npm - cordova-digital-onboarding - Versions diffs - 1.0.1 → 1.2.0 - Mend

cordova-digital-onboarding 1.0.1 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/docs/Changelog.md +25 -0
package/docs/Device-Activation.md +39 -35
package/docs/Process-Configuration.md +24 -15
package/docs/Verifying-User.md +218 -60
package/docs/_Sidebar.md +1 -1
package/docs/images/activation-mockup.png +0 -0
package/docs/images/intro.jpg +0 -0
package/docs/images/verification-mockup.png +0 -0
package/lib/index.d.ts +346 -289
package/lib/index.js +1730 -1470
package/package.json +1 -1
package/plugin.xml +2 -1

package/docs/Changelog.md CHANGED Viewed

@@ -1,5 +1,30 @@
 # Changelog
+## 1.2.0 (Jan, 2026)
+- **Breaking:** New `finishActivation` state in `WDOVerificationService` to complete the user verification process by activating a new PowerAuth instance.
+  - New method must be called by the client when handling the `finishActivation` state in the verification flow, i.e. after all verification steps (identity, documents, presence, etc.) have succeeded but before the new `PowerAuth` instance is used anywhere else in the app: `finishActivation(newPaInstance: PowerAuth, activationName: string, password: WDOPowerAuthPassword, validatePassword: boolean)`.
+- **Breaking:** Changed configuration endpoint response to include document groups instead of a flat list of documents.
+## 1.1.0 (Dec, 2025)
+- PowerAuth Cordova SDK dependency now requires v. `4.2.0`.
+- Process cache is now persistent across app restarts.
+- Changes to `WDOError`:
+    - added `reason: WDOErrorReason` property to specify the error cause.
+    - added `allowOnboardingOtpRetry: boolean` property to indicate if OTP retry is allowed (during activation failure).
+    - modified `onboardingOtpRemainingAttempts` to parse the remaining attempts from the original exception (during activation failure).
+- `WDOActivaitonService` changes:
+   - `hasActiveProcess()` now returns Promise<boolean> instead of boolean.
+   - `clear()` is now asynchronous and returns Promise<void>.
+- `WDOActivaitonService` changes:
+   - removed `consent` state
+   - replaced `consentApprove` with `start` method with a `consent` argument.
+   - `consentGet` now returns Promise<string> instead of the verification state.
+   - `documentsInitSDK` method now returns strongly typed response.
+   - `presenceCheckInit` method now returns strongly typed response.
+   - `intro` state now contains `consentRequired: boolean` property in the corresponding union type.
 ## 1.0.0 (Nov, 2025)
 Initial release.

