vesant-sdk 1.1.0 → 1.2.0

package/dist/compliance/index.js

@@ -84,7 +84,7 @@ function createConsoleLogger() {
 }
 
 // src/core/version.ts
-var SDK_VERSION = "1.1.0";
+var SDK_VERSION = "1.2.0";
 
 // src/core/client.ts
 var BaseClient = class {
@@ -309,6 +309,256 @@ var BaseClient = class {
   }
 };
 
+// src/shared/browser-utils.ts
+function generateUUID() {
+  if (typeof crypto !== "undefined" && crypto.randomUUID) {
+    return crypto.randomUUID();
+  }
+  return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, (c) => {
+    const r = Math.random() * 16 | 0;
+    const v = c === "x" ? r : r & 3 | 8;
+    return v.toString(16);
+  });
+}
+function generateDeviceId() {
+  if (typeof window === "undefined" || typeof localStorage === "undefined") {
+    return generateUUID();
+  }
+  const storageKey = "cgs_device_id";
+  let deviceId = localStorage.getItem(storageKey);
+  if (!deviceId) {
+    deviceId = generateUUID();
+    localStorage.setItem(storageKey, deviceId);
+  }
+  return deviceId;
+}
+function getBrowserInfo() {
+  if (typeof navigator === "undefined") {
+    return { browser: "unknown", browser_version: "", os: "unknown", os_version: "" };
+  }
+  const ua = navigator.userAgent;
+  let browser = "unknown";
+  let browserVersion = "";
+  let os = "unknown";
+  let osVersion = "";
+  if (ua.includes("Firefox/")) {
+    browser = "Firefox";
+    browserVersion = ua.match(/Firefox\/([\d.]+)/)?.[1] || "";
+  } else if (ua.includes("Edg/")) {
+    browser = "Edge";
+    browserVersion = ua.match(/Edg\/([\d.]+)/)?.[1] || "";
+  } else if (ua.includes("Chrome/")) {
+    browser = "Chrome";
+    browserVersion = ua.match(/Chrome\/([\d.]+)/)?.[1] || "";
+  } else if (ua.includes("Safari/") && !ua.includes("Chrome")) {
+    browser = "Safari";
+    browserVersion = ua.match(/Version\/([\d.]+)/)?.[1] || "";
+  } else if (ua.includes("Opera") || ua.includes("OPR/")) {
+    browser = "Opera";
+    browserVersion = ua.match(/(?:Opera|OPR)\/([\d.]+)/)?.[1] || "";
+  }
+  if (ua.includes("Windows")) {
+    os = "Windows";
+    if (ua.includes("Windows NT 10.0")) osVersion = "10";
+    else if (ua.includes("Windows NT 6.3")) osVersion = "8.1";
+    else if (ua.includes("Windows NT 6.2")) osVersion = "8";
+    else if (ua.includes("Windows NT 6.1")) osVersion = "7";
+  } else if (ua.includes("Mac OS X")) {
+    os = "macOS";
+    osVersion = ua.match(/Mac OS X ([\d_]+)/)?.[1]?.replace(/_/g, ".") || "";
+  } else if (ua.includes("Linux")) {
+    os = "Linux";
+  } else if (ua.includes("Android")) {
+    os = "Android";
+    osVersion = ua.match(/Android ([\d.]+)/)?.[1] || "";
+  } else if (ua.includes("iOS") || ua.includes("iPhone") || ua.includes("iPad")) {
+    os = "iOS";
+    osVersion = ua.match(/OS ([\d_]+)/)?.[1]?.replace(/_/g, ".") || "";
+  }
+  return { browser, browser_version: browserVersion, os, os_version: osVersion };
+}
+
+// src/geolocation/ciphertext.ts
+var CIPHER_TEXT_EXPIRY_MINUTES = 5;
+async function computeHMAC(key, message) {
+  if (typeof globalThis.crypto !== "undefined" && globalThis.crypto.subtle) {
+    const encoder = new TextEncoder();
+    const keyData = encoder.encode(key);
+    const msgData = encoder.encode(message);
+    const cryptoKey = await globalThis.crypto.subtle.importKey(
+      "raw",
+      keyData,
+      { name: "HMAC", hash: "SHA-256" },
+      false,
+      ["sign"]
+    );
+    const signature = await globalThis.crypto.subtle.sign("HMAC", cryptoKey, msgData);
+    const bytes = new Uint8Array(signature);
+    return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+  }
+  const { createHmac } = await import('crypto');
+  return createHmac("sha256", key).update(message).digest("hex");
+}
+function getWebGLInfo() {
+  if (typeof document === "undefined") return null;
+  try {
+    const canvas = document.createElement("canvas");
+    const gl = canvas.getContext("webgl") || canvas.getContext("experimental-webgl");
+    if (!gl) return null;
+    const debugInfo = gl.getExtension("WEBGL_debug_renderer_info");
+    if (!debugInfo) return null;
+    return {
+      vendor: gl.getParameter(debugInfo.UNMASKED_VENDOR_WEBGL) || "",
