@prove-identity/prove-auth 2.14.0 → 2.15.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/bundle/release/prove-auth.js +1 -1
- package/build/lib/index.d.ts +3 -2
- package/build/lib/index.js +1 -2
- package/build/lib/proveauth/authenticator-builder.d.ts +5 -0
- package/build/lib/proveauth/authenticator-builder.js +25 -2
- package/build/lib/proveauth/external/@authid/web-component/authid-web-component.d.ts +3 -0
- package/build/lib/proveauth/external/@authid/web-component/authid-web-component.js +55 -0
- package/build/lib/proveauth/instantlink.d.ts +2 -6
- package/build/lib/proveauth/instantlink.js +1 -11
- package/build/lib/proveauth/internal/auth-request.d.ts +5 -1
- package/build/lib/proveauth/internal/auth-response.d.ts +24 -28
- package/build/lib/proveauth/internal/auth-session.d.ts +2 -1
- package/build/lib/proveauth/internal/auth-session.js +1 -0
- package/build/lib/proveauth/internal/auth-token-claims.d.ts +21 -3
- package/build/lib/proveauth/internal/device-passive-silent-step.js +5 -6
- package/build/lib/proveauth/internal/device-passive-step.js +7 -5
- package/build/lib/proveauth/internal/mobile-instant-step.js +3 -4
- package/build/lib/proveauth/internal/mobile-instantlink-step.d.ts +0 -3
- package/build/lib/proveauth/internal/mobile-instantlink-step.js +22 -122
- package/build/lib/proveauth/internal/mobile-otp-step.js +3 -3
- package/build/lib/proveauth/internal/platform.d.ts +11 -0
- package/build/lib/proveauth/internal/report-error-step.js +5 -2
- package/build/lib/proveauth/internal/user-mobileactive-step.js +1 -3
- package/build/lib/proveauth/internal/user-ppb-steps.d.ts +24 -0
- package/build/lib/proveauth/internal/user-ppb-steps.js +103 -0
- package/build/lib/proveauth/internal/user-present-step.js +1 -3
- package/build/lib/proveauth/internal/web-platform.d.ts +3 -1
- package/build/lib/proveauth/internal/web-platform.js +101 -0
- package/build/lib/proveauth/ppb.d.ts +9 -0
- package/build/lib/proveauth/ppb.js +2 -0
- package/build/lib/proveauth/version.d.ts +2 -2
- package/build/lib/proveauth/version.js +2 -2
- package/package.json +2 -2
|
@@ -21,6 +21,7 @@ const main_authenticator_1 = __importDefault(require("./internal/main-authentica
|
|
|
21
21
|
const logger_1 = require("./common/logger");
|
|
22
22
|
const settings_1 = __importDefault(require("./internal/settings"));
|
|
23
23
|
const device_context_options_1 = require("./device-context-options");
|
|
24
|
+
const user_ppb_steps_1 = require("./internal/user-ppb-steps");
|
|
24
25
|
var DeviceRole;
|
|
25
26
|
(function (DeviceRole) {
|
|
26
27
|
DeviceRole[DeviceRole["Primary"] = 0] = "Primary";
|
|
@@ -36,6 +37,7 @@ class AuthenticatorBuilder {
|
|
|
36
37
|
this.role = DeviceRole.Primary;
|
|
37
38
|
this.mobileAuthImplementation = MobileAuthImplementation.Fetch;
|
|
38
39
|
this.upkEnabled = false;
|
|
40
|
+
this.ppbEnabled = false;
|
|
39
41
|
