tozny-auth - npm Package Compare versions

Comparing version 1.2.0 to 1.3.0

lib/realm.js

@@ -224,2 +224,43 @@ 'use strict';
     /**
+     * Send an email or SMS-based one time password challenge to a specific destination.
+     *
+     * @param {string} [type]        One of "sms-otp-6," "sms-otp-8", or "email"
+     * @param {string} [context]     One of “enroll,” “authenticate,” or “verify”.
+     * @param {string} [destination] The phone number or email address to use.
+     * @param {string} [presence]    If defined, re-use a previously used format and destination.
+     * @param {string} [data]        Serialized JSON object containing data to be added to the signed response.
+     * @returns {Promise.<Object>}
+     */
+
+  }, {
+    key: 'otpChallenge',
+    value: function otpChallenge(type, context, destination, presence, data) {
+      var params = typeof presence !== 'undefined' ? { presence: presence, data: data, context: context } : { type: type, destination: destination, data: data, context: context };
+      return this.rawCall('realm.otp_challenge', params);
+    }
+
+    /**
+     * Send an email or SMS-based magic link challenge to a specific destination.
+     *
+     * @param {string}  destination The phone number or email address to use.
+     * @param {string}  endpoint    Base URL from which Tozny should generate the magic link.
+     * @param {number}  [lifespan]  Number of seconds for which the link will be valid. Default is 300 (5 minutes).
+     * @param {string}  [context]   One of “enroll,” “authenticate,” or “verify”.
+     * @param {boolean} [sendNow]   Flag whether to send the message (true) or return the magic link (false).
+     * @param {string}  [data]      Serialized JSON object containing data to be added to the signed response.
+     * @returns {Promise.<Object>}
+     */
+
+  }, {
+    key: 'linkChallenge',
+    value: function linkChallenge(destination, endpoint, lifespan, context, sendNow, data) {
+
+      // Convert the Boolean value to a yes/no literal
+      var send = typeof sendNow === 'undefined' || !!sendNow ? 'yes' : 'no';
+
+      var params = { destination: destination, endpoint: endpoint, lifespan: lifespan, context: context, send: send, data: data };
+      return this.rawCall('realm.link_challenge', params);
+    }
+
+    /**
      * Does the given user exist in this realm?
@@ -226,0 +267,0 @@ *

lib/user.js

@@ -87,3 +87,4 @@ 'use strict';
       var req = {
-        method: method
+        method: method,
+        realm_key_id: this.realmKeyId
       };
@@ -110,6 +111,99 @@ if (params) {
     value: function loginChallenge() {
-      return this.rawCall('user.login_challenge', { realm_key_id: this.realmKeyId });
+      return this.rawCall('user.login_challenge', {});
     }
 
     /**
+     * Produces an email or SMS-based one time challenge.
+     *
+     * @param {string} [type]        One of "sms-otp-6," "sms-otp-8", or "email"
+     * @param {string} [context]     One of “enroll,” “authenticate,” or “verify”.
+     * @param {string} [destination] The phone number or email address to use.
+     * @param {string} [presence]    If defined, re-use a previously used format and destination.
+     * @returns {Promise.<Object>}
+     */
+
+  }, {
+    key: 'otpChallenge',
+    value: function otpChallenge(type, context, destination, presence) {
+      var params = typeof presence !== 'undefined' ? { presence: presence, context: context } : { type: type, destination: destination, context: context };
+      return this.rawCall('user.otp_challenge', params);
+    }
+
+    /**
+     * Validate a 6 or 8-digit OTP against a user session.
+     *
+     * @param {string} otp        OTP to validate
+     * @param {string} session_id ID of the session through which the OTP was created
+     * @returns {Promise.<Object>}
+     */
+
+  }, {
+    key: 'otpResult',
+    value: function otpResult(otp, session_id) {
+      var params = { otp: otp, session_id: session_id };
+      return this.rawCall('user.otp_result', params);
+    }
+
+    /**
+     * Send an email or SMS-based magic link challenge to a specific destination.
+     *
+     * @param {string}  destination The phone number or email address to use.
+     * @param {string}  endpoint    Base URL from which Tozny should generate the magic link.
+     * @param {string}  [context]   One of “enroll,” “authenticate,” or “verify”.
+     * @returns {Promise.<Object>}
+     */
+
+  }, {
+    key: 'linkChallenge',
+    value: function linkChallenge(destination, endpoint, context) {
+      var params = { destination: destination, endpoint: endpoint, context: context };
+      return this.rawCall('user.link_challenge', params);
+    }
+
+    /**
+     * Validate an OTP embedded in a magic link.
+     *
+     * @param {string} otp OTP to validate
+     * @returns {Promise.<Object>}
+     */
+
+  }, {
+    key: 'linkResult',
+    value: function linkResult(otp) {
+      var params = { otp: otp };
+      return this.rawCall('user.link_result', params);
+    }
+
+    /**
+     * Exchange a signed OTP payload for an enrollment challenge.
+     *
+     * @param {string} signed_data Original OTP payload session
+     * @param {string} signature   Realm-signed signature of the payload
+     * @returns {Promise.<T>}
+     */
+
+  }, {
+    key: 'enrollmentChallengeExchange',
+    value: function enrollmentChallengeExchange(signed_data, signature) {
+      var params = { signed_data: signed_data, signature: signature };
+      return this.rawCall('user.challenge_exchange', params);
+    }
+
+    /**
+     * Exchange a signed OTP payload for an authentication session.
+     *
+     * @param {string} signed_data  Original OTP payload session
+     * @param {string} signature    Realm-signed signature of the payload
+     * @param {string} [session_id] If provided, this authentication session will be completed
+     * @returns {Promise.<T>}
+     */
+
+  }, {
+    key: 'authenticationChallengeExchange',
+    value: function authenticationChallengeExchange(signed_data, signature, session_id) {
+      var params = { signed_data: signed_data, signature: signature, session_id: session_id };
+      return this.rawCall('user.challenge_exchange', params);
+    }
+
+    /**
      * Fetches realm metadata
@@ -123,3 +217,3 @@ *
     value: function realmGet() {
-      return this.rawCall('user.realm_get', { realm_key_id: this.realmKeyId });
+      return this.rawCall('user.realm_get', {});
     }
@@ -126,0 +220,0 @@ }]);

