Initial codebase (#10)

Author: kober32

.github/actions/setup/action.yml

@@ -25,5 +25,5 @@ runs:
       run: corepack enable
     - name: Install dependencies
       if: steps.yarn-cache.outputs.cache-hit != 'true'
-      run: yarn install --immutable
+      run: yarn install
       shell: bash

.gitignore

@@ -70,4 +70,7 @@ packages/lib-cordova/lib/
 packages/lib-cordova/native_shared
 
 # lib artifacts
-*.tgz
+*.tgz
+
+# Cordova test app
+testapp-cordova/www/js

.prepare-release.json

@@ -0,0 +1,29 @@
+{
+    "metadata": {
+        "purpose": "This file is used as a definition file for the prepare-release script.",
+        "info": "It defines files that contains version number that should be updated during the release preparation.",
+        "customBuildscript": "If needed, in the library object, set \"buildscript\": \"your-custom-build-command\" command if your build command is different than 'npm i && npm run build'"
+    },
+    "library": {
+        "name": "digital-onboarding-js",
+        "type": "yarn",
+        "artifacts": [
+            "packages/lib-cordova/digital-onboarding-js.tgz"
+        ],
+        "buildscript": "corepack enable && yarn install && yarn packCordova"
+    },
+    "files": [
+        {
+            "description": "Cordova package definition file.",
+            "path": "packages/lib-cordova/package.json",
+            "type": "version_replace",
+            "match": "\"version\": \"%VERSION%\",\n"
+        },
+        {
+            "description": "Cordova plugin.xml file.",
+            "path": "packages/lib-cordova/plugin.xml",
+            "type": "version_replace",
+            "match": "id=\"cordova-digital-onboarding\" version=\"%VERSION%\""
+        }
+    ]
+}

README.md

@@ -1,2 +1,62 @@
-# digital-onboarding-js
-Wultra Digital Onboarding for JS mobile platforms (Cordova and React Native)
+# Wultra Digital Onboarding for mobile JS Platforms
+
+<!-- begin remove -->
+<p align="center"><img src="docs/images/intro.jpg" alt="Wultra Digital Onboarding for mobile JS Platforms" width="100%" /></p>
+<!-- end -->
+
+<!-- begin box info -->
+The Wultra Digital Onboarding SDK functions as an extension of [Wultra Mobile Authentication (PowerAuth)](https://wultra.com/powerauth) that is required.
+<!-- end -->
+
+## Introduction
+
+Elevate your standard device activation, user login, and request signing scenarios by incorporating facial recognition and document scanning in diverse situations:
+
+- Reclaim access or recover lost credentials through authenticating the user's genuine presence and verifying document validity.
+- Reinforce conventional password or PIN-based authentication with an extra layer of security through face recognition.
+- Seamlessly onboard new customers into your systems, authenticating them with identification cards and facial scans for access to your app.
+
+### Other resources
+
+We also provide an [Android](https://github.com/wultra/digital-onboarding-android) and [iOS](https://github.com/wultra/digital-onboarding-apple) versions of this library.
+
+## What will you need before the implementation
+
+<!-- begin box info -->
+The Wultra Digital Onboarding SDK functions as an extension of Wultra Mobile Authentication that is required.
+<!-- end -->
+
+Before initiating the integration, it's essential to ensure that your server environment is prepared with appropriately configured services capable of managing user verification and onboarding, seamlessly connecting to your systems.
+
+Given the unique characteristics of each customer system, the utilization of this SDK may vary. To accurately outline the user verification process, we recommend consulting with our technical team for tailored guidance.
+
+## Document OCR and face verification
+
+We seamlessly incorporate industry-leading solutions for document scanning, ensuring versatility and effectiveness in your operations.
+
+- iProov for genuine presence
+- Innovatrics for document scanning and genuine presence
+- ZenID for document scanning
+- BlinkID for document scanning
+
+Our dedicated technical and sales representatives are available to guide you in selecting the optimal solution that aligns perfectly with your needs.
+
+## Documentation
+
+<!-- begin box warning -->
+Please be aware that the scenarios outlined in the documentation are illustrative examples. Your user flow and implementation may vary based on your specific requirements and circumstances.
+<!-- end -->
+
+The documentation is available at the [Wultra Developer Portal](https://developers.wultra.com/components/digital-onboarding-js) or inside the [docs folder](docs).
+
+## License
+
+All sources are licensed using the Apache 2.0 license.
+
+## Contact
+
+If you need any assistance, do not hesitate to drop us a line at [hello@wultra.com](mailto:hello@wultra.com) or our official [wultra.com/discord](https://wultra.com/discord) channel.
+
+### Security Disclosure
+
+If you believe you have identified a security vulnerability with Wultra Digital Onboarding, you should report it as soon as possible via email to [support@wultra.com](mailto:support@wultra.com). Please do not post it to a public issue tracker.

