0.3.16 • Published 2 years ago

@futoin/security v0.3.16

Weekly downloads
15
License
Apache-2.0
Repository
github
Last release
2 years ago

NPM Version NPM Downloads Build Status stable

NPM

About

FutoIn Security Concept is alternative to token based authentication & authorization mechanisms.

Features:

  • FutoIn SecVault sensitive data storage security
  • User & configuration management (FTN8):
  • Stateless Authentication (FTN8.1):
    • Clear text
    • Message Authentication Code (HMAC with static key)
  • Master Secret Authentication (FTN8.2):
    • multiple master keys with custom scope support
    • derived key per each peer
    • automatic time-based derived key rotation
    • optional automatic master key rotation

Documentation --> FutoIn Guide

Reference implementation of:

Author: Andrey Galkin

Installation for Node.js

Command line:

$ npm install @futoin/security --save

or:

$ yarn add @futoin/security --save

Examples

API documentation

Classes

CachedManageService

FTN8: Cached Manage Service

Kind: global class

new CachedManageService(scope, options)

C-tor

ParamTypeDefaultDescription
scopeobjectscope of related services
optionsobjectpassed to superclass c-tor
options.scopeintegermain.globalScopescope state

ManageFace

Manage Face

Kind: global class

ManageService

FTN8: main Manage Service

Kind: global class

MasterAutoregFace

FTN8.2: Master Auth Face

Kind: global class

MasterAuthService

FTN8.2: Master Auth Service

Kind: global class

MasterAutoregFace

FTN8.2: Master Auth Auto-registration Face

Kind: global class

MasterAutoregService

FTN8.2: Master Auth Auto-registration Service

Kind: global class

MasterManageFace

FTN8.2: Master Auth Manage Face

Kind: global class

MasterManageService

FTN8.2: Master Auth Manage Service

Kind: global class

ServiceApp

All-in-one AuthService initialization

Kind: global class

new ServiceApp(as, options)

C-tor

ParamTypeDefaultDescription
asAsyncStepsAsyncSteps interface
optionsobject{}options
options.ccmAdvancedCCMexternal CCM instance
options.publicExecutorExecutorexternal public executor instance
options.privateExecutorExecutorexternal private executor instance
options.storagePasswordstringBase64 encoded KEK for storage
options.configobjectconfig overrides for MasterService
options.ccmOptionsobjectauto-CCM options
options.notExpectedHandlercallable'notExpected' error handler
options.privateExecutorOptionsobjectprivate auto-Executor options
options.publicExecutorOptionsobjectpublic auto-Executor options
options.evtOptionsobjecteventstream options
options.secVaultOptionsobjectsecure vault options
options.securityOptionsobjectsecurity interface options

serviceApp.ccm() ⇒ AdvancedCCM

CCM instance accessor

Kind: instance method of ServiceApp
Returns: AdvancedCCM - instance

serviceApp.executor() ⇒ Executor

Executor instance accessor

Kind: instance method of ServiceApp
Returns: Executor - instance

serviceApp.close(done)

Shutdown of app and related instances

Kind: instance method of ServiceApp

ParamTypeDefaultDescription
donecallabledone callback

SimpleSecurityProvider

Simple passthru FTN8 security provider for Executor.

NOTE: it's suitable for lightweight services without own SecVault.

Kind: global class

SatelessAuthFace

FTN8.1: Stateless AuthService Face

Kind: global class

StatelessAuthService

Manage Service

Kind: global class

StatelessManageFace

FTN8.1: Stateless Manage Face

Kind: global class

StatelessManageService

FTN8.1.: Stateless Manage Service

Kind: global class

StaticMasterAuth

MasterAuth implementation for AdvancedCCM with static Master Key

NOTE: this implementation rotates only derived keys

Kind: global class

new StaticMasterAuth(options, keyId, keyData, paramFormat, kds, macAlgo)

C-tor

ParamTypeDefaultDescription
optionsobjectOptions
keyIdstringmaster key ID
keyDatastringmaster key data in Base64
paramFormatstring"YYYYMMDD"format for derivation parameter
kdsstring"HKDF256"key derivation strategy
macAlgostring"HS256"MAC algorithm

BaseFace

Base Face with neutral common registration functionality

Kind: global class
Note: Not official API

BaseFace.LATEST_VERSION

Latest supported FTN13 version

Kind: static property of BaseFace

BaseFace.PING_VERSION

Latest supported FTN4 version

Kind: static property of BaseFace

BaseFace.register(as, ccm, name, endpoint, credentials, options)

CCM registration helper

Kind: static method of BaseFace

ParamTypeDefaultDescription
asAsyncStepssteps interface
ccmAdvancedCCMCCM instance
namestringCCM registration name
endpoint*see AdvancedCCM#register
credentials*see AdvancedCCM#register
optionsobject{}interface options
options.versionstring"1.0"interface version to use

BaseService

Base Service with common registration logic

Kind: global class

new BaseService(scope, options)

C-tor

ParamTypeDescription
scopeobjectscope of related services
optionsobjectpassed to superclass c-tor

BaseService.register(as, executor, scope, options) ⇒ BaseService

Register Service with Executor

Kind: static method of BaseService
Returns: BaseService - instance

ParamTypeDescription
asAsyncStepssteps interface
executorExecutorexecutor instance
scopeobjectscope of related services
optionsobjectimplementation defined options
0.3.16

2 years ago

0.3.15

4 years ago

0.3.14

4 years ago

0.3.13

5 years ago

0.3.12

5 years ago

0.3.11

6 years ago

0.3.10

6 years ago

0.3.9

6 years ago

0.3.8

7 years ago

0.3.7

7 years ago

0.3.6

7 years ago

0.3.5

7 years ago

0.3.4

7 years ago

0.3.3

7 years ago

0.3.2

7 years ago

0.3.1

7 years ago