Cyberuskey-sdk NPM

What is Cyberus Key?

Your users will never need to remember or input a password again with Cyberus Key, our one-touch universal, user authentication system.

Now you can guarantee your customers the highest level of protection against phishing attacks, identity and data theft,and more. By removing the risk of stolen passwords or credentials, you can eliminate one of the biggest cyber security threats.

Cyberus Key SDK

Cyberus Key SDK is a tiny library that provides a full support for Cyberys Key's password-less authentication which implements the OpenID Connect protocol.

How to install

With NPM:

npm install cyberuskey-sdk

With Yarn:

yarn add cyberuskey-sdk

You can also get a minified file from JSDelivr's CDN:

<script src="https://cdn.jsdelivr.net/npm/cyberuskey-sdk@0.0.4/dist/sdk.es6.min.js" type="text/javascript"></script>

<script type="text/javascript">
  console.log(window['cyberuskey-sdk']);
</script>

Documentation

Classes

CyberusKeyAPI

Kind: global class

CyberusKeyAPI
- new CyberusKeyAPI()
- instance
  - .createSession(clientId, [geo], [origin]) ⇒ Promise.<string>
  - .isOutOfService() ⇒ Promise.<boolean>
  - .getOTPSound(session) ⇒ Promise.<string>
  - .getAuthenticationEndpointUrl(sessionId, scope, clientId, redirectUri, [state], [nonce], [responseType]) ⇒
  - .navigateAuthentication(clientId, redirectUri, scope, navigator, session, [origin], [state], [nonce], [responseType]) ⇒ Promise.<void>
- static
  - .CyberusKeyAPI
    - new CyberusKeyAPI(hostUrl, [geoProvider], [delayMs])

new CyberusKeyAPI()

cyberusKeyAPI.createSession(clientId, geo, origin) ⇒ Promise.<string>

Kind: instance method of CyberusKeyAPI
Returns: Promise.<string> - The Cyberus Key session id.
Throws:

Param	Type	Description
clientId	string	Public client ID generated during creating the account.
geo	Geolocation	Give a value if you want to pass optional geolocation measurement. It can be later use to compare it against the mobile's measurement (if you have set fail_on_geo_mismatch). Those measurements can be used also to general improvement of the security.
origin	string	The origin domain of the request being made. If null then the Referer header will be used.

cyberusKeyAPI.isOutOfService() ⇒ Promise.<boolean>

Kind: instance method of CyberusKeyAPI
Returns: Promise.<boolean> - flag indicating if the authentication server is available.

cyberusKeyAPI.getOTPSound(session) ⇒ Promise.<string>

Kind: instance method of CyberusKeyAPI
Returns: Promise.<string> - string with url to the sound.
Throws:

Param	Type	Description
session	Session	Cyberus Key's session generated by a user for a login.

cyberusKeyAPI.getAuthenticationEndpointUrl(sessionId, scope, clientId, redirectUri, state, nonce, responseType) ⇒

Kind: instance method of CyberusKeyAPI
Returns: OpenID's Authentication endpoint URL
Throws:

Param	Type	Default	Description
sessionId			unique id created for the specific login and connected to the specific otp
scope	OpenIdScopeParser		Each scope returns a set of user attributes, which are called claims. Once the user authorizes the requested scopes, the claims are returned in an ID Token.
clientId	string		Public client ID generated during creating the account.
redirectUri	string		Redirect URI to which the response will be sent. If the value is not whitelisted then the request will fail.
state	string		RECOMMENDED. Opaque value used to maintain state between the request and the callback. Typically, CSRF, XSRF mitigation is done by cryptographically binding the value of this parameter with a browser cookie. The state parameter preserves some state object set by the client in the Authentication request and makes it available to the client in the response. It’s that unique and non-guessable value that allows you to prevent the attack by confirming if the value coming from the response matches the one you expect (the one you generated when initiating the request). The state parameter is a string so you can encode any other information in it.
nonce	string		String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values.
responseType	string	"'code'"	OpenId response type. The default is code (Code Flow, involving the front-channel and backchannel).

cyberusKeyAPI.navigateAuthentication(clientId, redirectUri, scope, navigator, session, origin, state, nonce, responseType) ⇒ Promise.<void>

Kind: instance method of CyberusKeyAPI

Param	Type	Default	Description
clientId	string		Public client ID generated during creating the account.
redirectUri	string		Redirect URI to which the response will be sent. If the value is not whitelisted then the request will fail.
scope	OpenIdScopeParser		Each scope returns a set of user attributes, which are called claims. Once the user authorizes the requested scopes, the claims are returned in an ID Token.
navigator	Navigator		Class describes an action that will be done to Authentication URL. For browsers it will be a page redirection.
session			Session id
origin	string		The origin domain of the request being made. If null then the Referer header will be used.
state	string		RECOMMENDED. Opaque value used to maintain state between the request and the callback. Typically, CSRF, XSRF mitigation is done by cryptographically binding the value of this parameter with a browser cookie. The state parameter preserves some state object set by the client in the Authentication request and makes it available to the client in the response. It’s that unique and non-guessable value that allows you to prevent the attack by confirming if the value coming from the response matches the one you expect (the one you generated when initiating the request). The state parameter is a string so you can encode any other information in it.
nonce	string		String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values.
responseType	string	"'code'"	OpenId response type. The default is code (Code Flow, involving the front-channel and backchannel).

CyberusKeyAPI.CyberusKeyAPI

Kind: static class of CyberusKeyAPI

new CyberusKeyAPI(hostUrl, geoProvider, delayMs)

Param	Type	Default	Description
hostUrl	string		Base URL of the host server, e.g. https://api.cyberuskey.com
geoProvider	GeoProvider		Geolocalization provider. Use specific implementation like HTML5GeoProvider.
delayMs	number	600	Delay (ms) between making an Authentication request and a sound playing.

LoginOptions

Kind: global class

LoginOptions
- new LoginOptions()
- .responseType : string
- .display : string
- .prompt : string
- .theme : string

new LoginOptions()

LoginOptions.responseType : string

Kind: static property of LoginOptions

Param	Type	Default	Description
responseType	string	"'code'"	OpenId response type. The default is code (Code Flow, involving the front-channel and backchannel).

LoginOptions.display : string

Kind: static property of LoginOptions

Param	Type	Description
display	string	It specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User. Default and the only supported value is page.

LoginOptions.prompt : string

Kind: static property of LoginOptions

Param	Type	Description
prompt	string	Space delimited, case sensitive list of string values that specifies whether the Authorization Server prompts the End-User for reauthentication and consent. The defined values are: login, none. Default is login,none. Can't be changed for now.

LoginOptions.theme : string

Kind: static property of LoginOptions

OpenIdScopeParser

Kind: global class

OpenIdScopeParser
- new OpenIdScopeParser()
- .addEmail() ⇒ this
- .addProfile() ⇒ this
- .getValue() ⇒ string

new OpenIdScopeParser()

openIdScopeParser.addEmail() ⇒ this

Kind: instance method of OpenIdScopeParser

openIdScopeParser.addProfile() ⇒ this

Kind: instance method of OpenIdScopeParser

openIdScopeParser.getValue() ⇒ string

Kind: instance method of OpenIdScopeParser

Session

Kind: global class

Session
- new Session()
- .Session : Date
  - new Session()

new Session()

Session.Session : Date

Kind: static class of Session

new Session()

Geolocation

Kind: global class

Geolocation
- new Geolocation()
- .latitude : number
- .longitude : number
- .accuracy : number

new Geolocation()

geolocation.latitude : number

Kind: instance property of Geolocation
Read only: true

geolocation.longitude : number

Kind: instance property of Geolocation
Read only: true

geolocation.accuracy : number

Kind: instance property of Geolocation
Read only: true

HTML5GeoProvider

Kind: global class
Implements: GeoProvider

HTML5GeoProvider

new HTML5GeoProvider()

htmL5GeoProvider.getGeo() ⇒ Promise.<Geolocation>

Kind: instance method of HTML5GeoProvider
Returns: Promise.<Geolocation> - Geolocalization measurement.

HTML5GeoProvider.HTML5GeoProvider

Kind: static class of HTML5GeoProvider

new HTML5GeoProvider(enableHighAccuracy, navigator, numOfTriesBeforeGpsActivates, onPermissionDialog)

Param	Type	Default	Description
enableHighAccuracy	boolean	false	Forces high accuracy of the geolocation. It may take longer.
navigator	Navigator	window.navigator
numOfTriesBeforeGpsActivates			The GPS localization will be used only after n unsuccessful tries. By unsuccessful try we define the number of times the authentication resulted in session not found error.
onPermissionDialog			Leave an implementation of the additional information dialog to appear before site asks for localization permission for the caller to handle. It takes a function with default message as parameter