Interface encapsulating a library of functions for calling Sudo Platform identity service, handling federated sign in, managing keys and performing cryptographic operations.

interface SudoUserClient {
    sudoKeyManager: SudoKeyManager;
    clearAuthenticationTokens(): Promise<void>;
    deregister(): Promise<void>;
    getAccessToken(): Promise<undefined | string>;
    getIdToken(): Promise<undefined | string>;
    getLatestAuthToken(): Promise<string>;
    getRefreshToken(): Promise<undefined | string>;
    getRefreshTokenExpiry(): Promise<undefined | Date>;
    getSubject(): Promise<undefined | string>;
    getTokenExpiry(): Promise<undefined | Date>;
    getUserClaim(name: string): Promise<any>;
    getUserName(): Promise<undefined | string>;
    globalSignOut(): Promise<void>;
    isRegistered(): Promise<boolean>;
    isSignedIn(): Promise<boolean>;
    presentFederatedSignInUI(): void;
    presentSignOutUI(): void;
    processFederatedSignInTokens(url: string): Promise<AuthenticationTokens>;
    refreshTokens(refreshToken: string): Promise<AuthenticationTokens>;
    registerWithAuthenticationProvider(
        authenticationProvider: AuthenticationProvider,
        registrationId?: string,
    ): Promise<string>;
    reset(): Promise<void>;
    resetUserData(): Promise<void>;
    setUserName(name: string): Promise<void>;
    signInWithAuthenticationProvider(
        authenticationProvider: AuthenticationProvider,
    ): Promise<AuthenticationTokens>;
    signInWithKey(): Promise<AuthenticationTokens>;
    signOut(): Promise<void>;
}

Implemented by

Properties

sudoKeyManager: SudoKeyManager

Getter to retrieve the SudoKeyManager

Methods

  • Clears cached authentication tokens.

    Returns Promise<void>

  • De-registers the user associated with this client. The user must be signed in.

    Returns Promise<void>

  • Returns the access token cached from the last sign-in.

    Returns Promise<undefined | string>

    access token.

  • Returns the ID token cached from the last sign-in.

    Returns Promise<undefined | string>

    ID token.

  • Retrieves the latest ID token. This is to be used by the AWS AppSync client.

    Returns Promise<string>

    the latest ID token

  • Returns the refresh token cached from the last sign-in.

    Returns Promise<undefined | string>

    refresh token.

  • Returns the refresh token expiry cached from the last sign-in.

    Returns Promise<undefined | Date>

    refresh token expiry.

  • Returns the subject of the user associated with this client. Note: This is an internal method used by other Sudo platform SDKs.

    Returns Promise<undefined | string>

    user subject.

  • Returns the ID and access token expiry cached from the last sign-in.

    Returns Promise<undefined | Date>

    token expiry.

  • Returns the specified claim associated with the user's identity.

    Parameters

    • name: string

      claim name.

    Returns Promise<any>

  • Returns the user name associated with this client. The username maybe needed to contact the support team when diagnosing an issue related to a specific user.

    Returns Promise<undefined | string>

    user name.

  • Signs out the user from all devices.

    Returns Promise<void>

  • Indicates whether or not this client is registered with Sudo Platform backend.

    Returns Promise<boolean>

    true if the client is registered.

  • Indicates whether or not this client is signed in with Sudo Platform backend. The client is considered signed in if it cached valid ID, access and refresh tokens.

    Returns Promise<boolean>

    true if the client is signed in.

  • Presents the sign in UI for federated sign in using an external identity provider.

    Returns void

  • Presents the Cognito hosted UI signout endpoint. When the endpoint is invoked, the hosted web app's cookies will be invalidated, but the user is not logged out of Cognito.

    Returns void

  • Processes tokens from federated sign in returned to the specified URL. The tokens are passed to the web app via a redirect URL.

    Parameters

    • url: string

      callback URL containing the tokens.

    Returns Promise<AuthenticationTokens>

    Successful authentication result AuthenticationTokens.

  • Refresh the access and ID tokens using the refresh token.

    Parameters

    • refreshToken: string

      refresh token used to refresh the access and ID tokens.

    Returns Promise<AuthenticationTokens>

    Successful authentication result AuthenticationTokens containing refreshed tokens

  • Registers this client against the backend with an external authentication provider. The caller must implement AuthenticationProvider protocol to return the appropriate authentication token required to authorize the registration request.

    Parameters

    • authenticationProvider: AuthenticationProvider

      authentication provider that provides the authentication token.

    • OptionalregistrationId: string

      registration ID to uniquely identify this registration request.

    Returns Promise<string>

    user ID of the newly created user

  • Resets internal state and clears any cached data.

    Returns Promise<void>

  • Removes all data owned by the signed-in user in Sudo Platform Services without deregistering the user. Should only be used in tests.

    Returns Promise<void>

  • Sets the user name associated with this client.

    Parameters

    • name: string

      user name.

    Returns Promise<void>

  • Sign into the backend using an external authentication provider. Caller must implement AuthenticationProvider interface to return the appropriate authentication token associated with the external identity registered with registerWithAuthenticationProvider.

    Parameters

    • authenticationProvider: AuthenticationProvider

      authentication provider that provides the authentication token.

    Returns Promise<AuthenticationTokens>

    authentication tokens associated with the successful sign in.

  • Sign into the backend using a private key. The client must have created a private/public key pair via the registerWithAuthenticationProvider method.

    Returns Promise<AuthenticationTokens>

    authentication tokens associated with the successful sign in.

  • Signs out the user from this device.

    Returns Promise<void>