@raytio/decrypt-helper 3.1.1 → 5.0.0

package/CHANGELOG.md

@@ -7,9 +7,26 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## 5.0.0 (2022-07-12)
+
+- 💥 BREAKING CHANGE: !185 use `accessToken` instead of `idToken` when communicating with the Raytio API
+- 💥 BREAKING CHANGE: !185 Improve how quotes (`"`) are escaped in the csv format to be compliant with [RFC-4180](https://datatracker.ietf.org/doc/html/rfc4180#section-2)
+- !185 embed language into pdf
+
+## 4.0.0 (2022-07-08)
+
+- 💥 BREAKING CHANGE: !170 [json] [csv] changed the format of badges, the fields `$verified` and `$safeHarbour` have been replaced with `$badges`
+- !176 fix field values being unexpectedly transformed
+- !179 update dependencies
+- !182 save the calculated score to the instance
+
+## 3.2.0 (2022-04-21)
+
+- !177 do not use `hashPassword` when logging in, and migrate old credentials
+
 ## 3.1.1 (2022-04-02)
 
-- !168 Fix import issue in v3.1
+- !175 Fix import issue in v3.1
 
 ## 3.1.0 (2022-03-14)
 

package/dist/api/authedFetch.d.ts

@@ -1 +1 @@
-export declare function authedFetch<T>(apiToken: string, url: string): Promise<T>;
+export declare function authedFetch<T>(apiToken: string, url: string, options?: RequestInit): Promise<T>;

package/dist/api/authedFetch.js

@@ -10,11 +10,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.authedFetch = void 0;
-function authedFetch(apiToken, url) {
+function authedFetch(apiToken, url, options) {
     return __awaiter(this, void 0, void 0, function* () {
-        const apiResp = yield fetch(url, {
-            headers: { Authorization: `Bearer ${apiToken}` },
-        }).then((r) => r.json());
+        const apiResp = yield fetch(url, Object.assign(Object.assign({}, options), { headers: { Authorization: `Bearer ${apiToken}` } })).then((r) => r.json());
         if (apiResp.message) {
             throw new Error(`Failed due to API Error: "${apiResp.message}"`);
         }

package/dist/api/index.d.ts

@@ -7,3 +7,4 @@ export * from "./getProfileObject";
 export * from "./getSchema";
 export * from "./resolveVerificationDetails";
 export * from "./signIn";
+export * from "./updateInstanceData";

package/dist/api/index.js

@@ -23,3 +23,4 @@ __exportStar(require("./getProfileObject"), exports);
 __exportStar(require("./getSchema"), exports);
 __exportStar(require("./resolveVerificationDetails"), exports);
 __exportStar(require("./signIn"), exports);
+__exportStar(require("./updateInstanceData"), exports);

package/dist/api/resolveVerificationDetails.d.ts

@@ -4,6 +4,6 @@ export declare type ResolvedVerificationProvider = {
     verifier_id?: string;
     verifier_service_id?: string;
     verifier_source_id?: string;
-    date: string;
+    date?: string;
 };
 export declare function resolveVerificationDetails([details]: VerificationProvider[], apiToken: string, envConfig: EnvConfig): Promise<ResolvedVerificationProvider | undefined>;

package/dist/api/resolveVerificationDetails.js

@@ -12,13 +12,14 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.resolveVerificationDetails = void 0;
 const getProfileObject_1 = require("./getProfileObject");
 function resolveVerificationDetails([details], apiToken, envConfig) {
+    var _a;
     return __awaiter(this, void 0, void 0, function* () {
         if (!details)
             return undefined;
         const maybeGet = (nId) => __awaiter(this, void 0, void 0, function* () {
-            var _a, _b;
+            var _b, _c;
             return nId
-                ? (_b = (_a = (yield (0, getProfileObject_1.getProfileObject)(envConfig, apiToken, nId))) === null || _a === void 0 ? void 0 : _a.properties) === null || _b === void 0 ? void 0 : _b.provider_name
+                ? (_c = (_b = (yield (0, getProfileObject_1.getProfileObject)(envConfig, apiToken, nId))) === null || _b === void 0 ? void 0 : _b.properties) === null || _c === void 0 ? void 0 : _c.provider_name
                 : undefined;
         });
         const [verifier_id, verifier_service_id, verifier_source_id] = yield Promise.all([
@@ -30,7 +31,7 @@ function resolveVerificationDetails([details], apiToken, envConfig) {
             verifier_id,
             verifier_service_id,
             verifier_source_id,
-            date: details.date.toISOString(),
+            date: (_a = details.date) === null || _a === void 0 ? void 0 : _a.toISOString(),
         };
     });
 }

package/dist/api/signIn.js

@@ -8,31 +8,48 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.signIn = void 0;
-const auth_1 = __importDefault(require("@aws-amplify/auth"));
+const auth_1 = require("@aws-amplify/auth");
 const core_1 = require("@raytio/core");
+/** see #1252 in the client repo */
+function signInWithPasswordMigration(username, password) {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            const userObj = yield auth_1.Auth.signIn(username, password);
+            return userObj;
+        }
+        catch (_a) {
+            // if the login fails, try again with their hashed password.
+            // if it's successful the second time, we quietly change their password.
+            const hashedPassword = yield (0, core_1.hashPassword)(password);
+            const userObj = yield auth_1.Auth.signIn(username, hashedPassword);
+            // the login was successful. So we need to migrate their account.
+            // No changes to the maxcryptor, purely to cognito.
+            // we can only migrate their password if there are no login challenges
+            if (!userObj.challengeName) {
+                console.log("Migrating credentials...");
+                yield auth_1.Auth.changePassword(userObj, hashedPassword, password);
+            }
+            return userObj;
+        }
+    });
+}
 function signIn(CONFIG, envConfig) {
     var _a, _b;
     return __awaiter(this, void 0, void 0, function* () {
-        auth_1.default.configure({
+        auth_1.Auth.configure({
             region: envConfig.cognito_region,
             userPoolId: envConfig.cognito_user_pool_id,
             userPoolWebClientId: envConfig.cognito_web_client_id,
         });
-        const userObj = yield auth_1.default.signIn({
-            username: CONFIG.RAYTIO_USERNAME,
-            password: yield (0, core_1.hashPassword)(CONFIG.RAYTIO_PASSWORD),
-        });
+        const userObj = yield signInWithPasswordMigration(CONFIG.RAYTIO_USERNAME, CONFIG.RAYTIO_PASSWORD);
         if (userObj.challengeName === "SOFTWARE_TOKEN_MFA") {
             throw new Error(`The configured account (${CONFIG.RAYTIO_USERNAME}) has two factor authentication enabled. You must disable 2FA or use a different account`);
         }
-        const user = yield auth_1.default.currentAuthenticatedUser();
-        const apiToken = (_b = (_a = user.signInUserSession) === null || _a === void 0 ? void 0 : _a.idToken) === null || _b === void 0 ? void 0 : _b.jwtToken;
-        const cognitoAttributes = yield auth_1.default.userAttributes(user);
+        const user = yield auth_1.Auth.currentAuthenticatedUser();
+        const apiToken = (_b = (_a = user.signInUserSession) === null || _a === void 0 ? void 0 : _a.accessToken) === null || _b === void 0 ? void 0 : _b.jwtToken;
+        const cognitoAttributes = yield auth_1.Auth.userAttributes(user);
         return { apiToken, cognitoAttributes };
     });
 }

package/dist/api/updateInstanceData.d.ts

@@ -0,0 +1,2 @@
+import type { Instance } from "@raytio/types";
+export declare function updateInstanceData(apiToken: string, instance: Instance): Promise<void>;

package/dist/api/updateInstanceData.js

@@ -0,0 +1,19 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.updateInstanceData = void 0;
+const authedFetch_1 = require("./authedFetch");
+function updateInstanceData(apiToken, instance) {
+    return __awaiter(this, void 0, void 0, function* () {
+        yield (0, authedFetch_1.authedFetch)(apiToken, `share/v2/access_application/instance/${instance.i_id}`, { method: "PUT", body: JSON.stringify(instance) });
+    });
+}
+exports.updateInstanceData = updateInstanceData;

package/dist/constants.d.ts

@@ -8,7 +8,7 @@ export declare const ATTRIBUTE_MAP: {
     "custom:ask_public": string[];
     "custom:ask_private": string[];
 };
-export declare const INSTANCE_FIELDS_TO_REMOVE: readonly ["profile_objects", "relationships", "keys"];
+export declare const INSTANCE_FIELDS_TO_REMOVE: readonly ["profile_objects", "relationships", "keys", "score"];
 export declare const FIELDS_TO_REMOVE: readonly ["n_id", "document"];
 export declare const ENV_VARIABLES: readonly ["CLIENT_URL", "RAYTIO_USERNAME", "RAYTIO_PASSWORD"];
 export declare type Config = Record<typeof ENV_VARIABLES[number], string>;

