UNPKG

@nevis-security/nevis-mobile-authentication-sdk-react

Version:

React Native plugin for Nevis Mobile Authentication SDK. Supports only mobile.

www.nevis.net

230 lines (204 loc) 8.71 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
/** * Copyright © 2023-2024 Nevis Security AG. All rights reserved. */ import { HttpOperationMessage } from './HttpOperationMessage'; import { PinPolicyMessage } from './PinPolicyMessage'; import { UserInteractionOperationMessage } from './UserInteractionOperationMessage'; import { AuthorizationProvider } from '../../../authorization/AuthorizationProvider'; import { type DeviceInformation } from '../../../localData/DeviceInformation'; import { TypedAuthorizationProvider } from '../../../model/typed/TypedAuthorizationProvider'; import { PinPolicy } from '../../../operations/pin/PinPolicy'; import type { RequestHeaders } from '../../../operations/RequestHeaders'; /** * Holds the parameters of the registration operation call. */ export class RegistrationMessage implements UserInteractionOperationMessage, HttpOperationMessage { /** * The identifier of the operation. */ operationId: string; /** * Flag that tells whether the account selector is provided. */ accountSelectorProvided: boolean; /** * Flag that tells whether the authenticator selector is provided. */ authenticatorSelectorProvided: boolean; /** * Flag that tells whether the PIN enroller is provided. */ pinEnrollerProvided: boolean; /** * Flag that tells whether the password enroller is provided. */ passwordEnrollerProvided: boolean; /** * Flag that tells whether the PIN user verifier is provided. */ pinUserVerifierProvided: boolean; /** * Flag that tells whether the password user verifier is provided. */ passwordUserVerifierProvided: boolean; /** * Flag that tells whether the biometric user verifier is provided. */ biometricUserVerifierProvided: boolean; /** * Flag that tells whether the device passcode user verifier is provided. */ devicePasscodeUserVerifierProvided: boolean; /** * Flag that tells whether the fingerprint user verifier is provided. */ fingerprintUserVerifierProvided: boolean; /** * Flag that tells whether the success callback is provided. */ onSuccessProvided: boolean; /** * Flag that tells whether the error callback is provided. */ onErrorProvided: boolean; /** * Specifies the additional request headers that must be included in the HTTP requests sent by * the operation. */ requestHeaders?: RequestHeaders; /** * The username that must be used to register. */ username?: string; /** * The base URL of the server where the registration should be made. */ serverUrl?: string; /** * The device information to be used. */ deviceInformation?: DeviceInformation; /** * The object providing the authorization. */ authorizationProvider?: TypedAuthorizationProvider; /** * The PIN policy to be used. */ pinPolicyMessage?: PinPolicyMessage; /** * Specifies whether [Class 2 (formerly weak)](https://source.android.com/docs/security/features/biometric/measure#biometric-classes) * biometric sensors are allowed if the biometric authenticator is selected. * * **IMPORTANT:** \ * This property is Android specific and will be ignored by iOS native plugin. * * By default, the SDK will only allow to use Class 3 (formerly strong) sensors. * Using Class 2 sensors is less secure and discouraged. When a Class 2 sensor is used, the FIDO * UAF keys are not protected by the operating system by requiring user authentication. * * If the SDK detects that only Class 3 (strong) biometric sensors are available in the mobile * device, even if Class 2 sensors are allowed, the FIDO UAF credentials will be protected by * the operating system by requiring user authentication. * * However, in some cases it may be acceptable for the sake of end-user convenience. Allowing * Class 2 sensors will enable for instance the use of face recognition in some Samsung devices. */ allowClass2AndroidSensors?: boolean; /** * Specifies whether the OS device passcode can be used as fallback during biometric * authentication. If not specified, the device passcode cannot be used as fallback. */ allowDevicePasscodeAsFallback?: boolean; /** * Specifies whether the authenticator must be invalidated if the user adds new biometric * credentials in the OS settings. If not