Authention Module :
If no biometry , if there is an inactivity for n minutes , we should remove the creds .
canActivate function to check if the plugin can be loaded or not
##Authentication Types
User Authentication:Username and Password ( from OGS IDP / Sectoral IDP ) Biometric Authentication (e.g., Fingerprint, Face ID)
Device Authentication:Device-based Authentication (e.g., Unique Device Identifier) Certificate-based Authentication (using digital certificates to verify device identity) -not in the current scope - Coming Soon
API Authentication:OAuth 2.0 (Access Token) JSON Web Tokens (JWT) API Keys (for basic access control)
Authenticating for updates and notifications Push Notification Authentication:
Location-based Authentication:Using device location as an additional authentication factor
This module will be calling loginPlugin.validateUser() function to validate the user and prompt for login / refresh the token etc.. based on the login mechanism of the AOK selected.
Authenticaton Plugin
The authentication module is a secure and flexible module designed for a mobile application. It provides various authentication mechanisms, including username/password and biometric authentication. The module manages user sessions, validates login responses, and stores user data securely in a vault. Its seamless integration allows for dynamic login mechanisms and enhanced security features, ensuring a smooth and secure user authentication experience.
this plugin will call validateUser() of LoginPlugin configured to initiate user login using OGS / Sectoral IDP
Prototype
Function and Attribute Description for Auth Module
| Method or Attribute | Type / Return Type | Name | Description |
|---|---|---|---|
| Attribute | String | identifier | Each plugin has a unique identifier that is used for logging, debugging, and being referenced from other plugins. This identifier should follow this format: <provider>.<app_name>.<plugin_name>. Example: ey.navida.videoconsultation. |
| Method | void | onUserInteraction() | Internal function to handle user interactions, such as tapping a button. |
| Method | void | startTimeoutTimer() | Internal function to start a timeout timer for session management. |
| Method | void | clearTimeoutTimer() | Internal function to clear the timeout timer. |
| Method | void | handleTimeout() | Internal function to handle session timeout. |
| Method | void | setSessionExpirationTime() | Internal function to set the session expiration time. |
| Method | void | storeSessionExpirationTime(expirationTime: number) | Internal function to store the session expiration time in a secure vault. |
| Method | boolean | validateLoginResponse(loginResponse: any) | Internal function to validate the login response received from the selected login mechanism. |
| Method | User | createUserFromLoginResponse(response: any) | Internal function to create a user object from the login response. |
| Method | void | storeUserSession(user: User) | Internal function to store the user session. |
| Method | User or null | getUserFromSession() | Function to retrieve the user from the stored session, returns the user object if a session exists, or null if no session is available. |
| Method | boolean | isBiometricAvailable() | Function to check if biometric authentication is available on the device. |
| Method | Promise<boolean> | authenticateWithBiometric() | Function to perform biometric authentication. Returns a promise with a boolean indicating the success of authentication. |
| Method | void | storeInSecureVault(key: string, data: any) | Function to store data securely in the native security vault. |
| Method | any | getFromSecureVault(key: string) | Function to retrieve data from the native security vault based on the given key. |
| Method | void | removeFromSecureVault(key: string) | Function to remove data from the native security vault based on the given key. |
| Method | void | lockSecureVaultWithBiometric() | Function to lock the secure vault using biometric authentication. |
| Method | boolean | isSecureVaultLocked() | Function to check if the secure vault is locked. |
| Method | boolean | verifyAge(age: number) | Function to verify the user's age. |
Function and Attribute Description for USER classs:
| Method or Attribute | Type / Return Type | Name | Description |
|---|---|---|---|
| Attribute | String | username | The username of the user. |
| Attribute | String | The email of the user. | |
| Method | String | getUsername() | Function to get the username of the user. |
| Method | String | getEmail() | Function to get the email of the user. |