docs/Changelog.md

@@ -0,0 +1,5 @@
+# Changelog
+
+## 1.0.0 (Nov, 2025)
+
+Initial release.

docs/Device-Activation.md

@@ -0,0 +1,194 @@
+# Device Activation
+
+With `WDOActivationService` you can onboard PowerAuth with just a piece of user information like his email, phone number, or login name.
+
+PowerAuth enrolled in such a way will need [further user verification](Verifying-User.md) until fully operational (able to sign operations).
+
+## Example app flow
+
+<p align="center"><img src="images/activation-mockup.png" alt="Example application flow for the activation" width="100%" /></p>
+
+## Creating an instance
+
+To create an instance you will need a `PowerAuth` instance that is __ready to be activated__.
+
+<!-- begin box info -->
+[Documentation for `PowerAuth Mobile JS SDK`](https://developers.wultra.com/components/react-native-powerauth-mobile-sdk/). 
+<!-- end -->
+
+
+Example with `PowerAuth` instance:
+
+```typescript
+const powerAuth = new PowerAuth("my-pa-instance")
+powerAuth.configure({
+    configuration: "ARCB+...jg==", // base64 PowerAuth configuration
+    baseEndpointUrl: "https://my-server-deployment.com/enrollment-server/"
+})
+const activationService = new WDOActivationService(
+    powerAuth,
+    "https://my-server-deployment.com/enrollment-server-onboarding/"
+)
+```
+
+## Retrieving the status
+
+To figure out if the activation process was already started and what is the status, you can use `hasActiveProcess`.
+
+```typescript
+/**
+ * If the activation process is in progress.
+ *
+ * Note that even if this property is `true` it can be already discontinued on the server.
+ * Calling `status()` for example after the app is launched in this case is recommended.
+ */
+get hasActiveProcess(): boolean;
+```
+
+If the process was started, you can verify its status by calling the `status` function. You can show an appropriate UI to the user based on this status.
+
+```typescript
+/**
+ * Retrieves status of the onboarding activation.
+ *
+ * @return Promise resolved with onboarding status.
+ */
+status(): Promise<WDOOnboardingStatus>;
+```
+
+`WDOOnboardingStatus` possible values.
+
+```typescript
+declare enum WDOOnboardingStatus {
+    /** Activation part of the process is in progress */
+    activationInProgress = "ACTIVATION_IN_PROGRESS",
+    /** Verification part of the process is in progress */
+    verificationInProgress = "VERIFICATION_IN_PROGRESS",
+    /** Onboarding process has failed */
+    failed = "FAILED",
+    /** Onboarding process is completed */
+    finished = "FINISHED"
+}
+```
+
+## Starting the process
+
+To start the activation process, you can use any credentials that are sufficient to you that can identify the user.
+
+Often, such data are user email, phone number, or userID. The definition of such data is up to your server implementation and requirements.
+
+To start the activation, use the `start` function.
+
+```typescript
+/**
+     * Start onboarding activation with user credentials.
+     *
+     * For example, when you require email, your object would look like this:
+     * ```
+     * {
+     *   email: "<user_email>"
+     * }
+     * ```
+     * @param credentials Object with credentials. Which credentials are needed should be provided by a system/backend provider.
+     * @param processType The process type identification. If not specified, the default process type will be used.
+     */
+    start(credentials: any, processType?: string): Promise<void>;
+```
+
+### Example
+
+```typescript
+
+class MyUserService {
+    // prepared service
+    private activationService: WDOActivationService
+    
+    async startActivation(id: string) {
+        const data = { userId: id}
+        try {
+            await this.activationService.start(data)
+            // success, continue with `activate()`
+            // at this moment, the `hasActiveProcess` starts return true
+        } catch (error) {
+            // show error to the user
+        }
+    }
+}
+```
+
+## Creating the activation
+
+To activate the user (activating the `PowerAuth` instance), data retrieved from the process start can be used with optional `OTP`. The OTP is usually sent via SMS, email, or other channel. To decide if the OTP is needed, you can use the [Configuration API](Process-Configuration.md) or have it hardcoded.
+
+Use the `activate` function to create the activation.
+
+```typescript
+/**
+ * Activate the PowerAuth instance that was passed in the initializer.
+ *
+ * @param activationName Name of the activation. Device name by default (usually something like John's iPhone or similar).
+ * @param otp OTP code received by the user (via SMS or email). Optional when not required.
+ * @return Promise resolved with activation result.
+ */
+activate(activationName: string, otp?: string): Promise<WDOPowerAuthActivationResult>;
+```
+
+Example implementation:
+
+```typescript
+class MyUserService {
+    // prepared service
+    private activationService: WDOActivationService
+    
+    async activate(smsOTP?: string) {
+        try {
+            const activationResult = await activationService.activate("my-test-activation", smsOTP)
+            // PowerAuthSDK instance was activated.
+            // At this moment, navigate the user to
+            // the PIN keyboard to finish the PowerAuthSDK initialization.
+            // For more information, follow the PowerAuthSDK documentation.
+        } catch (error) {
+            if (allowOnboardingOtpRetry(error)) {
+                // User entered the wrong OTP, prompt for a new one.
+                // Remaining OTP attempts count: onboardingOtpRemainingAttempts(error)
+            } else {
+                // show error UI
+            }
+        }
+    }
+}
+```
+
+## Canceling the process
+
+To cancel the process, just call the `cancel` function.
+
+```typescript
+/**
+ * Cancel the activation process (issues a cancel request to the backend and clears the local process ID).
+ *
+ * @param forceCancel When true, the process will be canceled in the SDK even when fails on backend. `true` by default.
+ */
+cancel(forceCancel?: boolean): Promise<void>;
+```
+
+## OTP resend
+
+In some cases, you need to resent the OTP:  
+ - OTP was not received by the user (for example when the email ends in the spam folder).  
+ - OTP expired. 
+
+ For such cases, use `resendOTP` function.
+ 
+ ```typescript
+/**
+* OTP resend request.
+*
+* This is intended to be displayed for the user to use in case of the OTP is not received.
+* For example, when the user does not receive SMS after some time, there should be a button to "send again".
+*/
+resendOTP(): Promise<void>;
+ ```
+
+## Read next
+- [Verifying User With Document Scan And Genuine Presence Check](Verifying-User.md)

