JSDoc: Class: AuthenticationApi

new AuthenticationApi()

Authentication API

Source:

applets/core/js/santedb.js, line 4165

Members

(static, constant) this.ANONYMOUS_USER

SID for ANONYMOUS user

Source:

applets/core/js/santedb.js, line 4215

(static, constant) this.SYSTEM_USER

SID for SYSTEM USER

Source:

applets/core/js/santedb.js, line 4209

Methods

(static) authorizationCodeLoginAsync(noSession) → {Promise}

Performs an OAUTH authorization code grant

This function should be called *after* the authorization code has been obtained from the authorization server

Parameters:

Name	Type	Description
`noSession`	boolean	When true, indicates that there should not be a persistent session created

Source:

applets/core/js/santedb.js, line 4592

See:

https://help.santesuite.org/developers/service-apis/openid-connect

Returns:

A promise representing the session request

Type: Promise

(static) challengeLoginAsync(userName, challenge, response, tfaSecret) → {Promise}

Performs an extended login for the purpose of password reset (using a challenge and response)

This type of grant is an extension of the oauth grants. The resulting session is only valid for changing the user's own password. No other functions will work with this token

Parameters:

Name	Type	Description
`userName`	string	The name of the user which is logging in
`challenge`	string	The selected user challenge which is being answered
`response`	string	The user's response to the challenge offerred
`tfaSecret`	string	The two-factor secret if provided

Source:

applets/core/js/santedb.js, line 4376

See:

https://help.santesuite.org/developers/service-apis/openid-connect

Returns:

A promise representing the login request

Type: Promise

(static) clientCredentialLoginAsync(noSession, scope) → {Promise}

Performs an OAUTH client credentials login

A client credentials login is a login principal which only has an application principal. This is useful for password resets, etc.

Parameters:

Name	Type	Description
`noSession`	boolean	When true, indicates that a session should not be replaced that the request is a one time use token
`scope`	Array	The list of scopes for this session

Source:

applets/core/js/santedb.js, line 4541

See:

https://help.santesuite.org/developers/service-apis/openid-connect

Returns:

A promise representing the login request

Type: Promise

(static) demandAsync(policy) → {Promise}

Demand permission for the specified policy

Parameters:

Name	Type	Description
`policy`	string	The policy which is being demanded

Source:

applets/core/js/santedb.js, line 4235

Returns:

A promise representing the fulfillment or rejection of the demand

Type: Promise

(static) getSessionInfoAsync(forceServer) → {Promise}

Gets the extended session information

Parameters:

Name	Type	Description
`forceServer`	boolean	When true (or supplied) instructs the function to force a server fetch of the session

Source:

applets/core/js/santedb.js, line 4282

Returns:

A promise representing the fulfillment or rejection of the get request

Type: Promise

(static) getTfaModesAsync(upstream) → {Promise}

Retrieves information about the two-factor authentication modes supported by the server

Parameters:

Name	Type	Description
`upstream`	boolean	True if the request should be forwarded to the upstream

Source:

applets/core/js/santedb.js, line 4361

Returns:

The promise representing the fulfillment or rejection of the get request

Type: Promise

(static) logoutAsync() → {Promise}

Abandons the current SanteDB session

Source:

applets/core/js/santedb.js, line 4736

Returns:

The promise representing the fulfillment or rejection of the logout request

Type: Promise

(static) passwordLoginAsync(userName, password, tfaSecret, scope, uacPrompt, purposeOfUse, claims) → {Promise}

Performs a OAUTH password login

Parameters:

Name	Type	Description
`userName`	string	The name of the user which is logging in
`password`	string	The password of the user
`tfaSecret`	string	The two-factor secret if provided
`scope`	string	When true indicates that there should not be a persistent session (i.e. one time authentication)
`uacPrompt`	boolean	True if the authentication is part of a UAC prompt and no perminant session is to be
`purposeOfUse`	String	The identifier of the purpose of use for the access
`claims`	any	The claims which are to be appended to the OAUTH request

Source:

applets/core/js/santedb.js, line 4425

See:

https://help.santesuite.org/developers/service-apis/openid-connect

Returns:

A promise representing the login request

Type: Promise

(static) pinLoginAsync(userName, password, tfaSecret, noSession, purposeOfUse, scope) → {Promise}

Performs a local pin login

Parameters:

Name	Type	Description
`userName`	string	The name of the user which is logging in
`password`	string	The password of the user
`tfaSecret`	string	The two-factor secret if provided
`noSession`	boolean	When true indicates that there should not be a persistent session (i.e. one time authentication)
`purposeOfUse`	String	The reason the authentication is happening
`scope`	Array	The requested scope of the session

Source:

applets/core/js/santedb.js, line 4492

See:

https://help.santesuite.org/developers/service-apis/openid-connect

Returns:

A promise representing the login request

Type: Promise

(static) refreshLoginAsync(noSession) → {Promise}

Performs a refresh token grant

Parameters:

Name	Type	Description
`noSession`	boolean	True if no session should be setup

Source:

applets/core/js/santedb.js, line 4633

See:

https://help.santesuite.org/developers/service-apis/openid-connect

Returns:

A promise representing the session refresh request

Type: Promise

(static) setElevator(elevator)

Sets the elevator function

Parameters:

Name Type Description

elevator

any

An elevation implementation

Properties

Name	Type	Description
`getToken`	function	A function to get the current token
`elevate`	function	A function to perform elevation

Source:

applets/core/js/santedb.js, line 4271

(static) setPasswordAsync(sid, userName, passwd, upstream) → {Promise}

Sets the password of the specified user

Parameters:

Name	Type	Description
`sid`	string	The security identifier of the user which is being updated
`userName`	string	The name of the user to set the password to
`passwd`	string	The password to set the currently logged in user to
`upstream`	bool	True if the request should be routed to the upstream

Source:

applets/core/js/santedb.js, line 4678

Returns:

The promise representing the fulfillment or rejection of the password change

Type: Promise

(static) setupTfaSecretAsync(mechanism, code, upstream) → {Promise}

Initiates the setup of a TFA secret for the current user

Parameters:

Name	Type	Description
`mechanism`	string	The mode of two-factor authentication (email, sms, etc.)
`code`	string	When specified, the validation code to complete the setup
`upstream`	boolean	True if the request should be executed upstream

Source:

applets/core/js/santedb.js, line 4337

Returns:

A promise representing the outcome of the TFA secret send

Type: Promise

(static) this.expirePasswordAsync(sid, userName, upstream)

Immediately expire the user's password

Parameters:

Name	Type	Description
`sid`	string	The security user for which the password should be expired
`userName`	string	The name of the user which is to be expired
`upstream`	bool	True if the request should be sent to the upstream

Source:

applets/core/js/santedb.js, line 4716

(static) this.getCurrentFacilityId() → {String}

Gets the current CDR facility identifier from either (1) the user's session assertion (the facility the user is assigned to and/or selected on login) or (2) the configured facility

Source:

applets/core/js/santedb.js, line 4777

Returns:

The UUID of the current facility identifier

Type: String

(static) this.getCurrentUserEntityId() → {String}

Get the currently logged in user's CDR entity id

Source:

applets/core/js/santedb.js, line 4794

Returns:

The UUID of the current user's CDR entity id

Type: String