Merge branch 'release-25.10' into 'main'

Release 25.10 TS content

See merge request nwac/sdk-ts!139

Author: slahtine

CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## Version 6.0.0
+
+Breaking Changes:
+- Number verification now uses the fast flow and requires the state parameter to be passed in
+
 ## Version 5.2.0
 
 Changes:

examples/kyc-age-verification-ts examples/kyc-age-verification.tsexamples/kyc-age-verification-ts renamed to examples/kyc-age-verification.ts

@@ -20,18 +20,24 @@ const device = client.devices.get({
  You must provide a redirectUri, where the authorization code will be delivered.
  See the express example provided below.
 
- You can add a state value of your choosing to test for CSRF attacks. Your application then should check, 
+ Add a state value of your choosing to test for CSRF attacks. Your application then should check, 
  that the state value given to the authorization endpoint matches the one returned to the redirect uri.
  If the state values do not match, there has likely been a CSRF attack. In this case your application
  should return a 401 Unauthorized error code. */
 
 const redirectUri = "https://my-example/redirect";
-const scope = "number-verification:verify";
+
+// The scope should be "dpv:FraudPreventionAndDetection number-verification:device-phone-number:read" 
+// when using the getPhoneNumber method to retrieve the device phone number.
+const scope = "dpv:FraudPreventionAndDetection number-verification:verify"; 
+
 const loginHint = device.phoneNumber;
 const state = "foobar";
 
-// create a callbacklink
-const callback = await client.authentication.createAuthenticationLink(
+
+
+// Create a callbacklink
+const callback = await client.authentication.createAuthorizationLink(
     redirectUri,
     scope,
     loginHint,
@@ -46,7 +52,7 @@ const port = process.env.PORT || 3000;
 app.use(express.json());
 
 app.get("/redirect", (req: Request, res: Response) => {
-    res.send(`This is your authorization code: ${req.query.code}`)
+    res.send(`This is your authorization code: ${req.query.code} This is your state variable: ${req.query.state}.`)
 
     res.status(200).end();
 });
@@ -56,20 +62,17 @@ app.listen(port, () => {
 });
 
 
-
-
 // Add your authorization code here.
 const code = "NaC-authorization-code";
 
 
 /* You can use the Number Verification API with the obtained authorization code.
  The verifyNumber endpoint will respond with a true or false value. */
-const verificationResult = await device.verifyNumber(code);
-
+const verificationResult = await device.verifyNumber(code, state);
 console.log(verificationResult);
 
-// The getPhoneNumber endpoint will respond with the phone number of the used Device.
 
-const phoneNumber = await device.getPhoneNumber(code);
 
+// The getPhoneNumber endpoint will respond with the phone number of the used Device.
+const phoneNumber = await device.getPhoneNumber(code, state);
 console.log(phoneNumber) // "+123456789"

examples/number-verification.ts

@@ -43,9 +43,9 @@ describe("Geofencing", () => {
         const data: any = await notification.json();
 
         expect(data).not.toBeNull();
-        expect(data[0]["data"]["area"]["areaType"]).toEqual("CIRCLE");
-        expect(data[0]["data"]["area"]["center"]["latitude"]).toEqual(47.48627616952785);
-        expect(data[0]["data"]["area"]["radius"]).toEqual(2000);
+        expect(data[0].data.area.areaType).toEqual("CIRCLE");
+        expect(data[0].data.area.center.latitude).toEqual(47.48627616952785);
+        expect(data[0].data.area.radius).toEqual(2000);
 
 
         // Deleting the subscription notification
@@ -79,8 +79,8 @@ describe("Geofencing", () => {
         const data: any = await notification.json();
 
         expect(data).not.toBeNull();
-        expect(data[0]["data"]["area"]["areaType"]).toEqual("POI");
-        expect(data[0]["data"]["area"]["poiName"]).toEqual("StatueOfLiberty");
+        expect(data[0].data.area.areaType).toEqual("POI");
+        expect(data[0].data.area.poiName).toEqual("StatueOfLiberty");
 
         // Deleting the subscription notification
         notification = await fetch(`${notificationUrl}/geofencing-subscriptions/${subscription.eventSubscriptionId}`,
@@ -112,7 +112,7 @@ describe("Geofencing", () => {
         const data: any = await notification.json();
 
         expect(data).not.toBeNull();
-        expect(data[0]["data"]["area"]["areaType"]).toEqual("CIRCLE");
+        expect(data[0].data.area.areaType).toEqual("CIRCLE");
 
 
         // Deleting the subscription notification
@@ -146,7 +146,7 @@ describe("Geofencing", () => {
         const data: any = await notification.json();
 
         expect(data).not.toBeNull();
-        expect(data[0]["data"]["area"]["areaType"]).toEqual("POI");
+        expect(data[0].data.area.areaType).toEqual("POI");
 
         // Deleting the subscription notification
         notification = await fetch(`${notificationUrl}/geofencing-subscriptions/${subscription.eventSubscriptionId}`,
@@ -184,7 +184,7 @@ describe("Geofencing", () => {
         const data: any = await notification.json();
 
         expect(data).not.toBeNull();
-        expect(data[0]["data"]["area"]["areaType"]).toEqual("CIRCLE");
+        expect(data[0].data.area.areaType).toEqual("CIRCLE");
 
         // Deleting the subscription notification
         notification = await fetch(`${notificationUrl}/geofencing-subscriptions/${subscription.eventSubscriptionId}`,
@@ -225,7 +225,7 @@ describe("Geofencing", () => {
         const data: any = await notification.json();
 
         expect(data).not.toBeNull();
-        expect(data[0]["data"]["area"]["areaType"]).toEqual("POI");
+        expect(data[0].data.area.areaType).toEqual("POI");
 
         // Deleting the subscription notification
         notification = await fetch(`${notificationUrl}/geofencing-subscriptions/${subscription.eventSubscriptionId}`,
@@ -287,4 +287,4 @@ describe("Geofencing", () => {
             expect(error).toBeDefined();
         }
     });
-});
+});

integration-tests/geofencing.itest.ts

@@ -21,44 +21,47 @@ beforeAll(() => {
     notificationUrl = configureNotificationServerUrl();
 });
 
-describe("Number Verification authentication", () => {
+describe("Number Verification authorization", () => {
     it("should retrieve credentials", async () => {
-        const credentials: any = await client.authentication.credentials();
+        const credentials: any = await client.authorization.credentials();
         expect(credentials.clientId).toBeTruthy();
         expect(credentials.clientSecret).toBeTruthy();
     });
 
     it("should retrieve endpoints", async () => {
-        const endpoints: any = await client.authentication.endpoints();
-        expect(endpoints.authorizationEndpoint).toBeTruthy();
-        expect(endpoints.tokenEndpoint).toBeTruthy();
+        const endpoints: any = await client.authorization.endpoints();
+        expect(endpoints.fastFlowCspAuthEndpoint).toBeTruthy();
     });
 
-    it("should create authentication link", async () => {
-        const credentials: any = await client.authentication.credentials();
-        const endpoints: any = await client.authentication.endpoints();
+    it("should create authorization link", async () => {
+        const credentials: any = await client.authorization.credentials();
+        const endpoints: any = await client.authorization.endpoints();
         const redirectUri= "https://example.com/redirect";
         const scope = "dpv:FraudPreventionAndDetection number-verification:verify";
         const loginHint = "+99999991000";
-        const callback = await client.authentication.createAuthenticationLink(
+        const state = "testState";
+        const callback = await client.authorization.createAuthorizationLink(
             redirectUri,
             scope,
-            loginHint
+            loginHint,
+            state
         );
         expect(callback)
-        .toEqual(`${endpoints.authorizationEndpoint}?response_type=code&client_id=${credentials.clientId}&redirect_uri=https%3A%2F%2Fexample.com%2Fredirect&scope=dpv%3AFraudPreventionAndDetection%20number-verification%3Averify&login_hint=%2B99999991000`);
+        .toEqual(`${endpoints.fastFlowCspAuthEndpoint}?response_type=code&client_id=${credentials.clientId}&redirect_uri=https%3A%2F%2Fexample.com%2Fredirect&scope=dpv%3AFraudPreventionAndDetection%20number-verification%3Averify&login_hint=%2B99999991000&state=testState`);
     });
 });
 
-describe("Number Verification NaC auth code and access token", () => {
-    it("should get NaC auth code", async () => {
+describe("Number Verification NaC auth code", () => {
+    it("should get NaC auth code and state", async () => {
         const redirectUri= `${notificationUrl}/nv`;
         const scope = "dpv:FraudPreventionAndDetection number-verification:verify";
         const loginHint = "+99999991000";
-        const callback = await client.authentication.createAuthenticationLink(
+        const state = "testState";
+        const callback = await client.authorization.createAuthorizationLink(
             redirectUri,
             scope,
-            loginHint
+            loginHint,
+            state
         );
         await fetch(callback, {
             method: "GET",
@@ -71,123 +74,92 @@ describe("Number Verification NaC auth code and access token", () => {
                         agent: agent
                     });
         const data = await response.json() as any;
-        const code = data.code
-        expect(code).toBeTruthy();
-    });
-
-    it("should get single use access token", async () => {
-        const redirectUri= `${notificationUrl}/nv`;
-        const scope = "dpv:FraudPreventionAndDetection number-verification:verify";
-        const loginHint = "+99999991000";
-        const callback = await client.authentication.createAuthenticationLink(
-            redirectUri,
-            scope,
-            loginHint
-        );
-        await fetch(callback, {
-            method: "GET",
-            agent: agent
-        });
-
-        const response =  await fetch(`${notificationUrl}/nv-get-code`,
-                    {
-                        method: "GET",
-                        agent: agent
-                    });
-        const data = await response.json() as any;
-        const code = data.code
-        const accessToken: any = await device.getSingleUseAccessToken(code);
-        expect(accessToken.accessToken).toBeTruthy();
-        expect(accessToken.tokenType).toBeTruthy();
-        expect(accessToken.expiresIn).toBeTruthy();
+        expect(data.code).toBeTruthy();
+        expect(data.state).toBeTruthy();
     });
 });
 
-describe("Number verification", () => {   
+describe("Number verification", () => {
     it("should verify number - True", async () => {
         const redirectUri= `${notificationUrl}/nv`;
         const scope = "dpv:FraudPreventionAndDetection number-verification:verify";
         const loginHint = "+99999991000";
-        const callback = await client.authentication.createAuthenticationLink(
+        const state = "testState";
+        const callback = await client.authorization.createAuthorizationLink(
             redirectUri,
             scope,
-            loginHint
+            loginHint,
+            state
         );
         await fetch(callback, {
             method: "GET",
             agent: agent
         });
 
         const response =  await fetch(`${notificationUrl}/nv-get-code`,
-                    {
-                        method: "GET",
-                        agent: agent
-                    });
+            {
+                method: "GET",
+                agent: agent
+            });
         const data = await response.json() as any;
-        const code = data.code
-        const result: boolean = await device.verifyNumber(code);
+        const result: boolean = await device.verifyNumber(data.code, data.state);
         expect(result).toBeTruthy();
     });
 
-    it.skip("should verify number - False", async () => {
+    it("should verify number - False", async () => {
+        device = client.devices.get({
+            phoneNumber: "+99999991001"
+        });
         const redirectUri= `${notificationUrl}/nv`;
         const scope = "dpv:FraudPreventionAndDetection number-verification:verify";
         const loginHint = "+99999991001";
-        const callback = await client.authentication.createAuthenticationLink(
+        const state = "testState";
+        const callback = await client.authorization.createAuthorizationLink(
             redirectUri,
             scope,
-            loginHint
+            loginHint,
+            state
         );
         await fetch(callback, {
             method: "GET",
             agent: agent
         });
 
         const response =  await fetch(`${notificationUrl}/nv-get-code`,
-                    {
-                        method: "GET",
-                        agent: agent
-                    });
+            {
+                method: "GET",
+                agent: agent
+            });
         const data = await response.json() as any;
-        const code = data.code
-        const result: boolean = await device.verifyNumber(code);
+        const result: boolean = await device.verifyNumber(data.code, data.state);
         expect(result).toBeFalsy();
     });
 
-    it("should return 400 APIError", async () => {
-        try {
-            await device.getSingleUseAccessToken("1234567");            
-            expect(true).toBe(false);
-        } catch (error){
-            expect(error).toBeDefined();
-            const err = error as Error;
-            expect(err.message).toEqual("400 - Bad Request");
-        }
-    });
 });
 describe("Get Phone Number", () => {
     it("should get device phone number", async () => {
         const redirectUri= `${notificationUrl}/nv`;
         const scope = "dpv:FraudPreventionAndDetection number-verification:device-phone-number:read";
         const loginHint = "+99999991000";
-        const callback = await client.authentication.createAuthenticationLink(
+        const state = "testState"
+        const callback = await client.authorization.createAuthorizationLink(
             redirectUri,
             scope,
-            loginHint
+            loginHint,
+            state
         );
         await fetch(callback, {
             method: "GET",
             agent: agent
         });
 
         const response =  await fetch(`${notificationUrl}/nv-get-code`,
-                    {
-                        method: "GET",
-                        agent: agent
-                    });
+            {
+                method: "GET",
+                agent: agent
+            });
         const data = await response.json() as any;
-        const code = data.code
-        const result: string = await device.getPhoneNumber(code);
+        const result: string = await device.getPhoneNumber(data.code, data.state);
         expect(result).toBeDefined();
     });
 });

integration-tests/numberVerification.itest.ts

@@ -1,6 +1,6 @@
 {
   "name": "network-as-code",
-  "version": "5.2.0",
+  "version": "6.0.0",
   "description": "Network as Code SDK for TypeScript",
   "main": "dist/esm/index.js",
   "types": "dist/@types/index.d.ts",