@itentialopensource/adapter-utils 4.48.5 → 4.48.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/CHANGELOG.md +20 -0
  2. package/MFA.md +43 -0
  3. package/lib/connectorRest.js +1104 -754
  4. package/lib/propertyUtil.js +1 -1
  5. package/package.json +4 -3
  6. package/schemas/propertiesSchema.json +2 -1
package/CHANGELOG.md CHANGED
@@ -1,4 +1,24 @@
1
1
 
2
+ ## 4.48.7 [01-31-2023]
3
+
4
+ * Multi Step Authentication
5
+
6
+ Closes ADAPT-2344
7
+
8
+ See merge request itentialopensource/adapter-utils!237
9
+
10
+ ---
11
+
12
+ ## 4.48.6 [01-03-2023]
13
+
14
+ * Add passphrase as a ssl option
15
+
16
+ Closes ADAPT-2449
17
+
18
+ See merge request itentialopensource/adapter-utils!245
19
+
20
+ ---
21
+
2
22
  ## 4.48.5 [12-29-2022]
3
23
 
4
24
  * Update file package.json - update jsonwebtoken version
package/MFA.md ADDED
@@ -0,0 +1,43 @@
1
+ ### Configuration
2
+
3
+ - MFA configuration requires setup of configuration for every step in authentication.multiStepAuthCalls in adapter's configuration
4
+ - An configuration item of authentication.multiStepAuthCalls contains:
5
+ - **name**, id of the step call
6
+ - **requestFields**, the fields set in step request
7
+ - **responseFields**, the fields from the step result
8
+ - **successfullResponseCode**, expected response code for given step, if not set any successfull http response is accepted
9
+ - every MFA step has to have corresponding 2 entity files under /entities/.system:
10
+ - the request file: `schemaTokenReq_MFA_Step_[number]`
11
+ - the response file: `schemaTokenResp_MFA_Step_[number]`
12
+
13
+ ###### name
14
+
15
+ Step `name` is used by other steps to reference response values
16
+
17
+ ###### requestFields
18
+
19
+ Request field name if prefixed with `header` .e.g: `header.jx-session` means the request will be sent with http header `jx-session`. Otherwise the field is placed in request body.
20
+
21
+ Any step can set the value of its request field to:
22
+ - plain value e.g. `"password": "Alice-secret"`
23
+ - referenced value from other step e.g. `"jx-session": "{getSession.responseFields.session}"`, `"header.Authorization": "Bearer {getAccessToken.responseFields.accessToken}"`, `"header.Cookie": "session={getSession.responseFields.session}"`
24
+ The reference consists of three parts separated by dots: `{[step_name].responseFields.[field_name]}`, that allows
25
+ to identify the value to be placed into this request field.
26
+ **Important**: if the value of a request field is set to a referenced value from previous steps, the reference needs to be inside curly braces
27
+
28
+
29
+ ###### responseFields
30
+ Contains fields exposed for referencing by other steps.
31
+ **Important**: the value of the field has to be the same as set in `schemaTokenResp_MFA_Step_[number].external_name`
32
+
33
+ ###### successfullResponseCode
34
+ Intermediate steps executed before obtaining final token can have http response code out of range of successful http response codes(200-299, 300-308). Set expected response code here.
35
+
36
+ ###### Final token placement and format
37
+ Configuration parameters: `auth_field` and `auth_field_format` are used to point location and format of final MFA token in subsequent outgoing application requests that require authorization.
38
+
39
+ ### Caching
40
+
41
+ Following adapter configuration parameters control caching of the token:
42
+ - `token_cache`, storage location, either `local` or `redis`
43
+ - `token_timeout`, in miliseconds, if set to value greater then zero then the token is refreshed every time this timeout setting elapses. Must be set to value greater then 1 minute. When `token_timeout`=0 then caching is based on expiry date obtained from schemaTokenResp_MFA_Step_[number] `expires` attribute.