@raytio/decrypt-helper 6.4.2 → 6.4.3

package/dist/public-methods/processSubmission.js

@@ -0,0 +1,132 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { equals, mapObjIndexed, omit } from "ramda";
+import { calculateScore, convertInstanceToRuleInput, decryptSharedData, getMissingDataForInstance, getSomeoneElsesRealVerifications, isScoreConfigValid, } from "@raytio/core";
+import { FIELD_VER_TEXT_MAP, INSTANCE_FIELDS_TO_REMOVE, } from "../constants.js";
+import { deepJsonToCsv, formatOutput, setupMaxcryptor, splitPOAndVers, } from "../helpers/index.js";
+import { fetchAA, fetchEnvConfig, fetchInstanceData, getAllSchema, getFiles, signIn, updateInstanceData, } from "../api/index.js";
+import { NULL_I_ID } from "../pdf/constants.js";
+function decryptStage(log, config, envConfig, instanceId) {
+    return __awaiter(this, void 0, void 0, function* () {
+        log("Authenticating...");
+        const { apiToken, cognitoAttributes } = yield signIn(config, envConfig);
+        log("Initializing decryptor...");
+        const maxcryptor = yield setupMaxcryptor(config, cognitoAttributes);
+        log("Fetching instance (without keys or data)...");
+        const instanceWithoutData = yield fetchInstanceData(apiToken, envConfig, instanceId);
+        log("Fetching keys and data for instance...");
+        const apiResp = yield getMissingDataForInstance({
+            apiToken,
+            apiUrl: envConfig.api_url,
+            instanceWithoutData,
+        });
+        log("Decrypting submission details...");
+        const { instance, applicationDecryptor } = yield decryptSharedData({
+            apiToken,
+            apiUrl: envConfig.api_url,
+            instanceData: apiResp,
+            maxcryptor,
+            onCorruptedData: () => "🔒 Corrupted Data 🔒",
+        });
+        return {
+            apiToken,
+            instance,
+            applicationDecryptor,
+            encryptedInstance: apiResp,
+        };
+    });
+}
+export function processSubmission({ applicationId, instanceId, verbose, config, _supliedConfig, }) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const log = verbose ? console.log : () => undefined;
+        try {
+            log("Fetching config...");
+            const envConfig = yield fetchEnvConfig(config.CLIENT_URL);
+            const { instance, apiToken, applicationDecryptor, encryptedInstance } = _supliedConfig ||
+                (yield decryptStage(log, config, envConfig, instanceId));
+            log("Checking verifications...");
+            const [profileObjects, verifications] = splitPOAndVers(instance.profile_objects);
+            const realVers = (_supliedConfig === null || _supliedConfig === void 0 ? void 0 : _supliedConfig.realVers) ||
+                (yield getSomeoneElsesRealVerifications({
+                    aId: instance.aa_id,
+                    apiUrl: envConfig.api_url,
+                    profileObjects,
+                    verifications,
+                }));
+            log("Fetching relevant schema...");
+            const allSchemas = yield getAllSchema(envConfig);
+            log("Fetching access application...");
+            const AA = instance.id === NULL_I_ID
+                ? undefined
+                : yield fetchAA(apiToken, envConfig, instance.aa_id);
+            let score;
+            if (AA && isScoreConfigValid(AA.ruleset)) {
+                const ruleInputData = yield convertInstanceToRuleInput(instance.profile_objects, realVers, (schemaName) => __awaiter(this, void 0, void 0, function* () {
+                    const schema = allSchemas.find((x) => x.name === schemaName);
+                    if (!schema) {
+                        throw new Error(`Could not find schema “${schemaName}”`);
+                    }
+                    return schema;
+                }));
+                try {
+                    // decrypt helper never uses a stored score. We always re-calculate it.
+                    log("Calculating score...");
+                    score = yield calculateScore(AA.ruleset, ruleInputData);
+                    if (!equals(instance.score, score)) {
+                        // the score we calculated is different to the one that's saved on the instance.
+                        // So we save the new score.
+                        log("Saving score to instance...");
+                        // this can happen silently in the background, but we await it since so that we
+                        // abort if this fails.
+                        yield updateInstanceData(apiToken, envConfig, encryptedInstance.id, {
+                            score,
+                        });
+                    }
+                }
+                catch (ex) {
+                    log(`Score calculation failed (${ex})`);
+                }
+            }
+            else {
+                log("No score rules configured on the AA.");
+            }
+            log("Fetching verification providers...");
+            const PODetails = yield formatOutput(profileObjects, allSchemas, realVers, apiToken, envConfig);
+            log("Fetching attached files...");
+            const files = yield getFiles(profileObjects, instance, apiToken, envConfig, applicationDecryptor);
+            const instanceDataToPassOn = omit(INSTANCE_FIELDS_TO_REMOVE, instance);
+            // final outputs
+            const csv = deepJsonToCsv(Object.assign(Object.assign({}, instanceDataToPassOn), mapObjIndexed((POList) => POList.map((flatPO) => {
+                // this is a bit weird, but it prevents an even bigger breaking change for the csv format
+                const object = Object.entries(flatPO.$properties).flatMap(([fieldName, field]) => [
+                    [fieldName, field.value],
+                    [
+                        `${fieldName}.verification`,
+                        FIELD_VER_TEXT_MAP[field.verification],
+                    ],
+                ]);
+                return Object.assign(Object.assign({}, flatPO), Object.fromEntries(object));
+            }), PODetails)));
+            log("Success!");
+            return {
+                json: Object.assign(Object.assign({}, instanceDataToPassOn), { score, profile_objects: PODetails }),
+                csv,
+                files,
+                a_id: applicationId,
+                client_url: config.CLIENT_URL,
+                envConfig,
+            };
+        }
+        catch (error) {
+            log("Processing submission failed:", error);
+            throw error; // pass on error
+        }
+    });
+}

package/dist/public-methods/saveToS3Bucket.d.ts

@@ -0,0 +1,2 @@
+import type { ProcessSubmissionOutput } from "./processSubmission.js";
+export declare const saveToS3Bucket: () => (input: ProcessSubmissionOutput) => Promise<void>;

package/dist/public-methods/saveToS3Bucket.js

@@ -0,0 +1,53 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import AWS from "aws-sdk";
+function upload(s3, { bucketName, fileName, fileContent }) {
+    return __awaiter(this, void 0, void 0, function* () {
+        return new Promise((resolve, reject) => {
+            s3.upload({
+                Bucket: bucketName,
+                Key: fileName,
+                Body: fileContent,
+            }, (error, data) => {
+                if (error)
+                    return reject(error);
+                console.log(`Uploaded ${data.Location}`);
+                return resolve(data);
+            });
+        });
+    });
+}
+export const saveToS3Bucket = () => 
+// eslint-disable-next-line unicorn/consistent-function-scoping -- deliberately to future proof the SDK for options
+(input) => __awaiter(void 0, void 0, void 0, function* () {
+    console.log("Uploading data to S3...");
+    const bucketName = process.env.S3_BUCKET;
+    if (!bucketName)
+        throw new Error("S3_BUCKET is not specified");
+    const s3 = new AWS.S3();
+    yield upload(s3, {
+        bucketName,
+        fileName: `${input.json.id}/${input.json.id}.csv`,
+        fileContent: input.csv,
+    });
+    yield upload(s3, {
+        bucketName,
+        fileName: `${input.json.id}/${input.json.id}.json`,
+        fileContent: JSON.stringify(input.json),
+    });
+    yield Promise.all(Object.entries(input.files).map(([nId, [dataUrl, fileExtension]]) => __awaiter(void 0, void 0, void 0, function* () {
+        yield upload(s3, {
+            bucketName,
+            fileName: `${input.json.id}/${nId}.${fileExtension}`,
+            fileContent: Buffer.from(dataUrl.split(",")[1], "base64"),
+        });
+    })));
+    console.log("Finished uploading data to S3.");
+});

package/dist/public-methods/version.d.ts

@@ -0,0 +1,2 @@
+export declare const packageDotJson: any;
+export declare const version: string;

package/dist/public-methods/version.js

@@ -0,0 +1,13 @@
+import { readFileSync } from "node:fs";
+import { join } from "node:path";
+import { getDirname } from "../helpers/pathUtils.js";
+export const packageDotJson = JSON.parse(readFileSync(join(getDirname(), "../../package.json"), "utf8"));
+export const version = Object.entries({
+    LANG: process.env.PDF_LANGUAGE || "default",
+    N: process.version.slice(1),
+    DH: packageDotJson.version,
+    C: packageDotJson.dependencies["@raytio/core"].slice(1),
+    T: packageDotJson.dependencies["@raytio/types"].slice(1),
+})
+    .map((kv) => kv.join("="))
+    .join(" ");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@raytio/decrypt-helper",
-  "version": "6.4.2",
+  "version": "6.4.3",
   "author": "Raytio",
   "type": "module",
   "description": "A helper to decrypt data shared by Raytio users",