specified, the authenticator will not be invalidated * when the user adds a new biometric credential in the OS settings. */ invalidateOnNewOsBiometrics?: boolean; /** * Creates a new instance. * * @param operationId the identifier of the operation. * @param accountSelectorProvided flag that tells whether the account selector is provided. * @param authenticatorSelectorProvided flag that tells whether the authenticator selector is provided. * @param pinEnrollerProvided flag that tells whether the PIN enroller is provided. * @param passwordEnrollerProvided flag that tells whether the password enroller is provided. * @param pinUserVerifierProvided flag that tells whether the PIN user verifier is provided. * @param passwordUserVerifierProvided flag that tells whether the password user verifier is provided. * @param biometricUserVerifierProvided flag that tells whether the biometric user verifier is * provided. * @param devicePasscodeUserVerifierProvided flag that tells whether the device passcode user * verifier is provided. * @param fingerprintUserVerifierProvided flag that tells whether the fingerprint user verifier * is provided. * @param onSuccessProvided flag that tells whether the success callback is provided. * @param onErrorProvided flag that tells whether the error callback is provided. * @param requestHeaders specifies the additional request headers that must be included in the * HTTP requests sent by the operation. * @param username the username that must be used to register. * @param serverUrl the base URL of the server where the registration should be made. * @param deviceInformation the device information to be used. * @param authorizationProvider the object providing the authorization. * @param pinPolicy the PIN policy to be used. * @param allowClass2AndroidSensors specifies whether [Class 2 (formerly weak)](https://source.android.com/docs/security/features/biometric/measure#biometric-classes) * biometric sensors are allowed if the biometric authenticator is selected. * @param allowDevicePasscodeAsFallback specifies whether the OS device passcode can be used as * fallback during biometric authentication. * @param invalidateOnNewOsBiometrics specifies whether the authenticator must be invalidated if * the user adds new biometric credentials in the OS settings. */ constructor( operationId: string, accountSelectorProvided: boolean, authenticatorSelectorProvided: boolean, pinEnrollerProvided: boolean, passwordEnrollerProvided: boolean, pinUserVerifierProvided: boolean, passwordUserVerifierProvided: boolean, biometricUserVerifierProvided: boolean, devicePasscodeUserVerifierProvided: boolean, fingerprintUserVerifierProvided: boolean, onSuccessProvided: boolean, onErrorProvided: boolean, requestHeaders?: RequestHeaders, username?: string, serverUrl?: string, deviceInformation?: DeviceInformation, authorizationProvider?: AuthorizationProvider, pinPolicy?: PinPolicy, allowClass2AndroidSensors?: boolean, allowDevicePasscodeAsFallback?: boolean, invalidateOnNewOsBiometrics?: boolean ) { this.operationId = operationId; this.accountSelectorProvided = accountSelectorProvided; this.authenticatorSelectorProvided = authenticatorSelectorProvided; this.pinEnrollerProvided = pinEnrollerProvided; this.passwordEnrollerProvided = passwordEnrollerProvided; this.pinUserVerifierProvided = pinUserVerifierProvided; this.passwordUserVerifierProvided = passwordUserVerifierProvided; this.biometricUserVerifierProvided = biometricUserVerifierProvided; this.devicePasscodeUserVerifierProvided = devicePasscodeUserVerifierProvided; this.fingerprintUserVerifierProvided = fingerprintUserVerifierProvided; this.onSuccessProvided = onSuccessProvided; this.onErrorProvided = onErrorProvided; this.requestHeaders = requestHeaders; this.username = username; this.serverUrl = serverUrl; this.deviceInformation = deviceInformation; this.allowClass2AndroidSensors = allowClass2AndroidSensors; this.allowDevicePasscodeAsFallback = allowDevicePasscodeAsFallback; this.invalidateOnNewOsBiometrics = invalidateOnNewOsBiometrics; if (authorizationProvider) { this.authorizationProvider = TypedAuthorizationProvider.create(authorizationProvider); } if (pinPolicy) { this.pinPolicyMessage = new PinPolicyMessage( operationId, pinPolicy.minLength, pinPolicy.maxLength ); } } }