login_radius 10.0.0 → 11.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE +19 -0
- data/LICENSE.txt +21 -21
- data/README.md +58 -58
- data/lib/login_radius/api/account/account_api.rb +581 -581
- data/lib/login_radius/api/account/role_api.rb +330 -330
- data/lib/login_radius/api/account/sott_api.rb +47 -47
- data/lib/login_radius/api/advanced/configuration_api.rb +57 -57
- data/lib/login_radius/api/advanced/consent_management_api.rb +161 -161
- data/lib/login_radius/api/advanced/custom_object_api.rb +316 -316
- data/lib/login_radius/api/advanced/custom_registration_data_api.rb +195 -195
- data/lib/login_radius/api/advanced/multi_factor_authentication_api.rb +942 -606
- data/lib/login_radius/api/advanced/re_authentication_api.rb +317 -243
- data/lib/login_radius/api/advanced/web_hook_api.rb +101 -101
- data/lib/login_radius/api/authentication/authentication_api.rb +1036 -986
- data/lib/login_radius/api/authentication/one_touch_login_api.rb +160 -160
- data/lib/login_radius/api/authentication/password_less_login_api.rb +202 -158
- data/lib/login_radius/api/authentication/phone_authentication_api.rb +329 -329
- data/lib/login_radius/api/authentication/pin_authentication_api.rb +316 -316
- data/lib/login_radius/api/authentication/risk_based_authentication_api.rb +286 -286
- data/lib/login_radius/api/authentication/smart_login_api.rb +146 -146
- data/lib/login_radius/api/social/native_social_api.rb +255 -193
- data/lib/login_radius/api/social/social_api.rb +784 -802
- data/lib/login_radius/error.rb +7 -7
- data/lib/login_radius/request_client.rb +316 -295
- data/lib/login_radius/response.rb +18 -12
- data/lib/login_radius/version.rb +2 -2
- data/lib/login_radius.rb +30 -30
- data/login_radius.gemspec +25 -28
- metadata +8 -7
@@ -1,243 +1,317 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Created by LoginRadius Development Team
|
4
|
-
# Copyright 2019 LoginRadius Inc. All rights reserved.
|
5
|
-
require_relative '../../request_client'
|
6
|
-
|
7
|
-
module LoginRadius
|
8
|
-
# ReAuthenticationApi module
|
9
|
-
class ReAuthenticationApi
|
10
|
-
include RequestClient
|
11
|
-
|
12
|
-
attr_accessor :site_name, :api_key, :api_secret
|
13
|
-
|
14
|
-
# Initializes a LoginRadius Account object with an apikey and secret
|
15
|
-
# Takes in a hash containing site_name(required), api_key(required), api_secret(required)
|
16
|
-
def initialize
|
17
|
-
@site_name = ENV['SITE_NAME']
|
18
|
-
@api_key = ENV['API_KEY']
|
19
|
-
@api_secret = ENV['API_SECRET']
|
20
|
-
raise LoginRadius::Error.new, "'site_name' is a required option for Account class initialization." \
|
21
|
-
unless @site_name != '' && @site_name != nil
|
22
|
-
raise LoginRadius::Error.new, "'api_key' is a required option for Account class initialization." \
|
23
|
-
unless @api_key != '' && @api_key != nil
|
24
|
-
raise LoginRadius::Error.new, "'api_secret is a required option for Account class initialization." \
|
25
|
-
unless @api_secret != '' && @api_secret != nil
|
26
|
-
end
|
27
|
-
|
28
|
-
# This API is used to trigger the Multi-Factor Autentication workflow for the provided access token
|
29
|
-
#
|
30
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
31
|
-
# @param sms_template2_f_a - SMS Template Name
|
32
|
-
#
|
33
|
-
# @return Response containing Definition of Complete Multi-Factor Authentication Settings data
|
34
|
-
# 14.3
|
35
|
-
def mfa_re_authenticate(access_token, sms_template2_f_a = '')
|
36
|
-
if isNullOrWhiteSpace(access_token)
|
37
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
38
|
-
end
|
39
|
-
|
40
|
-
query_parameters = {}
|
41
|
-
query_parameters['access_token'] = access_token
|
42
|
-
query_parameters['apiKey'] = @api_key
|
43
|
-
unless isNullOrWhiteSpace(sms_template2_f_a)
|
44
|
-
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
45
|
-
end
|
46
|
-
|
47
|
-
resource_path = 'identity/v2/auth/account/reauth/2fa'
|
48
|
-
get_request(resource_path, query_parameters,
|
49
|
-
end
|
50
|
-
|
51
|
-
# This API is used to re-authenticate via Multi-factor authentication by passing the One Time Password received via SMS
|
52
|
-
#
|
53
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
54
|
-
# @param reauth_by_otp_model - Model Class containing Definition for MFA Reauthentication by OTP
|
55
|
-
#
|
56
|
-
# @return Complete user Multi-Factor Authentication Token data
|
57
|
-
# 14.4
|
58
|
-
def mfa_re_authenticate_by_otp(access_token, reauth_by_otp_model)
|
59
|
-
if isNullOrWhiteSpace(access_token)
|
60
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
61
|
-
end
|
62
|
-
if reauth_by_otp_model.blank?