package/docs/Device-Activation.md CHANGED Viewed

@@ -13,18 +13,21 @@ PowerAuth enrolled in such a way will need [further user verification](Verifying
 To create an instance you will need a `PowerAuth` instance that is __ready to be activated__.
 <!-- begin box info -->
-[Documentation for `PowerAuth Mobile JS SDK`](https://developers.wultra.com/components/react-native-powerauth-mobile-sdk/).
+[Documentation for the `PowerAuth Mobile JS SDK`](https://developers.wultra.com/components/react-native-powerauth-mobile-sdk/).
 <!-- end -->
 Example with `PowerAuth` instance:
 ```typescript
+// create and configure PowerAuth instance
 const powerAuth = new PowerAuth("my-pa-instance")
-powerAuth.configure({
+await powerAuth.configure({
     configuration: "ARCB+...jg==", // base64 PowerAuth configuration
     baseEndpointUrl: "https://my-server-deployment.com/enrollment-server/"
 })
+// create activation service
 const activationService = new WDOActivationService(
     powerAuth,
     "https://my-server-deployment.com/enrollment-server-onboarding/"
@@ -36,13 +39,13 @@ const activationService = new WDOActivationService(
 To figure out if the activation process was already started and what is the status, you can use `hasActiveProcess`.
 ```typescript
-/**
- * If the activation process is in progress.
- *
+/**
+ * If the activation process is in progress.
+ *
  * Note that even if this property is `true` it can be already discontinued on the server.
- * Calling `status()` for example after the app is launched in this case is recommended.
+ * Calling `status()` after the app is launched is recommended.
  */
-get hasActiveProcess(): boolean;
+hasActiveProcess(): Promise<boolean>
 ```
 If the process was started, you can verify its status by calling the `status` function. You can show an appropriate UI to the user based on this status.
@@ -53,7 +56,7 @@ If the process was started, you can verify its status by calling the `status` fu
  *
  * @return Promise resolved with onboarding status.
  */
-status(): Promise<WDOOnboardingStatus>;
+status(): Promise<WDOOnboardingStatus>
 ```
 `WDOOnboardingStatus` possible values.
@@ -75,30 +78,29 @@ declare enum WDOOnboardingStatus {
 To start the activation process, you can use any credentials that are sufficient to you that can identify the user.
-Often, such data are user email, phone number, or userID. The definition of such data is up to your server implementation and requirements.
+Often, such data are user email, phone number, or user ID. The definition of such data is up to your server implementation and requirements.
 To start the activation, use the `start` function.
 ```typescript
 /**
-     * Start onboarding activation with user credentials.
-     *
-     * For example, when you require email, your object would look like this:
-     * ```
-     * {
-     *   email: "<user_email>"
-     * }
-     * ```
-     * @param credentials Object with credentials. Which credentials are needed should be provided by a system/backend provider.
-     * @param processType The process type identification. If not specified, the default process type will be used.
-     */
-    start(credentials: any, processType?: string): Promise<void>;
+ * Start onboarding activation with user credentials.
+ *
+ * For example, when you require email, your object would look like this:
+ * ```
+ * {
+ *   email: "<user_email>"
+ * }
+ * ```
+ * @param credentials Object with credentials. Which credentials are needed should be provided by a system/backend provider.
+ * @param processType The process type identification. If not specified, the default process type will be used.
+ */
+start(credentials: any, processType?: string): Promise<void>
 ```
 ### Example
 ```typescript
 class MyUserService {
     // prepared service
     private activationService: WDOActivationService
@@ -106,9 +108,9 @@ class MyUserService {
     async startActivation(id: string) {
         const data = { userId: id}
         try {
-            await this.activationService.start(data)
-            // success, continue with `activate()`
-            // at this moment, the `hasActiveProcess` starts return true
+            await this.activationService.start(data, "onboarding")
+            // success, continue with the flow
+            // at this moment, the `hasActiveProcess` starts returning true
         } catch (error) {
             // show error to the user
         }
@@ -118,7 +120,7 @@ class MyUserService {
 ## Creating the activation
-To activate the user (activating the `PowerAuth` instance), data retrieved from the process start can be used with optional `OTP`. The OTP is usually sent via SMS, email, or other channel. To decide if the OTP is needed, you can use the [Configuration API](Process-Configuration.md) or have it hardcoded.
+To activate the user (activating the `PowerAuth` instance), data retrieved from the process start can be used with optional `OTP`. The OTP is usually sent via SMS, email, or other channel. To decide if the OTP is needed, you can use the [Configuration API](Process-Configuration.md) or have it hard-coded.
 Use the `activate` function to create the activation.
@@ -126,11 +128,11 @@ Use the `activate` function to create the activation.
 /**
  * Activate the PowerAuth instance that was passed in the initializer.
  *
- * @param activationName Name of the activation. Device name by default (usually something like John's iPhone or similar).
+ * @param activationName Name of the activation. Usually something like John's iPhone or similar.
  * @param otp OTP code received by the user (via SMS or email). Optional when not required.
  * @return Promise resolved with activation result.
  */
-activate(activationName: string, otp?: string): Promise<WDOPowerAuthActivationResult>;
+activate(activationName: string, otp?: string): Promise<WDOPowerAuthActivationResult>
 ```
 Example implementation:
@@ -148,9 +150,9 @@ class MyUserService {
             // the PIN keyboard to finish the PowerAuthSDK initialization.
             // For more information, follow the PowerAuthSDK documentation.
         } catch (error) {
-            if (allowOnboardingOtpRetry(error)) {
+            if (error instanceof WDOError && error.allowOnboardingOtpRetry) {
                 // User entered the wrong OTP, prompt for a new one.
-                // Remaining OTP attempts count: onboardingOtpRemainingAttempts(error)
+                // Remaining OTP attempts count: error.onboardingOtpRemainingAttempts
             } else {
                 // show error UI
             }
@@ -169,14 +171,14 @@ To cancel the process, just call the `cancel` function.
  *
  * @param forceCancel When true, the process will be canceled in the SDK even when fails on backend. `true` by default.
  */
-cancel(forceCancel?: boolean): Promise<void>;
+cancel(forceCancel?: boolean): Promise<void>
 ```
 ## OTP resend
 In some cases, you need to resent the OTP:
- - OTP was not received by the user (for example when the email ends in the spam folder).
- - OTP expired.
+ - OTP was not received by the user (for example when the email ends in the spam folder)
+ - OTP expired
  For such cases, use `resendOTP` function.
@@ -186,9 +188,11 @@ In some cases, you need to resent the OTP:
 *
 * This is intended to be displayed for the user to use in case of the OTP is not received.
 * For example, when the user does not receive SMS after some time, there should be a button to "send again".
+* There is a server-side rate limit applied to this operation to prevent abuse; it is good practice to disable the button temporarily while the OTP is being sent.
 */
-resendOTP(): Promise<void>;
+resendOTP(): Promise<void>
  ```
 ## Read next
-- [Verifying User With Document Scan And Genuine Presence Check](Verifying-User.md)
+- [Verifying the User](Verifying-User.md)