package.json

 {
   "name": "tozny-auth",
   "description": "API interface for the Tozny authentication service, with Passport strategy for easy integration in Express apps",
-  "version": "1.2.0",
-  "author": "Jesse Hallett <jesse@galois.com>",
+  "version": "1.3.0",
+  "author": "Tozny <info@tozny.com>",
   "homepage": "https://github.com/tozny/sdk-node",
   "contributors": [
+    "Eric Mann <eric@tozny.com",
     "Jesse Hallett <jesse@galois.com>"
@@ -32,7 +33,7 @@ ],
     "babel-runtime": "^6.6.1",
-    "bluebird": "~3.0.0",
+    "bluebird": "~3.4.6",
     "formidable": "^1.0.0",
     "object-assign": "^4.1.0",
     "passport-strategy": "^1.0.0",
-    "superagent": "^1.8.3",
+    "superagent": "^2.2.0",
     "superagent-promise-plugin": "^3.2.0"
@@ -46,3 +47,3 @@ },
     "babel-preset-es2015": "^6.6.0",
-    "flow-bin": "^0.24.1",
+    "flow-bin": "^0.31.1",
     "jasmine": "^2.4.1"
@@ -49,0 +50,0 @@ },

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

117098

increased by35.94%

Number of package files

21

increased by5%

Lines of code

841

increased by16.16%

Number of lines in readme file

84

increased by7.69%

Dependency changes

• + Addedbluebird@3.4.7(transitive)

• + Addedcall-bind@1.0.7(transitive)

• + Addedcomponent-emitter@1.3.1(transitive)

• + Addedcookiejar@2.1.4(transitive)

• + Addeddefine-data-property@1.1.4(transitive)

• + Addedes-define-property@1.0.0(transitive)

• + Addedes-errors@1.3.0(transitive)

• + Addedextend@3.0.2(transitive)

• + Addedform-data@1.0.0-rc4(transitive)

• + Addedfunction-bind@1.1.2(transitive)

• + Addedget-intrinsic@1.2.4(transitive)

• + Addedgopd@1.0.1(transitive)

• + Addedhas-property-descriptors@1.0.2(transitive)

• + Addedhas-proto@1.0.3(transitive)

• + Addedhas-symbols@1.0.3(transitive)

• + Addedhasown@2.0.2(transitive)

• + Addedisarray@1.0.0(transitive)

• + Addedmime@1.6.0(transitive)

• + Addedobject-inspect@1.13.1(transitive)

• + Addedprocess-nextick-args@2.0.1(transitive)

• + Addedqs@6.12.1(transitive)

• + Addedreadable-stream@2.3.8(transitive)

• + Addedsafe-buffer@5.1.2(transitive)

• + Addedset-function-length@1.2.2(transitive)

• + Addedside-channel@1.0.6(transitive)

• + Addedstring_decoder@1.1.1(transitive)

• + Addedsuperagent@2.3.0(transitive)

• + Addedutil-deprecate@1.0.2(transitive)

• - Removedbluebird@3.0.6(transitive)

• - Removedcomponent-emitter@1.2.1(transitive)

• - Removedcookiejar@2.0.6(transitive)

• - Removedextend@3.0.0(transitive)

• - Removedform-data@1.0.0-rc3(transitive)

• - Removedformidable@1.0.17(transitive)

• - Removedisarray@0.0.1(transitive)

• - Removedmime@1.3.4(transitive)

• - Removedqs@2.3.3(transitive)

• - Removedreadable-stream@1.0.27-1(transitive)

• - Removedreduce-component@1.0.1(transitive)

• - Removedstring_decoder@0.10.31(transitive)

• - Removedsuperagent@1.8.5(transitive)

• Updatedbluebird@~3.4.6

• Updatedsuperagent@^2.2.0