests */
15
+ async function checkSignature(publicCryptoKey, signature, data) {
16
+ // the logic must match https://gitlab.com/raytio/mono/-/blob/devo/common/signing/signing/sign.py
17
+ const signatureBuf = base64ToArrayBuffer(signature);
18
+ const isVerified = await crypto.subtle.verify({ name: "RSA-PSS", hash: "SHA-512", saltLength: 512 / 8 }, publicCryptoKey, signatureBuf, new TextEncoder().encode(data));
19
+ return isVerified;
20
+ }
21
+ exports.checkSignature = checkSignature;
22
+ /**
23
+ * checks that a json object was signed by the provided signature. Unless you're
24
+ * dealing with bundled verifications, you should use `getOwnRealVerifications`
25
+ * or `getSomeoneElsesRealVerifications` instead.
26
+ */
27
+ const checkJsonSignature = async (data, signature) => {
28
+ const jwk = await getJwk();
29
+ const stringified = (0, util_1.canonicalJsonify)(data);
30
+ const result = await checkSignature(jwk, signature, stringified);
31
+ return result;
32
+ };
33
+ exports.checkJsonSignature = checkJsonSignature;
34
+ const checkOwnVerification = async ({ verObject, signature, userId, value, }) => {
35
+ if (!userId)
36
+ throw new Error("No userId supplied");
37
+ return (0, exports.checkJsonSignature)(Object.assign(Object.assign({}, verObject), { sub: userId, value }), signature);
38
+ };
39
+ exports.checkOwnVerification = checkOwnVerification;
package/dist/verifications/{checkVerifications.js → verifyCheck/operations/checkSomeoneElsesVerifications.js} RENAMED
@@ -1,9 +1,9 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.checkVerifications = void 0;
4
- const util_1 = require("../util");
3
+ exports.checkSomeoneElsesVerifications = void 0;
4
+ const util_1 = require("../../../util");
5
5
  /** @internal */
6
- const checkVerifications = async ({ apiUrl, toVerify, controller, }) => {
6
+ const checkSomeoneElsesVerifications = async ({ apiUrl, toVerify, controller, }) => {
7
7
  const response = await fetch(`${apiUrl}/extract_verify/v2/verify_check`, {
8
8
  method: "POST",
9
9
  body: JSON.stringify(toVerify),
@@ -13,4 +13,4 @@ const checkVerifications = async ({ apiUrl, toVerify, controller, }) => {
13
13
  // extra `m` items are garbage and don't have the verified field.
14
14
  return response.filter(ver => "verified" in ver);
15
15
  };
16
- exports.checkVerifications = checkVerifications;
16
+ exports.checkSomeoneElsesVerifications = checkSomeoneElsesVerifications;
package/dist/verifications/verifyCheck/operations/index.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ export * from "./checkOwnVerification";
2
+ export * from "./checkSomeoneElsesVerifications";
package/dist/verifications/verifyCheck/operations/index.js ADDED
@@ -0,0 +1,14 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
5
+ }) : (function(o, m, k, k2) {
6
+ if (k2 === undefined) k2 = k;
7
+ o[k2] = m[k];
8
+ }));
9
+ var __exportStar = (this && this.__exportStar) || function(m, exports) {
10
+ for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
11
+ };
12
+ Object.defineProperty(exports, "__esModule", { value: true });
13
+ __exportStar(require("./checkOwnVerification"), exports);
14
+ __exportStar(require("./checkSomeoneElsesVerifications"), exports);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@raytio/core",
3
- "version": "8.1.2",
3
+ "version": "9.0.2",
4
4
  "license": "MIT",
5
5
  "main": "index",
6
6
  "types": "index",
@@ -15,22 +15,22 @@
15
15
  "test": "jest"
16
16
  },
17
17
  "dependencies": {
18
- "@raytio/maxcryptor": "3.0.1",
19
- "@raytio/types": "5.2.0",
20
- "ramda": "0.27.1"
18
+ "@raytio/maxcryptor": "3.1.0",
19
+ "@raytio/types": "6.0.0",
20
+ "ramda": "0.28.0"
21
21
  },
22
22
  "devDependencies": {
23
- "@types/ramda": "0.27.44",
24
- "jest": "27.1.0",
23
+ "@types/ramda": "0.27.64",
24
+ "jest": "27.5.1",
25
25
  "localstorage-polyfill": "1.0.1",
26
- "ts-jest": "27.0.5"
26
+ "ts-jest": "27.1.3"
27
27
  },
28
28
  "jest": {
29
29
  "transform": {
30
30
  "^.+\\.(t|j)sx?$": "ts-jest"
31
31
  },
32
32
  "testEnvironment": "node",
33
- "collectCoverage": true,
33
+ "collectCoverage": false,
34
34
  "coverageThreshold": {
35
35
  "global": {
36
36
  "statements": 100
package/dist/verifications/getRealVerifications.d.ts DELETED
@@ -1,22 +0,0 @@
1
- import { ProfileObject, Verification, RealVer } from "@raytio/types";
2
- declare type Props = {
3
- apiUrl: string;
4
- verifications: Verification[];
5
- profileObjects: ProfileObject[];
6
- controller?: AbortController;
7
- /**
8
- * do NOT use this option. If the value of a field
9
- * equals the value of this prop, that field will be treated
10
- * as verified, even if the API says it's not verified. See
11
- * #614 for context. @deprecated
12
- */
13
- UNSAFE_treatNoValueAsVerified?: string;
14
- };
15
- /**
16
- * Given a list of verifications and decrypted profile objects, this function calls
17
- * the Raytio API to verify the credibility of these verifications, returning only valid
18
- * verifications.
19
- * @returns a list of fileNames/values that are verified.
20
- */
21
- export declare const getRealVerifications: ({ apiUrl, verifications, profileObjects, controller, UNSAFE_treatNoValueAsVerified, }: Props) => Promise<RealVer[]>;
22
- export {};