API Docs for: 1.3.12
Show:

EcRemoteIdentityManager Class

Logs into and stores/retrieves credentials from a compatible remote server. Performs anonymization of the user.

Requires initialization with server specific salts. Server specific salts prevent co-occurrence attacks, should credentials on one server be compromised (intercepted in transit).

Transmits hashed username, hashed password, and encrypts credentials using the hashed combination of the username and password. This prevents the system storing the credentials from having any knowledge of the user.

Password recovery is done by, when the password changes, creating a cryptographic pad (or perfect cipher) where one half is stored on the server, and the other half is stored with the user. Should the user lose this pad and forget their password, they are not able to recover or reset their password, and their data should be considered lost.

Methods

changePassword

(
  • username
  • oldPassword
  • newPassword
)
Boolean

Change password of user in memory. Does not automatically commit new credentials.

Please clear username and password fields after this function is called.

Parameters:

  • username String

    Username

  • oldPassword String

    Current password

  • newPassword String

    Desired password

Returns:

Boolean:

Valid password change request.

clear

()

Wipes login data.

commit

(
  • success
  • failure
)

Commits credentials in EcIdentityManager to remote server.

Will trigger pad generation and fail if the pad has not been specified.

Parameters:

  • success Callback1
  • failure Callback1

configure

(
  • usernameSalt
  • usernameIterations
  • usernameWidth
  • passwordSalt
  • passwordIterations
  • passwordWidth
  • secretSalt
  • secretIterations
)

Configure parameters of the remote login storage.

Parameters:

  • usernameSalt String

    Salt used in hashing the username.

  • usernameIterations Int

    Number of times to hash the username.

  • usernameWidth Int

    Resultant width of username in bytes.

  • passwordSalt String

    Salt used to hash password.

  • passwordIterations Int

    Number of times to hash password.

  • passwordWidth Int

    Resultant width of password in bytes.

  • secretSalt String

    Salt used to hash secret (composed of username + password)

  • secretIterations Int

    Number of times to hash secret.

configureFromServer

(
  • success
  • failure
)

Configures parameters of the remote server by accessing configuration details via webservice

Parameters:

  • success Callback1

    Callback triggered after successfully configured

  • failure Callback1

    Callback triggered if an error during failure

  • create

    (
    • success
    • failure
    )

    Creates an account.

    Please note that the remote login server does not throw error messages if an account creation is blocked due to being a duplicate. This prevents login probing. This will always succeed (if the request is properly formed and makes it to the server).

    Will trigger pad generation and fail if the pad has not been specified.

    Parameters:

    • success Callback1

      Callback triggered after successfully creating an account

    • failure Callback1

      Callback triggered if error creating an account

    fetch

    (
    • success
    • failure
    )

    Fetch credentials from server, invoking events based on login success or failure.

    Automatically populates EcIdentityManager.

    Requires login().

    Parameters:

    • success Callback1
    • failure Callback1
    • sendCredentials

      (
      • success
      • failure
      • service
      )

      Sends the identity managers credentials to the service specified

      Parameters:

      • success Callback1

        Callback triggered if credentials sent successfully

      • failure Callback1

        Callback triggered if error sending credentials

      • service Object

        Service to send credentials to on server

      setDefaultIdentityManagementServer

      (
      • server
      )

      Configure compatible remote identity management server.

      Parameters:

      • server String

        URL to remote identity management server.

      splicePasswords

      (
      • passwords
      )
      String

      Splices together passwords (in a fashion more like shuffling a deck of cards, not appending).

      Parameters:

      • passwords String

        Passwords to splice.

      Returns:

      String:

      Spliced password.

      startLogin

      (
      • username
      • password
      )

      "Log Into" system, generating credentials. Does not actually remotely access any machine.

      Please clear username and password fields after this function is called.

      Parameters:

      • username String

        Username to login with

      • password String

        Password to authenticate username with