package/docs/Process-Configuration.md CHANGED Viewed

@@ -9,19 +9,21 @@ To retrieve the configuration, create an instance of `WDOConfigurationService` a
 Example:
 ```typescript
+// create and configure PowerAuth instance
 const powerAuth = new PowerAuth("my-pa-instance")
-powerAuth.configure({
+await powerAuth.configure({
     configuration: "ARCB+...jg==", // base64 PowerAuth configuration
     baseEndpointUrl: "https://my-server-deployment.com/enrollment-server/"
 })
+// create configuration service
 const configurationService = new WDOConfigurationService(
     powerAuth,
     "https://my-server-deployment.com/enrollment-server-onboarding/"
 )
-const procesType = "onboarding" // defined on your server
-const config = await configurationService.getConfiguration(procesType)
+const processType = "onboarding" // defined on your server (can be undefined for default process type)
+const config = await configurationService.getConfiguration(processType)
 console.log("Configuration:", config)
 ```
@@ -31,27 +33,34 @@ console.log("Configuration:", config)
 /** Configuration for the onboarding process */
 interface WDOConfigurationResponse {
     /** Is the onboarding process enabled */
-    enabled: boolean;
+    enabled: boolean
     /** Is OTP required for the first part - identification/activation. */
-    otpForIdentification: boolean;
+    otpForIdentification: boolean
     /** Is OTP required for the second part - identity verification. */
-    otpForIdentityVerification: boolean;
+    otpForIdentityVerification: boolean
     /** Documents required for identity verification. */
     documents: {
-        /** Number of required documents */
-        requiredDocumentsCount: number;
-        /** List of documents */
-        items: Array<WDOConfigurationDocument>;
+        /** Number of total required documents */
+        totalRequiredDocumentsCount: number
+        /** Groups of documents */
+        groups: Array<WDOConfigurationDocumentGroup>
     }
 }
+/** Group of documents in the configuration */
+interface WDOConfigurationDocumentGroup {
+    /** Number of required documents in the group */
+    requiredDocumentsCount: number
+    /** Documents in the group */
+    items: Array<WDOConfigurationDocument>
+}
 /** Configuration for a document */
 interface WDOConfigurationDocument {
     /** Type of the document */
-    type: string;
-    /** Is the document mandatory */
-    mandatory: boolean;
+    type: string
     /** Number of sides the document has */
-    sideCount: number;
+    sideCount: number
 }
 ```