Socket
Socket
Sign inDemoInstall

@opengovsg/formsg-sdk

Package Overview
Dependencies
3
Maintainers
5
Versions
20
Alerts
File Explorer

Advanced tools

npm Scripts
License

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 0.8.0 to 0.8.1

dist/types.d.ts
dist/types.js

1

dist/crypto.d.ts

@@ -0,1 +1,2 @@

import { DecryptParams, DecryptedContent, EncryptedContent, EncryptedFileContent, Keypair, PackageInitParams } from './types';
/**

@@ -2,0 +3,0 @@ * Encrypt input with a unique keypair for each submission

11

dist/index.d.ts

@@ -0,1 +1,2 @@

import { PackageInitParams } from './types';
declare const _default: (options?: PackageInitParams) => {

@@ -19,11 +20,11 @@ webhooks: {

encrypt: (msg: any, encryptionPublicKey: string, signingPrivateKey?: string | undefined) => string;
decrypt: (formSecretKey: string, decryptParams: DecryptParams) => DecryptedContent | null;
generate: () => Keypair;
decrypt: (formSecretKey: string, decryptParams: import("./types").DecryptParams) => import("./types").DecryptedContent | null;
generate: () => import("./types").Keypair;
valid: (publicKey: string, secretKey: string) => boolean;
encryptFile: (binary: Uint8Array, formPublicKey: string) => Promise<EncryptedFileContent>;
decryptFile: (formSecretKey: string, { submissionPublicKey, nonce, binary: encryptedBinary }: EncryptedFileContent) => Promise<Uint8Array | null>;
encryptFile: (binary: Uint8Array, formPublicKey: string) => Promise<import("./types").EncryptedFileContent>;
decryptFile: (formSecretKey: string, { submissionPublicKey, nonce, binary: encryptedBinary }: import("./types").EncryptedFileContent) => Promise<Uint8Array | null>;
};
verification: {
authenticate: Function;
generateSignature: ({ transactionId, formId, fieldId, answer, }: VerificationSignatureOptions) => string;
generateSignature: ({ transactionId, formId, fieldId, answer, }: import("./types").VerificationSignatureOptions) => string;
} | {

@@ -30,0 +31,0 @@ authenticate?: undefined;

2

dist/index.js

@@ -5,5 +5,5 @@ "use strict";

};
var webhooks_1 = __importDefault(require("./webhooks"));
var crypto_1 = __importDefault(require("./crypto"));
var verification_1 = __importDefault(require("./verification"));
var webhooks_1 = __importDefault(require("./webhooks"));
module.exports = function (options) {

@@ -10,0 +10,0 @@ if (options === void 0) { options = {}; }

1

dist/util/publicKey.d.ts

@@ -0,1 +1,2 @@

import { PackageMode } from '../types';
/**

@@ -2,0 +3,0 @@ * Retrieves the appropriate public key.

1

dist/util/stage.d.ts

@@ -0,1 +1,2 @@

import { PackageMode } from '../types';
declare const STAGE: {

@@ -2,0 +3,0 @@ [stage in PackageMode]: stage;

1

dist/util/validate.d.ts

@@ -0,2 +1,3 @@

import { FormField } from '../types';
declare function determineIsFormFields(tbd: any): tbd is FormField[];
export { determineIsFormFields };

32

dist/verification/authenticate.js

@@ -12,6 +12,6 @@ "use strict";

/*
* Checks if signature was made within TRANSACTION_EXPIRE_AFTER_SECONDS before submission was created
* @param {Number} signatureTime ms
* @param {Number} submissionCreatedAt ms
*/
* Checks if signature was made within TRANSACTION_EXPIRE_AFTER_SECONDS before submission was created
* @param {Number} signatureTime ms
* @param {Number} submissionCreatedAt ms
*/
function isSignatureTimeValid(signatureTime, submissionCreatedAt) {

@@ -23,10 +23,10 @@ var maxTime = submissionCreatedAt;

