@raytio/decrypt-helper 6.1.0 → 6.1.1

package/dist/api/authedFetch.d.ts

@@ -0,0 +1 @@
+export declare function authedFetch<T>(apiToken: string, url: string, options?: RequestInit, retrying?: boolean): Promise<T>;

package/dist/api/authedFetch.js

@@ -0,0 +1,33 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.authedFetch = void 0;
+function authedFetch(apiToken, url, options, retrying = false) {
+    return __awaiter(this, void 0, void 0, function* () {
+        console.log(`[API] ${retrying ? "Retry" : "Start"} ${url}`);
+        const startTime = Date.now();
+        const response = yield fetch(url, Object.assign(Object.assign({}, options), { headers: { Authorization: `Bearer ${apiToken}` } }));
+        const apiResponse = yield response.json();
+        const error = apiResponse.message || apiResponse.error;
+        if (error) {
+            if (!retrying && response.status === 504) {
+                console.log(`[API] Error ${response.status} (will retry) ${url}`);
+                return authedFetch(apiToken, url, options, true);
+            }
+            console.log(`[API] Error ${response.status} (no retry) ${url}`);
+            throw new Error(`Failed due to API Error from ${url}: "${error}"`);
+        }
+        const totalTime = ((Date.now() - startTime) / 1000).toFixed(1);
+        console.log(`[API] Finish${retrying ? " after retry" : ""} (${totalTime}s) ${url}`);
+        return apiResponse;
+    });
+}
+exports.authedFetch = authedFetch;

package/dist/api/fetchAA.d.ts

@@ -0,0 +1,3 @@
+import type { AId, AA } from "@raytio/types";
+import { EnvConfig } from "./fetchEnvConfig";
+export declare function fetchAA(apiToken: string, envConfig: EnvConfig, aId: AId): Promise<AA>;

package/dist/api/fetchAA.js

@@ -0,0 +1,19 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fetchAA = void 0;
+const authedFetch_1 = require("./authedFetch");
+function fetchAA(apiToken, envConfig, aId) {
+    return __awaiter(this, void 0, void 0, function* () {
+        return (0, authedFetch_1.authedFetch)(apiToken, `${envConfig.api_url}/share/v2/access_application/${aId}`);
+    });
+}
+exports.fetchAA = fetchAA;

package/dist/api/fetchEnvConfig.d.ts

@@ -0,0 +1,6 @@
+declare const PARAMS: readonly ["cognito_region", "cognito_user_pool_id", "cognito_web_client_id", "api_url", "app_name", "logo_url"];
+export type EnvConfig = Record<(typeof PARAMS)[number], string> & {
+    clientUrl: string;
+};
+export declare function fetchEnvConfig(clientUrl: string): Promise<EnvConfig>;
+export {};

package/dist/api/fetchEnvConfig.js

@@ -0,0 +1,39 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fetchEnvConfig = void 0;
+const PARAMS = [
+    "cognito_region",
+    "cognito_user_pool_id",
+    "cognito_web_client_id",
+    "api_url",
+    "app_name",
+    "logo_url", // must be a URL to a png file
+];
+const DEFAULTS = {
+    app_name: "Raytio",
+    logo_url: undefined,
+};
+function fetchEnvConfig(clientUrl) {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            const envConfig = Object.assign(Object.assign({}, DEFAULTS), (yield fetch(`${clientUrl}/client_config.json`).then((r) => r.json())));
+            const missing = PARAMS.filter((p) => !(p in envConfig));
+            if (missing.length)
+                throw new Error(`Missing: ${missing.join(", ")}`);
+            return Object.assign(Object.assign({}, envConfig), { clientUrl });
+        }
+        catch (ex) {
+            throw new Error(`The CLIENT_URL you specified is not a valid Raytio client. Are you sure you used the client URL, not the API url? You supplied: "${clientUrl}" (${ex})`);
+        }
+    });
+}
+exports.fetchEnvConfig = fetchEnvConfig;

