@jetit/iam

What is this Client?

JETIT/CG is a Coastguard client that removes the trouble a developer has to go through to connect to the Coastguard Servers.

How does this work?

The Coastguard client requires a configuration that demands mandatory parameters.

Sample Snippet.

import { CG_ENVIRONMENT, initializeCGClient } from '@jetit/iam';

// Your code here.
await initializeCGClient({ 
    environment: CG_ENVIRONMENT.PRODUCTION, 
    appId: '', 
    realmId: '', 
    certificate: '', 
    rsaPublicKey:'' 
});
// Your code here.

To get access to the servers, you either have to use the login/signup method.

Login

The client contains the login method which requires two arguments, The email and password. The client will take care of all the Token management handling from the library itself. If client's app is configured for two-factor authentication, The client does not receive the tokens, Then user must use the two-factor authentication otp login.

import { login } from '@jetit/iam';
// Your code here.
await login('Your E-Mail', 'Your super secret password.');
// Your code here.

Note: If your app is configured for two-factor authentication and you have not setup it, your login will be disabled after 45 days.

Signup

It is divided into two sections: initiateSignup/signupWithEmail and completeSignup.

InitiateSignup

The client contains the InitiateSignup method which requires email, password, it returns otp to your email,

import { initiateSignup } from '@jetit/iam';
// Your code here.
await initiateSignup('Your Email', 'Your super secret password');
// Your code here.

signupWithEmail

The client contains the InitiateSignup method which requires email, it returns otp to your email,

import { signupWithEmail } from '@jetit/iam';
// Your code here.
await signupWithEmail('Your Email');
// Your code here.

completeSignup

The client has a completeSignup function that requires the otp that was sent to your email. The second parameter is optional, It will used after signupWithEmail method

import { completeSignup } from '@jetit/iam';
// Your code here.
await completeSignup('otp','password'?);
// Your code here.

Signup with Nonce

The client has a signUpWithNonce method, which requires the nonce, email, and password. The nonce obtained from the authentication web page, which is generated by the authentication backend, must have been associated with IAM.

import { signUpUserWithNonce } from '@jetit/iam';
// Your code here.
await signUpUserWithNonce({
    nonce:'web link Nonce',
    email: 'Your Email',
    password:'Your super secret password',
});
// Your code here.

Remember Me

The client also contains a method that you have to call before Signup or Login to set up if you want the user to be logged in and remember the username and password of the client.

import { rememberMe } from '@jetit/iam';
// Your code here.
rememberMe(true);
await signUp('Your Email', 'Your super secret password', 'Your role', 'Your permission');
// Your code here.

OR

import { rememberMe } from '@jetit/iam';
// Your code here.
rememberMe(true);
await login('Your E-Mail', 'Your super secret password.');
// Your code here.

Two-factor Authentication Email-OTP

This is divided into two sections:

• initiateEmail2FA
• validateEmail2FA

initiateEmail2FA

The client contains the initiateEmail2FA method which that sends an otp to the "current-session" email

import { initiateEmail2FA } from '@jetit/iam';
// Your code here.
await initiateEmail2FA();
// Your code here.

validateEmail2FA

The client contains the validateEmail2FA method that validates the OTP with the current session.

import { validateEmail2FA } from '@jetit/iam';
// Your code here.
await validateEmail2FA('otp');
// Your code here.

Two-factor Authentication App

This is divided into two sections:

• initiateAuthApp
• validateAuthApp2FA

initiateAuthApp2FA

The function initiateAuthApp in the client's code initiates the authenticator app and verifies whether setup has been completed or not.

import { initiateAuthApp2FA } from '@jetit/iam';
// Your code here.
await initiateAuthApp2FA();
// Your code here.

validateAuthApp2FA

The client method, validateEmail2FA, validates the OTP generated by the Authenticator app.

import { validateAuthApp2FA } from '@jetit/iam';
// Your code here.
await validateAuthApp2FA('otp');
// Your code here.

Two-factor Authentication App setup

This is divided into three sections:

• initiate2faSetup
• complete2faSetup
• verifyQr2FA

initiate2faSetup

The client contains the initiate2faSetup method, it returns otp to your email,

import { initiate2faSetup } from '@jetit/iam';
// Your code here.
await initiate2faSetup();
// Your code here.

complete2faSetup

The client's complete2faSetup function requires the OTP sent to your email as input and returns the QR code in base64 format.

import { complete2faSetup } from '@jetit/iam';
// Your code here.
await complete2faSetup('otp');
// Your code here.

verifyQr2FA

Upon finishing the complete2faSetup process, it is necessary to scan and validate the QR code using your authenticator app. Following verification in the verifyQr2FA response, the client will obtain recovery codes and tokens

import { verifyQr2FA } from '@jetit/iam';
// Your code here.
await verifyQr2FA('otp');
// Your code here.

get2FAMethods

The client's get2FAmethods function returns the available 2FA methods that you configured when creating the app.

import { get2FAmethods } from '@jetit/iam';
// Your code here.
await get2FAmethods();
// Your code here.

Logout

The client contains a method to log out existing users with the logout method.

import { logout } from '@jetit/iam';
// Your code here.
await logout();
// Your code here.

Is a user logged in??

The client contains a method for you to check if a user is logged in. This is an asynchronous method that returns a boolean which can be used to check if the user is logged in. (true if a user is logged in, false if no user has logged in.)

import { isLoggedIn } from '@jetit/iam';
// Your code here.
if (await isLoggedIn()) {
    console.log('User has logged in');
    // Do something
} else {
    console.log('User has not logged in');
    // Handle Un authenticated user
}

Login With Google

The client provides a method for additional authentication methods via other Auth Provides such as google. All you have to do is provide the tokenId for the logged in user from Google's Oauth. The CG client will automatically login the user and set all the required properties.

Here is a sample implementation.

import { googleSignIn } from '@jetit/iam';
// Your code here.
await googleSignIn(idToken);
// Your code here.

Login With Github

The client supports other authentication methods through various Auth Providers such as gitHub. It is divided into two sections: initiateGithubSignIn and githubSignIn.

Here is a sample implementation.

initiateGithubSignIn

This method return the redirected Url for github login,

import { initiateGithubSignIn } from '@jetit/iam';
// Your code here.
await initiateGithubSignIn();
// Your code here.

githubSignIn

Provide the code and state from Github's Oauth for the logged in user. The CG client will automatically login/signup the user and configure all of the necessary parameter

import { githubSignIn } from '@jetit/iam';
// Your code here.
await githubSignIn(code,state);
// Your code here.

Login With Microsoft

The client supports other authentication methods through various Auth Providers such as gitHub. All you have to do is provide the idToken from microsoft's Oauth for the logged in user. The CG client will automatically login/signup the user and configure all of the necessary parameters.

Here is a sample implementation.

import { microsoftSignIn } from '@jetit/iam';
// Your code here.
await microsoftSignIn(idToken);
// Your code here.

Change Password

The client provides a method to change password for logged in users. This is an asynchronous method that returns a boolean which can be used to see if the change password executed successfully.

Here is a sample implementation.

import { changePassword } from '@jetit/iam';
// Your code here.
await function changePassword(oldPassword: string, newPassword: string) 
// Your code here.

Forgot Password

The client provides two method to to reset a user's password if the user has forgotten his credentials. These methods has to be executed in the respective order to successfully execute a reset password.

Here is a sample implementation.

import { requestResetPassword } from '@jetit/iam';
// Your code here.
function resetPasswordStart(email: string) {
    const query = JSON.stringify({
        email: email,
        // Additional Details if needed
    });
    const encodedQuery = window.btoa(query);
    const myAppRedirectUrl = `https://www.testapp.com/resetPassword?query=${query}&nonce=`;
    await requestResetPassword(email, myAppRedirectUrl);
}
// Your code here.

In Your redirection page.

import { resetPassword } from '@jetit/iam';
// Your code here.
function resetPassword(newPassword: string) {
    const params = new Proxy(new URLSearchParams(window.location.search), {
        get: (searchParams, prop) => searchParams.get(prop),
    });
    const encodedQuery = window.atob(params.query);
    const nonce = params.nonce;
    const query = JSON.parse(encodedQuery);
    await resetPassword(query.email, nonce, newPassword);
}
// Your code here.

Firebase authToken

The client provides methods for obtaining a firebase auth token in order to gain access to the firebase; the methods require user information obtained from local storage.

import { firebaseToken } from '@jetit/iam';
// Your code here.
await firebaseToken() 
// Your code here.

Coastguard client get-methods

The client provides tokens and refreshes tokens when needed just a get function call. get methods are methods that are prefixed by the word get.

// Your code here.
function printAllValues() {
    console.log(getAdditionalData());
    console.log(getErrorDescription());
    console.log(getRefreshToken());
    console.log(getToken());
    console.log(getUserDetails());
    console.log(getRunningEnvironment());
}
// Your code here.