package/dist/constants.js

@@ -15,6 +15,7 @@ exports.INSTANCE_FIELDS_TO_REMOVE = [
     "profile_objects",
     "relationships",
     "keys",
+    "score",
 ];
 exports.FIELDS_TO_REMOVE = ["n_id", "document"];
 exports.ENV_VARIABLES = [

package/dist/helpers/formatOutput.d.ts

@@ -1,7 +1,6 @@
 import { FieldVerification, NId, POVerification, ProfileObject, RealVer, Schema } from "@raytio/types";
 import { ResolvedVerificationProvider, EnvConfig } from "../api";
 export declare type FlatPO = {
-    $verified: POVerification;
     $verification_details: ResolvedVerificationProvider | undefined;
     $shouldBeVerifiedFields: string[] | undefined;
     $nId: NId;
@@ -11,9 +10,19 @@ export declare type FlatPO = {
         [fieldName: string]: {
             title: string;
             value: unknown;
+            formatted_value?: string | number;
             verification: FieldVerification;
         };
     };
-    $safeHarbour: boolean | "NOT_APPLICABLE";
+    $badges: {
+        verified: {
+            code: POVerification;
+            statusText: string;
+        };
+        safeHarbour?: {
+            code: boolean;
+            statusText: string;
+        };
+    };
 };
 export declare function formatOutput(profileObjects: ProfileObject[], allSchemas: Schema[], realVers: RealVer[], apiToken: string, envConfig: EnvConfig): Promise<Record<string, FlatPO[]>>;

package/dist/helpers/formatOutput.js

@@ -13,6 +13,7 @@ exports.formatOutput = void 0;
 const core_1 = require("@raytio/core");
 const ramda_1 = require("ramda");
 const types_1 = require("@raytio/types");
+const locales_1 = require("../locales");
 const api_1 = require("../api");
 const constants_1 = require("../constants");
 const lookup_1 = require("./lookup");
@@ -44,31 +45,44 @@ function formatOutput(profileObjects, allSchemas, realVers, apiToken, envConfig)
                 var _b, _c;
                 const accP = yield acc;
                 (0, types_2.assertSafeProperty)(key);
-                return Object.assign(Object.assign({}, accP), { [key]: {
-                        title: ((_c = (_b = schema.properties) === null || _b === void 0 ? void 0 : _b[key]) === null || _c === void 0 ? void 0 : _c.title) || key,
-                        value: typeof value === "string"
-                            ? yield (0, lookup_1.maybeAddLookupValue)(schema, key, value, apiToken)
-                            : value,
-                        verification: verDetails.fieldVerifications[key] ||
-                            types_1.FieldVerification.NotVerified,
-                    } });
+                const prettyValue = typeof value === "string"
+                    ? yield (0, lookup_1.maybeGetLookupValue)(schema, key, value, apiToken)
+                    : undefined;
+                const obj = {
+                    title: ((_c = (_b = schema.properties) === null || _b === void 0 ? void 0 : _b[key]) === null || _c === void 0 ? void 0 : _c.title) || key,
+                    value,
+                    verification: verDetails.fieldVerifications[key] || types_1.FieldVerification.NotVerified,
+                };
+                if (prettyValue)
+                    obj.formatted_value = prettyValue;
+                return Object.assign(Object.assign({}, accP), { [key]: obj });
             }), Promise.resolve({}));
             const thisPO = {
-                $verified: verDetails.status,
                 $verification_details: yield (0, api_1.resolveVerificationDetails)(verDetails.details.verifiers, apiToken, envConfig),
                 $shouldBeVerifiedFields: (_a = schema.verified_fields) === null || _a === void 0 ? void 0 : _a.map((x) => typeof x === "string" ? x : x.field),
                 $nId: PO.n_id,
                 $schemaName: schemaName,
                 $schemaTitle: schema.title,
                 $properties: reducedProperties,
-                $safeHarbour: schemaName === constants_1.SCHEMA.PERSON
-                    ? (yield (0, core_1.calcSafeHarbourScore)({
-                        person: PO,
-                        getSchema: (name) => (0, api_1.getSchema)(envConfig, name),
-                        profileObjects,
-                        realVers,
-                    })).isSafe
-                    : "NOT_APPLICABLE",
+                $badges: {
+                    verified: {
+                        code: verDetails.status,
+                        statusText: constants_1.PO_VER_TEXT_MAP[verDetails.status],
+                    },
+                    safeHarbour: schemaName === constants_1.SCHEMA.PERSON
+                        ? (({ isSafe }) => ({
+                            code: isSafe,
+                            statusText: isSafe
+                                ? (0, locales_1.$$)("POVerificationBadge.safe-harbour-yes")
+                                : (0, locales_1.$$)("POVerificationBadge.safe-harbour-no"),
+                        }))(yield (0, core_1.calcSafeHarbourScore)({
+                            person: PO,
+                            getSchema: (name) => (0, api_1.getSchema)(envConfig, name),
+                            profileObjects,
+                            realVers,
+                        }))
+                        : undefined,
+                },
             };
             return Object.assign(Object.assign({}, ac), { [schemaName]: [...existing, thisPO] });
         }), Promise.resolve({}));

package/dist/helpers/json2csv.js

@@ -17,7 +17,7 @@ function deepJsonToCsv(json) {
     const flatJson = (0, exports.flattenObj)(json);
     const [headerRow, values] = (0, ramda_1.transpose)(Object.entries(flatJson));
     const toCsvRow = (row) => row
-        .map((field) => typeof field === "string" ? `"${field.replace(/"/g, '\\"')}"` : field)
+        .map((field) => typeof field === "string" ? `"${field.replace(/"/g, '""')}"` : field)
         .join(",");
     return `${toCsvRow(headerRow)}\n${toCsvRow(values)}`;
 }

package/dist/helpers/lookup.d.ts

@@ -1,2 +1,2 @@
 import { Schema } from "@raytio/types";
-export declare const maybeAddLookupValue: <T>(schema: Schema, k: string, value: T, apiToken: string) => Promise<string | number | T>;
+export declare const maybeGetLookupValue: <T>(schema: Schema, k: string, value: T, apiToken: string) => Promise<string | number | T | undefined>;

package/dist/helpers/lookup.js

@@ -9,14 +9,14 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.maybeAddLookupValue = void 0;
+exports.maybeGetLookupValue = void 0;
 const getLookupOption_1 = require("../api/getLookupOption");
-const maybeAddLookupValue = (schema, k, value, apiToken) => __awaiter(void 0, void 0, void 0, function* () {
+const maybeGetLookupValue = (schema, k, value, apiToken) => __awaiter(void 0, void 0, void 0, function* () {
     var _a, _b, _c;
     const lookupUrl = (_b = (_a = schema.properties) === null || _a === void 0 ? void 0 : _a[k]) === null || _b === void 0 ? void 0 : _b.lookup;
     if (!lookupUrl)
-        return value;
+        return undefined;
     const lookup = yield (0, getLookupOption_1.getLookupOption)(apiToken, lookupUrl);
-    return ((_c = lookup.find((l) => l.key === value)) === null || _c === void 0 ? void 0 : _c.value) || value;
+    return (_c = lookup.find((l) => l.key === value)) === null || _c === void 0 ? void 0 : _c.value;
 });
-exports.maybeAddLookupValue = maybeAddLookupValue;
+exports.maybeGetLookupValue = maybeGetLookupValue;

package/dist/locales/index.d.ts

@@ -40,5 +40,5 @@ declare global {
     var lang: I18nLang;
 }
 export declare const isValidLocale: (lang: string) => lang is "en";
-export declare const $$: (key: I18nKey, variables?: Record<string, string | number> | undefined) => string;
+export declare const $$: (key: I18nKey, variables?: Record<string, string | number>) => string;
 export {};