+      renderer: gl.getParameter(debugInfo.UNMASKED_RENDERER_WEBGL) || ""
+    };
+  } catch {
+    return null;
+  }
+}
+function getNetworkInfo() {
+  if (typeof navigator === "undefined") return void 0;
+  const connection = navigator.connection || navigator.mozConnection || navigator.webkitConnection;
+  if (!connection) return void 0;
+  return {
+    effective_type: connection.effectiveType,
+    downlink: connection.downlink,
+    rtt: connection.rtt,
+    save_data: connection.saveData
+  };
+}
+async function requestGPSLocation(timeout = 1e4, highAccuracy = true) {
+  if (typeof navigator === "undefined" || !navigator.geolocation) {
+    return null;
+  }
+  return new Promise((resolve) => {
+    navigator.geolocation.getCurrentPosition(
+      (position) => {
+        const { latitude, longitude, accuracy } = position.coords;
+        if (latitude < -90 || latitude > 90) {
+          resolve(null);
+          return;
+        }
+        if (longitude < -180 || longitude > 180) {
+          resolve(null);
+          return;
+        }
+        if (accuracy !== null && accuracy !== void 0 && accuracy <= 0) {
+          resolve(null);
+          return;
+        }
+        resolve({
+          latitude,
+          longitude,
+          accuracy,
+          altitude: position.coords.altitude ?? void 0,
+          altitude_accuracy: position.coords.altitudeAccuracy ?? void 0,
+          heading: position.coords.heading ?? void 0,
+          speed: position.coords.speed ?? void 0,
+          timestamp: position.timestamp
+        });
+      },
+      () => {
+        resolve(null);
+      },
+      {
+        enableHighAccuracy: highAccuracy,
+        timeout,
+        maximumAge: 0
+      }
+    );
+  });
+}
+function collectDeviceData(includeWebGL) {
+  const browserInfo = getBrowserInfo();
+  const webglInfo = includeWebGL ? getWebGLInfo() : null;
+  return {
+    device_id: generateDeviceId(),
+    user_agent: typeof navigator !== "undefined" ? navigator.userAgent : "",
+    platform: typeof navigator !== "undefined" ? navigator.platform : "",
+    browser: browserInfo.browser,
+    browser_version: browserInfo.browser_version,
+    os: browserInfo.os,
+    os_version: browserInfo.os_version,
+    screen_resolution: typeof screen !== "undefined" ? `${screen.width}x${screen.height}` : void 0,
+    language: typeof navigator !== "undefined" ? navigator.language : void 0,
+    timezone: Intl?.DateTimeFormat?.()?.resolvedOptions?.()?.timeZone,
+    color_depth: typeof screen !== "undefined" ? screen.colorDepth : void 0,
+    hardware_concurrency: typeof navigator !== "undefined" ? navigator.hardwareConcurrency : void 0,
+    device_memory: typeof navigator !== "undefined" ? navigator.deviceMemory : void 0,
+    touch_support: typeof navigator !== "undefined" ? navigator.maxTouchPoints > 0 : void 0,
+    webgl_vendor: webglInfo?.vendor,
+    webgl_renderer: webglInfo?.renderer
+  };
+}
+function encodePayload(payload) {
+  const json = JSON.stringify(payload);
+  if (typeof btoa !== "undefined") {
+    return btoa(unescape(encodeURIComponent(json)));
+  } else if (typeof Buffer !== "undefined") {
+    return Buffer.from(json, "utf-8").toString("base64");
+  }
+  throw new Error("No base64 encoding method available");
+}
+async function generateCipherText(options, config) {
+  const warnings = [];
+  let requestLocation = options.requestLocation ?? false;
+  if (config?.require_gps) {
+    const reason = options.reason;
+    if (reason === "login" && config.require_gps.login || reason === "registration" && config.require_gps.registration || reason === "transaction" && config.require_gps.transaction) {
+      requestLocation = true;
+    }
+  }
+  const deviceData = collectDeviceData(options.includeWebGL !== false);
+  let locationData;
+  if (requestLocation) {
+    const location = await requestGPSLocation(
+      options.locationTimeout || 1e4,
+      options.highAccuracy !== false
+    );
+    if (location) {
+      locationData = location;
+    } else {
+      warnings.push("GPS location not available or permission denied");
+    }
+  }
+  let networkData;
+  if (options.includeNetworkInfo !== false) {
+    networkData = getNetworkInfo();
+  }
+  const now = /* @__PURE__ */ new Date();
+  const expiry = new Date(now.getTime() + CIPHER_TEXT_EXPIRY_MINUTES * 60 * 1e3);
+  const payload = {
+    device: deviceData,
+    location: locationData,
+    network: networkData,
+    metadata: {
+      collected_at: now.toISOString(),
+      sdk_version: SDK_VERSION,
+      collection_reason: options.reason,
+      page_url: typeof window !== "undefined" ? window.location.href : void 0,
+      referrer: typeof document !== "undefined" ? document.referrer || void 0 : void 0
+    }
+  };
+  const encoded = encodePayload(payload);
+  const timestamp = now.getTime().toString(36);
+  let cipherText;
+  const hmacKey = options.signingKey || options.apiKey;
+  if (hmacKey) {
+    const message = `02.${timestamp}.${encoded}`;
+    const hmac = await computeHMAC(hmacKey, message);
+    cipherText = `${message}.${hmac}`;
+  } else {
+    cipherText = `01.${timestamp}.${encoded}`;
+  }
+  return {
+    cipherText,
+    locationCaptured: !!locationData,
+    warnings: warnings.length > 0 ? warnings : void 0,
+    generatedAt: now.toISOString(),
+    expiresAt: expiry.toISOString()
+  };
+}
+
 // src/geolocation/client.ts
 var GeolocationClient = class extends BaseClient {
   constructor(config) {
@@ -409,7 +659,11 @@ var GeolocationClient = class extends BaseClient {
    * ```
    */
   async getGPSConfig(requestOptions) {
-    return this.requestWithRetry("/api/v1/geo/config", void 0, void 0, void 0, requestOptions);
+    const config = await this.requestWithRetry("/api/v1/geo/config", void 0, void 0, void 0, requestOptions);
+    if (config.signing_key) {
+      this.cachedSigningKey = config.signing_key;
+    }
+    return config;
   }
   // ============================================================================
   // CipherText Validation
@@ -669,6 +923,36 @@ var GeolocationClient = class extends BaseClient {
     }, void 0, requestOptions);
   }
   // ============================================================================
+  // CipherText Generation
+  // ============================================================================
+  /**
+   * Generate a signed cipherText containing device and location data.
+   *
+   * Automatically passes the client's API key for HMAC signing (v02 format).
+   * If no API key is configured, falls back to unsigned v01 format.
+   *
+   * @param options - Options for cipherText generation
+   * @param gpsConfig - Optional GPS config (from getGPSConfig)
+   * @returns CipherText result with the signed string
+   *
+   * @example
+   * ```typescript
+   * const result = await client.generateCipherText({ reason: 'login' });
+   * console.log(result.cipherText); // v02 signed cipherText
+   * ```
+   */
+  async generateCipherText(options, gpsConfig) {
+    let signingKey = this.cachedSigningKey;
+    if (!signingKey) {
+      const config = await this.getGPSConfig();
+      signingKey = config.signing_key;
+    }
+    return generateCipherText(
+      { ...options, signingKey: signingKey || void 0 },
+      gpsConfig
+    );
+  }
+  // ============================================================================
   // Utility Methods (inherited from BaseClient: healthCheck, updateConfig, getConfig, buildQueryString)
   // ============================================================================
 };
@@ -856,6 +1140,17 @@ var ComplianceClient = class {
     this.currencyRates = DEFAULT_CURRENCY_RATES;
   }
   // ============================================================================
+  // Sub-Client Accessors
+  // ============================================================================
+  /** Get the underlying GeolocationClient for direct geolocation API access */
+  getGeolocationClient() {
+    return this.geoClient;
+  }
+  /** Get the underlying RiskProfileClient for direct risk profile API access */
+  getRiskProfileClient() {
+    return this.riskClient;
+  }
+  // ============================================================================
   // Main Verification Methods
   // ============================================================================
   /**