nevis_mobile_authentication_sdk library

Nevis Mobile Authentication SDK

The Nevis Mobile Authentication SDK for Flutter is a plugin which is part of the NEVIS Mobile Authentication solution. The NEVIS Mobile Authentication solution enables secure and seamless authentication by letting users verify their identity via their mobile device.

The framework enables applications to leverage FIDO authentication capabilities as implemented in the NEVIS Mobile Authentication backend. The plugin can be embedded in Flutter applications to provide an implementation of mobile authentication use cases such as registration, web and out-of-band authentication, in-app authentication, transaction confirmation and deregistration.

Classes

Account
The object representing a user account.
AccountSelectionContext
The service returning the information required to choose the account to be used.
AccountSelectionHandler
The objects consuming the outcome of an interaction where the user chooses the account to be used.
AccountSelector
The object in charge of selecting an account.
AndroidMetaData
The object containing information about the native Android Nevis Mobile Authentication SDK.
AuthCloudApiClockSkewTooBig
The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
AuthCloudApiDecryptionError
The encrypted contents of the Auth Cloud API response could not be decrypted.
AuthCloudApiDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
AuthCloudApiError
An error occurred during auth cloud api registration.
AuthCloudApiFidoError
An error that indicates that a FIDO UAF error occurred during an operation.
AuthCloudApiMalformedPayload
A problem with the provided Auth Cloud API response occurred.
AuthCloudApiNetworkError
A network error occurred while redeeming the token: either the server was not reachable or it returned an HTTP error.
AuthCloudApiNoDeviceLockError
The device has no secure lock screen.
AuthCloudApiRegistration
The object that can be used to trigger a registration operation from the response to the Authentication Cloud API enroll request.
AuthCloudApiTokenAlreadyRedeemed
The token was already redeemed.
AuthCloudApiTokenExpired
The token has expired.
AuthCloudApiUnknownError
Unknown operation error, handling not categorized error cases.
Authentication
The object that can be used to trigger an authentication operation.
AuthenticationDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
AuthenticationError
An extension of MobileAuthenticationClientError for the Authentication operation.
AuthenticationFidoError
An error that indicates that a FIDO UAF error occurred during an operation.
AuthenticationNetworkError
A network error occurred while redeeming the token: either the server was not reachable or it returned an HTTP error.
AuthenticationNoDeviceLockError
The device has no secure lock screen.
AuthenticationUnknownError
Unknown error, handling not categorized error cases.
Authenticator
An object describing an authenticator.
AuthenticatorSelectionContext
The service returning the information required to choose the authenticator to be used.
AuthenticatorSelectionHandler
The objects consuming the outcome of an interaction where the user chooses the authenticator to be used.
AuthenticatorSelector
The object in charge of selecting the authenticator to be used to perform an operation.
AuthorizationProvider
Provides the authorization elements required to perform protected operations.
BiometricPromptOptions
Defines the elements of the biometric prompt (title, description and cancel button text).
BiometricUserVerificationContext
The object providing information about the biometric user verification (i.e. the user credential validation) operation to be done.
BiometricUserVerificationHandler
The objects consuming the outcome of an interaction where the user provides biometric credentials.
BiometricUserVerifier
The object in charge of interacting with the user to do biometric authentication.
CancellableHandler
The interface that operation or user interaction handlers are derived from.
Configuration
The Mobile Authentication Client configuration.
ConstantRetryPolicy
The operation will be retried periodically with a maximum number of tries.
CookieAuthorizationProvider
An HTTP cookie based authorization provider.
CookieContainer
A container that holds a cookie and an uri that belongs to the cookie.
CookieSessionProvider
An HTTP cookie based session provider.
DeleteAuthenticatorError
The error which is thrown by LocalData.deleteAuthenticator in case of any error occurs. For instance if the provided AAID is not known, or if an error occurred during deleting the associated FIDO UAF credentials.
DeleteAuthenticatorUnknownError
Unknown error, handling not categorized error cases.
Deregistration
The object that can be used to trigger an deregistration operation.
DeviceInformation
The object containing information of the device where the SDK is running.
DeviceInformationChange
The object that changes the device information.
DeviceInformationChangeClockSkewTooBig
The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
DeviceInformationChangeDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
DeviceInformationChangeError
The error that can occur with operations related to a DeviceInformation.
DeviceInformationChangeNameAlreadyExists
There is already a device information with the provided name. All the device information names of a given user must be unique.
