login_radius 11.0.0 → 11.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/LICENSE.txt +21 -21
- data/README.md +58 -58
- data/lib/login_radius/api/account/account_api.rb +581 -581
- data/lib/login_radius/api/account/role_api.rb +330 -330
- data/lib/login_radius/api/account/sott_api.rb +47 -47
- data/lib/login_radius/api/advanced/configuration_api.rb +57 -57
- data/lib/login_radius/api/advanced/consent_management_api.rb +161 -161
- data/lib/login_radius/api/advanced/custom_object_api.rb +316 -316
- data/lib/login_radius/api/advanced/custom_registration_data_api.rb +195 -195
- data/lib/login_radius/api/advanced/multi_factor_authentication_api.rb +942 -606
- data/lib/login_radius/api/advanced/re_authentication_api.rb +317 -243
- data/lib/login_radius/api/advanced/web_hook_api.rb +101 -101
- data/lib/login_radius/api/authentication/authentication_api.rb +1036 -989
- data/lib/login_radius/api/authentication/one_touch_login_api.rb +160 -160
- data/lib/login_radius/api/authentication/password_less_login_api.rb +202 -158
- data/lib/login_radius/api/authentication/phone_authentication_api.rb +329 -329
- data/lib/login_radius/api/authentication/pin_authentication_api.rb +316 -316
- data/lib/login_radius/api/authentication/risk_based_authentication_api.rb +286 -286
- data/lib/login_radius/api/authentication/smart_login_api.rb +146 -146
- data/lib/login_radius/api/social/native_social_api.rb +255 -255
- data/lib/login_radius/api/social/social_api.rb +784 -806
- data/lib/login_radius/error.rb +7 -7
- data/lib/login_radius/request_client.rb +311 -295
- data/lib/login_radius/response.rb +18 -12
- data/lib/login_radius/version.rb +2 -2
- data/lib/login_radius.rb +30 -30
- data/login_radius.gemspec +25 -28
- metadata +7 -7
|
@@ -1,243 +1,317 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
# Created by LoginRadius Development Team
|
|
4
|
-
# Copyright 2019 LoginRadius Inc. All rights reserved.
|
|
5
|
-
require_relative '../../request_client'
|
|
6
|
-
|
|
7
|
-
module LoginRadius
|
|
8
|
-
# ReAuthenticationApi module
|
|
9
|
-
class ReAuthenticationApi
|
|
10
|
-
include RequestClient
|
|
11
|
-
|
|
12
|
-
attr_accessor :site_name, :api_key, :api_secret
|
|
13
|
-
|
|
14
|
-
# Initializes a LoginRadius Account object with an apikey and secret
|
|
15
|
-
# Takes in a hash containing site_name(required), api_key(required), api_secret(required)
|
|
16
|
-
def initialize
|
|
17
|
-
@site_name = ENV['SITE_NAME']
|
|
18
|
-
@api_key = ENV['API_KEY']
|
|
19
|
-
@api_secret = ENV['API_SECRET']
|
|
20
|
-
raise LoginRadius::Error.new, "'site_name' is a required option for Account class initialization." \
|
|
21
|
-
unless @site_name != '' && @site_name != nil
|
|
22
|
-
raise LoginRadius::Error.new, "'api_key' is a required option for Account class initialization." \
|
|
23
|
-
unless @api_key != '' && @api_key != nil
|
|
24
|
-
raise LoginRadius::Error.new, "'api_secret is a required option for Account class initialization." \
|
|
25
|
-
unless @api_secret != '' && @api_secret != nil
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
# This API is used to trigger the Multi-Factor Autentication workflow for the provided access token
|
|
29
|
-
#
|
|
30
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
31
|
-
# @param sms_template2_f_a - SMS Template Name
|
|
32
|
-
#
|
|
33
|
-
# @return Response containing Definition of Complete Multi-Factor Authentication Settings data
|
|
34
|
-
# 14.3
|
|
35
|
-
def mfa_re_authenticate(access_token, sms_template2_f_a = '')
|
|
36
|
-
if isNullOrWhiteSpace(access_token)
|
|
37
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
query_parameters = {}
|
|
41
|
-
query_parameters['access_token'] = access_token
|
|
42
|
-
query_parameters['apiKey'] = @api_key
|
|
43
|
-
unless isNullOrWhiteSpace(sms_template2_f_a)
|
|
44
|
-
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
resource_path = 'identity/v2/auth/account/reauth/2fa'
|
|
48
|
-
get_request(resource_path, query_parameters,
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
# This API is used to re-authenticate via Multi-factor authentication by passing the One Time Password received via SMS
|
|
52
|
-
#
|
|
53
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
54
|
-
# @param reauth_by_otp_model - Model Class containing Definition for MFA Reauthentication by OTP
|
|
55
|
-
#
|
|
56
|
-
# @return Complete user Multi-Factor Authentication Token data
|
|
57
|
-
# 14.4
|
|
58
|
-
def mfa_re_authenticate_by_otp(access_token, reauth_by_otp_model)
|
|
59
|
-
if isNullOrWhiteSpace(access_token)
|
|
60
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
61
|
-
end
|
|
62
|
-
if reauth_by_otp_model.blank?
|
|
63
|
-
raise LoginRadius::Error.new, getValidationMessage('reauth_by_otp_model')
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
query_parameters = {}
|
|
67
|
-
query_parameters['access_token'] = access_token
|
|
68
|
-
query_parameters['apiKey'] = @api_key
|
|
69
|
-
|
|
70
|
-
resource_path = 'identity/v2/auth/account/reauth/2fa/otp'
|
|
71
|
-
put_request(resource_path, query_parameters, reauth_by_otp_model)
|
|
72
|
-
end
|
|
73
|
-
|
|
74
|
-
# This API is used to re-authenticate by set of backup codes via access token on the site that has Multi-factor authentication enabled in re-authentication for the user that does not have the device
|
|
75
|
-
#
|
|
76
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
77
|
-
# @param reauth_by_backup_code_model - Model Class containing Definition for MFA Reauthentication by Backup code
|
|
78
|
-
#
|
|
79
|
-
# @return Complete user Multi-Factor Authentication Token data
|
|
80
|
-
# 14.5
|
|
81
|
-
def mfa_re_authenticate_by_backup_code(access_token, reauth_by_backup_code_model)
|
|
82
|
-
if isNullOrWhiteSpace(access_token)
|
|
83
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
84
|
-
end
|
|
85
|
-
if reauth_by_backup_code_model.blank?
|
|
86
|
-
raise LoginRadius::Error.new, getValidationMessage('reauth_by_backup_code_model')
|
|
87
|
-
end
|
|
88
|
-
|
|
89
|
-
query_parameters = {}
|
|
90
|
-
query_parameters['access_token'] = access_token
|
|
91
|
-
query_parameters['apiKey'] = @api_key
|
|
92
|
-
|
|
93
|
-
resource_path = 'identity/v2/auth/account/reauth/2fa/backupcode'
|
|
94
|
-
put_request(resource_path, query_parameters, reauth_by_backup_code_model)
|
|
95
|
-
end
|
|
96
|
-
|
|
97
|
-
# This API is used to re-authenticate via Multi-factor-authentication by passing the google authenticator code
|
|
98
|
-
#
|
|
99
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
100
|
-
# @param reauth_by_google_authenticator_code_model - Model Class containing Definition for MFA Reauthentication by Google Authenticator
|
|
101
|
-
#
|
|
102
|
-
# @return Complete user Multi-Factor Authentication Token data
|
|
103
|
-
# 14.6
|
|
104
|
-
def mfa_re_authenticate_by_google_auth(access_token, reauth_by_google_authenticator_code_model)
|
|
105
|
-
if isNullOrWhiteSpace(access_token)
|
|
106
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
107
|
-
end
|
|
108
|
-
if reauth_by_google_authenticator_code_model.blank?
|
|
109
|
-
raise LoginRadius::Error.new, getValidationMessage('reauth_by_google_authenticator_code_model')
|
|
110
|
-
end
|
|
111
|
-
|
|
112
|
-
query_parameters = {}
|
|
113
|
-
query_parameters['access_token'] = access_token
|
|
114
|
-
query_parameters['apiKey'] = @api_key
|
|
115
|
-
|
|
116
|
-
resource_path = 'identity/v2/auth/account/reauth/2fa/googleauthenticatorcode'
|
|
117
|
-
put_request(resource_path, query_parameters, reauth_by_google_authenticator_code_model)
|
|
118
|
-
end
|
|
119
|
-
|
|
120
|
-
# This API is used to re-authenticate via Multi-factor-authentication by passing the password
|
|
121
|
-
#
|
|
122
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
123
|
-
# @param password_event_based_auth_model_with_lockout - Model Class containing Definition of payload for PasswordEventBasedAuthModel with Lockout API
|
|
124
|
-
# @param sms_template2_f_a - SMS Template Name
|
|
125
|
-
#
|
|
126
|
-
# @return Complete user Multi-Factor Authentication Token data
|
|
127
|
-
# 14.7
|
|
128
|
-
def mfa_re_authenticate_by_password(access_token, password_event_based_auth_model_with_lockout, sms_template2_f_a = '')
|
|
129
|
-
if isNullOrWhiteSpace(access_token)
|
|
130
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
131
|
-
end
|
|
132
|
-
if password_event_based_auth_model_with_lockout.blank?
|
|
133
|
-
raise LoginRadius::Error.new, getValidationMessage('password_event_based_auth_model_with_lockout')
|
|
134
|
-
end
|
|
135
|
-
|
|
136
|
-
query_parameters = {}
|
|
137
|
-
query_parameters['access_token'] = access_token
|
|
138
|
-
query_parameters['apiKey'] = @api_key
|
|
139
|
-
unless isNullOrWhiteSpace(sms_template2_f_a)
|
|
140
|
-
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
|
141
|
-
end
|
|
142
|
-
|
|
143
|
-
resource_path = 'identity/v2/auth/account/reauth/password'
|
|
144
|
-
put_request(resource_path, query_parameters, password_event_based_auth_model_with_lockout)
|
|
145
|
-
end
|
|
146
|
-
|
|
147
|
-
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by OTP.
|
|
148
|
-
#
|
|
149
|
-
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
|
150
|
-
# @param uid - UID, the unified identifier for each user account
|
|
151
|
-
#
|
|
152
|
-
# @return Response containing Definition of Complete Validation data
|
|
153
|
-
# 18.38
|
|
154
|
-
def verify_multi_factor_otp_reauthentication(event_based_multi_factor_token, uid)
|
|
155
|
-
if event_based_multi_factor_token.blank?
|
|
156
|
-
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
|
157
|
-
end
|
|
158
|
-
if isNullOrWhiteSpace(uid)
|
|
159
|
-
raise LoginRadius::Error.new, getValidationMessage('uid')
|
|
160
|
-
end
|
|
161
|
-
|
|
162
|
-
query_parameters = {}
|
|
163
|
-
query_parameters['apiKey'] = @api_key
|
|
164
|
-
query_parameters['apiSecret'] = @api_secret
|
|
165
|
-
|
|
166
|
-
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/2fa'
|
|
167
|
-
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
|
168
|
-
end
|
|
169
|
-
|
|
170
|
-
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by password.
|
|
171
|
-
#
|
|
172
|
-
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
|
173
|
-
# @param uid - UID, the unified identifier for each user account
|
|
174
|
-
#
|
|
175
|
-
# @return Response containing Definition of Complete Validation data
|
|
176
|
-
# 18.39
|
|
177
|
-
def verify_multi_factor_password_reauthentication(event_based_multi_factor_token, uid)
|
|
178
|
-
if event_based_multi_factor_token.blank?
|
|
179
|
-
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
|
180
|
-
end
|
|
181
|
-
if isNullOrWhiteSpace(uid)
|
|
182
|
-
raise LoginRadius::Error.new, getValidationMessage('uid')
|
|
183
|
-
end
|
|
184
|
-
|
|
185
|
-
query_parameters = {}
|
|
186
|
-
query_parameters['apiKey'] = @api_key
|
|
187
|
-
query_parameters['apiSecret'] = @api_secret
|
|
188
|
-
|
|
189
|
-
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/password'
|
|
190
|
-
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
|
191
|
-
end
|
|
192
|
-
|
|
193
|
-
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by PIN.
|
|
194
|
-
#
|
|
195
|
-
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
|
196
|
-
# @param uid - UID, the unified identifier for each user account
|
|
197
|
-
#
|
|
198
|
-
# @return Response containing Definition of Complete Validation data
|
|
199
|
-
# 18.40
|
|
200
|
-
def verify_multi_factor_pin_reauthentication(event_based_multi_factor_token, uid)
|
|
201
|
-
if event_based_multi_factor_token.blank?
|
|
202
|
-
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
|
203
|
-
end
|
|
204
|
-
if isNullOrWhiteSpace(uid)
|
|
205
|
-
raise LoginRadius::Error.new, getValidationMessage('uid')
|
|
206
|
-
end
|
|
207
|
-
|
|
208
|
-
query_parameters = {}
|
|
209
|
-
query_parameters['apiKey'] = @api_key
|
|
210
|
-
query_parameters['apiSecret'] = @api_secret
|
|
211
|
-
|
|
212
|
-
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/pin'
|
|
213
|
-
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
|
214
|
-
end
|
|
215
|
-
|
|
216
|
-
# This API is used to validate the triggered MFA authentication flow with a password.
|
|
217
|
-
#
|
|
218
|
-
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
219
|
-
# @param pin_auth_event_based_auth_model_with_lockout - Model Class containing Definition of payload for PIN
|
|
220
|
-
# @param sms_template2_f_a - SMS Template Name
|
|
221
|
-
#
|
|
222
|
-
# @return Response containing Definition response of MFA reauthentication
|
|
223
|
-
# 42.13
|
|
224
|
-
def verify_pin_authentication(access_token, pin_auth_event_based_auth_model_with_lockout, sms_template2_f_a = '')
|
|
225
|
-
if isNullOrWhiteSpace(access_token)
|
|
226
|
-
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
227
|
-
end
|
|
228
|
-
if pin_auth_event_based_auth_model_with_lockout.blank?
|
|
229
|
-
raise LoginRadius::Error.new, getValidationMessage('pin_auth_event_based_auth_model_with_lockout')
|
|
230
|
-
end
|
|
231
|
-
|
|
232
|
-
query_parameters = {}
|
|
233
|
-
query_parameters['access_token'] = access_token
|
|
234
|
-
query_parameters['apiKey'] = @api_key
|
|
235
|
-
unless isNullOrWhiteSpace(sms_template2_f_a)
|
|
236
|
-
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
|
237
|
-
end
|
|
238
|
-
|
|
239
|
-
resource_path = 'identity/v2/auth/account/reauth/pin'
|
|
240
|
-
put_request(resource_path, query_parameters, pin_auth_event_based_auth_model_with_lockout)
|
|
241
|
-
end
|
|
242
|
-
|
|
243
|
-
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Created by LoginRadius Development Team