this.log = logger_1.LoggerFactory.getLogger('authenticator-builder');
|
|
40
42
|
if (typeof window !== 'undefined') {
|
|
41
43
|
this.storage = window.localStorage;
|
|
@@ -131,6 +133,22 @@ class AuthenticatorBuilder {
|
|
|
131
133
|
this.upkEnabled = this.userConsentStep != null;
|
|
132
134
|
return this;
|
|
133
135
|
}
|
|
136
|
+
withPrivacyPreservingBiometrics(startStep, finishStep) {
|
|
137
|
+
this.ppbEnabled = true;
|
|
138
|
+
if (typeof startStep === 'function') {
|
|
139
|
+
this.ppbStartStep = { execute: startStep };
|
|
140
|
+
}
|
|
141
|
+
else {
|
|
142
|
+
this.ppbStartStep = startStep;
|
|
143
|
+
}
|
|
144
|
+
if (typeof finishStep === 'function') {
|
|
145
|
+
this.ppbFinishStep = { execute: finishStep };
|
|
146
|
+
}
|
|
147
|
+
else {
|
|
148
|
+
this.ppbFinishStep = finishStep;
|
|
149
|
+
}
|
|
150
|
+
return this;
|
|
151
|
+
}
|
|
134
152
|
getUrlsByBuildConfig(buildConfig) {
|
|
135
153
|
switch (buildConfig) {
|
|
136
154
|
case device_context_options_1.BuildConfig.US_PROD:
|
|
@@ -144,7 +162,8 @@ class AuthenticatorBuilder {
|
|
|
144
162
|
device_context_options_1.ProveAuthProxyEndpoint.DEFAULT_US_UAT_ENDPOINT.toString(),
|
|
145
163
|
];
|
|
146
164
|
case device_context_options_1.BuildConfig.DEV:
|
|
147
|
-
this.log.debug("Recommended for Prove's internal testing only, BuildConfig.DEV
|
|
165
|
+
this.log.debug("Recommended for Prove's internal testing only, BuildConfig.DEV " +
|
|
166
|
+
'might need custom endpoint URL and custom script URL values to bypass ad blockers');
|
|
148
167
|
return [undefined, undefined];
|
|
149
168
|
default:
|
|
150
169
|
this.log.warn('Unknown BuildConfig value: ' + buildConfig);
|
|
@@ -237,8 +256,10 @@ class AuthenticatorBuilder {
|
|
|
237
256
|
new mobile_instant_step_1.default(this.mobileAuthImplementation, this.getDeviceIp),
|
|
238
257
|
new mobile_instantlink_step_1.default(this.instantLinkStartStep, this.instantLinkRetryStep, this.getDeviceIp),
|
|
239
258
|
new mobile_otp_step_1.default(this.otpStartStep, this.otpFinishStep),
|
|
240
|
-
new user_mobileactive_step_1.default(),
|
|
241
259
|
new scan_message_step_1.default(this.authMessageHandler),
|
|
260
|
+
new user_mobileactive_step_1.default(),
|
|
261
|
+
new user_ppb_steps_1.UserPpbEnrollStep(this.ppbEnabled, this.ppbStartStep, this.ppbFinishStep),
|
|
262
|
+
new user_ppb_steps_1.UserPpbVerifyStep(this.ppbEnabled, this.ppbStartStep, this.ppbFinishStep),
|
|
242
263
|
]);
|
|
243
264
|
}
|
|
244
265
|
else {
|
|
@@ -246,6 +267,8 @@ class AuthenticatorBuilder {
|
|
|
246
267
|
new device_passive_step_1.default(this.getDisplayName, undefined, this.role),
|
|
247
268
|
new mobile_instant_step_1.default(this.mobileAuthImplementation, this.getDeviceIp),
|
|
248
269
|
new mobile_instantlink_step_1.default(this.instantLinkStartStep, this.instantLinkRetryStep, this.getDeviceIp),
|
|
270
|
+
new user_ppb_steps_1.UserPpbEnrollStep(this.ppbEnabled, this.ppbStartStep, this.ppbFinishStep),
|
|
271
|
+
new user_ppb_steps_1.UserPpbVerifyStep(this.ppbEnabled, this.ppbStartStep, this.ppbFinishStep),
|
|
249
272
|
]);
|
|
250
273
|
}
|
|
251
274
|
}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
class AuthIDComponent extends HTMLElement {
|
|
2
|
+
connectedCallback() {
|
|
3
|
+
const dataUrl = this.getAttribute('data-url');
|
|
4
|
+
if (!dataUrl) {
|
|
5
|
+
throw new Error('Missing data-url configuration!');
|
|
6
|
+
}
|
|
7
|
+
let dataTarget = this.getAttribute('data-target');
|
|
8
|
+
if (!dataTarget || dataTarget === 'auto') {
|
|
9
|
+
dataTarget = /Mobi|Android/i.test(navigator.userAgent) ? 'mobile' : 'desktop';
|
|
10
|
+
}
|
|
11
|
+
const iframe = document.createElement('iframe');
|
|
12
|
+
iframe.setAttribute('allow', 'fullscreen *;camera *;encrypted-media *;');
|
|
13
|
+
iframe.setAttribute('src', dataUrl);
|
|
14
|
+
const styleNode = document.createElement('style');
|
|
15
|
+
styleNode.textContent =
|
|
16
|
+
'div, iframe {' +
|
|
17
|
+
'position: fixed;' +
|
|
18
|
+
'top: 0;' +
|
|
19
|
+
'left: 0;' +
|
|
20
|
+
'height: 100vh;' +
|
|
21
|
+
'width: 100vw;' +
|
|
22
|
+
'border: 0;' +
|
|
23
|
+
'padding: 0;' +
|
|
24
|
+
'margin: 0;' +
|
|
25
|
+
'}';
|
|
26
|
+
const shadow = this.attachShadow({ mode: 'closed' });
|
|
27
|
+
shadow.appendChild(styleNode);
|
|
28
|
+
const container = document.createElement('div');
|
|
29
|
+
shadow.appendChild(container);
|
|
30
|
+
const dataWebauth = this.getAttribute('data-webauth');
|
|
31
|
+
if (dataWebauth && dataWebauth !== 'false' && dataWebauth !== 'no') {
|
|
32
|
+
const webauthHandler = document.createElement('script');
|
|
33
|
+
webauthHandler.setAttribute('src', dataUrl.replace('/?', '/webauthhandler.js?'));
|
|
34
|
+
shadow.appendChild(webauthHandler);
|
|
35
|
+
}
|
|
36
|
+
const dataControl = this.getAttribute('data-control');
|
|
37
|
+
if (dataControl && dataControl !== 'false' && dataControl !== 'no') {
|
|
38
|
+
const controlHandler = document.createElement('script');
|
|
39
|
+
controlHandler.setAttribute('src', dataUrl.replace('/?', '/controlhandler.js?'));
|
|
40
|
+
shadow.appendChild(controlHandler);
|
|
41
|
+
}
|
|
42
|
+
shadow.appendChild(iframe);
|
|
43
|
+
iframe.addEventListener('load', () => {
|
|
44
|
+
shadow.removeChild(container);
|
|
45
|
+
shadow.dispatchEvent(new CustomEvent('load', {
|
|
46
|
+
composed: true,
|
|
47
|
+
bubbles: true,
|
|
48
|
+
}));
|
|
49
|
+
}, { capture: true, once: true });
|
|
50
|
+
if (window.getComputedStyle(this)['z-index'] === 'auto') {
|
|
51
|
+
this.style['z-index'] = 1000;
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
window.customElements.define('authid-component', AuthIDComponent);
|
|
@@ -1,8 +1,4 @@
|
|
|
1
|
-
import AuthError from './internal/auth-error';
|
|
2
1
|
import PhoneNumberInput, { PhoneValidationError } from './internal/phone-number-input';
|
|
3
|
-
export declare class InstantLinkMaxRetryError extends AuthError {
|
|
4
|
-
constructor(message?: string, code?: number);
|
|
5
|
-
}
|
|
6
2
|
export interface InstantLinkStartStep {
|
|
7
3
|
execute: (phoneNumberNeeded: boolean, instantLinkError?: PhoneValidationError) => Promise<PhoneNumberInput | null>;
|
|
8
4
|
}
|
|
@@ -12,7 +8,7 @@ export declare enum InstantLinkResultType {
|
|
|
12
8
|
OnMobileNumberChange = 1
|
|
13
9
|
}
|
|
14
10
|
export interface InstantLinkRetryStep {
|
|
15
|
-
execute: (
|
|
11
|
+
execute: () => Promise<InstantLinkResultType>;
|
|
16
12
|
}
|
|
17
|
-
export type InstantLinkRetryStepFn = (
|
|
13
|
+
export type InstantLinkRetryStepFn = () => Promise<InstantLinkResultType>;
|
|
18
14
|
export type InstantLinkStartInput = PhoneNumberInput;
|
|
@@ -1,16 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.InstantLinkResultType =
|
|
7
|
-
const auth_error_1 = __importDefault(require("./internal/auth-error"));
|
|
8
|
-
class InstantLinkMaxRetryError extends auth_error_1.default {
|
|
9
|
-
constructor(message, code) {
|
|
10
|
-
super(message, code);
|
|
11
|
-
}
|
|
12
|
-
}
|
|
13
|
-
exports.InstantLinkMaxRetryError = InstantLinkMaxRetryError;
|
|
3
|
+
exports.InstantLinkResultType = void 0;
|
|
14
4
|
var InstantLinkResultType;
|
|
15
5
|
(function (InstantLinkResultType) {
|
|
16
6
|
InstantLinkResultType[InstantLinkResultType["OnResend"] = 0] = "OnResend";
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { MobileAuthImplementation } from '../authenticator-builder';
|
|
2
2
|
import { AuthResponseStatus } from './auth-response-status';
|
|
3
|
-
export type AuthRequest = V1ClientDeviceFido2RegisterStart | V1ClientDeviceFido2RegisterFinish | V1ClientDeviceFido2VerifyStart | V1ClientDeviceFido2VerifyFinish | V1ClientDevicePassiveRegister | V1ClientDevicePassiveVerify | V1ClientUserResponse | V1ClientAnyError | V1ClientChallenge | V1ClientMobileInstantLinkStart | V1ClientMobileInstantStart | V1ClientMobileInstantFinish | V1ClientOtpStart | V1ClientOtpFinish;
|
|
3
|
+
export type AuthRequest = V1ClientDeviceFido2RegisterStart | V1ClientDeviceFido2RegisterFinish | V1ClientDeviceFido2VerifyStart | V1ClientDeviceFido2VerifyFinish | V1ClientDevicePassiveRegister | V1ClientDevicePassiveVerify | V1ClientUserResponse | V1ClientAnyError | V1ClientChallenge | V1ClientMobileInstantLinkStart | V1ClientMobileInstantStart | V1ClientMobileInstantFinish | V1ClientOtpStart | V1ClientOtpFinish | V1ClientPpbFinish;
|
|
4
4
|
export type AuthRegistration = PassiveRegistration | Fido2Registration;
|
|
5
5
|
export interface PublicKey {
|
|
6
6
|
id: string;
|
|
@@ -98,3 +98,7 @@ export interface Signal {
|
|
|
98
98
|
results?: string;
|
|
99
99
|
error?: string;
|
|
100
100
|
}
|
|
101
|
+
export interface V1ClientPpbFinish {
|
|
102
|
+
requestId: string;
|
|
103
|
+
operationId: string;
|
|
104
|
+
}
|
|
@@ -1,66 +1,62 @@
|
|
|
1
1
|
import AuthMessage from './auth-message';
|
|
2
2
|
export default interface AuthResponse {
|
|
3
3
|
next: string;
|
|
4
|
+
data?: ResponseData;
|
|
4
5
|
error?: AuthFailure;
|
|
5
6
|
refreshDeviceTrust?: boolean;
|
|
6
7
|
}
|
|
8
|
+
export interface ResponseData {
|
|
9
|
+
}
|
|
7
10
|
export interface AuthFailure {
|
|
8
11
|
message: string;
|
|
9
12
|
code: number;
|
|
10
13
|
}
|
|
14
|
+
export type RegisterStartAuthResponse = AuthResponse;
|
|
15
|
+
export type RegisterFinishAuthResponse = AuthResponse;
|
|
16
|
+
export type DeviceRegisterAuthResponse = AuthResponse;
|
|
17
|
+
export type VerifyStartAuthResponse = AuthResponse;
|
|
18
|
+
export type VerifyFinishAuthResponse = AuthResponse;
|
|
19
|
+
export type MobileStartAuthResponse = AuthResponse;
|
|
20
|
+
export type OtpStartResponse = AuthResponse;
|
|
21
|
+
export type OtpFinishResponse = AuthResponse;
|
|
22
|
+
export type InstantLinkStartResponse = AuthResponse;
|
|
23
|
+
export type PpbStartResponse = AuthResponse;
|
|
24
|
+
export type PpbFinishResponse = AuthResponse;
|
|
11
25
|
export interface RegisterStartAuthResponseData {
|
|
12
26
|
credCreateOptions?: PublicKeyCredentialCreationOptions;
|
|
13
27
|
credRequestOptions?: PublicKeyCredentialRequestOptions;
|
|
14
28
|
}
|
|
15
|
-
export interface
|
|
16
|
-
data: RegisterStartAuthResponseData;
|
|
17
|
-
}
|
|
18
|
-
export interface RegisterFinishAuthResponseData {
|
|
29
|
+
export interface RegisterFinishAuthResponseData extends ResponseData {
|
|
19
30
|
deviceId: string;
|
|
20
31
|
passkey: boolean;
|
|
21
32
|
scanMessage?: AuthMessage;
|
|
22
33
|
}
|
|
23
|
-
export interface RegisterFinishAuthResponse extends AuthResponse {
|
|
24
|
-
data: RegisterFinishAuthResponseData;
|
|
25
|
-
}
|
|
26
|
-
export type DeviceRegisterAuthResponse = RegisterFinishAuthResponse;
|
|
27
34
|
export interface VerifyStartAuthResponseData {
|
|
28
35
|
credRequestOptions: PublicKeyCredentialRequestOptions;
|
|
29
36
|
}
|
|
30
|
-
export interface
|
|
31
|
-
data: VerifyStartAuthResponseData;
|
|
32
|
-
}
|
|
33
|
-
export interface VerifyFinishAuthResponseData {
|
|
37
|
+
export interface VerifyFinishAuthResponseData extends ResponseData {
|
|
34
38
|
scanMessage?: AuthMessage;
|
|
35
39
|
deviceId?: string;
|
|
36
40
|
passkey?: boolean;
|
|
37
41
|
}
|
|
38
|
-
export interface VerifyFinishAuthResponse extends AuthResponse {
|
|
39
|
-
data?: VerifyFinishAuthResponseData;
|
|
40
|
-
}
|
|
41
42
|
export interface ChallengeResponse extends AuthResponse {
|
|
42
43
|
deviceId?: string;
|
|
43
44
|
challenge?: string;
|
|
44
45
|
ttl?: number;
|
|
45
46
|
receivedAt?: number;
|
|
46
47
|
}
|
|
47
|
-
export interface MobileStartAuthResponseData {
|
|
48
|
+
export interface MobileStartAuthResponseData extends ResponseData {
|
|
48
49
|
redirectUrl?: string;
|
|
49
50
|
}
|
|
50