docs/Language-Configuration.md

@@ -0,0 +1,13 @@
+# Language Configuration
+
+The language of content that might be localized can be configured via `changeAcceptLanguage` method on both `WDOActivationService` and `WDOVerificationService`.
+
+The default language is `en`. Availability of languages depends on server configuration and implementation.
+
+<!-- begin box info -->
+The language configuration is a wrap-around of the underlying networking language configuration described in [our networking library documentation](https://github.com/wultra/networking-js).
+<!-- end -->
+
+## Read next
+
+- [Logging](Logging.md)

docs/Logging.md

@@ -0,0 +1,22 @@
+# Logging
+
+You can set up logging for the library using the `WDOLogger` class.
+
+<!-- begin box info -->
+Networking traffic is logged in its own logger described in the [networking library documentation](https://github.com/wultra/networking-js).
+<!-- end -->
+
+### Verbosity Level
+
+You can limit the amount of logged information via the `verboseLevel` property.
+
+| Level                  | Description                                       |
+| ---------------------- | ------------------------------------------------- |
+| `NONE`                 | Silences all messages.                            |
+| `ERROR`  _(default)_   | Only errors will be logged.                       |
+| `WARNING`              | Errors and warnings will be logged.               |
+| `INFO`                 | Error, warning and info messages will be logged.  |
+| `DEBUG`                | All messages will be logged.                      |
+### Logger Delegate
+
+In case you want to process logs on your own (for example log into a file or some cloud service), you can set `WDOLogger.listener`.