@futoin/security
v0.3.16
Published
FutoIn Security Concept reference implementation
Downloads
20
Maintainers
andvgalReadme
About
FutoIn Security Concept is alternative to token based authentication & authorization mechanisms.
Features:
- FutoIn SecVault sensitive data storage security
- User & configuration management (FTN8):
- Stateless Authentication (FTN8.1):
- Clear text
- Message Authentication Code (HMAC with static key)
- Master Secret Authentication (FTN8.2):
- multiple master keys with custom scope support
- derived key per each peer
- automatic time-based derived key rotation
- optional automatic master key rotation
Documentation --> FutoIn Guide
Reference implementation of:
Author: Andrey Galkin
Installation for Node.js
Command line:
$ npm install @futoin/security --saveor:
$ yarn add @futoin/security --saveExamples
API documentation
Classes
CachedManageService
FTN8: Cached Manage Service
Kind: global class
new CachedManageService(scope, options)
C-tor
| Param | Type | Default | Description | | --- | --- | --- | --- | | scope | object | | scope of related services | | options | object | | passed to superclass c-tor | | options.scope | integer | main.globalScope | scope state |
ManageFace
Manage Face
Kind: global class
ManageService
FTN8: main Manage Service
Kind: global class
MasterAutoregFace
FTN8.2: Master Auth Face
Kind: global class
MasterAuthService
FTN8.2: Master Auth Service
Kind: global class
MasterAutoregFace
FTN8.2: Master Auth Auto-registration Face
Kind: global class
MasterAutoregService
FTN8.2: Master Auth Auto-registration Service
Kind: global class
MasterManageFace
FTN8.2: Master Auth Manage Face
Kind: global class
MasterManageService
FTN8.2: Master Auth Manage Service
Kind: global class
ServiceApp
All-in-one AuthService initialization
Kind: global class
- ServiceApp
- new ServiceApp(as, options)
- .ccm() ⇒ AdvancedCCM
- .executor() ⇒ Executor
- .close([done])
new ServiceApp(as, options)
C-tor
| Param | Type | Default | Description | | --- | --- | --- | --- | | as | AsyncSteps | | AsyncSteps interface | | options | object | {} | options | | [options.ccm] | AdvancedCCM | | external CCM instance | | [options.publicExecutor] | Executor | | external public executor instance | | [options.privateExecutor] | Executor | | external private executor instance | | [options.storagePassword] | string | | Base64 encoded KEK for storage | | [options.config] | object | | config overrides for MasterService | | [options.ccmOptions] | object | | auto-CCM options | | [options.notExpectedHandler] | callable | | 'notExpected' error handler | | [options.privateExecutorOptions] | object | | private auto-Executor options | | [options.publicExecutorOptions] | object | | public auto-Executor options | | [options.evtOptions] | object | | eventstream options | | [options.secVaultOptions] | object | | secure vault options | | [options.securityOptions] | object | | security interface options |
serviceApp.ccm() ⇒ AdvancedCCM
CCM instance accessor
Kind: instance method of ServiceApp
Returns: AdvancedCCM - instance
serviceApp.executor() ⇒ Executor
Executor instance accessor
Kind: instance method of ServiceApp
Returns: Executor - instance
serviceApp.close([done])
Shutdown of app and related instances
Kind: instance method of ServiceApp
| Param | Type | Default | Description | | --- | --- | --- | --- | | [done] | callable | | done callback |
SimpleSecurityProvider
Simple passthru FTN8 security provider for Executor.
NOTE: it's suitable for lightweight services without own SecVault.
Kind: global class
SatelessAuthFace
FTN8.1: Stateless AuthService Face
Kind: global class
StatelessAuthService
Manage Service
Kind: global class
StatelessManageFace
FTN8.1: Stateless Manage Face
Kind: global class
StatelessManageService
FTN8.1.: Stateless Manage Service
Kind: global class
StaticMasterAuth
MasterAuth implementation for AdvancedCCM with static Master Key
NOTE: this implementation rotates only derived keys
Kind: global class
new StaticMasterAuth(options, keyId, keyData, [paramFormat], [kds], [macAlgo])
C-tor
| Param | Type | Default | Description | | --- | --- | --- | --- | | options | object | | Options | | keyId | string | | master key ID | | keyData | string | | master key data in Base64 | | [paramFormat] | string | "YYYYMMDD" | format for derivation parameter | | [kds] | string | "HKDF256" | key derivation strategy | | [macAlgo] | string | "HS256" | MAC algorithm |
BaseFace
Base Face with neutral common registration functionality
Kind: global class
Note: Not official API
BaseFace.LATEST_VERSION
Latest supported FTN13 version
Kind: static property of BaseFace
BaseFace.PING_VERSION
Latest supported FTN4 version
Kind: static property of BaseFace
BaseFace.register(as, ccm, name, endpoint, [credentials], [options])
CCM registration helper
Kind: static method of BaseFace
| Param | Type | Default | Description | | --- | --- | --- | --- | | as | AsyncSteps | | steps interface | | ccm | AdvancedCCM | | CCM instance | | name | string | | CCM registration name | | endpoint | * | | see AdvancedCCM#register | | [credentials] | * | | see AdvancedCCM#register | | [options] | object | {} | interface options | | [options.version] | string | "1.0" | interface version to use |
BaseService
Base Service with common registration logic
Kind: global class
new BaseService(scope, options)
C-tor
| Param | Type | Description | | --- | --- | --- | | scope | object | scope of related services | | options | object | passed to superclass c-tor |
BaseService.register(as, executor, scope, options) ⇒ BaseService
Register Service with Executor
Kind: static method of BaseService
Returns: BaseService - instance
| Param | Type | Description | | --- | --- | --- | | as | AsyncSteps | steps interface | | executor | Executor | executor instance | | scope | object | scope of related services | | options | object | implementation defined options |