|
|
4
|
+
# Copyright 2019 LoginRadius Inc. All rights reserved.
|
|
5
|
+
require_relative '../../request_client'
|
|
6
|
+
|
|
7
|
+
module LoginRadius
|
|
8
|
+
# ReAuthenticationApi module
|
|
9
|
+
class ReAuthenticationApi
|
|
10
|
+
include RequestClient
|
|
11
|
+
|
|
12
|
+
attr_accessor :site_name, :api_key, :api_secret
|
|
13
|
+
|
|
14
|
+
# Initializes a LoginRadius Account object with an apikey and secret
|
|
15
|
+
# Takes in a hash containing site_name(required), api_key(required), api_secret(required)
|
|
16
|
+
def initialize
|
|
17
|
+
@site_name = ENV['SITE_NAME']
|
|
18
|
+
@api_key = ENV['API_KEY']
|
|
19
|
+
@api_secret = ENV['API_SECRET']
|
|
20
|
+
raise LoginRadius::Error.new, "'site_name' is a required option for Account class initialization." \
|
|
21
|
+
unless @site_name != '' && @site_name != nil
|
|
22
|
+
raise LoginRadius::Error.new, "'api_key' is a required option for Account class initialization." \
|
|
23
|
+
unless @api_key != '' && @api_key != nil
|
|
24
|
+
raise LoginRadius::Error.new, "'api_secret is a required option for Account class initialization." \
|
|
25
|
+
unless @api_secret != '' && @api_secret != nil
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
# This API is used to trigger the Multi-Factor Autentication workflow for the provided access token
|
|
29
|
+
#
|
|
30
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
31
|
+
# @param sms_template2_f_a - SMS Template Name
|
|
32
|
+
#
|
|
33
|
+
# @return Response containing Definition of Complete Multi-Factor Authentication Settings data
|
|
34
|
+
# 14.3
|
|
35
|
+
def mfa_re_authenticate(access_token, sms_template2_f_a = '')
|
|
36
|
+
if isNullOrWhiteSpace(access_token)
|
|
37
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
query_parameters = {}
|
|
41
|
+
query_parameters['access_token'] = access_token
|
|
42
|
+
query_parameters['apiKey'] = @api_key
|
|
43
|
+
unless isNullOrWhiteSpace(sms_template2_f_a)
|
|
44
|
+
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa'
|
|
48
|
+
get_request(resource_path, query_parameters, {})
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
# This API is used to re-authenticate via Multi-factor authentication by passing the One Time Password received via SMS
|
|
52
|
+
#
|
|
53
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
54
|
+
# @param reauth_by_otp_model - Model Class containing Definition for MFA Reauthentication by OTP
|
|
55
|
+
#
|
|
56
|
+
# @return Complete user Multi-Factor Authentication Token data
|
|
57
|
+
# 14.4
|
|
58
|
+
def mfa_re_authenticate_by_otp(access_token, reauth_by_otp_model)
|
|
59
|
+
if isNullOrWhiteSpace(access_token)
|
|
60
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
61
|
+
end
|
|
62
|
+
if reauth_by_otp_model.blank?
|
|
63
|
+
raise LoginRadius::Error.new, getValidationMessage('reauth_by_otp_model')
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
query_parameters = {}
|
|
67
|
+
query_parameters['access_token'] = access_token
|
|
68
|
+
query_parameters['apiKey'] = @api_key
|
|
69
|
+
|
|
70
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/otp'
|
|
71
|
+
put_request(resource_path, query_parameters, reauth_by_otp_model)
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
# This API is used to re-authenticate by set of backup codes via access token on the site that has Multi-factor authentication enabled in re-authentication for the user that does not have the device
|
|
75
|
+
#
|
|
76
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
77
|
+
# @param reauth_by_backup_code_model - Model Class containing Definition for MFA Reauthentication by Backup code
|
|
78
|
+
#
|
|
79
|
+
# @return Complete user Multi-Factor Authentication Token data
|
|
80
|
+
# 14.5
|
|
81
|
+
def mfa_re_authenticate_by_backup_code(access_token, reauth_by_backup_code_model)
|
|
82
|
+
if isNullOrWhiteSpace(access_token)
|
|
83
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
84
|
+
end
|
|
85
|
+
if reauth_by_backup_code_model.blank?
|
|
86
|
+
raise LoginRadius::Error.new, getValidationMessage('reauth_by_backup_code_model')
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
query_parameters = {}
|
|
90
|
+
query_parameters['access_token'] = access_token
|
|
91
|
+
query_parameters['apiKey'] = @api_key
|
|
92
|
+
|
|
93
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/backupcode'
|
|
94
|
+
put_request(resource_path, query_parameters, reauth_by_backup_code_model)
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
# This API is used to re-authenticate via Multi-factor-authentication by passing the google authenticator code
|
|
98
|
+
#
|
|
99
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
100
|
+
# @param reauth_by_google_authenticator_code_model - Model Class containing Definition for MFA Reauthentication by Google Authenticator
|
|
101
|
+
#
|
|
102
|
+
# @return Complete user Multi-Factor Authentication Token data
|
|
103
|
+
# 14.6
|
|
104
|
+
def mfa_re_authenticate_by_google_auth(access_token, reauth_by_google_authenticator_code_model)
|
|
105
|
+
if isNullOrWhiteSpace(access_token)
|
|
106
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
107
|
+
end
|
|
108
|
+
if reauth_by_google_authenticator_code_model.blank?