package/dist/api/fetchInstanceData.d.ts

@@ -0,0 +1,3 @@
+import type { IId, Instance } from "@raytio/types";
+import { EnvConfig } from "./fetchEnvConfig";
+export declare function fetchInstanceData(apiToken: string, envConfig: EnvConfig, instanceId: IId): Promise<Instance>;

package/dist/api/fetchInstanceData.js

@@ -0,0 +1,21 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fetchInstanceData = void 0;
+const core_1 = require("@raytio/core");
+const authedFetch_1 = require("./authedFetch");
+function fetchInstanceData(apiToken, envConfig, instanceId) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const instance = yield (0, authedFetch_1.authedFetch)(apiToken, `${envConfig.api_url}/share/v2/access_application/instance/${instanceId}`).then(core_1.cleanInstance);
+        return instance;
+    });
+}
+exports.fetchInstanceData = fetchInstanceData;

package/dist/api/getFiles.d.ts

@@ -0,0 +1,6 @@
+import type { Instance, NId, ProfileObject } from "@raytio/types";
+import { ApplicationEncryptorLike } from "../types";
+import { EnvConfig } from "./fetchEnvConfig";
+type FileObject = Record<NId, [dataUrl: string, fileExtension: string]>;
+export declare function getFiles(profileObjects: ProfileObject[], instance: Instance, apiToken: string, envConfig: EnvConfig, applicationDecryptor: ApplicationEncryptorLike): Promise<FileObject>;
+export {};

package/dist/api/getFiles.js

@@ -0,0 +1,92 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getFiles = void 0;
+const core_1 = require("@raytio/core");
+const mime_types_1 = require("mime-types");
+const file_1 = require("../helpers/file");
+const authedFetch_1 = require("./authedFetch");
+const videoToImage_1 = require("./videoToImage");
+const TEMP_OBJ_PREFIX = "urn:temp_object:";
+const getFileExtn = (b64) => { var _a; return (0, mime_types_1.extension)(((_a = b64.split(":")[1]) === null || _a === void 0 ? void 0 : _a.split(";base64,")[0]) || "text/plain") || "txt"; };
+const decryptFile = (encryptedData, encryptedObject, applicationDecryptor, wdek) => __awaiter(void 0, void 0, void 0, function* () {
+    const clonedEncryptedObject = JSON.parse(JSON.stringify(encryptedObject));
+    clonedEncryptedObject.encrypted_data.data = encryptedData;
+    const decrypted = yield applicationDecryptor.decrypt(clonedEncryptedObject, wdek);
+    return decrypted;
+});
+const cleanApiResponse = (responseBody) => {
+    try {
+        const realB64 = Buffer.from(responseBody, "base64").toString("binary");
+        if (realB64.slice(0, 5) === "data:") {
+            return realB64;
+        }
+    }
+    catch (_a) {
+        // for some reason we need to do this...
+    }
+    return responseBody;
+};
+function getFiles(profileObjects, instance, apiToken, envConfig, applicationDecryptor) {
+    var _a;
+    return __awaiter(this, void 0, void 0, function* () {
+        // [nId: NId, fieldName: string, file: RaytFile][]
+        const urnOrEncryptedList = profileObjects.flatMap((PO) => {
+            return Object.entries(PO.properties)
+                .filter((kv) => (0, file_1.isFieldValueFile)(kv[1]))
+                .map(([k, v]) => {
+                return [
+                    PO.n_id,
+                    v.n_id,
+                    k,
+                    "content" in v ? v.content : v.Content,
+                ];
+            });
+        });
+        const filesBase64 = yield Promise.all(urnOrEncryptedList.map(([PONId, fileNId, fieldName, urnOrEncrypted]) => __awaiter(this, void 0, void 0, function* () {
+            var _b, _c;
+            // handle urn:temp_object:
+            if (typeof urnOrEncrypted === "string" &&
+                urnOrEncrypted.startsWith(TEMP_OBJ_PREFIX)) {
+                const url = Buffer.from(urnOrEncrypted.slice(TEMP_OBJ_PREFIX.length), "base64").toString("binary");
+                const response = yield fetch(url);
+                const base64 = Buffer.from(yield response.arrayBuffer()).toString("base64");
+                const type = response.headers.get("content-type") || "text/plain";
+                const dataUrl = `data:${type};base64,${base64}`;
+                return [fileNId, [dataUrl, getFileExtn(dataUrl)]];
+            }
+            const realDataUrl = yield (0, authedFetch_1.authedFetch)(apiToken, `${envConfig.api_url}/share/v2/access_application/instance/${instance.i_id}/profile_object/${fileNId}/content`).then(cleanApiResponse);
+            if ((0, core_1.isEncrypted)(urnOrEncrypted)) {
+                const wdek = (_c = (_b = instance.keys[PONId]) === null || _b === void 0 ? void 0 : _b[fieldName]) === null || _c === void 0 ? void 0 : _c.data;
+                if (!wdek)
+                    return [fileNId, undefined];
+                const decryptedDataUrl = yield decryptFile(realDataUrl, urnOrEncrypted, applicationDecryptor, wdek);
+                return [fileNId, [decryptedDataUrl, getFileExtn(decryptedDataUrl)]];
+            }
+            return [fileNId, [realDataUrl, getFileExtn(realDataUrl)]];
+        })));
+        const allDataUrls = Object.fromEntries(filesBase64.filter((file) => { var _a; return !!file[1] && ((_a = file[1][0]) === null || _a === void 0 ? void 0 : _a.includes(",")); }));
+        // for all videos, also store a static frame from the video, since we can't embedded a video into the PDF
+        for (const nId in allDataUrls) {
+            const [dataUrl, fileExtn] = allDataUrls[nId];
+            const isVideo = (_a = mime_types_1.types[fileExtn]) === null || _a === void 0 ? void 0 : _a.startsWith("video/");
+            if (isVideo) {
+                const imageDataUrl = yield (0, videoToImage_1.videoToImage)(apiToken, envConfig, dataUrl);
+                allDataUrls[`${nId}_videoFrame`] = [
+                    imageDataUrl,
+                    getFileExtn(imageDataUrl),
+                ];
+            }
+        }
+        return allDataUrls;
+    });
+}
+exports.getFiles = getFiles;