package/dist/pdf/components/POVerificationBadge.js

@@ -21,20 +21,20 @@ exports.FILE_MAP = {
 };
 const POVerificationBadge = ({ width, POs, }) => {
     // TODO: this won't work if multiple POs of the same schema are shared
-    const { $verified, $verification_details, $shouldBeVerifiedFields, $safeHarbour, } = POs[0];
+    const { $badges, $verification_details, $shouldBeVerifiedFields } = POs[0];
     const verifiedBy = $verification_details === null || $verification_details === void 0 ? void 0 : $verification_details.verifier_id;
     return (jsx_pdf_1.default.createElement(jsx_pdf_1.default.Fragment, null,
         $shouldBeVerifiedFields && (jsx_pdf_1.default.createElement(jsx_pdf_1.default.Fragment, null,
-            jsx_pdf_1.default.createElement("svg", { content: (0, general_1.loadAsset)(`${exports.FILE_MAP[$verified]}.svg`), width: width }),
-            jsx_pdf_1.default.createElement("text", { alignment: "center" }, constants_1.PO_VER_TEXT_MAP[$verified]),
+            jsx_pdf_1.default.createElement("svg", { content: (0, general_1.loadAsset)(`${exports.FILE_MAP[$badges.verified.code]}.svg`), width: width }),
+            jsx_pdf_1.default.createElement("text", { alignment: "center" }, constants_1.PO_VER_TEXT_MAP[$badges.verified.code]),
             verifiedBy && (jsx_pdf_1.default.createElement("text", { alignment: "center" }, (0, locales_1.$$)("POVerificationBadge.verified-by", { verifiedBy }))))),
-        typeof $safeHarbour === "boolean" && (jsx_pdf_1.default.createElement("columns", { columnGap: 10 },
+        $badges.safeHarbour && (jsx_pdf_1.default.createElement("columns", { columnGap: 10 },
             jsx_pdf_1.default.createElement("column", { width: width / 3 },
-                jsx_pdf_1.default.createElement("svg", { content: (0, general_1.loadAsset)(`${exports.FILE_MAP[$safeHarbour
+                jsx_pdf_1.default.createElement("svg", { content: (0, general_1.loadAsset)(`${exports.FILE_MAP[$badges.safeHarbour.code
                         ? types_1.POVerification.FullyVerified
                         : types_1.POVerification.VerifiedFalse]}.svg`), width: width / 3 })),
             jsx_pdf_1.default.createElement("column", { width: "auto" },
-                jsx_pdf_1.default.createElement("text", { alignment: "center" }, $safeHarbour
+                jsx_pdf_1.default.createElement("text", { alignment: "center" }, $badges.safeHarbour.code
                     ? (0, locales_1.$$)("POVerificationBadge.safe-harbour-yes")
                     : (0, locales_1.$$)("POVerificationBadge.safe-harbour-no")))))));
 };

package/dist/pdf/components/Report.js

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.Report = void 0;
 const jsx_pdf_1 = __importDefault(require("jsx-pdf"));
 const crypto_1 = require("crypto");
+const core_1 = require("@raytio/core");
 const locales_1 = require("../../locales");
 const POVerificationBadge_1 = require("./POVerificationBadge");
 const Subheader_1 = require("./Subheader");
@@ -33,7 +34,9 @@ const Report = ({ data, files, config, aId, clientUrl, envConfig, version, }) =>
             creator: appName,
             producer: "Raytio",
             subject: version,
-        }, ownerPassword: randomToken, permissions: {
+        }, 
+        // @ts-expect-error -- waiting on bpampuch/pdfmake#2453
+        lang: global.lang, ownerPassword: randomToken, permissions: {
             printing: "highResolution",
             copying: true, // allow copy/paste
         }, pageSize: "A4", styles: style_1.classes, images: {
@@ -56,7 +59,7 @@ const Report = ({ data, files, config, aId, clientUrl, envConfig, version, }) =>
                         Object.entries(constants_1.SUBMISSION_DATA)
                             .map(([id, label]) => `${label}: ${(0, transform_1.transform)(id, data[id], config)}`)
                             .join("\n"),
-                        data.score
+                        (0, core_1.isScoreResultValid)(data.score)
                             ? [
                                 "",
                                 `${(0, locales_1.$$)("constants.score")}: ${data.score.score}`,

