@verdocs/js-sdk 1.1.1 → 1.1.2

package/Documents/Documents.d.ts

@@ -138,11 +138,13 @@ export declare const getSummary: (page: number) => Promise<IDocumentsSummary>;
  * ```
  */
 export declare const searchDocuments: (params: any) => Promise<IDocumentsSearchResult>;
+export interface ISigningSessionResult {
+    recipient: IRecipient;
+    session: ISigningSession;
+    signerToken: string;
+}
 /**
  * Get a signing session for a document.
  */
-export declare const getSigningSession: (params: ISigningSessionRequest) => Promise<{
-    recipient: IRecipient;
-    session: ISigningSession;
-}>;
+export declare const getSigningSession: (params: ISigningSessionRequest) => Promise<ISigningSessionResult>;
 export declare const getDocumentRecipients: (documentId: string) => Promise<IRecipient[]>;

package/Documents/Documents.js

@@ -35,7 +35,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
     }
 };
 import { getEndpoint } from '../HTTP/Transport';
-import { AtoB } from '../Utils';
+import { decodeAccessTokenBody } from '../Utils/Token';
 /**
  * Get a summary of currently active documents.
  *
@@ -79,7 +79,7 @@ export var getSigningSession = function (params) { return __awaiter(void 0, void
                 var _a, _b;
                 // Avoiding a jsonwebtoken dependency here - we don't actually need the whole library
                 var signerToken = ((_a = r.headers) === null || _a === void 0 ? void 0 : _a.signer_token) || '';
-                var session = JSON.parse(AtoB(signerToken.split('.')[1]));
+                var session = decodeAccessTokenBody(signerToken);
                 getEndpoint().setAuthorization((_b = r.headers) === null || _b === void 0 ? void 0 : _b.signer_token);
                 return { recipient: r.data, session: session, signerToken: signerToken };
             })];

package/Documents/Types.d.ts

@@ -27,16 +27,17 @@ export interface ISigningSessionRequest {
     inviteCode: string;
 }
 export interface ISigningSession {
-    profile_id: 'guest|515c9dc1-4c5c-4255-9f75-44b6870fc0eb';
-    document_id: 'f484a296-4f4c-4783-9adf-a3302915a503';
-    role: 'Recipient 2';
-    email: 'crobinson@medialantern.com';
+    profile_id: string;
+    document_id: string;
+    role: string;
+    email: string;
     access_key: {
-        id: 'a59ceb98-3fab-44d2-af8a-13088d6c1a32';
-        type: 'email';
+        id: string;
+        type: string;
     };
-    iss: 'https://stage-realster.auth0.com';
-    aud: 'QYVTceK2qtOQvH8Nl2APUJaBMRys1y95';
-    exp: 1641881182;
-    iat: 1641873982;
+    iss: string;
+    aud: string;
+    exp: number;
+    iat: number;
+    [key: string]: any;
 }

package/Users/Auth.d.ts

@@ -1,4 +1,6 @@
-import { IAuthenticateAppRequest, IAuthenticateResponse, IAuthenticateUserRequest, TokenValidationRequest, TokenValidationResponse, UpdateEmailRequest, UpdateEmailResponse, UpdatePasswordRequest, UpdatePasswordResponse } from './Types';
+import { IAuthenticateAppRequest, IAuthenticateUserRequest, TokenValidationRequest, UpdateEmailRequest } from './Types';
+import { IAuthenticateResponse, TokenValidationResponse, UpdateEmailResponse, UpdatePasswordResponse } from './Types';
+import { UpdatePasswordRequest } from './Types';
 /**
  * Authenticate to Verdocs via user/password authentication
  *

package/Utils/Token.d.ts

@@ -0,0 +1,20 @@
+import { ISigningSession } from '../Documents/Types';
+import { IActiveSession } from '../Users/Types';
+/**
+ * Simplified, Node/Browser-safe alternative to atob() for base64 decoding.
+ * Modified from https://github.com/MaxArt2501/base64-js/blob/master/base64.js
+ */
+export declare const AtoB: (str: string) => string;
+/**
+ * Decode the body of a JWT. This helper may allow front-end applications to avoid a dependency on `jsonwebtoken` in
+ * many cases. Note that this should only be used for true JWTs. Opaque tokens will cause this to throw.
+ */
+export declare const decodeTokenBody: (token: string) => any;
+/**
+ * Decode the body of an Verdocs access token. Note that raw tokens contain namespaced fields, e.g.
+ * `https://verdocs.com/profile_id`. To make these tokens easier to use in front-end code, this name-spacing
+ * will be removed. Note that user and signing sessions have different access token formats. The calling
+ * application should distinguish between the two based on the context of the authenticated session, or by
+ * the presence of the `document_id` field, which will only be present for signing sessions.
+ */
+export declare const decodeAccessTokenBody: (token: string) => IActiveSession | ISigningSession | null;

package/Utils/Token.js

@@ -0,0 +1,67 @@
+/* tslint:disable:no-bitwise */
+var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
+// Regular expression to check formal correctness of base64 encoded strings
+var b64re = /^(?:[A-Za-z\d+\/]{4})*?(?:[A-Za-z\d+\/]{2}(?:==)?|[A-Za-z\d+\/]{3}=?)?$/;
+/**
+ * Simplified, Node/Browser-safe alternative to atob() for base64 decoding.