|
|
109
|
+
raise LoginRadius::Error.new, getValidationMessage('reauth_by_google_authenticator_code_model')
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
query_parameters = {}
|
|
113
|
+
query_parameters['access_token'] = access_token
|
|
114
|
+
query_parameters['apiKey'] = @api_key
|
|
115
|
+
|
|
116
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/googleauthenticatorcode'
|
|
117
|
+
put_request(resource_path, query_parameters, reauth_by_google_authenticator_code_model)
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
# This API is used to re-authenticate via Multi-factor-authentication by passing the password
|
|
121
|
+
#
|
|
122
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
123
|
+
# @param password_event_based_auth_model_with_lockout - Model Class containing Definition of payload for PasswordEventBasedAuthModel with Lockout API
|
|
124
|
+
# @param sms_template2_f_a - SMS Template Name
|
|
125
|
+
#
|
|
126
|
+
# @return Complete user Multi-Factor Authentication Token data
|
|
127
|
+
# 14.7
|
|
128
|
+
def mfa_re_authenticate_by_password(access_token, password_event_based_auth_model_with_lockout, sms_template2_f_a = '')
|
|
129
|
+
if isNullOrWhiteSpace(access_token)
|
|
130
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
131
|
+
end
|
|
132
|
+
if password_event_based_auth_model_with_lockout.blank?
|
|
133
|
+
raise LoginRadius::Error.new, getValidationMessage('password_event_based_auth_model_with_lockout')
|
|
134
|
+
end
|
|
135
|
+
|
|
136
|
+
query_parameters = {}
|
|
137
|
+
query_parameters['access_token'] = access_token
|
|
138
|
+
query_parameters['apiKey'] = @api_key
|
|
139
|
+
unless isNullOrWhiteSpace(sms_template2_f_a)
|
|
140
|
+
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
resource_path = 'identity/v2/auth/account/reauth/password'
|
|
144
|
+
put_request(resource_path, query_parameters, password_event_based_auth_model_with_lockout)
|
|
145
|
+
end
|
|
146
|
+
|
|
147
|
+
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by OTP.
|
|
148
|
+
#
|
|
149
|
+
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
|
150
|
+
# @param uid - UID, the unified identifier for each user account
|
|
151
|
+
#
|
|
152
|
+
# @return Response containing Definition of Complete Validation data
|
|
153
|
+
# 18.38
|
|
154
|
+
def verify_multi_factor_otp_reauthentication(event_based_multi_factor_token, uid)
|
|
155
|
+
if event_based_multi_factor_token.blank?
|
|
156
|
+
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
|
157
|
+
end
|
|
158
|
+
if isNullOrWhiteSpace(uid)
|
|
159
|
+
raise LoginRadius::Error.new, getValidationMessage('uid')
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
query_parameters = {}
|
|
163
|
+
query_parameters['apiKey'] = @api_key
|
|
164
|
+
query_parameters['apiSecret'] = @api_secret
|
|
165
|
+
|
|
166
|
+
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/2fa'
|
|
167
|
+
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
|
168
|
+
end
|
|
169
|
+
|
|
170
|
+
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by password.
|
|
171
|
+
#
|
|
172
|
+
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
|
173
|
+
# @param uid - UID, the unified identifier for each user account
|
|
174
|
+
#
|
|
175
|
+
# @return Response containing Definition of Complete Validation data
|
|
176
|
+
# 18.39
|
|
177
|
+
def verify_multi_factor_password_reauthentication(event_based_multi_factor_token, uid)
|
|
178
|
+
if event_based_multi_factor_token.blank?
|
|
179
|
+
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
|
180
|
+
end
|
|
181
|
+
if isNullOrWhiteSpace(uid)
|
|
182
|
+
raise LoginRadius::Error.new, getValidationMessage('uid')
|
|
183
|
+
end
|
|
184
|
+
|
|
185
|
+
query_parameters = {}
|
|
186
|
+
query_parameters['apiKey'] = @api_key
|
|
187
|
+
query_parameters['apiSecret'] = @api_secret
|
|
188
|
+
|
|
189
|
+
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/password'
|
|
190
|
+
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
|
191
|
+
end
|
|
192
|
+
|
|
193
|
+
# This API is used on the server-side to validate and verify the re-authentication token created by the MFA re-authentication API. This API checks re-authentications created by PIN.
|
|
194
|
+
#
|
|
195
|
+
# @param event_based_multi_factor_token - Model Class containing Definition for SecondFactorValidationToken
|
|
196
|
+
# @param uid - UID, the unified identifier for each user account
|
|
197
|
+
#
|
|
198
|
+
# @return Response containing Definition of Complete Validation data
|
|
199
|
+
# 18.40
|
|
200
|
+
def verify_multi_factor_pin_reauthentication(event_based_multi_factor_token, uid)
|
|
201
|
+
if event_based_multi_factor_token.blank?
|
|
202
|
+
raise LoginRadius::Error.new, getValidationMessage('event_based_multi_factor_token')
|
|
203
|
+
end
|
|
204
|
+
if isNullOrWhiteSpace(uid)
|
|
205
|
+
raise LoginRadius::Error.new, getValidationMessage('uid')
|
|
206
|
+
end
|
|
207
|
+
|
|
208
|
+
query_parameters = {}
|
|
209
|
+
query_parameters['apiKey'] = @api_key
|
|
210
|
+
query_parameters['apiSecret'] = @api_secret
|
|
211
|
+
|
|
212
|
+
resource_path = 'identity/v2/manage/account/' + uid + '/reauth/pin'
|
|
213
|
+
post_request(resource_path, query_parameters, event_based_multi_factor_token)
|
|
214
|
+
end
|
|
215
|
+
|
|
216
|
+
# This API is used to validate the triggered MFA authentication flow with a password.
|
|
217
|
+
#
|
|
218
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
219
|
+
# @param pin_auth_event_based_auth_model_with_lockout - Model Class containing Definition of payload for PIN
|
|
220
|
+
# @param sms_template2_f_a - SMS Template Name
|
|
221
|
+
#
|
|
222
|
+
# @return Response containing Definition response of MFA reauthentication
|
|
223
|
+
# 42.13
|
|
224
|
+
def verify_pin_authentication(access_token, pin_auth_event_based_auth_model_with_lockout, sms_template2_f_a = '')
|
|
225
|
+
if isNullOrWhiteSpace(access_token)
|
|
226
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
227
|
+
end
|
|
228
|
+
if pin_auth_event_based_auth_model_with_lockout.blank?
|
|
229
|
+
raise LoginRadius::Error.new, getValidationMessage('pin_auth_event_based_auth_model_with_lockout')
|
|
230
|
+
end
|
|
231
|
+
|
|
232
|
+
query_parameters = {}
|
|
233
|
+
query_parameters['access_token'] = access_token
|
|
234
|
+
query_parameters['apiKey'] = @api_key
|
|
235
|
+
unless isNullOrWhiteSpace(sms_template2_f_a)
|
|
236
|
+
query_parameters['smsTemplate2FA'] = sms_template2_f_a
|
|
237
|
+
end
|
|
238
|
+
|
|
239
|
+
resource_path = 'identity/v2/auth/account/reauth/pin'
|
|
240
|
+
put_request(resource_path, query_parameters, pin_auth_event_based_auth_model_with_lockout)
|
|
241
|
+
end
|
|
242
|
+
|
|
243
|
+
# This API is used to validate the triggered MFA authentication flow with an Email OTP.
|
|
244
|
+
#
|
|
245
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
246
|
+
# @param reauth_by_email_otp_model - payload
|
|
247
|
+
#
|
|
248
|
+
# @return Response containing Definition response of MFA reauthentication
|
|
249
|
+
# 42.14
|
|
250
|
+
def re_auth_validate_email_otp(access_token, reauth_by_email_otp_model)
|
|
251
|
+
if isNullOrWhiteSpace(access_token)
|
|
252
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
253
|
+
end
|
|
254
|
+
if reauth_by_email_otp_model.blank?
|
|
255
|
+
raise LoginRadius::Error.new, getValidationMessage('reauth_by_email_otp_model')
|
|
256
|
+
end
|
|
257
|
+
|
|
258
|
+
query_parameters = {}
|
|
259
|
+
query_parameters['access_token'] = access_token
|
|
260
|
+
query_parameters['apiKey'] = @api_key
|
|
261
|
+
|
|
262
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/otp/email/verify'
|
|
263
|
+
put_request(resource_path, query_parameters, reauth_by_email_otp_model)
|
|
264
|
+
end
|
|
265
|
+
|
|
266
|
+
# This API is used to send the MFA Email OTP to the email for Re-authentication
|
|
267
|
+
#
|
|
268
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
269
|
+
# @param email_id - EmailId
|
|
270
|
+
# @param email_template2_f_a - EmailTemplate2FA
|
|
271
|
+
#
|
|
272
|
+
# @return Response containing Definition of Complete Validation data
|
|
273
|
+
# 42.15
|
|
274
|
+
def re_auth_send_email_otp(access_token, email_id, email_template2_f_a = '')
|
|
275
|
+
if isNullOrWhiteSpace(access_token)
|
|
276
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
277
|
+
end
|
|
278
|
+
if isNullOrWhiteSpace(email_id)
|
|
279
|
+
raise LoginRadius::Error.new, getValidationMessage('email_id')
|
|
280
|
+
end
|
|
281
|
+
|
|
282
|
+
query_parameters = {}
|
|
283
|
+
query_parameters['access_token'] = access_token
|
|
284
|
+
query_parameters['apiKey'] = @api_key
|
|
285
|
+
query_parameters['emailId'] = email_id
|
|
286
|
+
unless isNullOrWhiteSpace(email_template2_f_a)
|
|
287
|
+
query_parameters['emailTemplate2FA'] = email_template2_f_a
|
|
288
|
+
end
|
|
289
|
+
|
|
290
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/otp/email'
|
|
291
|
+
get_request(resource_path, query_parameters, {})
|
|
292
|
+
end
|
|
293
|
+
|
|
294
|
+
# This API is used to validate the triggered MFA re-authentication flow with security questions answers.
|
|
295
|
+
#
|
|
296
|
+
# @param access_token - Uniquely generated identifier key by LoginRadius that is activated after successful authentication.
|
|
297
|
+
# @param security_question_answer_update_model - payload
|
|
298
|
+
#
|
|
299
|
+
# @return Response containing Definition response of MFA reauthentication
|
|
300
|
+
# 42.16
|
|
301
|
+
def re_auth_by_security_question(access_token, security_question_answer_update_model)
|
|
302
|
+
if isNullOrWhiteSpace(access_token)
|
|
303
|
+
raise LoginRadius::Error.new, getValidationMessage('access_token')
|
|
304
|
+
end
|
|
305
|
+
if security_question_answer_update_model.blank?
|
|
306
|
+
raise LoginRadius::Error.new, getValidationMessage('security_question_answer_update_model')
|
|
307
|
+
end
|
|
308
|
+
|
|
309
|
+
query_parameters = {}
|
|
310
|
+
query_parameters['access_token'] = access_token
|
|
311
|
+
query_parameters['apiKey'] = @api_key
|
|
312
|
+
|
|
313
|
+
resource_path = 'identity/v2/auth/account/reauth/2fa/securityquestionanswer/verify'
|
|
314
|
+
post_request(resource_path, query_parameters, security_question_answer_update_model)
|
|
315
|
+
end
|
|
316
|
+
end
|
|
317
|
+
end
|