vesant-sdk 1.6.0 → 1.6.2

package/dist/compliance/index.mjs

@@ -222,7 +222,7 @@ function createConsoleLogger() {
 }
 
 // src/core/version.ts
-var SDK_VERSION = "1.6.0";
+var SDK_VERSION = "1.6.2";
 
 // src/shared/browser-utils.ts
 function generateUUID() {
@@ -396,6 +396,19 @@ var BaseClient = class {
       if (this.rateLimitTracker) {
         this.rateLimitTracker.updateFromHeaders(response.headers);
       }
+      if (requestOptions?.responseType === "arraybuffer") {
+        if (!response.ok) {
+          let errData = {};
+          try {
+            errData = await response.json();
+          } catch {
+          }
+          this.handleErrorResponse(response.status, errData, requestId);
+        }
+        this.circuitBreaker?.onSuccess();
+        const buffer = await response.arrayBuffer();
+        return buffer;
+      }
       let data;
       try {
         data = await response.json();
@@ -1023,22 +1036,51 @@ var GeolocationClient = class extends BaseClient {
       void 0,
       requestOptions
     );
-    const locationResult = await this.verifyIP({
-      ip_address: ipAddress,
-      user_id: userId,
-      event_type: eventType,
-      device_fingerprint: cipherTextResult.valid && cipherTextResult.device ? {
-        device_id: cipherTextResult.device_uuid,
-        user_agent: "",
-        platform: cipherTextResult.device.platform,
-        browser: cipherTextResult.device.browser,
-        os: cipherTextResult.device.os
-      } : void 0
-    }, requestOptions);
+    const loc = cipherTextResult.location;
+    const risk = cipherTextResult.risk;
+    if (!risk) {
+      const locationResult = await this.verifyIP({
+        ip_address: ipAddress,
+        user_id: userId,
+        event_type: eventType
+      }, requestOptions);
+      return {
+        ciphertext_valid: cipherTextResult.valid,
+        ciphertext_result: cipherTextResult,
+        location: locationResult
+      };
+    }
+    const location = {
+      ip_address: cipherTextResult.ip_address,
+      location: {
+        country: loc?.country ?? "",
+        country_iso: loc?.country_iso ?? "",
+        city: loc?.city ?? "",
+        region: loc?.region ?? "",
+        postal_code: "",
+        latitude: loc?.latitude ?? 0,
+        longitude: loc?.longitude ?? 0,
+        timezone: "",
+        is_vpn: risk.is_vpn ?? false,
+        is_proxy: risk.is_proxy ?? false,
+        is_tor: risk.is_tor ?? false,
+        is_hosting: risk.is_hosting ?? false,
+        is_anonymizer: risk.is_vpn || risk.is_proxy || risk.is_tor
+      },
+      is_compliant: cipherTextResult.is_compliant ?? !risk.is_blocked,
+      is_blocked: risk.is_blocked ?? false,
+      risk_level: risk.level ?? "low",
+      risk_score: risk.score ?? 0,
+      risk_reasons: risk.is_blocked && risk.block_reasons ? risk.block_reasons : risk.factors ?? [],
+      jurisdiction: cipherTextResult.jurisdiction,
+      geofence_evaluation: cipherTextResult.geofence_evaluation,
+      record_id: cipherTextResult.record_id ?? "",
+      gps_required: cipherTextResult.gps_required
+    };
     return {
       ciphertext_valid: cipherTextResult.valid,
       ciphertext_result: cipherTextResult,
-      location: locationResult
+      location
     };
   }
   // ============================================================================
@@ -1443,28 +1485,34 @@ var ComplianceClient = class {
       if (this.config.debug) {
         this.logger.debug("Starting registration verification", { customerId: request.customerId });
       }
-      const customerData = request.cipherText ? {
-        full_name: request.fullName,
-        email: request.emailAddress,
-        phone: request.phoneNumber,
-        date_of_birth: request.dateOfBirth
-      } : void 0;
-      [cipherTextResult, geoVerification] = await Promise.all([
-        this.executeCipherTextValidation(
+      if (request.cipherText) {