+ * Modified from https://github.com/MaxArt2501/base64-js/blob/master/base64.js
+ */
+export var AtoB = function (str) {
+    // atob can work with strings with whitespaces, even inside the encoded part,
+    // but only \t, \n, \f, \r and ' ', which can be stripped.
+    str = String(str).replace(/[\t\n\f\r ]+/g, '');
+    if (!b64re.test(str))
+        throw new TypeError("Failed to execute 'atob' on 'Window': The string to be decoded is not correctly encoded.");
+    // Adding the padding if missing, for semplicity
+    str += '=='.slice(2 - (str.length & 3));
+    var bitmap;
+    var result = '';
+    var r1;
+    var r2;
+    var i = 0;
+    for (; i < str.length;) {
+        bitmap =
+            (b64.indexOf(str.charAt(i++)) << 18) |
+                (b64.indexOf(str.charAt(i++)) << 12) |
+                ((r1 = b64.indexOf(str.charAt(i++))) << 6) |
+                (r2 = b64.indexOf(str.charAt(i++)));
+        result +=
+            r1 === 64
+                ? String.fromCharCode((bitmap >> 16) & 255)
+                : r2 === 64
+                    ? String.fromCharCode((bitmap >> 16) & 255, (bitmap >> 8) & 255)
+                    : String.fromCharCode((bitmap >> 16) & 255, (bitmap >> 8) & 255, bitmap & 255);
+    }
+    return result;
+};
+/**
+ * Decode the body of a JWT. This helper may allow front-end applications to avoid a dependency on `jsonwebtoken` in
+ * many cases. Note that this should only be used for true JWTs. Opaque tokens will cause this to throw.
+ */
+export var decodeTokenBody = function (token) { return JSON.parse(AtoB((token || '').split('.')[1] || '')); };
+/**
+ * Decode the body of an Verdocs access token. Note that raw tokens contain namespaced fields, e.g.
+ * `https://verdocs.com/profile_id`. To make these tokens easier to use in front-end code, this name-spacing
+ * will be removed. Note that user and signing sessions have different access token formats. The calling
+ * application should distinguish between the two based on the context of the authenticated session, or by
+ * the presence of the `document_id` field, which will only be present for signing sessions.
+ */
+export var decodeAccessTokenBody = function (token) {
+    var decoded;
+    try {
+        decoded = decodeTokenBody(token);
+        if (decoded === null) {
+            return null;
+        }
+    }
+    catch (e) {
+        return null;
+    }
+    Object.keys(decoded).forEach(function (key) {
+        if (typeof key === 'string' && key.startsWith('https://verdocs.com/')) {
+            decoded[key.replace('https://verdocs.com/', '')] = decoded[key];
+            delete decoded[key];
+        }
+    });
+    return decoded;
+};

package/Utils/index.d.ts

@@ -1,2 +1,2 @@
-export { AtoB } from './AtoB';
+export * as Token from './Token';
 export * as DateTime from './DateTime';

package/Utils/index.js

@@ -1,2 +1,2 @@
-export { AtoB } from './AtoB';
+export * as Token from './Token';
 export * as DateTime from './DateTime';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@verdocs/js-sdk",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "private": false,
   "homepage": "https://github.com/Verdocs/js-sdk",
   "description": "Verdocs JS SDK",

package/Utils/AtoB.d.ts

@@ -1 +0,0 @@
-export declare const AtoB: (str: string) => string;

package/Utils/AtoB.js

@@ -1,33 +0,0 @@
-/* tslint:disable:no-bitwise */
-// Modified from https://github.com/MaxArt2501/base64-js/blob/master/base64.js
-var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
-// Regular expression to check formal correctness of base64 encoded strings
-var b64re = /^(?:[A-Za-z\d+\/]{4})*?(?:[A-Za-z\d+\/]{2}(?:==)?|[A-Za-z\d+\/]{3}=?)?$/;
-export var AtoB = function (str) {
-    // atob can work with strings with whitespaces, even inside the encoded part,
-    // but only \t, \n, \f, \r and ' ', which can be stripped.
-    str = String(str).replace(/[\t\n\f\r ]+/g, '');
-    if (!b64re.test(str))
-        throw new TypeError("Failed to execute 'atob' on 'Window': The string to be decoded is not correctly encoded.");
-    // Adding the padding if missing, for semplicity
-    str += '=='.slice(2 - (str.length & 3));
-    var bitmap;
-    var result = '';
-    var r1;
-    var r2;
-    var i = 0;
-    for (; i < str.length;) {
-        bitmap =
-            (b64.indexOf(str.charAt(i++)) << 18) |
-                (b64.indexOf(str.charAt(i++)) << 12) |
-                ((r1 = b64.indexOf(str.charAt(i++))) << 6) |
-                (r2 = b64.indexOf(str.charAt(i++)));
-        result +=
-            r1 === 64
-                ? String.fromCharCode((bitmap >> 16) & 255)
-                : r2 === 64
-                    ? String.fromCharCode((bitmap >> 16) & 255, (bitmap >> 8) & 255)
-                    : String.fromCharCode((bitmap >> 16) & 255, (bitmap >> 8) & 255, bitmap & 255);
-    }
-    return result;
-};