npm
Sign UpSign In

cyberuskey-sdk
TypeScript icon, indicating that this package has built-in type declarations

0.0.23 • Public • Published

Cyberus Key logo

What is Cyberus Key?

Your users will never need to remember or input a password again with Cyberus Key, our one-touch universal, user authentication system.

Now you can guarantee your customers the highest level of protection against phishing attacks, identity and data theft,and more. By removing the risk of stolen passwords or credentials, you can eliminate one of the biggest cyber security threats.

Cyberus Key SDK

Cyberus Key SDK is a tiny library that provides a full support for Cyberys Key's password-less authentication which implements the OpenID Connect protocol.

How to install

With NPM:

npm install cyberuskey-sdk

With Yarn:

yarn add cyberuskey-sdk

You can also get a minified file from JSDelivr's CDN:

<script src="https://cdn.jsdelivr.net/npm/cyberuskey-sdk@0.0.4/dist/sdk.es6.min.js" type="text/javascript"></script>

<script type="text/javascript">
  console.log(window['cyberuskey-sdk']);
</script>

Documentation

Classes

CyberusKeyAPI
LoginOptions
OpenIdScopeParser
Session
Geolocation
HTML5GeoProvider
RedirectNavigator

CyberusKeyAPI

Kind: global class

new CyberusKeyAPI()

Cyberus Key API which allows you to do a delegate login with OpenId protocol.

cyberusKeyAPI.createSession(clientId, [geo], [origin]) ⇒ Promise.<string>

Creates the Cyberus Key session.

Kind: instance method of CyberusKeyAPI
Returns: Promise.<string> -

The Cyberus Key session id.


Throws:

  • WrongJsonError, OpenApiError, ResourceNotFoundError, OTPGenerationError, UnknownError

Param Type Description
clientId string

Public client ID generated during creating the account.
[geo] Geolocation

Give a value if you want to pass optional geolocation measurement. It can be later use to compare it against the mobile's measurement (if you have set fail_on_geo_mismatch). Those measurements can be used also to general improvement of the security.
[origin] string

The origin domain of the request being made. If null then the Referer header will be used.

cyberusKeyAPI.isOutOfService() ⇒ Promise.<boolean>

Checks if authentication server is available

Kind: instance method of CyberusKeyAPI
Returns: Promise.<boolean> -

flag indicating if the authentication server is available.


cyberusKeyAPI.getOTPSound(session) ⇒ Promise.<string>

Gets a URL with sound with embedded OTP. You have to emit it.

Kind: instance method of CyberusKeyAPI
Returns: Promise.<string> -

string with url to the sound.


Throws:

  • ResourceNotFoundError

Param Type Description
session Session

Cyberus Key's session generated by a user for a login.

cyberusKeyAPI.getAuthenticationEndpointUrl(sessionId, scope, clientId, redirectUri, [state], [nonce], [responseType]) ⇒

Gets OpenID's Authentication endpoint URL which will be used to process the authentication.

Kind: instance method of CyberusKeyAPI
Returns:

OpenID's Authentication endpoint URL


Throws:

  • InvalidRedirectUriError, InvalidClientError, ResourceNotFoundError

Param Type Default Description
sessionId

unique id created for the specific login and connected to the specific otp
scope OpenIdScopeParser

Each scope returns a set of user attributes, which are called claims. Once the user authorizes the requested scopes, the claims are returned in an ID Token.
clientId string

Public client ID generated during creating the account.
redirectUri string

Redirect URI to which the response will be sent. If the value is not whitelisted then the request will fail.
[state] string

RECOMMENDED. Opaque value used to maintain state between the request and the callback. Typically, CSRF, XSRF mitigation is done by cryptographically binding the value of this parameter with a browser cookie. The state parameter preserves some state object set by the client in the Authentication request and makes it available to the client in the response. It’s that unique and non-guessable value that allows you to prevent the attack by confirming if the value coming from the response matches the one you expect (the one you generated when initiating the request). The state parameter is a string so you can encode any other information in it.
[nonce] string

String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values.
[responseType] string "'code'"

OpenId response type. The default is code (Code Flow, involving the front-channel and backchannel).

cyberusKeyAPI.navigateAuthentication(clientId, redirectUri, scope, navigator, session, [origin], [state], [nonce], [responseType]) ⇒ Promise.<void>

Navigates to Authentication Endpoint

Kind: instance method of CyberusKeyAPI

Param Type Default Description
clientId string

Public client ID generated during creating the account.
redirectUri string

Redirect URI to which the response will be sent. If the value is not whitelisted then the request will fail.
scope OpenIdScopeParser

Each scope returns a set of user attributes, which are called claims. Once the user authorizes the requested scopes, the claims are returned in an ID Token.
navigator Navigator

Class describes an action that will be done to Authentication URL. For browsers it will be a page redirection.
session

Session id
[origin] string

The origin domain of the request being made. If null then the Referer header will be used.
[state] string

RECOMMENDED. Opaque value used to maintain state between the request and the callback. Typically, CSRF, XSRF mitigation is done by cryptographically binding the value of this parameter with a browser cookie. The state parameter preserves some state object set by the client in the Authentication request and makes it available to the client in the response. It’s that unique and non-guessable value that allows you to prevent the attack by confirming if the value coming from the response matches the one you expect (the one you generated when initiating the request). The state parameter is a string so you can encode any other information in it.
[nonce] string

String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values.
[responseType] string "'code'"

OpenId response type. The default is code (Code Flow, involving the front-channel and backchannel).

CyberusKeyAPI.CyberusKeyAPI

Kind: static class of CyberusKeyAPI

new CyberusKeyAPI(hostUrl, [geoProvider], [delayMs])

Creates an instance of CyberusKeyAPI.

Param Type Default Description
hostUrl string

Base URL of the host server, e.g. https://api.cyberuskey.com
[geoProvider] GeoProvider

Geolocalization provider. Use specific implementation like HTML5GeoProvider.
[delayMs] number 600

Delay (ms) between making an Authentication request and a sound playing.

LoginOptions

Kind: global class

new LoginOptions()

Login options.

LoginOptions.responseType : string

Kind: static property of LoginOptions

Param Type Default Description
[responseType] string "'code'"

OpenId response type. The default is code (Code Flow, involving the front-channel and backchannel).

LoginOptions.display : string

Kind: static property of LoginOptions

Param Type Description
display string

It specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User. Default and the only supported value is page.

LoginOptions.prompt : string

Kind: static property of LoginOptions

Param Type Description
prompt string

Space delimited, case sensitive list of string values that specifies whether the Authorization Server prompts the End-User for reauthentication and consent. The defined values are: login, none. Default is login,none. Can't be changed for now.

LoginOptions.theme : string

Theme of the login page of Cyberus Key Dashboard. Default is default.

Kind: static property of LoginOptions

OpenIdScopeParser

Kind: global class

new OpenIdScopeParser()

Handy class to define an OpenID's scope. Scopes are used by an application during authentication to authorize access to a user's details, like name and picture. Each scope returns a set of user attributes, which are called claims.

You can use additional values email (add a user's email claim) and profile (add user first and last name).

const scopeParser = new OpenIdScopeParser();
const scope = scopeParser.addEmail().addProfile().getValue();

openIdScopeParser.addEmail() ⇒ this

Adds email scope.

Kind: instance method of OpenIdScopeParser

openIdScopeParser.addProfile() ⇒ this

Adds profile scope.

Kind: instance method of OpenIdScopeParser

openIdScopeParser.getValue() ⇒ string

Gets formatted scope value, e.g. openid email.

Kind: instance method of OpenIdScopeParser

Session

Kind: global class

new Session()

Data class representing a Cyberus Key session.

Session.Session : Date

Kind: static class of Session

new Session()

A UTC date representing a date (and time) when a session has been created.

Geolocation

Kind: global class

new Geolocation()

An abstraction for a taken geolocation measurement.

geolocation.latitude : number

Get a latitude.

Kind: instance property of Geolocation
Read only: true

geolocation.longitude : number

Gets a longitude.

Kind: instance property of Geolocation
Read only: true

geolocation.accuracy : number

Gets an accuracy of a measurement.

Kind: instance property of Geolocation
Read only: true

HTML5GeoProvider

Kind: global class
Implements: GeoProvider

new HTML5GeoProvider()

Class provides a geolocalization measurement. It uses a HTML5's Geolocation.getCurrentPosition() method.

htmL5GeoProvider.getGeo() ⇒ Promise.<Geolocation>

Gets a geolocalization measurement.

Kind: instance method of HTML5GeoProvider
Returns: Promise.<Geolocation> -

Geolocalization measurement.


HTML5GeoProvider.HTML5GeoProvider

Kind: static class of HTML5GeoProvider

new HTML5GeoProvider([enableHighAccuracy], [navigator], numOfTriesBeforeGpsActivates, onPermissionDialog)

Creates an instance of HTML5GeoProvider.

Param Type Default Description
[enableHighAccuracy] boolean false

Forces high accuracy of the geolocation. It may take longer.
[navigator] Navigator window.navigator
numOfTriesBeforeGpsActivates

The GPS localization will be used only after n unsuccessful tries. By unsuccessful try we define the number of times the authentication resulted in session not found error.
onPermissionDialog

Leave an implementation of the additional information dialog to appear before site asks for localization permission for the caller to handle. It takes a function with default message as parameter

RedirectNavigator

Kind: global class
Implements: Navigator

new RedirectNavigator()

Class describes how OpenID's Authentication Endpoint will be handled. This class is thighten to a default browser behaviour for OpenID protocol - a redirection. Which means that your URL will be temporarily replaced by the Authentication Endpoint and replaced again by its response - HTTP 302. The new location will be the one you defined as your redirect_uri.

redirectNavigator.navigate(url) ⇒ Promise.<void>

Navigates to the given URL.

Kind: instance method of RedirectNavigator
Throws:

  • MissingRedirectUri

Param Type Description
url string

Authentication Endpoint URL.

Links

CyberusKey JavaScript widget: https://github.com/CyberusLabs/cyberuskey-widget/

License

MIT © Cyberus Labs sp. z o.o.

Readme

Keywords

Package Sidebar

Install

npm i cyberuskey-sdk

Repository

github.com/CyberusLabs/cyberuskey-sdk

Homepage

github.com/CyberusLabs/cyberuskey-sdk#readme

Weekly Downloads

1

Version

0.0.23

License

MIT

Unpacked Size

311 kB

Total Files

56

Last publish

Collaborators

  • cyberuslabs-company
Try on RunKit
Report malware