tozny-auth
Advanced tools
Comparing version 1.2.0 to 1.3.0
@@ -224,2 +224,43 @@ 'use strict'; | ||
/** | ||
* Send an email or SMS-based one time password challenge to a specific destination. | ||
* | ||
* @param {string} [type] One of "sms-otp-6," "sms-otp-8", or "email" | ||
* @param {string} [context] One of “enroll,” “authenticate,” or “verify”. | ||
* @param {string} [destination] The phone number or email address to use. | ||
* @param {string} [presence] If defined, re-use a previously used format and destination. | ||
* @param {string} [data] Serialized JSON object containing data to be added to the signed response. | ||
* @returns {Promise.<Object>} | ||
*/ | ||
}, { | ||
key: 'otpChallenge', | ||
value: function otpChallenge(type, context, destination, presence, data) { | ||
var params = typeof presence !== 'undefined' ? { presence: presence, data: data, context: context } : { type: type, destination: destination, data: data, context: context }; | ||
return this.rawCall('realm.otp_challenge', params); | ||
} | ||
/** | ||
* Send an email or SMS-based magic link challenge to a specific destination. | ||
* | ||
* @param {string} destination The phone number or email address to use. | ||
* @param {string} endpoint Base URL from which Tozny should generate the magic link. | ||
* @param {number} [lifespan] Number of seconds for which the link will be valid. Default is 300 (5 minutes). | ||
* @param {string} [context] One of “enroll,” “authenticate,” or “verify”. | ||
* @param {boolean} [sendNow] Flag whether to send the message (true) or return the magic link (false). | ||
* @param {string} [data] Serialized JSON object containing data to be added to the signed response. | ||
* @returns {Promise.<Object>} | ||
*/ | ||
}, { | ||
key: 'linkChallenge', | ||
value: function linkChallenge(destination, endpoint, lifespan, context, sendNow, data) { | ||
// Convert the Boolean value to a yes/no literal | ||
var send = typeof sendNow === 'undefined' || !!sendNow ? 'yes' : 'no'; | ||
var params = { destination: destination, endpoint: endpoint, lifespan: lifespan, context: context, send: send, data: data }; | ||
return this.rawCall('realm.link_challenge', params); | ||
} | ||
/** | ||
* Does the given user exist in this realm? | ||
@@ -226,0 +267,0 @@ * |
100
lib/user.js
@@ -87,3 +87,4 @@ 'use strict'; | ||
var req = { | ||
method: method | ||
method: method, | ||
realm_key_id: this.realmKeyId | ||
}; | ||
@@ -110,6 +111,99 @@ if (params) { | ||
value: function loginChallenge() { | ||
return this.rawCall('user.login_challenge', { realm_key_id: this.realmKeyId }); | ||
return this.rawCall('user.login_challenge', {}); | ||
} | ||
/** | ||
* Produces an email or SMS-based one time challenge. | ||
* | ||
* @param {string} [type] One of "sms-otp-6," "sms-otp-8", or "email" | ||
* @param {string} [context] One of “enroll,” “authenticate,” or “verify”. | ||
* @param {string} [destination] The phone number or email address to use. | ||
* @param {string} [presence] If defined, re-use a previously used format and destination. | ||
* @returns {Promise.<Object>} | ||
*/ | ||
}, { | ||
key: 'otpChallenge', | ||
value: function otpChallenge(type, context, destination, presence) { | ||
var params = typeof presence !== 'undefined' ? { presence: presence, context: context } : { type: type, destination: destination, context: context }; | ||
return this.rawCall('user.otp_challenge', params); | ||
} | ||
/** | ||
* Validate a 6 or 8-digit OTP against a user session. | ||
* | ||
* @param {string} otp OTP to validate | ||
* @param {string} session_id ID of the session through which the OTP was created | ||
* @returns {Promise.<Object>} | ||
*/ | ||
}, { | ||
key: 'otpResult', | ||
value: function otpResult(otp, session_id) { | ||
var params = { otp: otp, session_id: session_id }; | ||
return this.rawCall('user.otp_result', params); | ||
} | ||
/** | ||
* Send an email or SMS-based magic link challenge to a specific destination. | ||
* | ||
* @param {string} destination The phone number or email address to use. | ||
* @param {string} endpoint Base URL from which Tozny should generate the magic link. | ||
* @param {string} [context] One of “enroll,” “authenticate,” or “verify”. | ||
* @returns {Promise.<Object>} | ||
*/ | ||
}, { | ||
key: 'linkChallenge', | ||
value: function linkChallenge(destination, endpoint, context) { | ||
var params = { destination: destination, endpoint: endpoint, context: context }; | ||