|
-
export interface MobileStartAuthResponse extends AuthResponse {
|
|
51
|
-
data?: MobileStartAuthResponseData;
|
|
52
|
-
}
|
|
53
|
-
export interface OtpStartResponse extends AuthResponse {
|
|
54
|
-
data?: OtpResponseData;
|
|
55
|
-
}
|
|
56
|
-
export interface OtpFinishResponse extends AuthResponse {
|
|
57
|
-
data?: OtpResponseData;
|
|
58
|
-
}
|
|
59
51
|
export interface OtpResponseData {
|
|
60
52
|
code?: number;
|
|
61
53
|
message?: string;
|
|
62
54
|
}
|
|
63
|
-
export interface InstantLinkStartResponse extends AuthResponse {
|
|
64
|
-
data?: InstantLinkResponseData;
|
|
65
|
-
}
|
|
66
55
|
export type InstantLinkResponseData = OtpResponseData;
|
|
56
|
+
export interface PpbOperation {
|
|
57
|
+
operationId: string;
|
|
58
|
+
oneTimeSecret: string;
|
|
59
|
+
}
|
|
60
|
+
export interface PpbResponseData extends ResponseData {
|
|
61
|
+
ppb?: PpbOperation;
|
|
62
|
+
}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/// <reference types="webappsec-credential-management" />
|
|
2
2
|
import AuthMessage from './auth-message';
|
|
3
3
|
import { AuthRequest, Signal } from './auth-request';
|
|
4
|
-
import AuthResponse from './auth-response';
|
|
4
|
+
import AuthResponse, { ResponseData } from './auth-response';
|
|
5
5
|
import AuthTokenClaims, { UserVerificationLevel } from './auth-token-claims';
|
|
6
6
|
import { DeviceRegistration } from './device-auth';
|
|
7
7
|
import Platform, { AuthSessionIntegration, MessageChannel, RequestSigner } from './platform';
|
|
@@ -16,6 +16,7 @@ export default class AuthSession implements AuthSessionIntegration {
|
|
|
16
16
|
readonly channels: Set<MessageChannel>;
|
|
17
17
|
private readonly log;
|
|
18
18
|
lastStep?: string;
|
|
19
|
+
lastData?: ResponseData;
|
|
19
20
|
credential?: CredentialType;
|
|
20
21
|
authMessage?: AuthMessage;
|
|
21
22
|
uvLevel?: UserVerificationLevel;
|
|
@@ -9,6 +9,8 @@ export interface PassiveAuthenticator {
|
|
|
9
9
|
}
|
|
10
10
|
export interface InstantAuthenticator {
|
|
11
11
|
}
|
|
12
|
+
export interface PresentAuthenticator {
|
|
13
|
+
}
|
|
12
14
|
export interface InstantLinkAuthenticator {
|
|
13
15
|
mnp: boolean;
|
|
14
16
|
amnrp?: boolean;
|
|
@@ -21,28 +23,44 @@ export interface UniversalAuthenticator {
|
|
|
21
23
|
endp: string;
|
|
22
24
|
ftu: string;
|
|
23
25
|
}
|
|
24
|
-
export interface
|
|
26
|
+
export interface PpbAuthenticator {
|
|
27
|
+
endp: string;
|
|
28
|
+
}
|
|
29
|
+
export interface DeviceAuthenticators {
|
|
30
|
+
pasv?: PassiveAuthenticator;
|
|
31
|
+
unvsl?: UniversalAuthenticator;
|
|
32
|
+
}
|
|
33
|
+
export interface MobileAuthenticators {
|
|
25
34
|
pasv?: PassiveAuthenticator;
|
|
26
35
|
inst?: InstantAuthenticator;
|
|
27
36
|
inln?: InstantLinkAuthenticator;
|
|
28
37
|
otp?: OtpAuthenticator;
|
|
29
38
|
unvsl?: UniversalAuthenticator;
|
|
30
39
|
}
|
|
40
|
+
export interface UserAuthenticators {
|
|
41
|
+
pasv?: PassiveAuthenticator;
|
|
42
|
+
prst?: PresentAuthenticator;
|
|
43
|
+
ppb?: PpbAuthenticator;
|
|
44
|
+
}
|
|
31
45
|
export interface Signals {
|
|
32
46
|
fpt?: boolean;
|
|
33
47
|
fptrr?: number;
|
|
34
48
|
dwn?: boolean;
|
|
35
49
|
}
|
|
36
50
|
export interface DeviceAuthSubjectClaim {
|
|
37
|
-
auths:
|
|
51
|
+
auths: DeviceAuthenticators;
|
|
38
52
|
sgnls?: Signals;
|
|
39
53
|
}
|
|
40
54
|
export interface MobileAuthSubjectClaim {
|
|
41
|
-
auths:
|
|
55
|
+
auths: MobileAuthenticators;
|
|
56
|
+
}
|
|
57
|
+
export interface UserAuthSubjectClaim {
|
|
58
|
+
auths: UserAuthenticators;
|
|
42
59
|
}
|
|
43
60
|
export interface AuthSubjectsClaim {
|
|
44
61
|
dev?: DeviceAuthSubjectClaim;
|
|
45
62
|
mob?: MobileAuthSubjectClaim;
|
|
63
|
+
usr?: UserAuthSubjectClaim;
|
|
46
64
|
}
|
|
47
65
|
export interface AuthClaim {
|
|
48
66
|
id: string;
|
|
@@ -78,19 +78,18 @@ class DevicePassiveSilentStep {
|
|
|
78
78
|
if ((_a = registration.getSignals().fingerprint) === null || _a === void 0 ? void 0 : _a.results) {
|
|
79
79
|
session.markNewFptts();
|
|
80
80
|
}
|
|
81
|
-
const
|
|
82
|
-
const deviceId =
|
|
81
|
+
const data = response.data;
|
|
82
|
+
const deviceId = data === null || data === void 0 ? void 0 : data.deviceId;
|
|
83
83
|
if (!deviceId) {
|
|
84
84
|
reject(new auth_error_1.default('Failed to register device, returned deviceId is null or empty', 0, response.next));
|
|
85
85
|
}
|
|
86
86
|
session.settings.deviceId = deviceId;
|
|
87
|
-
if (
|
|
88
|
-
session.settings.fidoPasskeyRegistered =
|
|
87
|
+
if (data.passkey != null) {
|
|
88
|
+
session.settings.fidoPasskeyRegistered = data.passkey;
|
|
89
89
|
}
|
|
90
90
|
registration.deviceId = deviceId;
|
|
91
91
|
this.log.debug('Device ID: ' + deviceId);
|
|
92
|
-
|
|
93
|
-
if (data && data.scanMessage) {
|
|
92
|
+
if (data.scanMessage) {
|
|
94
93
|
session.authMessage = data.scanMessage;
|
|
95
94
|
}
|
|
96
95
|
session.platform.deviceAuth
|
|
@@ -30,7 +30,7 @@ class DevicePassiveActions extends auth_status_actions_1.AuthStatusActions {
|
|
|
30
30
|
signals: signals,
|
|
31
31
|
})
|
|
32
32
|
.then((response) => {
|
|
33
|
-
var _a
|
|
33
|
+
var _a;
|
|
34
34
|
if (response.error) {
|
|
35
35
|
reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
|
|
36
36
|
}
|
|
@@ -38,8 +38,9 @@ class DevicePassiveActions extends auth_status_actions_1.AuthStatusActions {
|
|
|
38
38
|
if ((_a = signals === null || signals === void 0 ? void 0 : signals.fingerprint) === null || _a === void 0 ? void 0 : _a.results) {
|
|
39
39
|
session.markNewFptts();
|
|
40
40
|
}
|
|
41
|
-
const
|
|
42
|
-
const
|
|
41
|
+
const data = response.data;
|
|
42
|
+
const creationOptions = data === null || data === void 0 ? void 0 : data.credCreateOptions;
|
|
43
|
+
const requestOptions = data === null || data === void 0 ? void 0 : data.credRequestOptions;