DeviceInformationChangeNetworkError
A network error occurred.
DeviceInformationChangeNoDeviceLockError
The device has no secure lock screen.
DeviceInformationChangeNotFound
The device information to be updated could not be found.
DeviceInformationChangeUnknownError
Unknown device information change error, handling not categorized error cases.
DeviceInformationCheck
The operation retrieving the mismatches that exist between the configuration in the server and in the mobile device application.
DeviceInformationCheckClockSkewTooBig
The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
DeviceInformationCheckDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
DeviceInformationCheckError
The error that can occur with operations related to a DeviceInformationCheck.
DeviceInformationCheckForbidden
An error that indicates that the SDK could not access the credentials in the backend.
DeviceInformationCheckNetworkError
A network error occurred.
DeviceInformationCheckNoDeviceLockError
The device has no secure lock screen.
DeviceInformationCheckOperationNotSupportedByBackend
The backend does not support the retrieval of credentials.
DeviceInformationCheckResult
This is the result of the DeviceInformationCheck operation.
DeviceInformationCheckUnknownError
Unknown device information check error, handling not categorized error cases.
DeviceInformationMismatch
The configuration mismatches between the server and the mobile device application.
DeviceInformationSync
The operation that can be executed to correct the DeviceInformationMismatch problems that were found in a DeviceInformationCheck.
DeviceInformationSyncClockSkewTooBig
The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
DeviceInformationSyncDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
DeviceInformationSyncError
The error that can occur with operations related to a DeviceInformationSync.
DeviceInformationSyncNetworkError
A network error occurred.
DeviceInformationSyncNoDeviceLockError
The device has no secure lock screen.
DeviceInformationSyncOperationNotSupportedByBackend
The backend does not support the sync of credentials.
DeviceInformationSyncResult
This is the result of the DeviceInformationSync operation.
DeviceInformationSyncUnknownError
Unknown device information sync error, handling not categorized error cases.
DeviceNameMismatch
There is a mismatch between the name of the device in the server and the one in the mobile device application.
DevicePasscodePromptOptions
Defines the elements of the device passcode prompt (title and description).
DevicePasscodeUserVerificationContext
The object providing information about the device passcode user verification (i.e. the user credential validation) operation to be done.
DevicePasscodeUserVerificationHandler
The objects consuming the outcome of an interaction where the user provides device passcode credentials.
DevicePasscodeUserVerifier
The object in charge of interacting with the user to do device passcode authentication.
ExponentialRetryPolicy
The operation will be retried at exponential intervals.
FcmRegistrationTokenMismatch
There is a mismatch between the firebase registration token in the server and the one in the mobile device application.
FidoErrorCode
Error class indicating that a problem during a FIDO UAF operation occurred.
FingerprintUserVerificationContext
(i.e. the user credential validation) operation to be done.
FingerprintUserVerificationError
The recoverable error that can occur when verifying the user with fingerprint.
FingerprintUserVerificationHandler
The objects consuming the outcome of an interaction where the user provides fingerprint credentials.
FingerprintUserVerifier
The object in charge of interacting with the user to do fingerprint authentication.
HttpOperation<T extends HttpOperation<T>>
An operation that requires sending HTTP requests to the backend.
IdUsernamePair
The DeviceInformation is stored a set of generic credentials representing dispatch targets in nevisIDM. For each account there is a generic credential in nevisIDM. This object exposes the value of the Identification attribute of each of the generic credentials for each account.
InitializationDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
InitializationError
Collection of MobileAuthenticationClient initialization error codes.
InitializationHardwareError
Secure hardware is not available on this device or an error occurred checking the hardware of the device.
InitializationLockScreenHasChangedError
User has changed the lock screen configuration of the device and the credentials were created using an SDK previous to 1.7. The data no longer accessible. This happens for example when the user created fingerprint redentials with an application using an SDK previous to 1.7 and the fingerprints were modified. On credentials created with an SDK 1.7 or later, changing the screen lock protection does not result in this error.
InitializationNoDeviceLockError
The error that occurs when the device has no secure lock screen during initialization.
InitializationRootedError
The device is rooted. The SDK cannot be run in rooted devices. For security reasons, the SDK will remove the credentials in this device when this is detected.
InitializationUnknownError
Unknown error, handling not categorized error cases.
IOSMetaData
The object containing information about the native iOS Nevis Mobile Authentication SDK.
JwsAuthorizationProvider
An authorization provider using JWS to do the authorization.
JwtAuthorizationProvider
A JWT based authorization provider.
JwtSessionProvider
A JWT based session provider.
LocalData
An interface that provides information about the information that is stored locally in the SDK.
MetaData
The object containing information about the Nevis Mobile Authentication SDK.
MetaDataProvider
An interface that provides additional information about the Nevis Mobile Authentication SDK.
MissingAuthenticatorInMobileDevice
An authenticator is registered in the server for an account, but not in the mobile device application.
MissingAuthenticatorInServer
An authenticator is registered in the mobile device application for an account, but not in the server.
MissingDeviceInformationInMobileDevice
The device information for the given IdUsernamePair is defined in the server but not in the mobile device application.
MissingDeviceInformationInServer
The device information for the given IdUsernamePair is defined in the SDK but not in the server.
MobileAuthenticationClient
The MobileAuthenticationClient class represents the entry point to the SDK.
MobileAuthenticationClientError
The parent of all the errors that can be returned.
MobileAuthenticationClientInitializer
The class that creates and initializes asynchronously an instance of MobileAuthenticationClient.
NoRetryPolicy
Retry policy to do not retry: in case of failure the operation will report the error without retrying.
OperationClockSkewTooBig
The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
OperationDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
OperationError
An error occurred during registration or deregistration.
OperationFidoError
An error that indicates that a FIDO UAF error occurred during an operation.
OperationForbidden
The dispatch target used to sign the JWS is not part of the requested device.
OperationNetworkError
A network error occurred while redeeming the token: either the server was not reachable or it returned an HTTP error.
OperationNoDeviceLockError
The device has no secure lock screen.
OperationNotSupportedByBackend
The backend does not support using the JwsAuthorizationProvider.
Operations
The interface used to obtain operation objects (registration, deregistration, authentication...).
OperationUnauthorized
The request was not authorized. It was not possible to verify the signature of the request.
OperationUnknownError
Unknown operation error, handling not categorized error cases.
OperationUserAlreadyRegisteredInAnotherServer
An error that occurs with registration when we try to register a new authenticator in a server for a given username, and there is an authenticator already registered in another server for that username.
OperationUserNotRegisteredInServer
An error that occurs with username-less out-of-band authentication, if the username of a registered account is provided to the AccountSelectionHandler, but the user is not defined in the server where the token was redeemed.
OsAuthenticationListenHandler
An object that can be used to resume listening for OS credentials (i.e. fingerprint) and to cancel the whole operation while listening for credentials.
OsUserEnrollment
The object containing the user enrollment information for an authenticator whose credentials are managed by the operating system (like the fingerprint authenticator).
OutOfBandAuthentication
The operation handling an out-of-band authentication.
OutOfBandOperation
The operation managing an OutOfBandPayload.
OutOfBandOperationDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
OutOfBandOperationError
The error that can occur when the processing of an OutOfBandPayload fails.
OutOfBandOperationNetworkError
A network error occurred while redeeming the token: either the server was not reachable or it returned an HTTP error.
OutOfBandOperationNoDeviceLockError
The device has no secure lock screen.
OutOfBandOperationTokenAlreadyRedeemed
The token was already redeemed.
OutOfBandOperationTokenExpired
The token has expired.
OutOfBandOperationUnknownError
Unknown out-of-band operation error, handling not categorized error cases.
OutOfBandPayload
This object describes the contents that are sent by nevisFIDO in the out-of-band use case to start an operation (registration, authentication or deregistration).
OutOfBandPayloadDecode
The object that decodes an OutOfBandPayload from a string in JSON format or a Base64 URL encoded string representing the JSON.
OutOfBandPayloadDecryptionError
The encrypted contents of the out-of-band payload could not be decrypted.
OutOfBandPayloadDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
OutOfBandPayloadError
The error returned when there is a problem with the out-of-band payload: it cannot be decrypted or the provided JSON is not properly formatted.
OutOfBandPayloadMalformedPayload
A violation of the out-of-band payload (contents of OutOfBandPayload) occurred.
OutOfBandPayloadNoDeviceLockError
The device has no secure lock screen.
OutOfBandPayloadUnknownError
Unknown out-of-band payload error, handling not categorized error cases.
OutOfBandRegistration
The operation handling an out-of-band registration. This is the object returned by the SDK, when a OutOfBandPayload was processed and the OutOfBandPayload corresponds to a registration operation.
PasswordAuthenticatorProtectionStatus
The object describing the password authenticator protection status.
PasswordChange
The object that can be used to change the password.
PasswordChangeContext
The object providing some contextual information during password change.
PasswordChangeDeviceProtectionError
An error that indicates that some form of tampering was found in the application during password change.
PasswordChangeError
The error returned when the password change failed.
PasswordChangeHandler
The object handling the old and new password provided by the end-user.
PasswordChangeNoDeviceLockError
The error that occurs when the device has no secure lock screen during a password change.
PasswordChangePasswordLocked
The error that occurs when the password was locked because of too many failures.
PasswordChangePasswordNotEnrolled
The error that occurs when the specified user during a password change operation does not have an enrolled password.
PasswordChanger
The object in charge of password change.
PasswordChangeRecoverableCustomValidationError
The provided password has failed the validation done in PasswordPolicy.validatePasswordForPasswordChange.
PasswordChangeRecoverableError
The recoverable error that can occur when changing a password.
PasswordChangeRecoverableInvalidPassword
The provided old password is not valid.
PasswordChangeRecoverableOldPasswordEqualsNewPassword
The old and new password are equal. The new password must be different than the old password.
PasswordChangeUnknownError
Unknown password change error, handling not categorized error cases.
PasswordChangeUserCanceled
The error that occurs when the password change was cancelled.
PasswordEnroller
The object in charge of password enrollment.
PasswordEnrollmentContext
The object providing some contextual information during password enrollment.
PasswordEnrollmentCustomValidationError
The provided password has failed the validation done in PasswordPolicy.validatePasswordForEnrollment.
PasswordEnrollmentError
The object that informs that an error occurred during password enrollment.
PasswordEnrollmentHandler
The object handling the password to be enrolled.
PasswordPolicy
The object defining whether the password provided by a user during enrollment or when changing is valid.
PasswordPolicyProvider
An object defining the PasswordPolicy.
PasswordProtectionStatusLastAttemptFailed
An invalid password was provided previously.
PasswordProtectionStatusLockedOut
The authenticator is locked and cannot be used.
PasswordProtectionStatusUnlocked
The authenticator is unlocked and can be used.
PasswordUserVerificationContext
The object providing information about the password user verification (i.e. the user credential validation) operation to be done.
PasswordUserVerificationError
The recoverable error that can occur when verifying the user with a password.
PasswordUserVerificationHandler
The objects consuming the outcome of an interaction where the user provides password credentials.
PasswordUserVerificationInvalidPasswordError
The error that occurs when the user provides bad credentials.
PasswordUserVerifier
The object in charge of interacting with the user to do password authentication.
PendingOutOfBandOperation
The object defining a non-redeemed out-of-band operation as defined in the Get Device Out-of-Band Operations service.
PendingOutOfBandOperations
The operation retrieving the out-of-band operations that have been started in the server, and must be handled by the application running the Mobile Authentication SDK on the device.
PendingOutOfBandOperationsClockSkewTooBig
The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
PendingOutOfBandOperationsDeviceProtectionError
An error that indicates that some form of tampering was found in the application.
PendingOutOfBandOperationsError
The error that can occur with the PendingOutOfBandOperations operation.
PendingOutOfBandOperationsNetworkError
A network error occurred.
PendingOutOfBandOperationsNoDeviceLockError
The device has no secure lock screen.
PendingOutOfBandOperationsOperationNotSupportedByBackend
The backend does not support the retrieval of out-of-band operations.
PendingOutOfBandOperationsResult
The object with the non-redeemed out-of-band operations returned by nevisFIDO in the Get Device Out-of-Band Operations service.
PendingOutOfBandOperationsUnknownError
Unknown operation error, handling not categorized error cases.
PinAuthenticatorProtectionStatus
The object describing the PIN authenticator protection status.
PinChange
The object that can be used to change the PIN.
PinChangeContext
The object providing some contextual information during PIN change.
PinChangeDeviceProtectionError
An error that indicates that some form of tampering was found in the application during PIN change.
PinChangeError
The error returned when the PIN change failed.
PinChangeHandler
The object handling the old and new PIN provided by the end-user.
PinChangeNoDeviceLockError
The error that occurs when the device has no secure lock screen during a PIN change.
PinChangePinLocked
The error that occurs when the PIN was locked because of too many failures.
PinChangePinNotEnrolled
The error that occurs when the specified user during a PIN change operation does not have an enrolled PIN.
PinChanger
The object in charge of PIN change.
PinChangeRecoverableCustomValidationError
The provided PIN has failed the validation done in PinPolicy.validatePinForPinChange.
PinChangeRecoverableError
The recoverable error that can occur when changing a PIN.
PinChangeRecoverableInvalidPin
The provided old PIN is not valid.
PinChangeRecoverableInvalidPinFormat
The provided new PIN is not compliant with the PinPolicy.
PinChangeRecoverableOldPinEqualsNewPin
The old and new PINs are equal. The new PIN must be different from the old PIN.
PinChangeUnknownError
Unknown PIN change error, handling not categorized error cases.
PinChangeUserCanceled
The error that occurs when the PIN change was cancelled.
PinEnroller
The object in charge of PIN enrollment.
PinEnrollmentContext
The object providing some contextual information during PIN enrollment.
PinEnrollmentCustomValidationError
The provided PIN has failed the validation done in PinPolicy.validatePinForEnrollment.
PinEnrollmentError
The object that informs that an error occurred during PIN enrollment.
PinEnrollmentHandler
The object handling the PIN to be enrolled.
PinEnrollmentInvalidPinFormat
The provided PIN is not compliant with the PinPolicy.
PinPolicy
The object defining the minimum and maximum length of the PIN.
PinPolicyProvider
An object defining the PinPolicy.
PinProtectionStatusLastAttemptFailed
An invalid PIN was provided previously.
PinProtectionStatusLockedOut
The authenticator is locked and cannot be used.
PinProtectionStatusUnlocked
The authenticator is unlocked and can be used.
PinUserVerificationContext
The object providing information about the PIN user verification (i.e. the user credential validation) operation to be done.
PinUserVerificationError
The recoverable error that can occur when verifying the user with a PIN.
PinUserVerificationHandler
The objects consuming the outcome of an interaction where the user provides PIN credentials.
PinUserVerificationInvalidPinError
The error that occurs when the user provides bad credentials.
PinUserVerifier
The object in charge of interacting with the user to do PIN authentication.
PlatformChannelError
A class representing the errors thrown during platform channel calls.
PlatformChannelIllegalArgumentError
An error that indicates that an illegal or inappropriate parameter has been passed to a method.
PlatformChannelMappingError
An error that indicates that the mapping failed during a platform call.
PlatformChannelNoOperationFoundError
An error that indicates that no operation found with a given identifier.
PlatformChannelNullPointerError
An error that indicates that a parameter is null in a case where it is required.
PlatformChannelOperationAlreadyExistsError
An error that indicates that an operation already exists with the given identifier.
PlatformChannelOperationNullError
An error that indicates that an operation with the given identifier does not exist.
PlatformChannelUnknownError
An error that indicates that something failed during a platform call.
PlatformChannelWrongOperationTypeError
An error that indicates that an operation with the given identifier has wrong type.
PromptOptions
Defines the elements of a user prompt (title and description).
RecoverableError
The interface implemented by all recoverable errors.
RedeemData
The data with the information required to redeem the token.
Registration
The object that can be used to trigger a registration operation.
RegistrationInfo
The object exposing the registration information for an Authenticator.
RequestHeaders
The interface defining the HTTP headers that can be provided to HttpOperation. The headers can be used for example to correlate multiple operations in the backend: a header with an identifier can be provided to the HttpOperation, and the header will be included in the HTTP request. If the identifier can be associated with a more general operation (like a user enrollment), the backend will be able to link the requests made by the SDK with that more generic operation.
RetryPolicy
Some of the operations of the SDK allow to retry the operation (or part of the operation).
SdkUserEnrollment
The object containing the user enrollment information for an authenticator whose credentials are managed by the SDK (like the PIN and password authenticator).
Server
The object defining a server. Each Account is defined in a given Server object.
SessionProvider
Provides the elements required to run an operation in a session.
UserEnrollment
The object containing the user enrollment information.
UserVerificationContext
The object describing the user verification (i.e. the user credential validation) operation to be done.
UserVerificationHandler
The objects consuming the outcome of an interaction where the user provides credentials.
Version
Represents a generic version with major, minor, patch and buildNumber fields.

Extensions

AaidExtension
Extensions for Aaid enumeration.
AaidStringExtension
String extensions for declaring Aaid related convenience comparison methods.

Enums

Aaid
Enumeration for authenticator attestation identifiers.
ContentType
The content type of the OutOfBandPayload.
DispatchChannel
The different dispatch channels (dispatchers in nevisFIDO terminology) that can be used with to transmit the out-of-band operation: the out-of-band operation reaches the application either through a QR code, an FCM push notification or a link.
FidoErrorCodeType
Collection error codes based on the FIDO UAF client error codes.

Exceptions / Errors

PlatformChannelException
An exception that can be thrown on platform related errors.
PlatformSdkException
Base class that represents exceptions from the native SDKs.