UNPKG

@linkedmink/passport-mutual-key-challenge

Version:

Implements a Passport strategy to authenticate the public key of a user by issuing a dynamic generated challenge

LinkedMink/passport-mutual-key-challenge

58 lines (54 loc) 1.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
/** * A challenge message that has been signed */ export interface SignedMessage { /** * The challenge nonce message in either the encrypted or unencrypted form depending * on stage and recipient party. */ message: Buffer; /** * A signature of SignedMessage.message in the unecrypted form */ signature: Buffer; } /** * When an incoming request comes in, the client's challenge is parsed into this initial form\ * to be processed */ export interface ClientChallenge { /** * A key that can uniquely identify the user */ userId: string; /** * A signed challenge sent by the client to open a authentication request */ clientRequested: SignedMessage; /** * The DateTime the request occurred */ requestDateTime: Date; } /** * When an incoming request comes in, the client's response is parsed into this initial form * to be processed */ export interface ClientResponse { /** * A key that can uniquely identify the user */ userId: string; /** * A signed message sent by the client with the decrypted challenge nonce issued by tbe server */ clientResponsed: SignedMessage; } /** * If a user is found in the client challenge stage, the callback in passport.authenticate will * have this as the third parameter. The raw bytes can then be converted to the transfer encoding. */ export interface ServerChallenge { clientRequested: SignedMessage; serverRequested: SignedMessage; }