|
|
43
44
|
if (creationOptions) {
|
|
44
45
|
this.createCredentials(session, displayName, creationOptions, response)
|
|
45
46
|
.then(resolve)
|
|
@@ -70,7 +71,8 @@ class DevicePassiveActions extends auth_status_actions_1.AuthStatusActions {
|
|
|
70
71
|
reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
|
|
71
72
|
}
|
|
72
73
|
else {
|
|
73
|
-
const
|
|
74
|
+
const data = response.data;
|
|
75
|
+
const options = data === null || data === void 0 ? void 0 : data.credRequestOptions;
|
|
74
76
|
this.getCredentials(session, options, response).then(resolve).catch(reject);
|
|
75
77
|
}
|
|
76
78
|
})
|
|
@@ -144,7 +146,7 @@ class DevicePassiveActions extends auth_status_actions_1.AuthStatusActions {
|
|
|
144
146
|
parseCredRequestOptions(response, session) {
|
|
145
147
|
return new Promise((resolve, reject) => {
|
|
146
148
|
const data = response.data;
|
|
147
|
-
if (data.credRequestOptions) {
|
|
149
|
+
if (data === null || data === void 0 ? void 0 : data.credRequestOptions) {
|
|
148
150
|
const requestOptions = data.credRequestOptions;
|
|
149
151
|
this.getCredentials(session, requestOptions, response).then(resolve).catch(reject);
|
|
150
152
|
}
|
|
@@ -26,8 +26,7 @@ class MobileInstantStep {
|
|
|
26
26
|
return new Promise((resolve, reject) => {
|
|
27
27
|
let builder = session.platform
|
|
28
28
|
.getMobileAuthBuilder()
|
|
29
|
-
.withDeviceIpDetection(this.deviceIpDetection)
|
|
30
|
-
.withIpDiscoveryUrl('https://device.payfone.com/whatismyipaddress');
|
|
29
|
+
.withDeviceIpDetection(this.deviceIpDetection);
|
|
31
30
|
switch (this.implementation) {
|
|
32
31
|
case authenticator_builder_1.MobileAuthImplementation.Pixel: {
|
|
33
32
|
builder = builder.withPixelImplementation();
|
|
@@ -56,15 +55,15 @@ class MobileInstantStep {
|
|
|
56
55
|
implementation: this.implementation,
|
|
57
56
|
})
|
|
58
57
|
.then((response) => {
|
|
59
|
-
var _a;
|
|
60
58
|
if (response.error) {
|
|
61
59
|
this.nextBak = response.next;
|
|
62
60
|
this.errorCodeBak = response.error.code;
|
|
63
61
|
reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
|
|
64
62
|
}
|
|
65
63
|
else {
|
|
64
|
+
const data = response.data;
|
|
66
65
|
resolve({
|
|
67
|
-
authUrl:
|
|
66
|
+
authUrl: data ? data.redirectUrl : undefined,
|
|
68
67
|
});
|
|
69
68
|
}
|
|
70
69
|
})
|
|
@@ -10,10 +10,7 @@ export default class MobileInstantLinkStep extends AuthStatusActions implements
|
|
|
10
10
|
private readonly retryStep?;
|
|
11
11
|
private readonly getDeviceIp;
|
|
12
12
|
constructor(startStep?: InstantLinkStartStep, retryStep?: InstantLinkRetryStep, getDeviceIp?: () => string | null);
|
|
13
|
-
private isTestMode;
|
|
14
13
|
execute(session: AuthSession): Promise<string>;
|
|
15
|
-
private getInstantLinkError;
|
|
16
14
|
private runStartStep;
|
|
17
15
|
private runRetryStep;
|
|
18
|
-
private handleTestMode;
|
|
19
16
|
}
|