package/dist/pdf/components/Table.js

@@ -32,14 +32,14 @@ const Table = ({ POs, files, config, }) => {
                 if (!PO.$properties[fieldName]) {
                     return [jsx_pdf_1.default.createElement("cell", null, " "), jsx_pdf_1.default.createElement("cell", null, " ")];
                 }
-                const { value, verification } = PO.$properties[fieldName];
+                const { value, formatted_value, verification } = PO.$properties[fieldName];
                 const color = (0, general_1.verifyColour)(verification);
                 // jsx-pdf currently doesn't support fragments, will make a PR at some point
                 return [
                     jsx_pdf_1.default.createElement("cell", null,
                         jsx_pdf_1.default.createElement(FieldVerificationBadge_1.FieldVerificationBadge, { width: 10, status: verification })),
                     jsx_pdf_1.default.createElement("cell", null,
-                        jsx_pdf_1.default.createElement(InnerTableRows_1.InnerTableRows, { key: fieldName, value: value, files: files, config: config, color: color, imageFieldNames: imageFieldNames })),
+                        jsx_pdf_1.default.createElement(InnerTableRows_1.InnerTableRows, { key: fieldName, value: formatted_value || value, files: files, config: config, color: color, imageFieldNames: imageFieldNames })),
                 ];
             })));
     })));

package/dist/public-methods/generatePDF.js

@@ -29,7 +29,6 @@ const generatePDF = () => (data) => __awaiter(void 0, void 0, void 0, function*
     console.log("Generating PDF Report...");
     const { DATE_FORMAT = "en-nz", TIMEZONE = "Pacific/Auckland" } = process.env;
     const pkg = JSON.parse(yield fs_1.promises.readFile((0, path_1.join)(__dirname, "../../package.json"), "utf8"));
-    const version = `node:${process.version} pkg:${pkg.version}`;
     if (data.envConfig.logo_url) {
         // there is a white labelling URL, so fetch it and write it to disk, overriding the default logo
         const arrayBuf = yield (0, node_fetch_1.default)(data.envConfig.logo_url).then((r) => r.arrayBuffer());
@@ -44,9 +43,10 @@ const generatePDF = () => (data) => __awaiter(void 0, void 0, void 0, function*
             console.warn(`The specified PDF_LANGUAGE is language is invalid (${customLang})`);
         }
     }
+    const subject = `node:${process.version} pkg:${pkg.version} lang:${global.lang}`;
     return new Promise((resolve) => {
         const printer = new pdfmake_1.default(style_1.fonts);
-        const pdfDoc = printer.createPdfKitDocument(generatePdfJson(data, DATE_FORMAT, TIMEZONE, version));
+        const pdfDoc = printer.createPdfKitDocument(generatePdfJson(data, DATE_FORMAT, TIMEZONE, subject));
         const chunks = [];
         pdfDoc.on("data", (chunk) => chunks.push(chunk));
         pdfDoc.on("end", () => {

package/dist/public-methods/processSubmission.d.ts

@@ -6,6 +6,7 @@ import { ApplicationEncryptorLike } from "../types";
 declare type DecryptData = {
     apiToken: string;
     instance: Instance;
+    encryptedInstance: Instance;
     applicationDecryptor: ApplicationEncryptorLike;
 };
 export interface ProcessSubmissionInput {

package/dist/public-methods/processSubmission.js

@@ -31,7 +31,12 @@ function decryptStage(log, config, envConfig, instanceId) {
             maxcryptor,
             onCorruptedData: () => "🔒 Corrupted Data 🔒",
         });
-        return { apiToken, instance, applicationDecryptor };
+        return {
+            apiToken,
+            instance,
+            applicationDecryptor,
+            encryptedInstance: apiResp,
+        };
     });
 }
 function processSubmission({ applicationId, instanceId, verbose, config, _supliedConfig, }) {
@@ -40,7 +45,7 @@ function processSubmission({ applicationId, instanceId, verbose, config, _suplie
         try {
             log("Fetching config...");
             const envConfig = yield (0, api_1.fetchEnvConfig)(config.CLIENT_URL);
-            const { instance, apiToken, applicationDecryptor } = _supliedConfig ||
+            const { instance, apiToken, applicationDecryptor, encryptedInstance } = _supliedConfig ||
                 (yield decryptStage(log, config, envConfig, instanceId));
             log("Checking verifications...");
             const [profileObjects, verifications] = (0, helpers_1.splitPOAndVers)(instance.profile_objects);
@@ -61,13 +66,20 @@ function processSubmission({ applicationId, instanceId, verbose, config, _suplie
             log("Fetching access application...");
             const AA = yield (0, api_1.fetchAA)(apiToken, envConfig, instance.a_id);
             let score;
-            if (AA.ruleset &&
-                typeof AA.ruleset === "object" &&
-                Object.keys(AA.ruleset).length) {
+            if ((0, core_1.isScoreConfigValid)(AA.ruleset)) {
                 const ruleInputData = yield (0, core_1.convertInstanceToRuleInput)(instance, realVers, (schemaName) => (0, api_1.getSchema)(envConfig, schemaName));
                 try {
+                    // decrypt helper never uses a stored score. We always re-calculate it.
                     log("Calculating score...");
-                    score = (0, core_1.calculateScore)(AA.ruleset, ruleInputData);
+                    score = yield (0, core_1.calculateScore)(AA.ruleset, ruleInputData);
+                    if (!(0, ramda_1.equals)(instance.score, score)) {
+                        // the score we calculated is different to the one that's saved on the instance.
+                        // So we save the new score.
+                        log("Saving score to instance...");
+                        // this can happen silently in the background, but we await it since so that we
+                        // abort if this fails.
+                        yield (0, api_1.updateInstanceData)(apiToken, Object.assign(Object.assign({}, encryptedInstance), { score }));
+                    }
                 }
                 catch (ex) {
                     log(`Score calculation failed (${ex})`);
@@ -91,7 +103,7 @@ function processSubmission({ applicationId, instanceId, verbose, config, _suplie
                         constants_1.FIELD_VER_TEXT_MAP[field.verification],
                     ],
                 ]);
-                return Object.assign(Object.assign(Object.assign({}, flatPO), { $verified: constants_1.PO_VER_TEXT_MAP[flatPO.$verified] }), Object.fromEntries(obj));
+                return Object.assign(Object.assign({}, flatPO), Object.fromEntries(obj));
             }), PODetails)));
             log("Success!");
             return {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@raytio/decrypt-helper",
-  "version": "3.1.1",
+  "version": "5.0.0",
   "author": "Raytio",
   "description": "A helper to decrypt data shared by Raytio users",
   "main": "dist",
@@ -22,39 +22,39 @@
   },
   "dependencies": {
     "@aws-amplify/auth": "3.4.25",
-    "@peculiar/webcrypto": "^1.3.2",
-    "@raytio/core": "^9.0.3",
+    "@peculiar/webcrypto": "^1.4.0",
+    "@raytio/core": "^10.0.1",
     "@raytio/maxcryptor": "^3.1.0",
-    "@raytio/types": "^6.0.0",
+    "@raytio/types": "^6.0.2",
     "aws-sdk": "^2.754.0",
     "jsx-pdf": "^2.3.0",
     "localstorage-polyfill": "^1.0.1",
     "mime-types": "^2.1.35",
     "node-fetch": "^2.6.7",
-    "pdfmake": "^0.2.4",
+    "pdfmake": "^0.2.5",
     "ramda": "^0.28.0"
   },
   "devDependencies": {
     "@raytio/react-intl-manager": "^6.3.0",
-    "@types/jest": "^27.4.1",
-    "@types/jest-image-snapshot": "^4.3.1",
+    "@types/jest": "^28.1.6",
+    "@types/jest-image-snapshot": "^5.1.0",
     "@types/jsx-pdf": "^2.2.2",
     "@types/mime-types": "^2.1.1",
-    "@types/node": "^16.11.26",
+    "@types/node": "^16.11.45",
     "@types/node-fetch": "^2.5.12",
-    "@types/pdfmake": "^0.1.20",
-    "@types/ramda": "^0.28.1",
+    "@types/pdfmake": "^0.2.0",
+    "@types/ramda": "^0.28.15",
     "babel-preset-react-app": "^10.0.1",
-    "dotenv": "^16.0.0",
-    "eslint": "^8.11.0",
-    "eslint-config-kyle": "^8.13.0",
-    "jest": "^27.5.1",
-    "jest-image-snapshot": "^4.5.1",
-    "jest-junit": "^13.0.0",
+    "dotenv": "^16.0.1",
+    "eslint": "^8.20.0",
+    "eslint-config-kyle": "^8.40.0",
+    "jest": "^28.1.3",
+    "jest-image-snapshot": "^5.1.0",
+    "jest-junit": "^14.0.0",
     "pdf-to-img": "^1.2.0",
-    "ts-jest": "^27.1.3",
-    "ts-node": "^10.7.0",
-    "typescript": "^4.6.2"
+    "ts-jest": "^28.0.7",
+    "ts-node": "^10.9.1",
+    "typescript": "^4.7.4"
   },
   "eslintConfig": {
     "extends": "kyle",