/**
* Verifies signature
* @param {object} data
* @param {string} data.signatureString
* @param {number} data.submissionCreatedAt date in milliseconds
* @param {string} data.fieldId
* @param {string} data.answer
* @param {string} data.publicKey
*/
* Verifies signature
* @param {object} data
* @param {string} data.signatureString
* @param {number} data.submissionCreatedAt date in milliseconds
* @param {string} data.fieldId
* @param {string} data.answer
* @param {string} data.publicKey
*/
function authenticate(_a) {

@@ -44,3 +44,9 @@ var signatureString = _a.signatureString, submissionCreatedAt = _a.submissionCreatedAt, fieldId = _a.fieldId, answer = _a.answer;

if (isSignatureTimeValid(signatureDate, submissionCreatedAt)) {
var data = basestring_1.default({ transactionId: transactionId, formId: formId, fieldId: fieldId, answer: answer, time: signatureDate });
var data = basestring_1.default({
transactionId: transactionId,
formId: formId,
fieldId: fieldId,
answer: answer,
time: signatureDate,
});
return tweetnacl_1.default.sign.detached.verify(utf8_1.encode(data), base64_1.decode(signature), base64_1.decode(publicKey));

@@ -47,0 +53,0 @@ }

3

dist/verification/basestring.d.ts

@@ -0,5 +1,6 @@

import { VerificationBasestringOptions } from '../types';
/**
* Formats given data into a string for signing
*/
declare function basestring({ transactionId, formId, fieldId, answer, time }: VerificationBasestringOptions): string;
declare function basestring({ transactionId, formId, fieldId, answer, time, }: VerificationBasestringOptions): string;
export default basestring;

1

dist/verification/generate-signature.d.ts

@@ -0,1 +1,2 @@

import { VerificationSignatureOptions } from '../types';
export default function (privateKey: string): ({ transactionId, formId, fieldId, answer, }: VerificationSignatureOptions) => string;

1

dist/verification/get-public-key.d.ts

@@ -0,1 +1,2 @@

import { PackageMode } from '../types';
/**

@@ -2,0 +3,0 @@ * Retrieves the appropriate public key.

3

dist/verification/index.d.ts

@@ -5,5 +5,6 @@ /**

*/
import { PackageInitParams } from '../types';
declare const _default: (params?: PackageInitParams) => {
authenticate: Function;
generateSignature: ({ transactionId, formId, fieldId, answer, }: VerificationSignatureOptions) => string;
generateSignature: ({ transactionId, formId, fieldId, answer, }: import("../types").VerificationSignatureOptions) => string;
} | {

@@ -10,0 +11,0 @@ authenticate?: undefined;

20

dist/verification/index.js
"use strict";
/**
* @file Manages verification of otp form fields (email, sms, whatsapp)
* @author Jean Tan
*/
var __importDefault = (this && this.__importDefault) || function (mod) {

@@ -19,8 +15,12 @@ return (mod && mod.__esModule) ? mod : { "default": mod };

return {
authenticate: transactionExpiry !== undefined ?
authenticate_1.default(verificationPublicKey, transactionExpiry)
: function () { throw new Error('Provide transactionExpiry when initializing the formsg sdk to use this function.'); },
generateSignature: verificationSecretKey !== undefined ?
generate_signature_1.default(verificationSecretKey)
: function () { throw new Error('Provide verificationSecretKey when initializing the formsg sdk to use this function.'); },
authenticate: transactionExpiry !== undefined
? authenticate_1.default(verificationPublicKey, transactionExpiry)
: function () {
throw new Error('Provide transactionExpiry when initializing the formsg sdk to use this function.');
},
generateSignature: verificationSecretKey !== undefined
? generate_signature_1.default(verificationSecretKey)
: function () {
throw new Error('Provide verificationSecretKey when initializing the formsg sdk to use this function.');
},
};

@@ -27,0 +27,0 @@ }

1

dist/webhooks.d.ts

@@ -0,1 +1,2 @@

import { PackageInitParams } from './types';
/**

@@ -2,0 +3,0 @@ * Constructs the `X-FormSG-Signature` header

2

package.json
{
"name": "@opengovsg/formsg-sdk",
"version": "0.8.0",
"version": "0.8.1",
"repository": {

@@ -5,0 +5,0 @@ "type": "git",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc