Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add mfa recipe and info endpoint #45

Merged
merged 8 commits into from
Mar 12, 2024
Merged

feat: add mfa recipe and info endpoint #45

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
ed74c7f
feat: add mfa recipe and info endpoint
porcellus Oct 12, 2023
911ddbf
feat: update loginmethods response type to support mfa
porcellus Oct 13, 2023
8a60daf
chore: update changelog
porcellus Oct 13, 2023
4a42214
feat: add 403 response to sign in/up apis
porcellus Mar 4, 2024
d12fc6c
feat: update to match latest FDI
porcellus Mar 8, 2024
a2afb77
feat: add TOTP
porcellus Mar 11, 2024
7a9f515
feat: add better qrCodeString example
porcellus Mar 11, 2024
869911f
feat: update TOTP interface
porcellus Mar 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html)

## [1.19.0] - 2023-10-XX

### Added

- Added an endpoint to query information about MFA factors
rishabhpoddar marked this conversation as resolved.
Show resolved Hide resolved
- Updated loginmethods (`{apiBasePath}/loginmethods`) response type to include a list of first factors

## [1.18.0] - 2023-08-XX

### Changed
Expand Down
82 changes: 81 additions & 1 deletion api_spec.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ info:
description: |
These are the APIs exposed by our backend SDK. To be consumed by the frontend only.
`<tenantId>` in all the APIs are optional. Its default value is `public`
version: "1.18.0"
version: "1.19.0"
title: Frontend Driver Interface
contact:
email: [email protected]
Expand All @@ -16,10 +16,79 @@ tags:
- name: Passwordless Recipe
- name: ThirdPartyPasswordless Recipe
- name: EmailVerification Recipe
- name: MultiFactorAuth Recipe
- name: JWT Recipe
- name: OpenId Recipe
paths:


/{apiBasePath}/mfa/info:
get:
tags:
- MultiFactorAuth Recipe
operationId: getMFAInfo
description: |
Returns information about the auth factors of the current user and refreshes the related session claim
parameters:
- $ref: '#/components/parameters/apiBasePath'
- $ref: '#/components/parameters/multiFactorAuthRid'
- $ref: '#/components/parameters/anti-csrf'
security:
- AccessTokenBearer: []
- AccessTokenCookie: []

responses:
'200':
description: Information about the auth factors of the current user and optionally the session with a refreshed MFA claim
headers:
Set-Cookie:
description: Sent in cookie-based sessions if the access token payload is updated
schema:
type: string
example: 'sAccessToken=eyJhb...%3D%3D; Path=/; Expires=Tue, 22 Jun 2021 07:43:07 GMT; HttpOnly; SameSite=Lax'
st-access-token:
description: Sent in cookie-based sessions if the access token payload is updated
schema:
$ref: '#/components/schemas/token'
anti-csrf:
description: Sent if enabled by the user
schema:
$ref: '#/components/schemas/token'
front-token:
description: Sent if the access token payload is updated
schema:
$ref: '#/components/schemas/token'
Access-Control-Expose-Headers:
schema:
type: string
example: 'anti-csrf, front-token, st-access-token'
content:
application/json:
schema:
oneOf:
- type: object
properties:
status:
$ref: '#/components/schemas/statusOK'
info:
type: object
properties:
isAlreadySetup:
type: array
items:
type: string
isAllowedToSetup:
type: array
items:
type: string
- $ref: '#/components/schemas/generalErrorResponse'

'404':
$ref: '#/components/responses/404'

'500':
$ref: '#/components/responses/500'

/{apiBasePath}/<tenantId>/signinup/code⠀:
post:
tags:
Expand Down Expand Up @@ -1347,6 +1416,10 @@ paths:
enabled:
type: boolean
example: true
firstFactors:
rishabhpoddar marked this conversation as resolved.
Show resolved Hide resolved
type: array
items:
type: string
- $ref: '#/components/schemas/generalErrorResponse'
'404':
$ref: '#/components/responses/404'
Expand Down Expand Up @@ -2130,6 +2203,13 @@ components:
example: multitenancy
schema:
type: string

multiFactorAuthRid:
name: rid
in: header
example: multifactorauth
schema:
type: string

anti-csrf:
name: anti-csrf
Expand Down
Loading