+        cipherTextResult = await this.executeCipherTextValidation(
           request.cipherText,
           request.customerId,
           "registration",
           request.ipAddress,
-          customerData,
+          {
+            full_name: request.fullName,
+            email: request.emailAddress,
+            phone: request.phoneNumber,
+            date_of_birth: request.dateOfBirth
+          },
           requestOptions
-        ),
-        this.geoClient.verifyIP({
+        );
+        geoVerification = (cipherTextResult && this.buildLocationFromCipherText(cipherTextResult, request.ipAddress)) ?? await this.geoClient.verifyIP({
           ip_address: request.ipAddress,
           user_id: request.customerId,
           event_type: "registration",
           device_fingerprint: request.deviceFingerprint
-        }, requestOptions)
-      ]);
+        }, requestOptions);
+      } else {
+        geoVerification = await this.geoClient.verifyIP({
+          ip_address: request.ipAddress,
+          user_id: request.customerId,
+          event_type: "registration",
+          device_fingerprint: request.deviceFingerprint
+        }, requestOptions);
+      }
       const blockReasons = this.evaluateRegistrationBlock(geoVerification, cipherTextResult);
       if (blockReasons.length > 0) {
         if (this.config.debug) {
@@ -1545,7 +1593,7 @@ var ComplianceClient = class {
   evaluateRegistrationBlock(geoVerification, cipherTextResult) {
     const blockReasons = [];
     if (geoVerification.is_blocked) {
-      blockReasons.push(...geoVerification.risk_reasons);
+      blockReasons.push(...geoVerification.risk_reasons ?? []);
     }
     if (!geoVerification.is_compliant) {
       if (!blockReasons.includes("non_compliant_jurisdiction")) {
@@ -1569,7 +1617,7 @@ var ComplianceClient = class {
       }
     }
     if (geoVerification.geofence_evaluation?.blocked) {
-      blockReasons.push(...geoVerification.geofence_evaluation.reasons);
+      blockReasons.push(...geoVerification.geofence_evaluation.reasons ?? []);
     }
     if (geoVerification.risk_level === "critical") {
       if (!blockReasons.includes("critical_risk_level")) {
@@ -1720,24 +1768,40 @@ var ComplianceClient = class {
       if (this.config.debug) {
         this.logger.debug("Starting login verification", { customerId: request.customerId });
       }
-      const [cipherTextResult, geoVerification, profileResult] = await Promise.all([
-        this.executeCipherTextValidation(
-          request.cipherText,
-          request.customerId,
-          "login",
-          request.ipAddress,
-          void 0,
-          requestOptions
-        ),
-        this.geoClient.verifyIP({
+      let cipherTextResult;
+      let geoVerification;
+      let profileResult;
+      if (request.cipherText) {
+        [cipherTextResult, profileResult] = await Promise.all([
+          this.executeCipherTextValidation(
+            request.cipherText,
+            request.customerId,
+            "login",
+            request.ipAddress,
+            void 0,
+            requestOptions
+          ),
+          this.riskClient.getProfile(request.customerId, requestOptions).catch(() => null)
+        ]);
+        geoVerification = (cipherTextResult && this.buildLocationFromCipherText(cipherTextResult, request.ipAddress)) ?? await this.geoClient.verifyIP({
           ip_address: request.ipAddress,
           user_id: request.customerId,
           event_type: "login",
           device_fingerprint: request.deviceFingerprint
-        }, requestOptions),
-        this.riskClient.getProfile(request.customerId, requestOptions).catch(() => null)
-      ]);
-      const loginBlockReasons = this.getBlockReasons(geoVerification, profileResult || {}, cipherTextResult);
+        }, requestOptions);
+      } else {
+        [, geoVerification, profileResult] = await Promise.all([
+          Promise.resolve(void 0),
+          this.geoClient.verifyIP({
+            ip_address: request.ipAddress,
+            user_id: request.customerId,
+            event_type: "login",
+            device_fingerprint: request.deviceFingerprint
+          }, requestOptions),
+          this.riskClient.getProfile(request.customerId, requestOptions).catch(() => null)
+        ]);
+      }
+      const loginBlockReasons = this.getBlockReasons(geoVerification, profileResult, cipherTextResult);
       const isBlocked = !geoVerification.is_compliant || geoVerification.is_blocked || !!cipherTextResult?.risk?.is_blocked || cipherTextResult?.valid === false || geoVerification.gps_required && !cipherTextResult;
       if (isBlocked && !profileResult) {
         return {
@@ -1821,23 +1885,39 @@ var ComplianceClient = class {
           currency: request.currency
         });
       }
-      const [cipherTextResult, geoVerification, profileResult] = await Promise.all([
-        this.executeCipherTextValidation(
-          request.cipherText,
-          request.customerId,
-          "transaction",
-          request.ipAddress,
-          void 0,
-          requestOptions
-        ),
-        this.geoClient.verifyIP({
+      let cipherTextResult;
+      let geoVerification;
+      let profileResult;
+      if (request.cipherText) {
+        [cipherTextResult, profileResult] = await Promise.all([
+          this.executeCipherTextValidation(
+            request.cipherText,
+            request.customerId,
+            "transaction",
+            request.ipAddress,
+            void 0,
+            requestOptions
+          ),
+          this.riskClient.getProfile(request.customerId, requestOptions).catch(() => null)
+        ]);
+        geoVerification = (cipherTextResult && this.buildLocationFromCipherText(cipherTextResult, request.ipAddress)) ?? await this.geoClient.verifyIP({
           ip_address: request.ipAddress,
           user_id: request.customerId,
           event_type: "transaction",
           device_fingerprint: request.deviceFingerprint
-        }, requestOptions),
-        this.riskClient.getProfile(request.customerId, requestOptions).catch(() => null)
-      ]);
+        }, requestOptions);
+      } else {
+        [, geoVerification, profileResult] = await Promise.all([
+          Promise.resolve(void 0),
+          this.geoClient.verifyIP({
+            ip_address: request.ipAddress,
+            user_id: request.customerId,
+            event_type: "transaction",
+            device_fingerprint: request.deviceFingerprint
+          }, requestOptions),
+          this.riskClient.getProfile(request.customerId, requestOptions).catch(() => null)
+        ]);
+      }
       const geoBlocked = !geoVerification.is_compliant || geoVerification.is_blocked || !!cipherTextResult?.risk?.is_blocked || cipherTextResult?.valid === false || geoVerification.gps_required && !cipherTextResult;
       if (geoBlocked && !profileResult) {
         return {
@@ -1856,6 +1936,9 @@ var ComplianceClient = class {
           cipherTextValidation: cipherTextResult
         };
       }
+      if (!profileResult) {
+        throw new ComplianceError("Customer profile not found", request.customerId);
+      }
       const profile = profileResult;
       const transactionRisk = this.calculateTransactionRisk(
         request.amount,
@@ -1898,22 +1981,31 @@ var ComplianceClient = class {
   async verifyEvent(request, requestOptions) {
     const startTime = Date.now();
     this.validateEventRequest(request);
-    const [cipherTextResult, geoVerification] = await Promise.all([
-      this.executeCipherTextValidation(
+    let cipherTextResult;
+    let geoVerification;
+    if (request.cipherText) {
+      cipherTextResult = await this.executeCipherTextValidation(
         request.cipherText,
         request.customerId,
         request.eventType,
         request.ipAddress,
         void 0,
         requestOptions
-      ),
-      this.geoClient.verifyIP({
+      );
+      geoVerification = (cipherTextResult && this.buildLocationFromCipherText(cipherTextResult, request.ipAddress)) ?? await this.geoClient.verifyIP({
         ip_address: request.ipAddress,
         user_id: request.customerId,
         event_type: request.eventType,
         device_fingerprint: request.deviceFingerprint
-      }, requestOptions)
-    ]);
+      }, requestOptions);
+    } else {
+      geoVerification = await this.geoClient.verifyIP({
+        ip_address: request.ipAddress,
+        user_id: request.customerId,
+        event_type: request.eventType,
+        device_fingerprint: request.deviceFingerprint
+      }, requestOptions);
+    }
     if (this.config.autoCreateProfiles) {
       try {
         const profile = await this.riskClient.getProfile(request.customerId, requestOptions);
@@ -1927,7 +2019,7 @@ var ComplianceClient = class {
       }
     }
     const cipherTextBlocked = cipherTextResult ? !cipherTextResult.valid || cipherTextResult.risk?.is_blocked === true : false;
-    const blockReasons = [...geoVerification.risk_reasons];
+    const blockReasons = [...geoVerification.risk_reasons ?? []];
     if (cipherTextResult) {
       if (!cipherTextResult.valid) {
         blockReasons.push("ciphertext_validation_failed");
@@ -1996,6 +2088,44 @@ var ComplianceClient = class {
       return void 0;
     }
   }
+  /**
+   * Build a LocationVerification from a ValidateCipherTextResponse.
+   * The validate-ciphertext endpoint now returns the full geo-verification data
+   * (is_compliant, jurisdiction, geofence_evaluation, record_id, gps_required),
+   * so a separate verifyIP call is unnecessary.
+   */
+  buildLocationFromCipherText(ct, ipAddress) {
+    const loc = ct.location;
+    const risk = ct.risk;
+    if (!risk) return null;
+    return {
+      ip_address: ct.ip_address || ipAddress,
+      location: {
+        country: loc?.country ?? "",
+        country_iso: loc?.country_iso ?? "",
+        city: loc?.city ?? "",
+        region: loc?.region ?? "",
+        postal_code: "",
+        latitude: loc?.latitude ?? 0,
+        longitude: loc?.longitude ?? 0,
+        timezone: "",
+        is_vpn: risk.is_vpn,
+        is_proxy: risk.is_proxy,
+        is_tor: risk.is_tor,
+        is_hosting: risk.is_hosting ?? false,
+        is_anonymizer: risk.is_vpn || risk.is_proxy || risk.is_tor
+      },
+      is_compliant: ct.is_compliant ?? !risk.is_blocked,
+      is_blocked: risk.is_blocked,
+      risk_level: risk.level,
+      risk_score: risk.score,
+      risk_reasons: risk.is_blocked && risk.block_reasons ? risk.block_reasons : risk.factors ?? [],
+      jurisdiction: ct.jurisdiction,
+      geofence_evaluation: ct.geofence_evaluation,
+      record_id: ct.record_id ?? "",
+      gps_required: ct.gps_required
+    };
+  }
   calculateTransactionRisk(amount, currency, geoVerification, profile, cipherTextResult) {
     if (!this._currencyRatesCustomized && !this._currencyRatesWarned) {
       this._currencyRatesWarned = true;
@@ -2066,13 +2196,15 @@ var ComplianceClient = class {
   getBlockReasons(geoVerification, profile, cipherTextResult) {
     const reasons = [];
     if (geoVerification.is_blocked) {
-      reasons.push(...geoVerification.risk_reasons);
+      reasons.push(...geoVerification.risk_reasons ?? []);
     }
-    if (profile.customer_status === "suspended") {
-      reasons.push("account_suspended");
-    }
-    if (profile.has_sanctions) {
-      reasons.push("sanctions_match");
+    if (profile) {
+      if (profile.customer_status === "suspended") {
+        reasons.push("account_suspended");
+      }
+      if (profile.has_sanctions) {
+        reasons.push("sanctions_match");
+      }
     }
     if (cipherTextResult) {
       if (!cipherTextResult.valid) {