forgerock-auth/org.forgerock.android.auth.devicebind/ApplicationPinDeviceAuthenticator

ApplicationPinDeviceAuthenticator

open class ApplicationPinDeviceAuthenticator(val pinCollector: PinCollector = DefaultPinCollector()) : CryptoAware, DeviceAuthenticator, KeyStoreRepository

Device Authenticator which use Application PIN to secure device cryptography keys

Constructors

Link copied to clipboard
constructor(pinCollector: PinCollector = DefaultPinCollector())

Properties

Link copied to clipboard
internal lateinit var appPinAuthenticator: AppPinAuthenticator
Link copied to clipboard
private lateinit var cryptoKey: CryptoKey
Link copied to clipboard
private lateinit var keyStore: KeyStoreRepository
Link copied to clipboard
private val pinCollector: PinCollector
Link copied to clipboard
Link copied to clipboard
protected lateinit var prompt: Prompt
Link copied to clipboard

Functions

Link copied to clipboard
open suspend override fun authenticate(context: Context): DeviceBindingStatus

Authenticate the user to access the

Link copied to clipboard
open override fun delete(context: Context)
Link copied to clipboard
open override fun deleteKeys(context: Context)
Link copied to clipboard
open override fun exist(context: Context): Boolean
Link copied to clipboard
open suspend override fun generateKeys(context: Context, attestation: Attestation): KeyPair

generate the public and private KeyPair with Challenge

Link copied to clipboard
open fun getAlgorithm(): String

The JWS algorithm (alg) parameter. Header Parameter identifies the cryptographic algorithm used to secure the JWS.

Link copied to clipboard
private fun getCertificateChain(userId: String): List<Base64>
Link copied to clipboard
open override fun getInputStream(context: Context): InputStream
Link copied to clipboard
open fun getIssueTime(): Date

Get the token signed issue time.

Link copied to clipboard
open override fun getKeystoreType(): String
Link copied to clipboard
open fun getNotBeforeTime(): Date

Get the token not before time.

Link copied to clipboard
open override fun getOutputStream(context: Context): OutputStream
Link copied to clipboard
private fun getPrivateKey(context: Context, pin: CharArray): DeviceBindingStatus

Retrieve the Keystore Type, default to KeyStore.getDefaultType

Link copied to clipboard
Link copied to clipboard
open override fun isSupported(context: Context, attestation: Attestation): Boolean

check if supported device binding

Link copied to clipboard
open override fun prompt(prompt: Prompt)

Set the Authentication Prompt

Link copied to clipboard
override fun setKey(cryptoKey: CryptoKey)
Link copied to clipboard
open fun sign(context: Context, userKey: UserKey, privateKey: PrivateKey, signature: Signature?, challenge: String, expiration: Date, customClaims: Map<String, Any> = emptyMap()): String
open fun sign(context: Context, keyPair: KeyPair, signature: Signature?, kid: String, userId: String, challenge: String, expiration: Date, attestation: Attestation = Attestation.None): String

sign the challenge sent from the server and generate signed JWT

Link copied to clipboard
Link copied to clipboard
open fun validateCustomClaims(customClaims: Map<String, Any>): Boolean

Validate custom claims