|
63
|
-
raise LoginRadius::Error.new, getValidationMessage('reauth_by_otp_model')
|
64
|
-
end
|
65
|
-
|
66
|
-
query_parameters = {}
|
67
|
-
query_parameters['access_token'] = access_token
|
68
|
-
query_parameters['apiKey'] = @api_key
|
69
|
-
|
70
|
-
resource_path = 'identity/v2/auth/account/reauth/2fa/otp'
|
71
|
-
put_request(resource_path, query_parameters, reauth_by_otp_model)
|
72
|
-
end
|
73
|
-
|
74
|
-
# This API is used to re-authenticate by set of backup codes via access token on the site that has Multi-factor authentication enabled in re-authentication for the user that does not have the device
|
75
|
-
#
|
76
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
77
|
-
# @param reauth_by_backup_code_model - Model Class containing Definition for MFA Reauthentication by Backup code
|
78
|
-
#
|
79
|
-
# @return Complete user Multi-Factor Authentication Token data
|
80
|
-
# 14.5
|
81
|
-
def mfa_re_authenticate_by_backup_code(access_token, reauth_by_backup_code_model)
|
82
|
-
if isNullOrWhiteSpace(access_token)
|
83
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
84
|
-
end
|
85
|
-
if reauth_by_backup_code_model.blank?
|
86
|
-
raise LoginRadius::Error.new, getValidationMessage('reauth_by_backup_code_model')
|
87
|
-
end
|
88
|
-
|
89
|
-
query_parameters = {}
|
90
|
-
query_parameters['access_token'] = access_token
|
91
|
-
query_parameters['apiKey'] = @api_key
|
92
|
-
|
93
|
-
resource_path = 'identity/v2/auth/account/reauth/2fa/backupcode'
|
94
|
-
put_request(resource_path, query_parameters, reauth_by_backup_code_model)
|
95
|
-
end
|
96
|
-
|
97
|
-
# This API is used to re-authenticate via Multi-factor-authentication by passing the google authenticator code
|
98
|
-
#
|
99
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
100
|
-
# @param reauth_by_google_authenticator_code_model - Model Class containing Definition for MFA Reauthentication by Google Authenticator
|
101
|
-
#
|
102
|
-
# @return Complete user Multi-Factor Authentication Token data
|
103
|
-
# 14.6
|
104
|
-
def mfa_re_authenticate_by_google_auth(access_token, reauth_by_google_authenticator_code_model)
|
105
|
-
if isNullOrWhiteSpace(access_token)
|
106
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
107
|
-
end
|
108
|
-
if reauth_by_google_authenticator_code_model.blank?
|
109
|
-
raise LoginRadius::Error.new, getValidationMessage('reauth_by_google_authenticator_code_model')
|
110
|
-
end
|
111
|
-
|
112
|
-
query_parameters = {}
|
113
|
-
query_parameters['access_token'] = access_token
|
114
|
-
query_parameters['apiKey'] = @api_key
|
115
|
-
|
116
|
-
resource_path = 'identity/v2/auth/account/reauth/2fa/googleauthenticatorcode'
|
117
|
-
put_request(resource_path, query_parameters, reauth_by_google_authenticator_code_model)
|
118
|
-
end
|
119
|
-
|
120
|
-
# This API is used to re-authenticate via Multi-factor-authentication by passing the password
|
121
|
-
#
|
122
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
123
|
-
# @param password_event_based_auth_model_with_lockout - Model Class containing Definition of payload for PasswordEventBasedAuthModel with Lockout API
|
124
|
-
# @param sms_template2_f_a - SMS Template Name
|
125
|
-
#
|
126
|
-
# @return Complete user Multi-Factor Authentication Token data
|
127
|
-
# 14.7
|
128
|
-
def mfa_re_authenticate_by_password(access_token, password_event_based_auth_model_with_lockout, sms_template2_f_a = '')
|
129
|
-
if isNullOrWhiteSpace(access_token)
|
130
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
131
|
-
end
|
132
|
-
if password_event_based_auth_model_with_lockout.blank?
|
133
|
-
raise LoginRadius::Error.new, getValidationMessage('password_event_based_auth_model_with_lockout')
|
134
|
-
end
|
135
|
-
|
136
|
-
query_parameters = {}
|
137
|
-
query_parameters['access_token'] = access_token
|
138
|
-
query_parameters['apiKey'] = @api_key
|
139
|
-
unless isNullOrWhiteSpace(sms_template2_f_a)
|
140
|
-
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
141
|
-
end
|
142
|
-
|
143
|
-
resource_path = 'identity/v2/auth/account/reauth/password'
|
144
|
-
put_request(resource_path, query_parameters, password_event_based_auth_model_with_lockout)
|
145
|
-
end
|
146
|
-
|
147
|
-
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by OTP.
|
148
|
-
#
|
149
|
-
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
150
|
-
# @param uid - UID, the unified identifier for each user account
|
151
|
-
#
|
152
|
-
# @return Response containing Definition of Complete Validation data
|
153
|
-
# 18.38
|
154
|
-
def verify_multi_factor_otp_reauthentication(event_based_multi_factor_token, uid)
|
155
|
-
if event_based_multi_factor_token.blank?
|
156
|
-
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
157
|
-
end
|
158
|
-
if isNullOrWhiteSpace(uid)
|
159
|
-
raise LoginRadius::Error.new, getValidationMessage('uid')
|
160
|
-
end
|
161
|
-
|
162
|
-
query_parameters = {}
|
163
|
-
query_parameters['apiKey'] = @api_key
|
164
|
-
query_parameters['apiSecret'] = @api_secret
|
165
|
-
|
166
|
-
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/2fa'
|
167
|
-
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
168
|
-
end
|
169
|
-
|
170
|
-
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by password.
|
171
|
-
#
|
172
|
-
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
173
|
-
# @param uid - UID, the unified identifier for each user account
|
174
|
-
#
|
175
|
-
# @return Response containing Definition of Complete Validation data
|
176
|
-
# 18.39
|
177
|
-
def verify_multi_factor_password_reauthentication(event_based_multi_factor_token, uid)
|
178
|
-
if event_based_multi_factor_token.blank?
|
179
|
-
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
180
|
-
end
|
181
|
-
if isNullOrWhiteSpace(uid)
|
182
|
-
raise LoginRadius::Error.new, getValidationMessage('uid')
|
183
|
-
end
|
184
|
-
|
185
|
-
query_parameters = {}
|
186
|
-
query_parameters['apiKey'] = @api_key
|
187
|
-
query_parameters['apiSecret'] = @api_secret
|
188
|
-
|
189
|
-
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/password'
|
190
|
-
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
191
|
-
end
|
192
|
-
|
193
|
-
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by PIN.
|
194
|
-
#
|
195
|
-
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
196
|
-
# @param uid - UID, the unified identifier for each user account
|
197
|
-
#
|
198
|
-
# @return Response containing Definition of Complete Validation data
|
199
|
-
# 18.40
|
200
|
-
def verify_multi_factor_pin_reauthentication(event_based_multi_factor_token, uid)
|
201
|
-
if event_based_multi_factor_token.blank?
|
202
|
-
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
203
|
-
end
|
204
|
-
if isNullOrWhiteSpace(uid)
|
205
|
-
raise LoginRadius::Error.new, getValidationMessage('uid')
|
206
|
-
end
|
207
|
-
|
208
|
-
query_parameters = {}
|
209
|
-
query_parameters['apiKey'] = @api_key
|
210
|
-
query_parameters['apiSecret'] = @api_secret
|
211
|
-
|
212
|
-
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/pin'
|
213
|
-
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
214
|
-
end
|
215
|
-
|
216
|
-
# This API is used to validate the triggered MFA authentication flow with a password.
|
217
|
-
#
|
218
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
219
|
-
# @param pin_auth_event_based_auth_model_with_lockout - Model Class containing Definition of payload for PIN
|
220
|
-
# @param sms_template2_f_a - SMS Template Name
|
221
|
-
#
|
222
|
-
# @return Response containing Definition response of MFA reauthentication
|
223
|
-
# 42.13
|
224
|
-
def verify_pin_authentication(access_token, pin_auth_event_based_auth_model_with_lockout, sms_template2_f_a = '')
|
225
|
-
if isNullOrWhiteSpace(access_token)
|
226
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
227
|
-
end
|
228
|
-
if pin_auth_event_based_auth_model_with_lockout.blank?
|
229
|
-
raise LoginRadius::Error.new, getValidationMessage('pin_auth_event_based_auth_model_with_lockout')
|
230
|
-
end
|
231
|
-
|
232
|
-
query_parameters = {}
|
233
|
-
query_parameters['access_token'] = access_token
|
234
|
-
query_parameters['apiKey'] = @api_key
|
235
|
-
unless isNullOrWhiteSpace(sms_template2_f_a)
|
236
|
-
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
237
|
-
end
|
238
|
-
|
239
|
-
resource_path = 'identity/v2/auth/account/reauth/pin'
|
240
|
-
put_request(resource_path, query_parameters, pin_auth_event_based_auth_model_with_lockout)
|
241
|
-
end
|
242
|
-
|
243
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Created by LoginRadius Development Team
|
4
|
+
# Copyright 2019 LoginRadius Inc. All rights reserved.
|
5
|
+
require_relative '../../request_client'
|
6
|
+
|
7
|
+
module LoginRadius
|
8
|
+
# ReAuthenticationApi module
|
9
|
+
class ReAuthenticationApi
|
10
|
+
include RequestClient
|
11
|
+
|
12
|
+
attr_accessor :site_name, :api_key, :api_secret
|
13
|
+
|
14
|
+
# Initializes a LoginRadius Account object with an apikey and secret
|
15
|
+
# Takes in a hash containing site_name(required), api_key(required), api_secret(required)
|
16
|
+
def initialize
|
17
|
+
@site_name = ENV['SITE_NAME']
|
18
|
+
@api_key = ENV['API_KEY']
|
19
|
+
@api_secret = ENV['API_SECRET']
|
20
|
+
raise LoginRadius::Error.new, "'site_name' is a required option for Account class initialization." \
|
21
|
+
unless @site_name != '' && @site_name != nil
|
22
|
+
raise LoginRadius::Error.new, "'api_key' is a required option for Account class initialization." \
|
23
|
+
unless @api_key != '' && @api_key != nil
|
24
|
+
raise LoginRadius::Error.new, "'api_secret is a required option for Account class initialization." \
|
25
|
+
unless @api_secret != '' && @api_secret != nil
|
26
|
+
end
|
27
|
+
|
28
|
+
# This API is used to trigger the Multi-Factor Autentication workflow for the provided access token
|
29
|
+
#
|
30
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
31
|
+
# @param sms_template2_f_a - SMS Template Name
|
32
|
+
#
|
33
|
+
# @return Response containing Definition of Complete Multi-Factor Authentication Settings data
|
34
|
+
# 14.3
|
35
|
+
def mfa_re_authenticate(access_token, sms_template2_f_a = '')
|
36
|
+
if isNullOrWhiteSpace(access_token)
|
37
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
38
|
+
end
|
39
|
+
|
40
|
+
query_parameters = {}
|
41
|
+
query_parameters['access_token'] = access_token
|
42
|
+
query_parameters['apiKey'] = @api_key
|
43
|
+
unless isNullOrWhiteSpace(sms_template2_f_a)
|
44
|
+
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
45
|
+
end
|
46
|
+
|
47
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa'
|
48
|
+
get_request(resource_path, query_parameters, {})
|
49
|
+
end
|
50
|
+
|
51
|
+
# This API is used to re-authenticate via Multi-factor authentication by passing the One Time Password received via SMS
|
52
|
+
#
|
53
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
54
|
+
# @param reauth_by_otp_model - Model Class containing Definition for MFA Reauthentication by OTP
|
55
|
+
#
|
56
|
+
# @return Complete user Multi-Factor Authentication Token data
|
57
|
+
# 14.4
|
58
|
+
def mfa_re_authenticate_by_otp(access_token, reauth_by_otp_model)
|
59
|
+
if isNullOrWhiteSpace(access_token)
|
60
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
61
|
+
end
|
62
|
+
if reauth_by_otp_model.blank?
|
63
|
+
raise LoginRadius::Error.new, getValidationMessage('reauth_by_otp_model')
|
64
|
+
end
|
65
|
+
|
66
|
+
query_parameters = {}
|
67
|
+
query_parameters['access_token'] = access_token
|
68
|
+
query_parameters['apiKey'] = @api_key
|
69
|
+
|
70
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/otp'
|
71
|
+
put_request(resource_path, query_parameters, reauth_by_otp_model)
|
72
|
+
end
|
73
|
+
|
74
|
+
# This API is used to re-authenticate by set of backup codes via access token on the site that has Multi-factor authentication enabled in re-authentication for the user that does not have the device
|
75
|
+
#
|
76
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
77
|
+
# @param reauth_by_backup_code_model - Model Class containing Definition for MFA Reauthentication by Backup code
|
78
|
+
#
|
79
|
+
# @return Complete user Multi-Factor Authentication Token data
|
80
|
+
# 14.5
|
81
|
+
def mfa_re_authenticate_by_backup_code(access_token, reauth_by_backup_code_model)
|
82
|
+
if isNullOrWhiteSpace(access_token)
|
83
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
84
|
+
end
|
85
|
+
if reauth_by_backup_code_model.blank?
|
86
|
+
raise LoginRadius::Error.new, getValidationMessage('reauth_by_backup_code_model')
|
87
|
+
end
|
88
|
+
|
89
|
+
query_parameters = {}
|
90
|
+
query_parameters['access_token'] = access_token
|
91
|
+
query_parameters['apiKey'] = @api_key
|
92
|
+
|
93
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/backupcode'
|
94
|
+
put_request(resource_path, query_parameters, reauth_by_backup_code_model)
|
95
|
+
end
|
96
|
+
|
97
|
+
# This API is used to re-authenticate via Multi-factor-authentication by passing the google authenticator code
|
98
|
+
#
|
99
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
100
|
+
# @param reauth_by_google_authenticator_code_model - Model Class containing Definition for MFA Reauthentication by Google Authenticator
|
101
|
+
#
|
102
|
+
# @return Complete user Multi-Factor Authentication Token data
|
103
|
+
# 14.6
|
104
|
+
def mfa_re_authenticate_by_google_auth(access_token, reauth_by_google_authenticator_code_model)
|
105
|
+
if isNullOrWhiteSpace(access_token)
|
106
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
107
|
+
end
|
108
|
+
if reauth_by_google_authenticator_code_model.blank?
|
109
|
+
raise LoginRadius::Error.new, getValidationMessage('reauth_by_google_authenticator_code_model')
|
110
|
+
end
|
111
|
+
|
112
|
+
query_parameters = {}
|
113
|
+
query_parameters['access_token'] = access_token
|
114
|
+
query_parameters['apiKey'] = @api_key
|
115
|
+
|
116
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/googleauthenticatorcode'
|
117
|
+
put_request(resource_path, query_parameters, reauth_by_google_authenticator_code_model)
|
118
|
+
end
|
119
|
+
|
120
|
+
# This API is used to re-authenticate via Multi-factor-authentication by passing the password
|
121
|
+
#
|
122
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
123
|
+
# @param password_event_based_auth_model_with_lockout - Model Class containing Definition of payload for PasswordEventBasedAuthModel with Lockout API
|
124
|
+
# @param sms_template2_f_a - SMS Template Name
|
125
|
+
#
|
126
|
+
# @return Complete user Multi-Factor Authentication Token data
|
127
|
+
# 14.7
|
128
|
+
def mfa_re_authenticate_by_password(access_token, password_event_based_auth_model_with_lockout, sms_template2_f_a = '')
|
129
|
+
if isNullOrWhiteSpace(access_token)
|
130
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
131
|
+
end
|
132
|
+
if password_event_based_auth_model_with_lockout.blank?
