cyberuskey-sdk
v0.0.21
Published
Cyberus Key SDK
Downloads
31
Maintainers
Readme
What is Cyberus Key?
Your users will never need to remember or input a password again with Cyberus Key, our one-touch universal, user authentication system.
Now you can guarantee your customers the highest level of protection against phishing attacks, identity and data theft,and more. By removing the risk of stolen passwords or credentials, you can eliminate one of the biggest cyber security threats.
Cyberus Key SDK
Cyberus Key SDK is a tiny library that provides a full support for Cyberys Key's password-less authentication which implements the OpenID Connect protocol.
How to install
With NPM:
npm install cyberuskey-sdk
With Yarn:
yarn add cyberuskey-sdk
You can also get a minified file from JSDelivr's CDN:
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/sdk.es6.min.js" type="text/javascript"></script>
<script type="text/javascript">
console.log(window['cyberuskey-sdk']);
</script>
Documentation
Classes
CyberusKeyAPI
Kind: global class
- CyberusKeyAPI
- new CyberusKeyAPI()
- instance
- .createSession(clientId, [geo], [origin]) ⇒ Promise.<string>
- .isOutOfService() ⇒ Promise.<boolean>
- .getOTPSound(session) ⇒ Promise.<string>
- .getAuthenticationEndpointUrl(sessionId, scope, clientId, redirectUri, [state], [nonce], [responseType]) ⇒
- .navigateAuthentication(clientId, redirectUri, scope, navigator, session, [origin], [state], [nonce], [responseType]) ⇒ Promise.<void>
- static
new CyberusKeyAPI()
cyberusKeyAPI.createSession(clientId, [geo], [origin]) ⇒ Promise.<string>
Kind: instance method of CyberusKeyAPI
Returns: Promise.<string> - The Cyberus Key session id.
Throws:
| Param | Type | Description | | --- | --- | --- | | clientId | string | Public client ID generated during creating the account. | | [geo] | Geolocation | Give a value if you want to pass optional geolocation measurement. It can be later use to compare it against the mobile's measurement (if you have set fail_on_geo_mismatch). Those measurements can be used also to general improvement of the security. | | [origin] | string | The origin domain of the request being made. If null then the Referer header will be used. |
cyberusKeyAPI.isOutOfService() ⇒ Promise.<boolean>
Kind: instance method of CyberusKeyAPI
Returns: Promise.<boolean> - flag indicating if the authentication server is available.
cyberusKeyAPI.getOTPSound(session) ⇒ Promise.<string>
Kind: instance method of CyberusKeyAPI
Returns: Promise.<string> - string with url to the sound.
Throws:
| Param | Type | Description | | --- | --- | --- | | session | Session | Cyberus Key's session generated by a user for a login. |
cyberusKeyAPI.getAuthenticationEndpointUrl(sessionId, scope, clientId, redirectUri, [state], [nonce], [responseType]) ⇒
Kind: instance method of CyberusKeyAPI
Returns: OpenID's Authentication endpoint URL
Throws:
| Param | Type | Default | Description | | --- | --- | --- | --- | | sessionId | | | unique id created for the specific login and connected to the specific otp | | scope | OpenIdScopeParser | | Each scope returns a set of user attributes, which are called claims. Once the user authorizes the requested scopes, the claims are returned in an ID Token. | | clientId | string | | Public client ID generated during creating the account. | | redirectUri | string | | Redirect URI to which the response will be sent. If the value is not whitelisted then the request will fail. | | [state] | string | | RECOMMENDED. Opaque value used to maintain state between the request and the callback. Typically, CSRF, XSRF mitigation is done by cryptographically binding the value of this parameter with a browser cookie. The state parameter preserves some state object set by the client in the Authentication request and makes it available to the client in the response. It’s that unique and non-guessable value that allows you to prevent the attack by confirming if the value coming from the response matches the one you expect (the one you generated when initiating the request). The state parameter is a string so you can encode any other information in it. | | [nonce] | string | | String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values. | | [responseType] | string | "'code'" | OpenId response type. The default is code (Code Flow, involving the front-channel and backchannel). |
cyberusKeyAPI.navigateAuthentication(clientId, redirectUri, scope, navigator, session, [origin], [state], [nonce], [responseType]) ⇒ Promise.<void>
Kind: instance method of CyberusKeyAPI
| Param | Type | Default | Description | | --- | --- | --- | --- | | clientId | string | | Public client ID generated during creating the account. | | redirectUri | string | | Redirect URI to which the response will be sent. If the value is not whitelisted then the request will fail. | | scope | OpenIdScopeParser | | Each scope returns a set of user attributes, which are called claims. Once the user authorizes the requested scopes, the claims are returned in an ID Token. | | navigator | Navigator | | Class describes an action that will be done to Authentication URL. For browsers it will be a page redirection. | | session | | | Session id | | [origin] | string | | The origin domain of the request being made. If null then the Referer header will be used. | | [state] | string | | RECOMMENDED. Opaque value used to maintain state between the request and the callback. Typically, CSRF, XSRF mitigation is done by cryptographically binding the value of this parameter with a browser cookie. The state parameter preserves some state object set by the client in the Authentication request and makes it available to the client in the response. It’s that unique and non-guessable value that allows you to prevent the attack by confirming if the value coming from the response matches the one you expect (the one you generated when initiating the request). The state parameter is a string so you can encode any other information in it. | | [nonce] | string | | String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values. | | [responseType] | string | "'code'" | OpenId response type. The default is code (Code Flow, involving the front-channel and backchannel). |
CyberusKeyAPI.CyberusKeyAPI
Kind: static class of CyberusKeyAPI
new CyberusKeyAPI(hostUrl, [geoProvider], [delayMs])
| Param | Type | Default | Description | | --- | --- | --- | --- | | hostUrl | string | | Base URL of the host server, e.g. https://api.cyberuskey.com | | [geoProvider] | GeoProvider | | Geolocalization provider. Use specific implementation like HTML5GeoProvider. | | [delayMs] | number | 600 | Delay (ms) between making an Authentication request and a sound playing. |
LoginOptions
Kind: global class
- LoginOptions
- new LoginOptions()
- .responseType : string
- .display : string
- .prompt : string
- .theme : string
new LoginOptions()
LoginOptions.responseType : string
Kind: static property of LoginOptions
| Param | Type | Default | Description | | --- | --- | --- | --- | | [responseType] | string | "'code'" | OpenId response type. The default is code (Code Flow, involving the front-channel and backchannel). |
LoginOptions.display : string
Kind: static property of LoginOptions
| Param | Type | Description | | --- | --- | --- | | display | string | It specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User. Default and the only supported value is page. |
LoginOptions.prompt : string
Kind: static property of LoginOptions
| Param | Type | Description | | --- | --- | --- | | prompt | string | Space delimited, case sensitive list of string values that specifies whether the Authorization Server prompts the End-User for reauthentication and consent. The defined values are: login, none. Default is login,none. Can't be changed for now. |
LoginOptions.theme : string
Kind: static property of LoginOptions
OpenIdScopeParser
Kind: global class
- OpenIdScopeParser
- new OpenIdScopeParser()
- .addEmail() ⇒ this
- .addProfile() ⇒ this
- .getValue() ⇒ string
new OpenIdScopeParser()
openIdScopeParser.addEmail() ⇒ this
Kind: instance method of OpenIdScopeParser
openIdScopeParser.addProfile() ⇒ this
Kind: instance method of OpenIdScopeParser
openIdScopeParser.getValue() ⇒ string
Kind: instance method of OpenIdScopeParser
Session
Kind: global class
new Session()
Session.Session : Date
Kind: static class of Session
new Session()
Geolocation
Kind: global class
- Geolocation
- new Geolocation()
- .latitude : number
- .longitude : number
- .accuracy : number
new Geolocation()
geolocation.latitude : number
Kind: instance property of Geolocation
Read only: true
geolocation.longitude : number
Kind: instance property of Geolocation
Read only: true
geolocation.accuracy : number
Kind: instance property of Geolocation
Read only: true
HTML5GeoProvider
Kind: global class
Implements: GeoProvider
new HTML5GeoProvider()
htmL5GeoProvider.getGeo() ⇒ Promise.<Geolocation>
Kind: instance method of HTML5GeoProvider
Returns: Promise.<Geolocation> - Geolocalization measurement.
HTML5GeoProvider.HTML5GeoProvider
Kind: static class of HTML5GeoProvider
new HTML5GeoProvider([enableHighAccuracy], [navigator], numOfTriesBeforeGpsActivates, onPermissionDialog)
| Param | Type | Default | Description | | --- | --- | --- | --- | | [enableHighAccuracy] | boolean | false | Forces high accuracy of the geolocation. It may take longer. | | [navigator] | Navigator | window.navigator | | | numOfTriesBeforeGpsActivates | | | The GPS localization will be used only after n unsuccessful tries. By unsuccessful try we define the number of times the authentication resulted in session not found error. | | onPermissionDialog | | | Leave an implementation of the additional information dialog to appear before site asks for localization permission for the caller to handle. It takes a function with default message as parameter |
RedirectNavigator
Kind: global class
Implements: Navigator
- RedirectNavigator
- new RedirectNavigator()
- .navigate(url) ⇒ Promise.<void>
new RedirectNavigator()
redirectNavigator.navigate(url) ⇒ Promise.<void>
Kind: instance method of RedirectNavigator
Throws:
| Param | Type | Description | | --- | --- | --- | | url | string | Authentication Endpoint URL. |
Links
CyberusKey JavaScript widget: https://github.com/CyberusLabs/cyberuskey-widget/
License
MIT © Cyberus Labs sp. z o.o.