Common objects
-
The object representing a user account. An
See moreAccount
is created when a FIDO UAF registration is completed successfully.Declaration
Swift
public protocol Account : Encodable, Hashable
-
Collects the Authentication Attestation IDs of all supported
See moreAuthenticator
s.Declaration
Swift
public enum AuthenticatorAaid : String, CaseIterable
-
The username which represents an
Account
Declaration
Swift
public typealias Username = String
-
An object describing an authenticator.
See moreDeclaration
Swift
public protocol Authenticator : Encodable, Equatable
-
An object containing information about the registrations of an authenticator.
See moreDeclaration
Swift
public protocol RegistrationInfo : Encodable
-
The object containing the user enrollment information. Depending on the nature of the authenticator, this object will be either a
OsUserEnrollment
or aSdkUserEnrollment
.Declaration
Swift
public protocol UserEnrollment : Encodable, Equatable
-
The object containing the user enrollment information for an authenticator whose credentials are managed by the operating system (like the FaceID. In this case, there is no notion of
See moreAccount
: either the authenticator is enrolled at the operating system level (for all users) or not.Declaration
Swift
public struct OsUserEnrollment : UserEnrollment
-
The object containing the user enrollment information for an authenticator whose credentials are managed by the SDK (like the PIN authenticator).
See moreDeclaration
Swift
public struct SdkUserEnrollment : UserEnrollment, Hashable
-
Provides the authorization elements required to perform operations on protected resources.
Within NEVIS Mobile Authentication, nevisAuth is also involved if authentication is required to initiate a FIDO operation. When registering with FIDO UAF credentials, the
HTTPClient
must authenticate to obtain some authorization tokens (HTTP cookies, JWT, etc.). So the client can access the protected resource (f.e.: the FIDO UAF registration endpoints) by providing these authorization elements. (This is to avoid that an attacker could initiate and successfully complete operations (like registrations) on behalf of an arbitrary user.)Some operations can also generate an
AuthorizationProvider
what the application can use to access protected resources. This is a typical case of authentication. Once the authentication is completed, some authorization tokens might have been granted.Declaration
Swift
public protocol AuthorizationProvider : Decodable, Encodable
-
An HTTP cookie based
See moreAuthorizationProvider
.Declaration
Swift
public struct CookieAuthorizationProvider : AuthorizationProvider
-
A JWT based
See moreAuthorizationProvider
.Declaration
Swift
public struct JwtAuthorizationProvider : AuthorizationProvider
-
Provides the elements required to run an operation in a session.
When authenticating with FIDO UAF credentials, the
HTTPClient
must provide some authorization tokens (HTTP cookies, JWT, etc.). These authorization elements might already be available, due to a previous authentication. In these cases, FIDO UAF is not used as first factor authentication,SessionProvider
is used to provide the needed authorization elements toHttpClient
for a FIDO UAF authentication.The client can access the protected resource (f.e.: the FIDO UAF registration endpoints) by providing these authorization elements. (This is to avoid that an attacker could initiate and successfully complete operations on behalf of an arbitrary user.)
SessionProvider
provides this functionality.Declaration
Swift
public protocol SessionProvider : Decodable, Encodable
-
A JWT based
See moreSessionProvider
Declaration
Swift
public struct JwtSessionProvider : SessionProvider
-
An HTTP cookie based
See moreSessionProvider
.Declaration
Swift
public struct CookieSessionProvider : SessionProvider
-
This object describes the contents that are sent by nevisFIDO in the out-of-band use case to start an operation (registration, authentication or deregistration).
This object can be obtained from its JSON representation, which is included in a push notification message, in a QR code or in a universal link, depending on the out-of-band mechanism used.
The following example shows how you would obtain the
OutOfBandPayload
based on a JWE (JSON Web Encryption) payload received via Push Notification from the NEVIS Mobile Authentication backend.Usage example:
See morefunc userNotificationCenter(_: UNUserNotificationCenter, didReceive response: UNNotificationResponse, withCompletionHandler completionHandler: @escaping () -> ()) { let pushNotificationHash = response.notification.request.content.userInfo // Convert `pushNotificationHash` to JSON string client.operations.outOfBandPayloadDecode .json(jsonPayload) .onSuccess(oobOperation) .onError { error in ... } .execute() }
Declaration
Swift
public struct OutOfBandPayload : Codable
-
A
RedeemData
instance contains information to be redeemed in order to trigger FIDO UAF operations.The information is extracted from different channels like QR-Code, Push Notification, etc.
See moreDeclaration
Swift
public struct RedeemData : Codable
-
Some of the operations of the SDK allow to retry the operation (or part of the operation). This object defines the different types of retry mode that can be used.
See moreDeclaration
Swift
public enum RetryPolicy : Equatable, Decodable