|
133
|
+
raise LoginRadius::Error.new, getValidationMessage('password_event_based_auth_model_with_lockout')
|
134
|
+
end
|
135
|
+
|
136
|
+
query_parameters = {}
|
137
|
+
query_parameters['access_token'] = access_token
|
138
|
+
query_parameters['apiKey'] = @api_key
|
139
|
+
unless isNullOrWhiteSpace(sms_template2_f_a)
|
140
|
+
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
141
|
+
end
|
142
|
+
|
143
|
+
resource_path = 'identity/v2/auth/account/reauth/password'
|
144
|
+
put_request(resource_path, query_parameters, password_event_based_auth_model_with_lockout)
|
145
|
+
end
|
146
|
+
|
147
|
+
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by OTP.
|
148
|
+
#
|
149
|
+
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
150
|
+
# @param uid - UID, the unified identifier for each user account
|
151
|
+
#
|
152
|
+
# @return Response containing Definition of Complete Validation data
|
153
|
+
# 18.38
|
154
|
+
def verify_multi_factor_otp_reauthentication(event_based_multi_factor_token, uid)
|
155
|
+
if event_based_multi_factor_token.blank?
|
156
|
+
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
157
|
+
end
|
158
|
+
if isNullOrWhiteSpace(uid)
|
159
|
+
raise LoginRadius::Error.new, getValidationMessage('uid')
|
160
|
+
end
|
161
|
+
|
162
|
+
query_parameters = {}
|
163
|
+
query_parameters['apiKey'] = @api_key
|
164
|
+
query_parameters['apiSecret'] = @api_secret
|
165
|
+
|
166
|
+
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/2fa'
|
167
|
+
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
168
|
+
end
|
169
|
+
|
170
|
+
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by password.
|
171
|
+
#
|
172
|
+
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
173
|
+
# @param uid - UID, the unified identifier for each user account
|
174
|
+
#
|
175
|
+
# @return Response containing Definition of Complete Validation data
|
176
|
+
# 18.39
|
177
|
+
def verify_multi_factor_password_reauthentication(event_based_multi_factor_token, uid)
|
178
|
+
if event_based_multi_factor_token.blank?
|
179
|
+
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
180
|
+
end
|
181
|
+
if isNullOrWhiteSpace(uid)
|
182
|
+
raise LoginRadius::Error.new, getValidationMessage('uid')
|
183
|
+
end
|
184
|
+
|
185
|
+
query_parameters = {}
|
186
|
+
query_parameters['apiKey'] = @api_key
|
187
|
+
query_parameters['apiSecret'] = @api_secret
|
188
|
+
|
189
|
+
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/password'
|
190
|
+
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
191
|
+
end
|
192
|
+
|
193
|
+
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by PIN.
|
194
|
+
#
|
195
|
+
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
196
|
+
# @param uid - UID, the unified identifier for each user account
|
197
|
+
#
|
198
|
+
# @return Response containing Definition of Complete Validation data
|
199
|
+
# 18.40
|
200
|
+
def verify_multi_factor_pin_reauthentication(event_based_multi_factor_token, uid)
|
201
|
+
if event_based_multi_factor_token.blank?
|
202
|
+
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
203
|
+
end
|
204
|
+
if isNullOrWhiteSpace(uid)
|
205
|
+
raise LoginRadius::Error.new, getValidationMessage('uid')
|
206
|
+
end
|
207
|
+
|
208
|
+
query_parameters = {}
|
209
|
+
query_parameters['apiKey'] = @api_key
|
210
|
+
query_parameters['apiSecret'] = @api_secret
|
211
|
+
|
212
|
+
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/pin'
|
213
|
+
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
214
|
+
end
|
215
|
+
|
216
|
+
# This API is used to validate the triggered MFA authentication flow with a password.
|
217
|
+
#
|
218
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
219
|
+
# @param pin_auth_event_based_auth_model_with_lockout - Model Class containing Definition of payload for PIN
|
220
|
+
# @param sms_template2_f_a - SMS Template Name
|
221
|
+
#
|
222
|
+
# @return Response containing Definition response of MFA reauthentication
|
223
|
+
# 42.13
|
224
|
+
def verify_pin_authentication(access_token, pin_auth_event_based_auth_model_with_lockout, sms_template2_f_a = '')
|
225
|
+
if isNullOrWhiteSpace(access_token)
|
226
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
227
|
+
end
|
228
|
+
if pin_auth_event_based_auth_model_with_lockout.blank?
|
229
|
+
raise LoginRadius::Error.new, getValidationMessage('pin_auth_event_based_auth_model_with_lockout')
|
230
|
+
end
|
231
|
+
|
232
|
+
query_parameters = {}
|
233
|
+
query_parameters['access_token'] = access_token
|
234
|
+
query_parameters['apiKey'] = @api_key
|
235
|
+
unless isNullOrWhiteSpace(sms_template2_f_a)
|
236
|
+
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
237
|
+
end
|
238
|
+
|
239
|
+
resource_path = 'identity/v2/auth/account/reauth/pin'
|
240
|
+
put_request(resource_path, query_parameters, pin_auth_event_based_auth_model_with_lockout)
|
241
|
+
end
|
242
|
+
|
243
|
+
# This API is used to validate the triggered MFA authentication flow with an Email OTP.
|
244
|
+
#
|
245
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
246
|
+
# @param reauth_by_email_otp_model - payload
|
247
|
+
#
|
248
|
+
# @return Response containing Definition response of MFA reauthentication
|
249
|
+
# 42.14
|
250
|
+
def re_auth_validate_email_otp(access_token, reauth_by_email_otp_model)
|
251
|
+
if isNullOrWhiteSpace(access_token)
|
252
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
253
|
+
end
|
254
|
+
if reauth_by_email_otp_model.blank?
|
255
|
+
raise LoginRadius::Error.new, getValidationMessage('reauth_by_email_otp_model')
|
256
|
+
end
|
257
|
+
|
258
|
+
query_parameters = {}
|
259
|
+
query_parameters['access_token'] = access_token
|
260
|
+
query_parameters['apiKey'] = @api_key
|
261
|
+
|
262
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/otp/email/verify'
|
263
|
+
put_request(resource_path, query_parameters, reauth_by_email_otp_model)
|
264
|
+
end
|
265
|
+
|
266
|
+
# This API is used to send the MFA Email OTP to the email for Re-authentication
|
267
|
+
#
|
268
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
269
|
+
# @param email_id - EmailId
|
270
|
+
# @param email_template2_f_a - EmailTemplate2FA
|
271
|
+
#
|
272
|
+
# @return Response containing Definition of Complete Validation data
|
273
|
+
# 42.15
|
274
|
+
def re_auth_send_email_otp(access_token, email_id, email_template2_f_a = '')
|
275
|
+
if isNullOrWhiteSpace(access_token)
|
276
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
277
|
+
end
|
278
|
+
if isNullOrWhiteSpace(email_id)
|
279
|
+
raise LoginRadius::Error.new, getValidationMessage('email_id')
|
280
|
+
end
|
281
|
+
|
282
|
+
query_parameters = {}
|
283
|
+
query_parameters['access_token'] = access_token
|
284
|
+
query_parameters['apiKey'] = @api_key
|
285
|
+
query_parameters['emailId'] = email_id
|
286
|
+
unless isNullOrWhiteSpace(email_template2_f_a)
|
287
|
+
query_parameters['emailTemplate2FA'] = email_template2_f_a
|
288
|
+
end
|
289
|
+
|
290
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/otp/email'
|
291
|
+
get_request(resource_path, query_parameters, {})
|
292
|
+
end
|
293
|
+
|
294
|
+
# This API is used to validate the triggered MFA re-authentication flow with security questions answers.
|
295
|
+
#
|
296
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
297
|
+
# @param security_question_answer_update_model - payload
|
298
|
+
#
|
299
|
+
# @return Response containing Definition response of MFA reauthentication
|
300
|
+
# 42.16
|
301
|
+
def re_auth_by_security_question(access_token, security_question_answer_update_model)
|
302
|
+
if isNullOrWhiteSpace(access_token)
|
303
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
304
|
+
end
|
305
|
+
if security_question_answer_update_model.blank?
|
306
|
+
raise LoginRadius::Error.new, getValidationMessage('security_question_answer_update_model')
|
307
|
+
end
|
308
|
+
|
309
|
+
query_parameters = {}
|
310
|
+
query_parameters['access_token'] = access_token
|
311
|
+
query_parameters['apiKey'] = @api_key
|
312
|
+
|
313
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/securityquestionanswer/verify'
|
314
|
+
post_request(resource_path, query_parameters, security_question_answer_update_model)
|
315
|
+
end
|
316
|
+
end
|
317
|
+
end
|