InBandOperations

public protocol InBandOperations

The InBandOperations protocol specifies the FIDO operations and actions exposed by the SDK.

  • Asks an authenticator to display its specific settings interface.

    Errors

    In case of failure, the following errors can be returned as part of the result:

    • FIDOError.unknown for any other kind of FIDO-related error, including user not responsive, user not enrolled, unable to change or set the credential or other internal errors.

    NOTE: FIDOError.protocolError is thrown in case of multi-account is detected.

    Declaration

    Swift

    func openSettings(userInteractionDelegate: OpenSettingsUserInteractionDelegate, completion handler: @escaping (_ result: Result<(), Error>) -> ())

    Parameters

    userInteractionDelegate

    A delegate object responsible for handling user interaction on the current FIDO operation.

    handler

    A completion handler executed when the operation is completed.

    result

    A single argument that represents either a successful result or a failure with an error.

  • Asks the FIDO Client to register the user with a FIDO authenticator matching the policy defined in the request.

    In case of multiple authenticators matching the given policy and other requirements, the selectAuthenticator(_:completion:) method of the user interaction delegate will be called. The app should then present the list of available authenticators to the user, who can select the one to be used for the registration.

    Errors

    In case of failure, the following errors can be returned as part of the result:

    • NevisError.networking in case of HTTP error while retrieving a RegistrationRequest or sending an RegistrationResponse;
    • NevisError.missingUAFRequest if no RegistrationRequest can be retrieved;
    • NevisError.failedOperation if the UAFStatusCode from the server response does not represent a success;
    • NevisError.failedOperation with UAF status code 1498 if a dispatch target configuration is provided, and the FIDO UAF contents are successfully validated but it is not possible to create the dispatch target.
    • Any kind of FIDOError for FIDO-related errors.

    Declaration

    Swift

    func register(username: Username, dispatchTargetConfiguration: DispatchTargetConfiguration?, authorizationProvider: AuthorizationProvider?, userInteractionDelegate: UserInteractionDelegate, completion handler: @escaping (Result<(), Error>) -> ())

    Parameters

    username

    Username to authenticate the user to nevisAuth in order to initiate a FIDO registration process.

    dispatchTargetConfiguration

    An optional configuration to be provided if the registration together with dispatch target is intended. This prevents the client from having to create a dispatch target separately.

    authorizationProvider

    An optional AuthorizationProviderto provide credentials required to perform authorization, if the FIDO UAF registration endpoint is protected and requires authorization.

    userInteractionDelegate

    A delegate object responsible for handling user interaction on the current FIDO operation.

    handler

    A completion handler executed when the registration is completed.

    result

    A single argument that represents either a successful result or a failure with an error.

  • Asks the FIDO Client to deregister user keys for one authenticators.

    Errors

    In case of failure, the following errors can be returned as part of the result:

    NOTE: FIDOError.protocolError is thrown in case of multi-account is detected.

    Declaration

    Swift

    func deregisterAuthenticator(authorizationProvider: AuthorizationProvider?, userInteractionDelegate: DeregistrationUserInteractionDelegate, completion handler: @escaping (Result<(), Error>) -> ())

    Parameters

    authorizationProvider

    An optional AuthorizationProvider to provide credentials required to perform authorization, if the FIDO UAF deregistration endpoint is protected and requires authorization.

    userInteractionDelegate

    A delegate object responsible for handling user interaction on the current FIDO operation.

    handler

    A completion handler executed when the deregistration is completed.

    result

    A single argument that represents either a successful result or a failure with an error.

  • Asks the FIDO Client to deregister user keys for all authenticators registered to an account.

    In case of deregistration of multiple keys or authenticators, the operation will succeed if all deregistrations work, or stop after the first error occurs.

    Errors

    In case of failure, the following errors can be returned as part of the result:

    NOTE: FIDOError.protocolError is thrown in case of multi-account is detected.

    Declaration

    Swift

    func deregisterDevice(authorizationProvider: AuthorizationProvider?, userInteractionDelegate: DeregistrationUserInteractionDelegate, completion handler: @escaping (Result<(), Error>) -> ())

    Parameters

    authorizationProvider

    An optional AuthorizationProvider to provide credentials required to perform authorization, if the FIDO UAF deregistration endpoint is protected and requires authorization.

    userInteractionDelegate

    A delegate object responsible for handling user interaction on the current FIDO operation.

    handler

    A completion handler executed when the deregistration is completed.

    result

    A single argument that represents either a successful result or a failure with an error.

  • Asks the FIDO Client to authenticate user with server-specified authenticators, and return a valid credential.

    Important

    In order for this operation to succeed, the authenticator and the relying party must have a previously shared registration.

    Errors

    In case of failure, the following errors can be returned as part of the result:

    NOTE: FIDOError.protocolError is thrown in case of multi-account is detected.

    Declaration

    Swift

    func authenticate(sessionProvider: SessionProvider?, userInteractionDelegate: UserInteractionDelegate, completion handler: @escaping (Result<AuthorizationProvider, Error>) -> ())

    Parameters

    sessionProvider

    An optional session provider to pass authorization information required to the authentication.

    userInteractionDelegate

    A delegate object responsible for handling user interaction on the current FIDO operation.

    handler

    A completion handler executed when the authentication is completed.

    result

    A single argument that represents either a success with an authorization provider or a failure with an error.