Class: RemoteAuthenticationFlow

RemoteAuthenticationFlow

Remote authentication flow object. This class is not directly instantiated. Instance of this class can be obtained when the promise returned from init resolves. Auth properties passed to init should be from one of:

Setting up and using these authentication flows are explained in the respective builder documentations.
Source:
See:

Extends

Methods

getHeaders(options) → {Promise.<Object.<string, string>>}

This method is used to get Authorization headers and any custom headers to be set for making XHR requests to secured end points. Headers are returned as an object in a format that can be directly added to the XHR request headers.

authFlow.getHeaders().then(function(headers){
  var request; // Represents an XHR request
  ...
  for (var key in headers) {
    if (headers.hasOwnProperty(key)) {
      request.setRequestHeader(key, headers[key]);
    }
  }
  ...
}
Parameters:
Name Type Description
options RemoteAuthenticationFlow~GetHeadersOptions

options to be used
Source:
Returns:
  • headers needed to be used for accessing secured resource.
Type of Auth What headers are returned Comments
HttpBasicAuthentication Basic auth header Generated from stored credentials. HttpBasicAuthPropertiesBuilder#offlineAuthAllowed should be true for SDK to store the credentials.
FederatedAuthentication Relevant cookies as header options.fedAuthSecuredUrl has to be set
FederatedAuthentication with FedAuthPropertiesBuilder#parseTokenRelayResponse turned ON Bearer token Can specify options.oauthScopes to get token for scope or a set of scopes.
OAuth, OpenID Bearer token Can specify options.oauthScopes to get token for scope or a set of scopes.

If the promise is rejected, the callback will receive and object of type AuthError

Type
Promise.<Object.<string, string>>

isAuthenticated(options) → {Promise.<boolean>}

This method is used to find out if the user is authenticated.

Parameters:
Name Type Description
options AuthenticationFlow~IsAuthenticatedOptions

options to be used
Overrides:
Source:
Returns:

If the promise is rejected, the callback will receive and object of type AuthError

Type
Promise.<boolean>

login() → {Promise.<AuthenticationFlow>}

This method is used to login.

The promise is resolved when login succeeds. Once login is successful, if this authentication is for accessing the app, user can be allowed to do so. If it is to access data secured resources this operation can now be performed. It may also be required to obtain certain headers for accessing the secured resource. In this case RemoteAuthenticationFlow#getHeaders can be used.

The promise gets rejected with an AuthError object which contains information on the reason of failure. This information can be used to shown the reason why login did not succeed. App can keep track of these failures and implement specific policies related to maximum attempts and steps to do after multiple failures here.

Sample usage:

cordova.plugins.IdmAuthFlows.init(authProps).then(
  function(authenticationFlow) {
    var loginPromise = authenticationFlow.login();
    loginPromise.then(...);
    loginPromise.catch(...);
  }
);
Overrides:
Source:
Returns:

If the promise is rejected, the callback will receive and object of type AuthError

Type
Promise.<AuthenticationFlow>

logout(purgeSettings) → {Promise.<AuthenticationFlow>}

This method is used to logout.

Once the promise is resolved, the user can be shown the login page to re-login or a way to attempt for the same. AuthenticationFlow#login can be invoked on the same AuthenticationFlow object. There is no need to create a new one, unless there is some change in the authentication properties such as server details.

User is essentially logged out even if logout promise is rejected. App can decide not to show the logout error to the end user as there is no action associated with it. There is one special case when device is offline. In this case, logout will throw an error because logout URL loading will fail. But device local logout will be successful. Application should handle this error, check for the device status (offline / online) and then decide to show the error message to the user.

The following table describes what is cleared on logout with different values for purgeSettings:
purgeSettings false true
HttpBasicAuthentication Clear remembered credentials Clears offline, remembered credentials, user preferences
FederatedAuthentication Clear Cookies by loading logout URL
OAuth, OpenID Clear access token Invalidate session maintained by the browser by loading logout URL.
Parameters:
Name Type Description
purgeSettings boolean

pass true to reset all saved information for this auth. Falls back to 'false' if non boolean is passed.
Overrides:
Source:
Returns:

If the promise is rejected, the callback will receive and object of type AuthError

Type
Promise.<AuthenticationFlow>

Type Definitions

GetHeadersOptions

Option object to be used with RemoteAuthenticationFlow#getHeaders

Type:
  • Object
Properties:
Name Type Description
fedAuthSecuredUrl String

URL for which cookies and headers need to retrieved. Applicable only for for FedAuth.
oauthScopes Array.<String>

Scopes for which header is requested. Need to be set for OAuth cases where fine grained control on the token is needed. If not specified, the first OAuth token available will be returned. Applicable only for for OAuth
Source: