@lifeready/core 1.1.15 → 1.1.17

package/lib/_common/storage.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Remove all keys in localstorage with matching prefix.
+ * A prefix must be specified. If you want to remove everything, then just use localStorage.clear().
+ *
+ * @param prefix Keys with this prefix will be removed.
+ */
+export declare function clearLocalStorage(prefix: string): void;
+/**
+ * Clear all items related to cognito in localstorage.
+ * The remember device function sometimes interferes with creating new users
+ * on TP based password reset.
+ */
+export declare function clearCognitoLocalStorage(): void;

package/lib/auth/life-ready-auth.service.d.ts

@@ -11,7 +11,6 @@ import { LifeReadyConfig } from '../life-ready.config';
 import { PasswordService } from '../password/password.service';
 import { PersistService } from '../persist/persist.service';
 import { ProfileService } from '../profile/profile.service';
-import { Slip39Service } from '../slip39/slip39.service';
 import { TpPasswordResetAssemblyController } from '../tp-password-reset/tp-password-reset.controller';
 import { CognitoChallengeUser, CurrentUser, LoginResult, TpPasswordResetUser } from './auth.types';
 export declare const initialiseAuth: (authService: LifeReadyAuthService) => () => Promise<void>;
@@ -32,23 +31,23 @@ export declare class LifeReadyAuthService {
     private tpPasswordResetProcessorService;
     private persistService;
     private encryptionService;
-    private slip39Service;
     private assemblyController;
     private hubSubject;
     private currentUser;
     private currentResetUser;
     private logoutListeners;
-    constructor(config: LifeReadyConfig, auth: AuthClass, keyFactory: KeyFactoryService, keyService: KeyService, profileService: ProfileService, keyGraphService: KeyGraphService, passwordService: PasswordService, idleService: IdleService, lrGraphQL: LrGraphQLService, tpPasswordResetProcessorService: TpPasswordResetProcessorService, persistService: PersistService, encryptionService: EncryptionService, slip39Service: Slip39Service, assemblyController: TpPasswordResetAssemblyController);
+    constructor(config: LifeReadyConfig, auth: AuthClass, keyFactory: KeyFactoryService, keyService: KeyService, profileService: ProfileService, keyGraphService: KeyGraphService, passwordService: PasswordService, idleService: IdleService, lrGraphQL: LrGraphQLService, tpPasswordResetProcessorService: TpPasswordResetProcessorService, persistService: PersistService, encryptionService: EncryptionService, assemblyController: TpPasswordResetAssemblyController);
     initialise(): Promise<void>;
+    importPassword(plainPassword: string): Promise<CryptoKey>;
     addLogoutListener(callback: LogoutListener): void;
     removeLogoutListener(callback: LogoutListener): void;
     private loginIdpImpl;
     private loginIdp;
     protected handleSessionEncryptionKey(): Promise<void>;
     protected handlePostAuth(cognitoUser: CognitoChallengeUser): Promise<void>;
-    login(emailOrPhone: string, password: string, { tpPasswordResetAutoComplete }?: LoginOptions): Promise<LoginResult>;
-    loginImpl(emailOrPhone: string, password: string): Promise<LoginResult>;
-    verifyLogin(challenge: CognitoChallengeUser, password: string, rememberMe: boolean, code: string): Promise<CurrentUser>;
+    login(emailOrPhone: string, password: CryptoKey, { tpPasswordResetAutoComplete }?: LoginOptions): Promise<LoginResult>;
+    loginImpl(emailOrPhone: string, password: CryptoKey): Promise<LoginResult>;
+    verifyLogin(challenge: CognitoChallengeUser, password: CryptoKey, rememberMe: boolean, code: string): Promise<CurrentUser>;
     handlePasswordRecovery(user: CognitoChallengeUser): Promise<void>;
     getUserOrResetUser(reload?: boolean): Promise<CurrentUser | TpPasswordResetUser>;
     getResetUser(reload?: boolean): Promise<TpPasswordResetUser>;
@@ -58,8 +57,8 @@ export declare class LifeReadyAuthService {
     watchAuth(): ReplaySubject<any>;
     logout(): Promise<void>;
     private getUserAttribute;
-    loadResetUser(password?: string): Promise<TpPasswordResetUser>;
+    loadResetUser(password?: CryptoKey): Promise<TpPasswordResetUser>;
     refreshAccessToken(): Promise<unknown>;
-    completeRequest(newPassword: string): Promise<void>;
+    completeRequest(newPassword: CryptoKey): Promise<void>;
     private recoverAssemblyKey;
 }

package/lib/key/key-factory.service.d.ts

@@ -3,11 +3,10 @@ import { JWK } from 'node-jose';
 import { JSONObject } from '../api/types';
 import { WebCryptoService } from '../web-crypto/web-crypto.service';
 import { DeriveKeyResult, DeriveLbopKeyParams, DerivePassIdpParams, DerivePassKeyParams, LbopKeyParams, PassIdpParams, PassKeyParams } from './key.types';
-export declare function sha256(message: any): Promise<string>;
 export declare class KeyFactoryService {
     private webCryptoService;
     constructor(webCryptoService: WebCryptoService);
-    private readonly crypto;
+    private readonly kcCrypto;
     readonly MIN_PASS_IDP_PBKDF_ITER = 100000;
     readonly MIN_PASS_KEY_PBKDF_ITER = 100000;
     readonly MIN_LBOP_KEY_PBKDF_ITER = 100000;
@@ -23,8 +22,9 @@ export declare class KeyFactoryService {
     createSignKey(): Promise<JWK.Key>;
     createPkcKey(): Promise<JWK.Key>;
     createPkcSignKey(): Promise<JWK.Key>;
+    importPassword(plainPassword: string): Promise<CryptoKey>;
     deriveKey({ password, salt, iterations, kid, }: {
-        password: string;
+        password: CryptoKey;
         salt: string;
         iterations: number;
         kid?: string;

package/lib/key/key.types.d.ts

@@ -69,11 +69,11 @@ export interface DeriveKeyResult {
     jwk: JWK.Key;
 }
 export interface DerivePassIdpParams extends PassIdpParams {
-    password: string;
+    password: CryptoKey;
 }
 export interface DerivePassKeyParams extends PassKeyParams {
-    password: string;
+    password: CryptoKey;
 }
 export interface DeriveLbopKeyParams extends PassKeyParams {
-    password: string;
+    password: CryptoKey;
 }

package/lib/lbop/lbop.service.d.ts

@@ -7,11 +7,12 @@ import { EncryptionService } from '../encryption/encryption.service';
 import { KeyFactoryService as KFS } from '../key/key-factory.service';
 import { KeyGraphService } from '../key/key-graph.service';
 import { KeyService } from '../key/key.service';
+import { PassKeyParams } from '../key/key.types';
 import { LifeReadyConfig } from '../life-ready.config';
 import { PasswordService } from '../password/password.service';
 export interface SetPasswordParams {
     lbopId: string;
-    newPassword: string;
+    newPassword: CryptoKey;
     verifiedToken: string;
     masterKeyId: string;
     masterKey: JWK.Key;
@@ -41,9 +42,16 @@ export interface VerifyResult {
     masterKeyId: string;
     masterKey: JWK.Key;
 }
+export interface ChallengeResultLbop {
+    lbopId: string;
+    lbopKeyParams: PassKeyParams;
+    wrappedLbopKeyVerifier: any;
+}
 export interface ChallengeResult {
-    challenge: any;
-    lbops: any;
+    challenge: {
+        serverNonce: string;
+    };
+    lbops: ChallengeResultLbop[];
 }
 export interface Lbop {
     id: string;

package/lib/password/password.service.d.ts

@@ -34,10 +34,10 @@ export declare class PasswordService {
     private idleService;
     private readonly CLIENT_NONCE_LENGTH;
     constructor(config: LifeReadyConfig, http: HttpClient, apollo: LrApolloService, auth: AuthClass, profileService: ProfileService, keyFactory: KFS, encryptionService: EncryptionService, keyGraph: KeyGraphService, webCryptoService: WebCryptoService, idleService: IdleService);
-    checkPassword(password: string): Promise<PasswordCheck>;
-    getExposureCount(password: string): Promise<number>;
+    checkPassword(plainPassword: string): Promise<PasswordCheck>;
+    getExposureCount(plainPassword: string): Promise<number>;
     getPassIdpString(passIdp: JWK.Key): any;
-    createPassKeyBundle(password: string): Promise<PassKeyBundle>;
+    createPassKeyBundle(password: CryptoKey): Promise<PassKeyBundle>;
     /**
      * We need to allow for interruption of the process at any point. Each API call can be considered
      * atomic and either succeeds or fails.
@@ -65,7 +65,7 @@ export declare class PasswordService {
      *
      */
     isLoginRequired(): Promise<boolean>;
-    changePassword(password: string, newPassword: string): Promise<void>;
+    changePassword(password: CryptoKey, newPassword: CryptoKey): Promise<void>;
     changePasswordComplete(accessToken: string, useNewPassword: boolean, token?: string): Promise<Object>;
     private getVerifierPrK;
     private verifyPassword;

package/lib/register/register.service.d.ts

@@ -20,6 +20,6 @@ export declare class RegisterService {
     verifyEmail(email: string): Promise<string>;
     verifyPhone(phoneNumber: string): Promise<string>;
     confirmVerificationCode(verificationId: string, verificationCode: string): Promise<string>;
-    register(email: string, password: string, verificationId: string, verificationToken: string, verificationType?: 'email' | 'phone'): Promise<RegisterResult>;
+    register(email: string, password: CryptoKey, verificationId: string, verificationToken: string, verificationType?: 'email' | 'phone'): Promise<RegisterResult>;
     hibpBreachedAccounts(account: string): Promise<any>;
 }

package/lib/tp-password-reset/tp-password-reset-user.service.d.ts

@@ -22,7 +22,7 @@ export declare class TpPasswordResetUserService extends LrService {
         claimId: string;
     }>;
     verifyContactRespond(claimId: string, claimCode: string): Promise<string>;
-    requestReset(password: string, claimId: string, claimToken: string): Promise<{
+    requestReset(password: CryptoKey, claimId: string, claimToken: string): Promise<{
         requestResetResult: RequestResetResult;
         signUpResult: ISignUpResult;
     }>;

package/lib/web-crypto/web-crypto.service.d.ts

@@ -1,5 +1,5 @@
 export declare class WebCryptoService {
-    crypto: Crypto;
+    kcCrypto: Crypto;
     toHex(buffer: ArrayBuffer): string;
     stringDigest(algorithm: string, message: string): Promise<string>;
 }

package/lifeready-core.d.ts

@@ -3,17 +3,16 @@
  */
 export * from './public-api';
 export { RunOutsideAngular as ɵh } from './lib/_common/run-outside-angular';
-export { LrGraphQLService as ɵf, LrService as ɵl } from './lib/api/lr-graphql';
+export { LrGraphQLService as ɵf, LrService as ɵk } from './lib/api/lr-graphql';
 export { TpPasswordResetProcessorService as ɵg } from './lib/api/query-processor/tp-password-reset-processor.service';
 export { EncryptionService as ɵb } from './lib/encryption/encryption.service';
 export { KeyFactoryService as ɵd } from './lib/key/key-factory.service';
 export { KeyGraphService as ɵa } from './lib/key/key-graph.service';
 export { KeyMetaService as ɵe } from './lib/key/key-meta.service';
 export { KeyService as ɵc } from './lib/key/key.service';
-export { ScenarioAssemblyController as ɵo } from './lib/scenario/scenario.controller';
-export { SharedContactCardService as ɵm } from './lib/shared-contact-card/shared-contact-card.service';
-export { Slip39Service as ɵi } from './lib/slip39/slip39.service';
-export { TpAssemblyController as ɵk } from './lib/tp-assembly/tp-assembly';
-export { TpPasswordResetAssemblyController as ɵj } from './lib/tp-password-reset/tp-password-reset.controller';
-export { TpPasswordResetPrivateService as ɵp } from './lib/tp-password-reset/tp-password-reset.private.service';
-export { TrustedPartyService as ɵn } from './lib/trusted-party/trusted-party.service';
+export { ScenarioAssemblyController as ɵn } from './lib/scenario/scenario.controller';
+export { SharedContactCardService as ɵl } from './lib/shared-contact-card/shared-contact-card.service';
+export { TpAssemblyController as ɵj } from './lib/tp-assembly/tp-assembly';
+export { TpPasswordResetAssemblyController as ɵi } from './lib/tp-password-reset/tp-password-reset.controller';
+export { TpPasswordResetPrivateService as ɵo } from './lib/tp-password-reset/tp-password-reset.private.service';
+export { TrustedPartyService as ɵm } from './lib/trusted-party/trusted-party.service';