nevis_mobile_authentication_sdk library
Nevis Mobile Authentication SDK
The Nevis Mobile Authentication SDK for Flutter is a plugin which is part of the NEVIS Mobile Authentication solution. The NEVIS Mobile Authentication solution enables secure and seamless authentication by letting users verify their identity via their mobile device.
The framework enables applications to leverage FIDO authentication capabilities as implemented in the NEVIS Mobile Authentication backend. The plugin can be embedded in Flutter applications to provide an implementation of mobile authentication use cases such as registration, web and out-of-band authentication, in-app authentication, transaction confirmation and deregistration.
Classes
- Account
- The object representing a user account.
- AccountSelectionContext
- The service returning the information required to choose the account to be used.
- AccountSelectionHandler
- The objects consuming the outcome of an interaction where the user chooses the account to be used.
- AccountSelector
- The object in charge of selecting an account.
- AndroidMetaData
- The object containing information about the native Android Nevis Mobile Authentication SDK.
- AuthCloudApiClockSkewTooBig
- The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
- AuthCloudApiDecryptionError
- The encrypted contents of the Auth Cloud API response could not be decrypted.
- AuthCloudApiDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- AuthCloudApiError
- An error occurred during auth cloud api registration.
- AuthCloudApiFidoError
- An error that indicates that a FIDO UAF error occurred during an operation.
- AuthCloudApiMalformedPayload
- A problem with the provided Auth Cloud API response occurred.
- AuthCloudApiNetworkError
- A network error occurred while redeeming the token: either the server was not reachable or it returned an HTTP error.
- AuthCloudApiNoDeviceLockError
- The device has no secure lock screen.
- AuthCloudApiRegistration
- The object that can be used to trigger a registration operation from the response to the Authentication Cloud API enroll request.
- AuthCloudApiTokenAlreadyRedeemed
- The token was already redeemed.
- AuthCloudApiTokenExpired
- The token has expired.
- AuthCloudApiUnknownError
- Unknown operation error, handling not categorized error cases.
- Authentication
- The object that can be used to trigger an authentication operation.
- AuthenticationDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- AuthenticationError
- An extension of MobileAuthenticationClientError for the Authentication operation.
- AuthenticationFidoError
- An error that indicates that a FIDO UAF error occurred during an operation.
- AuthenticationNetworkError
- A network error occurred while redeeming the token: either the server was not reachable or it returned an HTTP error.
- AuthenticationNoDeviceLockError
- The device has no secure lock screen.
- AuthenticationUnknownError
- Unknown error, handling not categorized error cases.
- Authenticator
- An object describing an authenticator.
- AuthenticatorSelectionContext
- The service returning the information required to choose the authenticator to be used.
- AuthenticatorSelectionHandler
- The objects consuming the outcome of an interaction where the user chooses the authenticator to be used.
- AuthenticatorSelector
- The object in charge of selecting the authenticator to be used to perform an operation.
- AuthorizationProvider
- Provides the authorization elements required to perform protected operations.
- BiometricPromptOptions
- Defines the elements of the biometric prompt (title, description and cancel button text).
- BiometricUserVerificationContext
- The object providing information about the biometric user verification (i.e. the user credential validation) operation to be done.
- BiometricUserVerificationHandler
- The objects consuming the outcome of an interaction where the user provides biometric credentials.
- BiometricUserVerifier
- The object in charge of interacting with the user to do biometric authentication.
- CancellableHandler
- The interface that operation or user interaction handlers are derived from.
- Configuration
- The Mobile Authentication Client configuration.
- ConstantRetryPolicy
- The operation will be retried periodically with a maximum number of tries.
- CookieAuthorizationProvider
- An HTTP cookie based authorization provider.
- CookieContainer
- A container that holds a cookie and an uri that belongs to the cookie.
- CookieSessionProvider
- An HTTP cookie based session provider.
- DeleteAuthenticatorError
- The error which is thrown by LocalData.deleteAuthenticator in case of any error occurs. For instance if the provided AAID is not known, or if an error occurred during deleting the associated FIDO UAF credentials.
- DeleteAuthenticatorUnknownError
- Unknown error, handling not categorized error cases.
- Deregistration
- The object that can be used to trigger an deregistration operation.
- DeviceInformation
- The object containing information of the device where the SDK is running.
- DeviceInformationChange
- The object that changes the device information.
- DeviceInformationChangeClockSkewTooBig
- The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
- DeviceInformationChangeDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- DeviceInformationChangeError
- The error that can occur with operations related to a DeviceInformation.
- DeviceInformationChangeNameAlreadyExists
- There is already a device information with the provided name. All the device information names of a given user must be unique.
- DeviceInformationChangeNetworkError
- A network error occurred.
- DeviceInformationChangeNoDeviceLockError
- The device has no secure lock screen.
- DeviceInformationChangeNotFound
- The device information to be updated could not be found.
- DeviceInformationChangeUnknownError
- Unknown device information change error, handling not categorized error cases.
- DeviceInformationCheck
- The operation retrieving the mismatches that exist between the configuration in the server and in the mobile device application.
- DeviceInformationCheckClockSkewTooBig
- The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
- DeviceInformationCheckDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- DeviceInformationCheckError
- The error that can occur with operations related to a DeviceInformationCheck.
- DeviceInformationCheckForbidden
- An error that indicates that the SDK could not access the credentials in the backend.
- DeviceInformationCheckNetworkError
- A network error occurred.
- DeviceInformationCheckNoDeviceLockError
- The device has no secure lock screen.
- DeviceInformationCheckOperationNotSupportedByBackend
- The backend does not support the retrieval of credentials.
- DeviceInformationCheckResult
- This is the result of the DeviceInformationCheck operation.
- DeviceInformationCheckUnknownError
- Unknown device information check error, handling not categorized error cases.
- DeviceInformationMismatch
- The configuration mismatches between the server and the mobile device application.
- DeviceInformationSync
- The operation that can be executed to correct the DeviceInformationMismatch problems that were found in a DeviceInformationCheck.
- DeviceInformationSyncClockSkewTooBig
- The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
- DeviceInformationSyncDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- DeviceInformationSyncError
- The error that can occur with operations related to a DeviceInformationSync.
- DeviceInformationSyncNetworkError
- A network error occurred.
- DeviceInformationSyncNoDeviceLockError
- The device has no secure lock screen.
- DeviceInformationSyncOperationNotSupportedByBackend
- The backend does not support the sync of credentials.
- DeviceInformationSyncResult
- This is the result of the DeviceInformationSync operation.
- DeviceInformationSyncUnknownError
- Unknown device information sync error, handling not categorized error cases.
- DeviceNameMismatch
- There is a mismatch between the name of the device in the server and the one in the mobile device application.
- DevicePasscodePromptOptions
- Defines the elements of the device passcode prompt (title and description).
- DevicePasscodeUserVerificationContext
- The object providing information about the device passcode user verification (i.e. the user credential validation) operation to be done.
- DevicePasscodeUserVerificationHandler
- The objects consuming the outcome of an interaction where the user provides device passcode credentials.
- DevicePasscodeUserVerifier
- The object in charge of interacting with the user to do device passcode authentication.
- ExponentialRetryPolicy
- The operation will be retried at exponential intervals.
- FcmRegistrationTokenMismatch
- There is a mismatch between the firebase registration token in the server and the one in the mobile device application.
- FidoErrorCode
- Error class indicating that a problem during a FIDO UAF operation occurred.
- FingerprintUserVerificationContext
- (i.e. the user credential validation) operation to be done.
- FingerprintUserVerificationError
- The recoverable error that can occur when verifying the user with fingerprint.
- FingerprintUserVerificationHandler
- The objects consuming the outcome of an interaction where the user provides fingerprint credentials.
- FingerprintUserVerifier
- The object in charge of interacting with the user to do fingerprint authentication.
-
HttpOperation<
T extends HttpOperation< T> > - An operation that requires sending HTTP requests to the backend.
- IdUsernamePair
-
The DeviceInformation is stored a set of generic credentials representing
dispatch targets in nevisIDM. For each account there is a generic credential
in nevisIDM. This object exposes the value of the
Identification
attribute of each of the generic credentials for each account. - InitializationDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- InitializationError
- Collection of MobileAuthenticationClient initialization error codes.
- InitializationHardwareError
- Secure hardware is not available on this device or an error occurred checking the hardware of the device.
- InitializationLockScreenHasChangedError
- User has changed the lock screen configuration of the device and the credentials were created using an SDK previous to 1.7. The data no longer accessible. This happens for example when the user created fingerprint redentials with an application using an SDK previous to 1.7 and the fingerprints were modified. On credentials created with an SDK 1.7 or later, changing the screen lock protection does not result in this error.
- InitializationNoDeviceLockError
- The error that occurs when the device has no secure lock screen during initialization.
- InitializationRootedError
- The device is rooted. The SDK cannot be run in rooted devices. For security reasons, the SDK will remove the credentials in this device when this is detected.
- InitializationUnknownError
- Unknown error, handling not categorized error cases.
- IOSMetaData
- The object containing information about the native iOS Nevis Mobile Authentication SDK.
- JwsAuthorizationProvider
- An authorization provider using JWS to do the authorization.
- JwtAuthorizationProvider
- A JWT based authorization provider.
- JwtSessionProvider
- A JWT based session provider.
- LocalData
- An interface that provides information about the information that is stored locally in the SDK.
- MetaData
- The object containing information about the Nevis Mobile Authentication SDK.
- MetaDataProvider
- An interface that provides additional information about the Nevis Mobile Authentication SDK.
- MissingAuthenticatorInMobileDevice
- An authenticator is registered in the server for an account, but not in the mobile device application.
- MissingAuthenticatorInServer
- An authenticator is registered in the mobile device application for an account, but not in the server.
- MissingDeviceInformationInMobileDevice
- The device information for the given IdUsernamePair is defined in the server but not in the mobile device application.
- MissingDeviceInformationInServer
- The device information for the given IdUsernamePair is defined in the SDK but not in the server.
- MobileAuthenticationClient
- The MobileAuthenticationClient class represents the entry point to the SDK.
- MobileAuthenticationClientError
- The parent of all the errors that can be returned.
- MobileAuthenticationClientInitializer
- The class that creates and initializes asynchronously an instance of MobileAuthenticationClient.
- NoRetryPolicy
- Retry policy to do not retry: in case of failure the operation will report the error without retrying.
- OperationClockSkewTooBig
- The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
- OperationDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- OperationError
- An error occurred during registration or deregistration.
- OperationFidoError
- An error that indicates that a FIDO UAF error occurred during an operation.
- OperationForbidden
- The dispatch target used to sign the JWS is not part of the requested device.
- OperationNetworkError
- A network error occurred while redeeming the token: either the server was not reachable or it returned an HTTP error.
- OperationNoDeviceLockError
- The device has no secure lock screen.
- OperationNotSupportedByBackend
- The backend does not support using the JwsAuthorizationProvider.
- Operations
- The interface used to obtain operation objects (registration, deregistration, authentication...).
- The request was not authorized. It was not possible to verify the signature of the request.
- OperationUnknownError
- Unknown operation error, handling not categorized error cases.
- OperationUserAlreadyRegisteredInAnotherServer
- An error that occurs with registration when we try to register a new authenticator in a server for a given username, and there is an authenticator already registered in another server for that username.
- OperationUserNotRegisteredInServer
- An error that occurs with username-less out-of-band authentication, if the username of a registered account is provided to the AccountSelectionHandler, but the user is not defined in the server where the token was redeemed.
- OsAuthenticationListenHandler
- An object that can be used to resume listening for OS credentials (i.e. fingerprint) and to cancel the whole operation while listening for credentials.
- OsUserEnrollment
- The object containing the user enrollment information for an authenticator whose credentials are managed by the operating system (like the fingerprint authenticator).
- OutOfBandAuthentication
- The operation handling an out-of-band authentication.
- OutOfBandOperation
- The operation managing an OutOfBandPayload.
- OutOfBandOperationDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- OutOfBandOperationError
- The error that can occur when the processing of an OutOfBandPayload fails.
- OutOfBandOperationNetworkError
- A network error occurred while redeeming the token: either the server was not reachable or it returned an HTTP error.
- OutOfBandOperationNoDeviceLockError
- The device has no secure lock screen.
- OutOfBandOperationTokenAlreadyRedeemed
- The token was already redeemed.
- OutOfBandOperationTokenExpired
- The token has expired.
- OutOfBandOperationUnknownError
- Unknown out-of-band operation error, handling not categorized error cases.
- OutOfBandPayload
- This object describes the contents that are sent by nevisFIDO in the out-of-band use case to start an operation (registration, authentication or deregistration).
- OutOfBandPayloadDecode
- The object that decodes an OutOfBandPayload from a string in JSON format or a Base64 URL encoded string representing the JSON.
- OutOfBandPayloadDecryptionError
- The encrypted contents of the out-of-band payload could not be decrypted.
- OutOfBandPayloadDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- OutOfBandPayloadError
- The error returned when there is a problem with the out-of-band payload: it cannot be decrypted or the provided JSON is not properly formatted.
- OutOfBandPayloadMalformedPayload
- A violation of the out-of-band payload (contents of OutOfBandPayload) occurred.
- OutOfBandPayloadNoDeviceLockError
- The device has no secure lock screen.
- OutOfBandPayloadUnknownError
- Unknown out-of-band payload error, handling not categorized error cases.
- OutOfBandRegistration
- The operation handling an out-of-band registration. This is the object returned by the SDK, when a OutOfBandPayload was processed and the OutOfBandPayload corresponds to a registration operation.
- PasswordAuthenticatorProtectionStatus
- The object describing the password authenticator protection status.
- PasswordChange
- The object that can be used to change the password.
- PasswordChangeContext
- The object providing some contextual information during password change.
- PasswordChangeDeviceProtectionError
- An error that indicates that some form of tampering was found in the application during password change.
- PasswordChangeError
- The error returned when the password change failed.
- PasswordChangeHandler
- The object handling the old and new password provided by the end-user.
- PasswordChangeNoDeviceLockError
- The error that occurs when the device has no secure lock screen during a password change.
- PasswordChangePasswordLocked
- The error that occurs when the password was locked because of too many failures.
- PasswordChangePasswordNotEnrolled
- The error that occurs when the specified user during a password change operation does not have an enrolled password.
- PasswordChanger
- The object in charge of password change.
- PasswordChangeRecoverableCustomValidationError
- The provided password has failed the validation done in PasswordPolicy.validatePasswordForPasswordChange.
- PasswordChangeRecoverableError
- The recoverable error that can occur when changing a password.
- PasswordChangeRecoverableInvalidPassword
- The provided old password is not valid.
- PasswordChangeRecoverableOldPasswordEqualsNewPassword
- The old and new password are equal. The new password must be different than the old password.
- PasswordChangeUnknownError
- Unknown password change error, handling not categorized error cases.
- PasswordChangeUserCanceled
- The error that occurs when the password change was cancelled.
- PasswordEnroller
- The object in charge of password enrollment.
- PasswordEnrollmentContext
- The object providing some contextual information during password enrollment.
- PasswordEnrollmentCustomValidationError
- The provided password has failed the validation done in PasswordPolicy.validatePasswordForEnrollment.
- PasswordEnrollmentError
- The object that informs that an error occurred during password enrollment.
- PasswordEnrollmentHandler
- The object handling the password to be enrolled.
- PasswordPolicy
- The object defining whether the password provided by a user during enrollment or when changing is valid.
- PasswordPolicyProvider
- An object defining the PasswordPolicy.
- PasswordProtectionStatusLastAttemptFailed
- An invalid password was provided previously.
- PasswordProtectionStatusLockedOut
- The authenticator is locked and cannot be used.
- PasswordProtectionStatusUnlocked
- The authenticator is unlocked and can be used.
- PasswordUserVerificationContext
- The object providing information about the password user verification (i.e. the user credential validation) operation to be done.
- PasswordUserVerificationError
- The recoverable error that can occur when verifying the user with a password.
- PasswordUserVerificationHandler
- The objects consuming the outcome of an interaction where the user provides password credentials.
- PasswordUserVerificationInvalidPasswordError
- The error that occurs when the user provides bad credentials.
- PasswordUserVerifier
- The object in charge of interacting with the user to do password authentication.
- PendingOutOfBandOperation
- The object defining a non-redeemed out-of-band operation as defined in the Get Device Out-of-Band Operations service.
- PendingOutOfBandOperations
- The operation retrieving the out-of-band operations that have been started in the server, and must be handled by the application running the Mobile Authentication SDK on the device.
- PendingOutOfBandOperationsClockSkewTooBig
- The clocks on the mobile and on the server are too apart and the server refused to validate the JWS.
- PendingOutOfBandOperationsDeviceProtectionError
- An error that indicates that some form of tampering was found in the application.
- PendingOutOfBandOperationsError
- The error that can occur with the PendingOutOfBandOperations operation.
- PendingOutOfBandOperationsNetworkError
- A network error occurred.
- PendingOutOfBandOperationsNoDeviceLockError
- The device has no secure lock screen.
- PendingOutOfBandOperationsOperationNotSupportedByBackend
- The backend does not support the retrieval of out-of-band operations.
- PendingOutOfBandOperationsResult
- The object with the non-redeemed out-of-band operations returned by nevisFIDO in the Get Device Out-of-Band Operations service.
- PendingOutOfBandOperationsUnknownError
- Unknown operation error, handling not categorized error cases.
- PinAuthenticatorProtectionStatus
- The object describing the PIN authenticator protection status.
- PinChange
- The object that can be used to change the PIN.
- PinChangeContext
- The object providing some contextual information during PIN change.
- PinChangeDeviceProtectionError
- An error that indicates that some form of tampering was found in the application during PIN change.
- PinChangeError
- The error returned when the PIN change failed.
- PinChangeHandler
- The object handling the old and new PIN provided by the end-user.
- PinChangeNoDeviceLockError
- The error that occurs when the device has no secure lock screen during a PIN change.
- PinChangePinLocked
- The error that occurs when the PIN was locked because of too many failures.
- PinChangePinNotEnrolled
- The error that occurs when the specified user during a PIN change operation does not have an enrolled PIN.
- PinChanger
- The object in charge of PIN change.
- PinChangeRecoverableCustomValidationError
- The provided PIN has failed the validation done in PinPolicy.validatePinForPinChange.
- PinChangeRecoverableError
- The recoverable error that can occur when changing a PIN.
- PinChangeRecoverableInvalidPin
- The provided old PIN is not valid.
- PinChangeRecoverableInvalidPinFormat
- The provided new PIN is not compliant with the PinPolicy.
- PinChangeRecoverableOldPinEqualsNewPin
- The old and new PINs are equal. The new PIN must be different from the old PIN.
- PinChangeUnknownError
- Unknown PIN change error, handling not categorized error cases.
- PinChangeUserCanceled
- The error that occurs when the PIN change was cancelled.
- PinEnroller
- The object in charge of PIN enrollment.
- PinEnrollmentContext
- The object providing some contextual information during PIN enrollment.
- PinEnrollmentCustomValidationError
- The provided PIN has failed the validation done in PinPolicy.validatePinForEnrollment.
- PinEnrollmentError
- The object that informs that an error occurred during PIN enrollment.
- PinEnrollmentHandler
- The object handling the PIN to be enrolled.
- PinEnrollmentInvalidPinFormat
- The provided PIN is not compliant with the PinPolicy.
- PinPolicy
- The object defining the minimum and maximum length of the PIN.
- PinPolicyProvider
- An object defining the PinPolicy.
- PinProtectionStatusLastAttemptFailed
- An invalid PIN was provided previously.
- PinProtectionStatusLockedOut
- The authenticator is locked and cannot be used.
- PinProtectionStatusUnlocked
- The authenticator is unlocked and can be used.
- PinUserVerificationContext
- The object providing information about the PIN user verification (i.e. the user credential validation) operation to be done.
- PinUserVerificationError
- The recoverable error that can occur when verifying the user with a PIN.
- PinUserVerificationHandler
- The objects consuming the outcome of an interaction where the user provides PIN credentials.
- PinUserVerificationInvalidPinError
- The error that occurs when the user provides bad credentials.
- PinUserVerifier
- The object in charge of interacting with the user to do PIN authentication.
- PlatformChannelError
- A class representing the errors thrown during platform channel calls.
- PlatformChannelIllegalArgumentError
- An error that indicates that an illegal or inappropriate parameter has been passed to a method.
- PlatformChannelMappingError
- An error that indicates that the mapping failed during a platform call.
- PlatformChannelNoOperationFoundError
- An error that indicates that no operation found with a given identifier.
- PlatformChannelNullPointerError
-
An error that indicates that a parameter is
null
in a case where it is required. - PlatformChannelOperationAlreadyExistsError
- An error that indicates that an operation already exists with the given identifier.
- PlatformChannelOperationNullError
- An error that indicates that an operation with the given identifier does not exist.
- PlatformChannelUnknownError
- An error that indicates that something failed during a platform call.
- PlatformChannelWrongOperationTypeError
- An error that indicates that an operation with the given identifier has wrong type.
- PromptOptions
- Defines the elements of a user prompt (title and description).
- RecoverableError
- The interface implemented by all recoverable errors.
- RedeemData
- The data with the information required to redeem the token.
- Registration
- The object that can be used to trigger a registration operation.
- RegistrationInfo
- The object exposing the registration information for an Authenticator.
- RequestHeaders
- The interface defining the HTTP headers that can be provided to HttpOperation. The headers can be used for example to correlate multiple operations in the backend: a header with an identifier can be provided to the HttpOperation, and the header will be included in the HTTP request. If the identifier can be associated with a more general operation (like a user enrollment), the backend will be able to link the requests made by the SDK with that more generic operation.
- RetryPolicy
- Some of the operations of the SDK allow to retry the operation (or part of the operation).
- SdkUserEnrollment
- The object containing the user enrollment information for an authenticator whose credentials are managed by the SDK (like the PIN and password authenticator).
- Server
- The object defining a server. Each Account is defined in a given Server object.
- SessionProvider
- Provides the elements required to run an operation in a session.
- UserEnrollment
- The object containing the user enrollment information.
- UserVerificationContext
- The object describing the user verification (i.e. the user credential validation) operation to be done.
- UserVerificationHandler
- The objects consuming the outcome of an interaction where the user provides credentials.
- Version
- Represents a generic version with major, minor, patch and buildNumber fields.
Extensions
- AaidExtension
- Extensions for Aaid enumeration.
- AaidStringExtension
- String extensions for declaring Aaid related convenience comparison methods.
Enums
- Aaid
- Enumeration for authenticator attestation identifiers.
- ContentType
- The content type of the OutOfBandPayload.
- DispatchChannel
- The different dispatch channels (dispatchers in nevisFIDO terminology) that can be used with to transmit the out-of-band operation: the out-of-band operation reaches the application either through a QR code, an FCM push notification or a link.
- FidoErrorCodeType
- Collection error codes based on the FIDO UAF client error codes.
Exceptions / Errors
- PlatformChannelException
- An exception that can be thrown on platform related errors.
- PlatformSdkException
- Base class that represents exceptions from the native SDKs.