@futoin/security
v0.3.17
Published
FutoIn Security Concept reference implementation
Downloads
411
Maintainers
andvgalReadme
About
FutoIn Security Concept is alternative to token based authentication & authorization mechanisms.
Features:
- FutoIn SecVault sensitive data storage security
- User & configuration management (FTN8):
- Stateless Authentication (FTN8.1):
- Clear text
- Message Authentication Code (HMAC with static key)
- Master Secret Authentication (FTN8.2):
- multiple master keys with custom scope support
- derived key per each peer
- automatic time-based derived key rotation
- optional automatic master key rotation
Documentation --> FutoIn Guide
Reference implementation of:
Author: Andrey Galkin
Installation for Node.js
Command line:
$ npm install @futoin/security --saveor:
$ yarn add @futoin/security --saveExamples
API documentation
Classes
CachedManageService
FTN8: Cached Manage Service
Kind: global class
new CachedManageService(scope, options)
C-tor
| Param | Type | Description | | --- | --- | --- | | scope | object | scope of related services | | options | object | passed to superclass c-tor | | [options.scope] | number | scope state |
ManageFace
Manage Face
Kind: global class
ManageService
FTN8: main Manage Service
Kind: global class
MasterAutoregFace
FTN8.2: Master Auth Face
Kind: global class
MasterAuthService
FTN8.2: Master Auth Service
Kind: global class
MasterAutoregFace
FTN8.2: Master Auth Auto-registration Face
Kind: global class
MasterAutoregService
FTN8.2: Master Auth Auto-registration Service
Kind: global class
MasterManageFace
FTN8.2: Master Auth Manage Face
Kind: global class
MasterManageService
FTN8.2: Master Auth Manage Service
Kind: global class
ServiceApp
All-in-one AuthService initialization
Kind: global class
- ServiceApp
- new ServiceApp(as, [options])
- .ccm() ⇒ AdvancedCCM
- .executor() ⇒ Executor
- .close([done])
new ServiceApp(as, [options])
C-tor
| Param | Type | Description | | --- | --- | --- | | as | AsyncSteps | AsyncSteps interface | | [options] | object | options | | [options.ccm] | AdvancedCCM | external CCM instance | | [options.publicExecutor] | Executor | external public executor instance | | [options.privateExecutor] | Executor | external private executor instance | | [options.storagePassword] | string | Base64 encoded KEK for storage | | [options.config] | object | config overrides for MasterService | | [options.ccmOptions] | object | auto-CCM options | | [options.notExpectedHandler] | function | 'notExpected' error handler | | [options.privateExecutorOptions] | object | private auto-Executor options | | [options.publicExecutorOptions] | object | public auto-Executor options | | [options.evtOptions] | object | eventstream options | | [options.secVaultOptions] | object | secure vault options | | [options.securityOptions] | object | security interface options |
serviceApp.ccm() ⇒ AdvancedCCM
CCM instance accessor
Kind: instance method of ServiceApp
Returns: AdvancedCCM - instance
serviceApp.executor() ⇒ Executor
Executor instance accessor
Kind: instance method of ServiceApp
Returns: Executor - instance
serviceApp.close([done])
Shutdown of app and related instances
Kind: instance method of ServiceApp
| Param | Type | Default | Description | | --- | --- | --- | --- | | [done] | function | | done callback |
SimpleSecurityProvider
Simple passthru FTN8 security provider for Executor.
NOTE: it's suitable for lightweight services without own SecVault.
Kind: global class
SatelessAuthFace
FTN8.1: Stateless AuthService Face
Kind: global class
StatelessAuthService
Manage Service
Kind: global class
StatelessManageFace
FTN8.1: Stateless Manage Face
Kind: global class
StatelessManageService
FTN8.1.: Stateless Manage Service
Kind: global class
StaticMasterAuth
MasterAuth implementation for AdvancedCCM with static Master Key
NOTE: this implementation rotates only derived keys
Kind: global class
new StaticMasterAuth(options)
C-tor
| Param | Type | Description | | --- | --- | --- | | options | object | Options | | options.keyId | string | master key ID | | options.keyData | string | master key data in Base64 | | [options.paramFormat] | string | format for derivation parameter | | [options.kds] | string | key derivation strategy | | [options.macAlgo] | string | MAC algorithm |
BaseFace
Base Face with neutral common registration functionality Not official API
Kind: global class
BaseFace.LATEST_VERSION
Latest supported FTN13 version
Kind: static property of BaseFace
BaseFace.PING_VERSION
Latest supported FTN4 version
Kind: static property of BaseFace
BaseFace.register(as, ccm, name, endpoint, [credentials], [options])
CCM registration helper
Kind: static method of BaseFace
| Param | Type | Default | Description | | --- | --- | --- | --- | | as | AsyncSteps | | steps interface | | ccm | AdvancedCCM | | CCM instance | | name | string | | CCM registration name | | endpoint | any | | see AdvancedCCM#register | | [credentials] | any | | see AdvancedCCM#register | | [options] | object | | interface options | | [options.version] | string | | interface version to use |
BaseService
Base Service with common registration logic
Kind: global class
new BaseService(scope, options)
C-tor
| Param | Type | Description | | --- | --- | --- | | scope | object | scope of related services | | options | object | passed to superclass c-tor |
BaseService.register(as, executor, scope, options) ⇒ BaseService
Register Service with Executor
Kind: static method of BaseService
Returns: BaseService - instance
| Param | Type | Description | | --- | --- | --- | | as | AsyncSteps | steps interface | | executor | Executor | executor instance | | scope | object | scope of related services | | options | object | implementation defined options |