nodejs/hanko
1
0
Fork 0
mirror of https://github.com/teamhanko/hanko.git synced 2025-10-31 08:35:47 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
hanko/docs/static/jsdoc/hanko-frontend-sdk/lib_client_WebauthnClient.ts.html
bjoern-m ca62cf421f feat: introduce hanko profile element and related api changes (#495) 
* feat: introduce hanko profile element and related api changes
2023-01-25 10:55:23 +01:00

415 lines
15 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title> lib/client/WebauthnClient.ts</title>
<script src="https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/run_prettify.js"></script>
<script src="https://unpkg.com/@babel/standalone/babel.min.js"></script>
<script src="./build/entry.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="https://fonts.googleapis.com/css?family=Roboto:100,400,700|Inconsolata,700" rel="stylesheet">
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.3/css/all.css" integrity="sha384-UHRtZLI+pbxtHCWp1t77Bi1L4ZtiqrqD80Kn4Z8NTSRyMA2Fd33n5dQ8lWUE00s/" crossorigin="anonymous">
<link type="text/css" rel="stylesheet" href="https://jmblog.github.io/color-themes-for-google-code-prettify/themes/tomorrow-night.min.css">
<link type="text/css" rel="stylesheet" href="styles/app.min.css">
<link type="text/css" rel="stylesheet" href="styles/iframe.css">
<link type="text/css" rel="stylesheet" href="">
<script async defer src="https://buttons.github.io/buttons.js"></script>
</head>
<body class="layout small-header">
<div id="stickyNavbarOverlay"></div>
<div class="top-nav">
<div class="inner">
<a id="hamburger" role="button" class="navbar-burger" aria-label="menu" aria-expanded="false">
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
</a>
<div class="logo">
</div>
<div class="menu">
<div class="navigation">
<a
href="index.html"
class="link"
>
Documentation
</a>
</div>
</div>
</div>
</div>
<div id="main">
<div
class="sidebar "
id="sidebarNav"
>
<nav>
<h2><a href="index.html">Documentation</a></h2><div class="category"><h3>Classes</h3><ul><li><a href="Hanko.html">Hanko</a></li></ul></div><div class="category"><h2>SDK</h2><h3>Classes / Internal</h3><ul><li><a href="Client.html">Client</a></li><li><a href="Headers.html">Headers</a></li><li><a href="HttpClient.html">HttpClient</a></li><li><a href="PasscodeState.html">PasscodeState</a></li><li><a href="PasswordState.html">PasswordState</a></li><li><a href="Response.html">Response</a></li><li><a href="State.html">State</a></li><li><a href="UserState.html">UserState</a></li><li><a href="WebauthnState.html">WebauthnState</a></li></ul><h3>Classes / Clients</h3><ul><li><a href="ConfigClient.html">ConfigClient</a></li><li><a href="EmailClient.html">EmailClient</a></li><li><a href="PasscodeClient.html">PasscodeClient</a></li><li><a href="PasswordClient.html">PasswordClient</a></li><li><a href="UserClient.html">UserClient</a></li><li><a href="WebauthnClient.html">WebauthnClient</a></li></ul><h3>Classes / Errors</h3><ul><li><a href="ConflictError.html">ConflictError</a></li><li><a href="EmailAddressAlreadyExistsError.html">EmailAddressAlreadyExistsError</a></li><li><a href="HankoError.html">HankoError</a></li><li><a href="InvalidPasscodeError.html">InvalidPasscodeError</a></li><li><a href="InvalidPasswordError.html">InvalidPasswordError</a></li><li><a href="InvalidWebauthnCredentialError.html">InvalidWebauthnCredentialError</a></li><li><a href="MaxNumOfEmailAddressesReachedError.html">MaxNumOfEmailAddressesReachedError</a></li><li><a href="MaxNumOfPasscodeAttemptsReachedError.html">MaxNumOfPasscodeAttemptsReachedError</a></li><li><a href="NotFoundError.html">NotFoundError</a></li><li><a href="PasscodeExpiredError.html">PasscodeExpiredError</a></li><li><a href="RequestTimeoutError.html">RequestTimeoutError</a></li><li><a href="TechnicalError.html">TechnicalError</a></li><li><a href="TooManyRequestsError.html">TooManyRequestsError</a></li><li><a href="UnauthorizedError.html">UnauthorizedError</a></li><li><a href="UserVerificationError.html">UserVerificationError</a></li><li><a href="WebauthnRequestCancelledError.html">WebauthnRequestCancelledError</a></li></ul><h3>Classes / Utilities</h3><ul><li><a href="WebauthnSupport.html">WebauthnSupport</a></li></ul><h3>Interfaces / DTO</h3><ul><li><a href="Config.html">Config</a></li><li><a href="Credential.html">Credential</a></li><li><a href="Email.html">Email</a></li><li><a href="EmailConfig.html">EmailConfig</a></li><li><a href="Emails.html">Emails</a></li><li><a href="Passcode.html">Passcode</a></li><li><a href="PasswordConfig.html">PasswordConfig</a></li><li><a href="User.html">User</a></li><li><a href="UserInfo.html">UserInfo</a></li><li><a href="WebauthnCredential.html">WebauthnCredential</a></li><li><a href="WebauthnCredentials.html">WebauthnCredentials</a></li><li><a href="WebauthnFinalized.html">WebauthnFinalized</a></li><li><a href="WebauthnTransports.html">WebauthnTransports</a></li></ul><h3>Interfaces / Internal</h3><ul><li><a href="LocalStorage.html">LocalStorage</a></li><li><a href="LocalStoragePasscode.html">LocalStoragePasscode</a></li><li><a href="LocalStoragePassword.html">LocalStoragePassword</a></li><li><a href="LocalStorageUser.html">LocalStorageUser</a></li><li><a href="LocalStorageUsers.html">LocalStorageUsers</a></li><li><a href="LocalStorageWebauthn.html">LocalStorageWebauthn</a></li></ul></div>
</nav>
</div>
<div class="core" id="main-content-wrapper">
<div class="content">
<header class="page-title">
<p>Source</p>
<h1>lib/client/WebauthnClient.ts</h1>
</header>
<section>
<article>
<pre class="prettyprint source linenums"><code>import {
create as createWebauthnCredential,
get as getWebauthnCredential,
} from "@github/webauthn-json";
import { WebauthnSupport } from "../WebauthnSupport";
import { Client } from "./Client";
import { PasscodeState } from "../state/PasscodeState";
import { WebauthnState } from "../state/WebauthnState";
import {
InvalidWebauthnCredentialError,
TechnicalError,
UnauthorizedError,
WebauthnRequestCancelledError,
UserVerificationError,
} from "../Errors";
import {
Attestation,
User,
WebauthnFinalized,
WebauthnCredentials,
} from "../Dto";
/**
* A class that handles WebAuthn authentication and registration.
*
* @constructor
* @category SDK
* @subcategory Clients
* @extends {Client}
*/
class WebauthnClient extends Client {
webauthnState: WebauthnState;
passcodeState: PasscodeState;
controller: AbortController;
_getCredential = getWebauthnCredential;
_createCredential = createWebauthnCredential;
// eslint-disable-next-line require-jsdoc
constructor(api: string, timeout = 13000) {
super(api, timeout);
/**
* @public
* @type {WebauthnState}
*/
this.webauthnState = new WebauthnState();
/**
* @public
* @type {PasscodeState}
*/
this.passcodeState = new PasscodeState();
}
/**
* Performs a WebAuthn authentication ceremony. When 'userID' is specified, the API provides a list of
* allowed credentials and the browser is able to present a list of suitable credentials to the user.
*
* @param {string=} userID - The user's UUID.
* @param {boolean=} useConditionalMediation - Enables autofill assisted login.
* @return {Promise&lt;void>}
* @throws {WebauthnRequestCancelledError}
* @throws {InvalidWebauthnCredentialError}
* @throws {RequestTimeoutError}
* @throws {TechnicalError}
* @see https://docs.hanko.io/api/public#tag/WebAuthn/operation/webauthnLoginInit
* @see https://docs.hanko.io/api/public#tag/WebAuthn/operation/webauthnLoginFinal
* @see https://www.w3.org/TR/webauthn-2/#authentication-ceremony
*/
async login(
userID?: string,
useConditionalMediation?: boolean
): Promise&lt;void> {
const challengeResponse = await this.client.post(
"/webauthn/login/initialize",
{ user_id: userID }
);
if (!challengeResponse.ok) {
throw new TechnicalError();
}
const challenge = challengeResponse.json();
challenge.signal = this._createAbortSignal();
if (useConditionalMediation) {
// `CredentialMediationRequirement` doesn't support "conditional" in the current typescript version.
challenge.mediation = "conditional" as CredentialMediationRequirement;
}
let assertion;
try {
assertion = await this._getCredential(challenge);
} catch (e) {
throw new WebauthnRequestCancelledError(e);
}
const assertionResponse = await this.client.post(
"/webauthn/login/finalize",
assertion
);
if (assertionResponse.status === 400 || assertionResponse.status === 401) {
throw new InvalidWebauthnCredentialError();
} else if (!assertionResponse.ok) {
throw new TechnicalError();
}
const finalizeResponse: WebauthnFinalized = assertionResponse.json();
this.webauthnState
.read()
.addCredential(finalizeResponse.user_id, finalizeResponse.credential_id)
.write();
this.passcodeState.read().reset(userID).write();
return;
}
/**
* Performs a WebAuthn registration ceremony.
*
* @return {Promise&lt;void>}
* @throws {WebauthnRequestCancelledError}
* @throws {RequestTimeoutError}
* @throws {UnauthorizedError}
* @throws {TechnicalError}
* @throws {UserVerificationError}
* @see https://docs.hanko.io/api/public#tag/WebAuthn/operation/webauthnRegInit
* @see https://docs.hanko.io/api/public#tag/WebAuthn/operation/webauthnRegFinal
* @see https://www.w3.org/TR/webauthn-2/#sctn-registering-a-new-credential
*/
async register(): Promise&lt;void> {
const challengeResponse = await this.client.post(
"/webauthn/registration/initialize"
);
if (challengeResponse.status >= 400 &amp;&amp; challengeResponse.status &lt;= 499) {
throw new UnauthorizedError();
} else if (!challengeResponse.ok) {
throw new TechnicalError();
}
const challenge = challengeResponse.json();
challenge.signal = this._createAbortSignal();
let attestation;
try {
attestation = (await this._createCredential(challenge)) as Attestation;
} catch (e) {
throw new WebauthnRequestCancelledError(e);
}
// The generated PublicKeyCredentialWithAttestationJSON object does not align with the API. The list of
// supported transports must be available under a different path.
attestation.transports = attestation.response.transports;
const attestationResponse = await this.client.post(
"/webauthn/registration/finalize",
attestation
);
if (
attestationResponse.status >= 400 &amp;&amp;
attestationResponse.status &lt;= 499
) {
if (attestationResponse.status === 422) {
throw new UserVerificationError();
}
throw new UnauthorizedError();
}
if (!attestationResponse.ok) {
throw new TechnicalError();
}
const finalizeResponse: WebauthnFinalized = attestationResponse.json();
this.webauthnState
.read()
.addCredential(finalizeResponse.user_id, finalizeResponse.credential_id)
.write();
return;
}
/**
* Returns a list of all WebAuthn credentials assigned to the current user.
*
* @return {Promise&lt;WebauthnCredentials>}
* @throws {UnauthorizedError}
* @throws {RequestTimeoutError}
* @throws {TechnicalError}
* @see https://docs.hanko.io/api/public#tag/WebAuthn/operation/listCredentials
*/
async listCredentials(): Promise&lt;WebauthnCredentials> {
const response = await this.client.get("/webauthn/credentials");
if (response.status === 401) {
throw new UnauthorizedError();
} else if (!response.ok) {
throw new TechnicalError();
}
return response.json();
}
/**
* Updates the WebAuthn credential.
*
* @param {string=} credentialID - The credential's UUID.
* @param {string} name - The new credential name.
* @return {Promise&lt;void>}
* @throws {NotFoundError}
* @throws {UnauthorizedError}
* @throws {RequestTimeoutError}
* @throws {TechnicalError}
* @see https://docs.hanko.io/api/public#tag/WebAuthn/operation/updateCredential
*/
async updateCredential(credentialID: string, name: string): Promise&lt;void> {
const response = await this.client.patch(
`/webauthn/credentials/${credentialID}`,
{
name,
}
);
if (response.status === 401) {
throw new UnauthorizedError();
} else if (!response.ok) {
throw new TechnicalError();
}
return;
}
/**
* Deletes the WebAuthn credential.
*
* @param {string=} credentialID - The credential's UUID.
* @return {Promise&lt;void>}
* @throws {NotFoundError}
* @throws {UnauthorizedError}
* @throws {RequestTimeoutError}
* @throws {TechnicalError}
* @see https://docs.hanko.io/api/public#tag/WebAuthn/operation/deleteCredential
*/
async deleteCredential(credentialID: string): Promise&lt;void> {
const response = await this.client.delete(
`/webauthn/credentials/${credentialID}`
);
if (response.status === 401) {
throw new UnauthorizedError();
} else if (!response.ok) {
throw new TechnicalError();
}
return;
}
/**
* Determines whether a credential registration ceremony should be performed. Returns 'true' when WebAuthn
* is supported and the user's credentials do not intersect with the credentials already known on the
* current browser/device.
*
* @param {User} user - The user object.
* @return {Promise&lt;boolean>}
*/
async shouldRegister(user: User): Promise&lt;boolean> {
const supported = WebauthnSupport.supported();
if (!user.webauthn_credentials || !user.webauthn_credentials.length) {
return supported;
}
const matches = this.webauthnState
.read()
.matchCredentials(user.id, user.webauthn_credentials);
return supported &amp;&amp; !matches.length;
}
// eslint-disable-next-line require-jsdoc
_createAbortSignal() {
if (this.controller) {
this.controller.abort();
}
this.controller = new AbortController();
return this.controller.signal;
}
}
export { WebauthnClient };
</code></pre>
</article>
</section>
</div>
<footer class="footer">
<div class="content has-text-centered">
<p>Documentation generated by <a href="https://github.com/jsdoc3/jsdoc">JSDoc 3.6.11</a></p>
<p class="sidebar-created-by">
<a href="https://github.com/SoftwareBrothers/better-docs" target="_blank">BetterDocs theme</a> provided with <i class="fas fa-heart"></i> by
<a href="http://softwarebrothers.co" target="_blank">SoftwareBrothers - JavaScript Development Agency</a>
</p>
</div>
</footer>
</div>
<div id="side-nav" class="side-nav">
</div>
</div>
<script src="scripts/app.min.js"></script>
<script>PR.prettyPrint();</script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink