UNPKG

@nevis-security/nevis-mobile-authentication-sdk-react

Version:

React Native plugin for Nevis Mobile Authentication SDK. Supports only mobile.

www.nevis.net

121 lines (109 loc) 4.71 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
/** * Copyright © 2023 Nevis Security AG. All rights reserved. */ import { Account } from '../../localData/Account'; import { Authenticator } from '../../localData/Authenticator'; import NevisMobileAuthenticationSdkReact from '../../MobileAuthenticationSdk'; import { IsPolicyCompliantMessage } from '../../model/messages/out/IsPolicyCompliantMessage'; /** * The service returning the information required to choose the authenticator to be used. * * It returns all the available authenticators, the operation being executed and also informs * whether a given authenticator is compliant with the policy required by the FIDO UAF server for * the ongoing operation. * * @see {@link AuthenticatorSelector.selectAuthenticator} */ export abstract class AuthenticatorSelectionContext { /** * The account used to execute the operation. */ abstract account: Account; /** * The available authenticators. Note that this may also include authenticators that cannot be * used to complete the operation. * * All the available authenticators are returned so that the users of the SDK can figure out * not only whether an authenticator can be used for the operation, but also why. * * For example, a developer would like to give a visual hint explaining why the Fingerprint * authenticator cannot be used during registration if it is not enrolled: by using * {@link Authenticator.userEnrollment} this situation can be identified during registration * and then some message can be displayed to the user informing that a fingerprint must be * defined in the OS settings to be able to register the fingerprint authenticator. * In the case where a user registers two authenticators, but the server's policy only allows to * use PIN in a given authentication operation, @{link isPolicyCompliant} can be used to identify this * situation and to inform the user why the fingerprint authenticator is not available. */ abstract authenticators: Array<Authenticator>; /** * The transaction confirmation data, if any, to be presented to the user for verification. * * If this data is present, data must be presented to the user before authenticating. * Note that in the case of registration or authentication not involving transaction * confirmation, this is typically empty and thus, it does not require handling. * The contents are the base64 URL decoded contents of the Transaction as described in the * FIDO UAF specification. */ abstract transactionConfirmationData?: string; /** * Returns whether the provided authenticator is compliant with the policy of the server. * * If an authenticator that is not policy compliant is provided through * {@link AuthenticatorSelectionHandler.aaid} for registration or authentication operations, * {@link FidoErrorCodeType.NoSuitableAuthenticator} will be returned as a result of the operation. * * @param aaid the AAID of the {@link Authenticator}. * @returns true if the authenticator is compliant with the policy, and false otherwise. */ abstract isPolicyCompliant(aaid: string): Promise<boolean>; /** * Alternate constructor that creates an instance from a json. * * @param json contains the source for instance creation. * @returns the created instance. */ static fromJson(json: any): AuthenticatorSelectionContext { return AuthenticatorSelectionContextImpl.fromJson(json); } } export class AuthenticatorSelectionContextImpl extends AuthenticatorSelectionContext { operationId: string; account: Account; authenticators: Array<Authenticator>; transactionConfirmationData?: string; private constructor( operationId: string, account: Account, authenticators: Array<Authenticator>, transactionConfirmationData?: string ) { super(); this.operationId = operationId; this.account = account; this.authenticators = authenticators; this.transactionConfirmationData = transactionConfirmationData; } static fromJson(json: any) { const operationId = json.operationId; const account = Account.fromJson(json.account); const authenticators: Authenticator[] = json.authenticators.map((element: any) => Authenticator.fromJson(element) ); const transactionConfirmationData = json.transactionConfirmationData; return new AuthenticatorSelectionContextImpl( operationId, account, authenticators, transactionConfirmationData ); } async isPolicyCompliant(aaid: string): Promise<boolean> { const message = new IsPolicyCompliantMessage(this.operationId, aaid); return await NevisMobileAuthenticationSdkReact.isPolicyCompliant(message).then( (result: { isPolicyCompliant: any }) => { return result.isPolicyCompliant; } ); } }