return this.rawCall('user.link_challenge', params); | ||
} | ||
/** | ||
* Validate an OTP embedded in a magic link. | ||
* | ||
* @param {string} otp OTP to validate | ||
* @returns {Promise.<Object>} | ||
*/ | ||
}, { | ||
key: 'linkResult', | ||
value: function linkResult(otp) { | ||
var params = { otp: otp }; | ||
return this.rawCall('user.link_result', params); | ||
} | ||
/** | ||
* Exchange a signed OTP payload for an enrollment challenge. | ||
* | ||
* @param {string} signed_data Original OTP payload session | ||
* @param {string} signature Realm-signed signature of the payload | ||
* @returns {Promise.<T>} | ||
*/ | ||
}, { | ||
key: 'enrollmentChallengeExchange', | ||
value: function enrollmentChallengeExchange(signed_data, signature) { | ||
var params = { signed_data: signed_data, signature: signature }; | ||
return this.rawCall('user.challenge_exchange', params); | ||
} | ||
/** | ||
* Exchange a signed OTP payload for an authentication session. | ||
* | ||
* @param {string} signed_data Original OTP payload session | ||
* @param {string} signature Realm-signed signature of the payload | ||
* @param {string} [session_id] If provided, this authentication session will be completed | ||
* @returns {Promise.<T>} | ||
*/ | ||
}, { | ||
key: 'authenticationChallengeExchange', | ||
value: function authenticationChallengeExchange(signed_data, signature, session_id) { | ||
var params = { signed_data: signed_data, signature: signature, session_id: session_id }; | ||
return this.rawCall('user.challenge_exchange', params); | ||
} | ||
/** | ||
* Fetches realm metadata | ||
@@ -123,3 +217,3 @@ * | ||
value: function realmGet() { | ||
return this.rawCall('user.realm_get', { realm_key_id: this.realmKeyId }); | ||
return this.rawCall('user.realm_get', {}); | ||
} | ||
@@ -126,0 +220,0 @@ }]); |
{ | ||
"name": "tozny-auth", | ||
"description": "API interface for the Tozny authentication service, with Passport strategy for easy integration in Express apps", | ||
"version": "1.2.0", | ||
"author": "Jesse Hallett <jesse@galois.com>", | ||
"version": "1.3.0", | ||
"author": "Tozny <info@tozny.com>", | ||
"homepage": "https://github.com/tozny/sdk-node", | ||
"contributors": [ | ||
"Eric Mann <eric@tozny.com", | ||
"Jesse Hallett <jesse@galois.com>" | ||
@@ -32,7 +33,7 @@ ], | ||
"babel-runtime": "^6.6.1", | ||
"bluebird": "~3.0.0", | ||
"bluebird": "~3.4.6", | ||
"formidable": "^1.0.0", | ||
"object-assign": "^4.1.0", | ||
"passport-strategy": "^1.0.0", | ||
"superagent": "^1.8.3", | ||
"superagent": "^2.2.0", | ||
"superagent-promise-plugin": "^3.2.0" | ||
@@ -46,3 +47,3 @@ }, | ||
"babel-preset-es2015": "^6.6.0", | ||
"flow-bin": "^0.24.1", | ||
"flow-bin": "^0.31.1", | ||
"jasmine": "^2.4.1" | ||
@@ -49,0 +50,0 @@ }, |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
117098
21
841
84
+ Addedbluebird@3.4.7(transitive)
+ Addedcall-bind@1.0.7(transitive)
+ Addedcomponent-emitter@1.3.1(transitive)
+ Addedcookiejar@2.1.4(transitive)
+ Addeddefine-data-property@1.1.4(transitive)
+ Addedes-define-property@1.0.0(transitive)
+ Addedes-errors@1.3.0(transitive)
+ Addedextend@3.0.2(transitive)
+ Addedform-data@1.0.0-rc4(transitive)
+ Addedfunction-bind@1.1.2(transitive)
+ Addedget-intrinsic@1.2.4(transitive)
+ Addedgopd@1.0.1(transitive)
+ Addedhas-property-descriptors@1.0.2(transitive)
+ Addedhas-proto@1.0.3(transitive)
+ Addedhas-symbols@1.0.3(transitive)
+ Addedhasown@2.0.2(transitive)
+ Addedisarray@1.0.0(transitive)
+ Addedmime@1.6.0(transitive)
+ Addedobject-inspect@1.13.1(transitive)
+ Addedprocess-nextick-args@2.0.1(transitive)
+ Addedqs@6.12.1(transitive)
+ Addedreadable-stream@2.3.8(transitive)
+ Addedsafe-buffer@5.1.2(transitive)
+ Addedset-function-length@1.2.2(transitive)
+ Addedside-channel@1.0.6(transitive)
+ Addedstring_decoder@1.1.1(transitive)
+ Addedsuperagent@2.3.0(transitive)
+ Addedutil-deprecate@1.0.2(transitive)
- Removedbluebird@3.0.6(transitive)
- Removedcomponent-emitter@1.2.1(transitive)
- Removedcookiejar@2.0.6(transitive)
- Removedextend@3.0.0(transitive)
- Removedform-data@1.0.0-rc3(transitive)
- Removedformidable@1.0.17(transitive)
- Removedisarray@0.0.1(transitive)
- Removedmime@1.3.4(transitive)
- Removedqs@2.3.3(transitive)
- Removedreadable-stream@1.0.27-1(transitive)
- Removedreduce-component@1.0.1(transitive)
- Removedstring_decoder@0.10.31(transitive)
- Removedsuperagent@1.8.5(transitive)
Updatedbluebird@~3.4.6
Updatedsuperagent@^2.2.0