package/dist/api/getLookupOption.d.ts

@@ -0,0 +1,2 @@
+import { Lookup } from "@raytio/types";
+export declare function getLookupOption(apiToken: string, lookup: string): Promise<Lookup[]>;

package/dist/api/getLookupOption.js

@@ -0,0 +1,32 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getLookupOption = void 0;
+const authedFetch_1 = require("./authedFetch");
+/**
+ * We cache the promise so that only one XHR request is ever sent
+ */
+const cache = new Map();
+function getLookupOption(apiToken, lookup) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const { origin } = new URL(lookup);
+        const cached = cache.get(lookup);
+        if (cached)
+            return cached;
+        // if it's a lookup to our own API, then include the IdentityToken
+        const promise = origin.endsWith(".rayt.io")
+            ? (0, authedFetch_1.authedFetch)(apiToken, lookup)
+            : fetch(lookup).then((r) => r.json());
+        cache.set(lookup, promise);
+        return promise;
+    });
+}
+exports.getLookupOption = getLookupOption;

package/dist/api/getSchema.d.ts

@@ -0,0 +1,3 @@
+import type { Schema } from "@raytio/types";
+import { EnvConfig } from "./fetchEnvConfig";
+export declare function getAllSchema(envConfig: EnvConfig): Promise<Schema[]>;

package/dist/api/getSchema.js

@@ -0,0 +1,23 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAllSchema = void 0;
+const core_1 = require("@raytio/core");
+const authedFetch_1 = require("./authedFetch");
+function getAllSchema(envConfig) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const list = yield (0, authedFetch_1.authedFetch)("", `${envConfig.api_url}/db/v1/schema?version_current=eq.true`);
+        return list.map((wrappedSchema) => (0, core_1.expandSchema)(wrappedSchema, list, [
+            process.env.PDF_LANGUAGE || process.env.DATE_FORMAT || "en-NZ",
+        ]));
+    });
+}
+exports.getAllSchema = getAllSchema;

package/dist/api/index.d.ts

@@ -0,0 +1,9 @@
+export * from "./authedFetch";
+export * from "./fetchAA";
+export * from "./fetchEnvConfig";
+export * from "./fetchInstanceData";
+export * from "./getFiles";
+export * from "./getSchema";
+export * from "./resolveVerificationDetails";
+export * from "./signIn";
+export * from "./updateInstanceData";

package/dist/api/index.js

@@ -0,0 +1,25 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./authedFetch"), exports);
+__exportStar(require("./fetchAA"), exports);
+__exportStar(require("./fetchEnvConfig"), exports);
+__exportStar(require("./fetchInstanceData"), exports);
+__exportStar(require("./getFiles"), exports);
+__exportStar(require("./getSchema"), exports);
+__exportStar(require("./resolveVerificationDetails"), exports);
+__exportStar(require("./signIn"), exports);
+__exportStar(require("./updateInstanceData"), exports);

package/dist/api/resolveVerificationDetails.d.ts

@@ -0,0 +1,11 @@
+import type { VerificationProvider } from "@raytio/types";
+import { EnvConfig } from "./fetchEnvConfig";
+export type ResolvedVerificationProvider = {
+    verifier_id?: string;
+    verifier_service_id?: string;
+    verifier_source_id?: string;
+    date?: string;
+};
+export declare function resolveVerificationDetails([details]: VerificationProvider[], envConfig: EnvConfig): Promise<ResolvedVerificationProvider | undefined>;
+/** @deprecated - for use in unit tests only */
+export declare const clearCache: () => void;

package/dist/api/resolveVerificationDetails.js

@@ -0,0 +1,36 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.clearCache = exports.resolveVerificationDetails = void 0;
+let verifiersPromise;
+function resolveVerificationDetails([details], envConfig) {
+    var _a, _b, _c, _d;
+    return __awaiter(this, void 0, void 0, function* () {
+        if (!details)
+            return undefined;
+        verifiersPromise || (verifiersPromise = fetch(`${envConfig.clientUrl}/verifiers.json`)
+            .then((r) => r.json())
+            .catch(() => ({ verifiers: {} })));
+        const { verifiers } = yield verifiersPromise;
+        return {
+            verifier_id: (_a = verifiers[details.verifierNId]) === null || _a === void 0 ? void 0 : _a.name,
+            verifier_service_id: (_b = verifiers[details.serviceProviderNId]) === null || _b === void 0 ? void 0 : _b.name,
+            verifier_source_id: (_c = verifiers[details.dataSourceNId]) === null || _c === void 0 ? void 0 : _c.name,
+            date: (_d = details.date) === null || _d === void 0 ? void 0 : _d.toISOString(),
+        };
+    });
+}
+exports.resolveVerificationDetails = resolveVerificationDetails;
+/** @deprecated - for use in unit tests only */
+const clearCache = () => {
+    verifiersPromise = null;
+};
+exports.clearCache = clearCache;

package/dist/api/signIn.d.ts

@@ -0,0 +1,7 @@
+import type { ICognitoUserAttributeData } from "amazon-cognito-identity-js";
+import { Config } from "../constants";
+import { EnvConfig } from "./fetchEnvConfig";
+export declare function signIn(CONFIG: Config, envConfig: EnvConfig): Promise<{
+    apiToken: string;
+    cognitoAttributes: ICognitoUserAttributeData[];
+}>;

package/dist/api/signIn.js

@@ -0,0 +1,56 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.signIn = void 0;
+const auth_1 = require("@aws-amplify/auth");
+const core_1 = require("@raytio/core");
+/** see #1252 in the client repo */
+function signInWithPasswordMigration(username, password) {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            const userObject = yield auth_1.Auth.signIn(username, password);
+            return userObject;
+        }
+        catch (_a) {
+            // if the login fails, try again with their hashed password.
+            // if it's successful the second time, we quietly change their password.
+            const hashedPassword = yield (0, core_1.hashPassword)(password);
+            const userObject = yield auth_1.Auth.signIn(username, hashedPassword);
+            // the login was successful. So we need to migrate their account.
+            // No changes to the maxcryptor, purely to cognito.
+            // we can only migrate their password if there are no login challenges
+            if (!userObject.challengeName) {
+                console.log("Migrating credentials...");
+                yield auth_1.Auth.changePassword(userObject, hashedPassword, password);
+            }
+            return userObject;
+        }
+    });
+}
+function signIn(CONFIG, envConfig) {
+    var _a, _b;
+    return __awaiter(this, void 0, void 0, function* () {
+        auth_1.Auth.configure({
+            region: envConfig.cognito_region,
+            userPoolId: envConfig.cognito_user_pool_id,
+            userPoolWebClientId: envConfig.cognito_web_client_id,
+        });
+        const userObject = yield signInWithPasswordMigration(CONFIG.RAYTIO_USERNAME, CONFIG.RAYTIO_PASSWORD);
+        if (userObject.challengeName === "SOFTWARE_TOKEN_MFA") {
+            throw new Error(`The configured account (${CONFIG.RAYTIO_USERNAME}) has two factor authentication enabled. You must disable 2FA or use a different account`);
+        }
+        const user = yield auth_1.Auth.currentAuthenticatedUser();
+        const apiToken = (_b = (_a = user.signInUserSession) === null || _a === void 0 ? void 0 : _a.accessToken) === null || _b === void 0 ? void 0 : _b.jwtToken;
+        const cognitoAttributes = yield auth_1.Auth.userAttributes(user);
+        return { apiToken, cognitoAttributes };
+    });
+}
+exports.signIn = signIn;

package/dist/api/updateInstanceData.d.ts

@@ -0,0 +1,2 @@
+import type { Instance } from "@raytio/types";
+export declare function updateInstanceData(apiToken: string, instance: Instance): Promise<void>;

package/dist/api/updateInstanceData.js

@@ -0,0 +1,19 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.updateInstanceData = void 0;
+const authedFetch_1 = require("./authedFetch");
+function updateInstanceData(apiToken, instance) {
+    return __awaiter(this, void 0, void 0, function* () {
+        yield (0, authedFetch_1.authedFetch)(apiToken, `share/v2/access_application/instance/${instance.i_id}`, { method: "PUT", body: JSON.stringify(instance) });
+    });
+}
+exports.updateInstanceData = updateInstanceData;

package/dist/api/uploadToObjectStore.d.ts

@@ -0,0 +1,5 @@
+import { EnvConfig } from "./fetchEnvConfig";
+export declare function uploadToObjectStore(apiToken: string, envConfig: EnvConfig, dataUrl: string, expiryDate?: Date): Promise<{
+    objectStoreId: string;
+    retrievalUrl: string;
+}>;

package/dist/api/uploadToObjectStore.js

@@ -0,0 +1,42 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.uploadToObjectStore = void 0;
+const authedFetch_1 = require("./authedFetch");
+//
+// this file is mostly copy-pasted from the client repo. If you make
+// a change here, consider making the same change in the client.
+//
+function uploadToObjectStore(apiToken, envConfig, dataUrl, expiryDate) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const mimeType = dataUrl.split(";")[0].split(":")[1];
+        const base64 = dataUrl.split(",")[1];
+        // eslint-disable-next-line unicorn/prefer-code-point -- deliberate, this will only ever be ASCII
+        const arrayBuffer = Uint8Array.from(atob(base64), (c) => c.charCodeAt(0));
+        // this is a weird API that returns a double stringified string
+        const temporaryUrl = yield (0, authedFetch_1.authedFetch)(apiToken, `${envConfig.api_url}/org/v1/object/url${expiryDate ? `?expires=${+expiryDate}` : ""}`);
+        const { status, statusText } = yield fetch(temporaryUrl, {
+            method: "PUT",
+            body: arrayBuffer,
+            headers: { "Content-Type": mimeType },
+        });
+        if (status !== 200) {
+            throw new Error(`Status ${status} from object store: ${statusText}`);
+        }
+        // the v4 API doesn't return the ID
+        const { pathname, origin } = new URL(temporaryUrl);
+        return {
+            objectStoreId: pathname.slice(1),
+            retrievalUrl: origin + pathname,
+        };
+    });
+}
+exports.uploadToObjectStore = uploadToObjectStore;

package/dist/api/videoToImage.d.ts

@@ -0,0 +1,3 @@
+import { EnvConfig } from "./fetchEnvConfig";
+/** Use the extractor API to get the middle frame from a video */
+export declare function videoToImage(apiToken: string, envConfig: EnvConfig, videoDataUrl: string): Promise<string>;

package/dist/api/videoToImage.js

@@ -0,0 +1,30 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.videoToImage = void 0;
+const authedFetch_1 = require("./authedFetch");
+const uploadToObjectStore_1 = require("./uploadToObjectStore");
+/** Use the extractor API to get the middle frame from a video */
+function videoToImage(apiToken, envConfig, videoDataUrl) {
+    return __awaiter(this, void 0, void 0, function* () {
+        // the new API can't handle big dataUrls, so we need to store the data in
+        // the object store first...
+        const in10Mins = new Date();
+        in10Mins.setMinutes(in10Mins.getMinutes() + 10);
+        const { retrievalUrl: videoUrl } = yield (0, uploadToObjectStore_1.uploadToObjectStore)(apiToken, envConfig, videoDataUrl, in10Mins);
+        const extractedImageBase64 = yield (0, authedFetch_1.authedFetch)(apiToken, `${envConfig.api_url}/face-detect/v1/image-extract-single`, 
+        // note: inspite of being called "video_urn", the new API actually expects a url, not a urn...
+        { method: "POST", body: JSON.stringify({ video_urn: videoUrl }) });
+        // annoyingly the new API doesn't return the data URL prefix, so we have to hardcode it here
+        return `data:image/jpeg;base64,${extractedImageBase64}`;
+    });
+}
+exports.videoToImage = videoToImage;

package/dist/configureEnv.d.ts

@@ -0,0 +1 @@
+import "localstorage-polyfill";

package/dist/configureEnv.js

@@ -0,0 +1,30 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const crypto = __importStar(require("node:crypto"));
+// for @aws-amplify/auth
+require("localstorage-polyfill");
+// @ts-expect-error it's not a perfect polyfill..
+globalThis.crypto = crypto; // only required because jest-env-node hides globalThis.crypto

package/dist/constants.d.ts

@@ -0,0 +1,23 @@
+import { ScoreResult } from "@raytio/core";
+import { FieldVerification, Instance, POVerification } from "@raytio/types";
+export declare const ATTRIBUTE_MAP: {
+    "custom:kek_derivation": string[];
+    "custom:dek_encryption": string[];
+    "custom:aek_public": string[];
+    "custom:aek_private": string[];
+    "custom:ask_public": string[];
+    "custom:ask_private": string[];
+};
+export declare const INSTANCE_FIELDS_TO_REMOVE: readonly ["profile_objects", "relationships", "keys", "score"];
+export declare const FIELDS_TO_REMOVE: readonly ["n_id", "document"];
+export declare const ENV_VARIABLES: readonly ["CLIENT_URL", "RAYTIO_USERNAME", "RAYTIO_PASSWORD"];
+export type Config = Record<(typeof ENV_VARIABLES)[number], string>;
+export type InstanceDataToPassOn = Omit<Instance, (typeof INSTANCE_FIELDS_TO_REMOVE)[number]> & {
+    score?: ScoreResult;
+};
+export declare const PO_VER_TEXT_MAP: Record<POVerification, string>;
+export declare const FIELD_VER_TEXT_MAP: Record<FieldVerification, string>;
+export declare const SCHEMA: {
+    readonly VERIFICATION: "ss_Verification";
+    readonly PERSON: "ss_Person_Name";
+};