Flumind

Methods

(static) confirmUserEmail(userId, validationToken) → {boolean}

Service that validates the redis key-value pair used to recover the user's password.

Parameters:

Name	Type	Description
`userId`	string	Required: UserId of the user who's asking to recover the password
`validationToken`	string	Required: Token used to validate the operation (checks the corrispondence with the value stored in redis)

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/confirm-user-email

Returns:

True if everything is ok, false otherwise

Type: boolean

(static) getJwtToken(token) → {string}

Function that returns the JWT given its key (which could be the token itself or, most of the time, the tiny token)

Parameters:

Name	Type	Description
`token`	string	Required by the action: The JWT token or tiny token used as key to find the JWT token

Listens to Events:

event:HTTP GET /rest-api/corporateacademy-mediator/get-jwt-token/:token

Returns:

The JWT token

Type: string

(static) initPasswordRecovery(email) → {boolean}

Service that creates the redis key-value pair used to recover the user's password. The password will be recoverable until this token expires. It also sends an email to the user with the link to use to recover the password.

Parameters:

Name	Type	Description
`email`	string	Required: Email of the user who's asking to recover the password

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/init-password-recovery

Returns:

True if everything is ok, false otherwise

Type: boolean

(static) loginLocalPassword(email, password, deviceType, userAgent, createPersistentUserAuth) → {token}

Function that receive an email and a password to login the user with LOCAL data. This method should be used when no SSO system is available.

Parameters:

Name	Type	Description
`email`	string	Required: The email of the user to login
`password`	string	Required: The password of the user to login
`deviceType`	string	Optional: Type of device used by the user
`userAgent`	string	Optional: UserAgent of the user
`createPersistentUserAuth`	boolean	Optional: If true, the performed authentication will be saved as persistent auth too, which means that the user won't need to perform another login to access the protected resources (until the authentication expires, which usually will be after several time)

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/login-local-password

Returns:

The string of the auth token

Type: token

(static) loginRemoteTokenWithCheck(tenant, remoteToken, remoteCheck, deviceType, userAgent, createPersistentUserAuth) → {token}

Function that receive a token generated by a remote system and a check code to verify to login a user with LOCAL data.

Parameters:

Name	Type	Description
`tenant`	string	Required: The tenant to use
`remoteToken`	string	Required: The remoteToken of the user to login
`remoteCheck`	string	Required: The remoteCheck of the user to login
`deviceType`	string	Optional: Type of device used by the user
`userAgent`	string	Optional: UserAgent of the user
`createPersistentUserAuth`	boolean	Optional: If true, the performed authentication will be saved as persistent auth too, which means that the user won't need to perform another login to access the protected resources (until the authentication expires, which usually will be after several time)

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/login-remote-token-with-check

Returns:

The string of the auth token

Type: token

(static) loginSupplierPerson(username, password, tenant, deviceType, userAgent) → {token}

Logins a supplier person using its username and password. Only persons associated to an active supplier can perform a login.

Parameters:

Name	Type	Description
`username`	string	Required: The username of the supplier person
`password`	string	Required: The password of the supplier person (stored in the local DB)
`tenant`	string	Optional: The tenant to use for the supplier person's login. By default, it will be used the one specified in the configuration.
`deviceType`	string	Optional: The device type that the user used to login
`userAgent`	string	Optional: The user-agent that the user used to login

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/login-supplier-person

Returns:

The string of the auth token

Type: token

(static) logout(token)

Function that destroy the token of the user session.

Parameters:

Name	Type	Description
`token`	string	Required: the Authorization Bearer token passed in the Header of the request

Listens to Events:

event:HTTP GET /rest-api/corporateacademy-mediator/logout

Returns:

null

(static) recoverUserPassword(userId, newPassword, validationToken) → {boolean}

Service that updates the user's password. Used during the password recovery process (not authenticated user).

Parameters:

Name	Type	Description
`userId`	string	Required: UserId of the user who's asking to recover the password
`newPassword`	number	Required: New password value to set for the user
`validationToken`	string	Required: Token to check with the redis key-value pair (previously generated). After the update, the pair will be deleted.

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/recover-user-password

Returns:

True if everything is ok, false otherwise

Type: boolean

(static) renewToken(token) → {token}

Function that receive a valid token and renew it. It is used to extend the lifetime of a user session.

Parameters:

Name	Type	Description
`token`	string	Required: the Authorization Bearer token passed in the Header of the request

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/renew-token

Returns:

The string of the auth token

Type: token

(static) retrieveTokenAfterLogin(retrieveKey) → {string}

Function that retrieve the user token from Redis after a succesful login via remote service (like SAML). It is used to keep the token from traveling in the redirect url: a single-use key is inserted in its place which allows the browser to recover the token within a predetermined maximum time. In this way the after login page url or an attacker that capture the link will not be able to use the token after the user and it/he will be sent back to login

Parameters:

Name	Type	Description
`retrieveKey`	string	Required by the action: The JWT token or tiny token used as key to find the JWT token

Listens to Events:

event:HTTP GET /rest-api/corporateacademy-mediator/retrieve-token-after-login

Returns:

The JWT token the retrieveKey is valid and never used before, null otherwise

Type: string

(static) sendConfirmationEmail(userAgent, deviceType, forename, surname, email, password, photoUrl, token) → {UserGroup}

Add a new User or Log in to Candidate Journey

Parameters:

Name	Type	Description
`userAgent`	string	Required by the action: The user name
`deviceType`	string	Required by the action: The user name
`forename`	string	Required by the forename: The user name
`surname`	string	Required by the surname: The user surname
`email`	string	Required by the action: The user emai
`password`	string	Required by the action: The user department
`photoUrl`	string	Optional by the action: The user unit
`token`	string	Required: the Authorization Bearer token passed in the Header of the request

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/send-confirmation-email

Returns:

The new created group

Type: UserGroup

(static) setNewPassword(userId, oldPassword, newPassword, deviceType, userAgent, token) → {string}

Update user information

Parameters:

Name	Type	Description
`userId`	string	Required by the action: The User object to update
`oldPassword`	string	Required by the action: The User old password
`newPassword`	string	Required by the action: The User new password
`deviceType`	string	Optional by the action - Type of device used by the user
`userAgent`	string	Optional by the action - UserAgent of the user
`token`	string	Required: the Authorization Bearer token passed in the Header of the request

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/set-new-password

Returns:

The new token for the logged user

Type: string

(static) updateUserPassword(newPassword, oldPassword, token) → {boolean}

Service that updates the user's password. It retrieves the userId from the jwt token. Used when a logged users wants to update his password.

Parameters:

Name	Type	Description
`newPassword`	number	Required: New password to set for the user
`oldPassword`	number	Required: User's previous password
`token`	string	Required: the Authorization Bearer token passed in the Header of the request

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/update-user-password

Returns:

True if everything is ok, false otherwise

Type: boolean

(static) validateJwtToken(token, createLoginEngagement, deviceType, userAgent, token) → {boolean}

Validates the specified jwt token and, if requested, creates a login engagement

Parameters:

Name	Type	Description
`token`	string	Required: Token to validate, it must be defined as parameter or in the Bearer of the request
`createLoginEngagement`	boolena	Optional: If true, a login engagement will be generated
`deviceType`	string	Optional: Device type used by the user to perform the login, it will be saved in the login engagement's details
`userAgent`	string	Optional: User agent used by the user to perform the login, it will be saved in the login engagement's details
`token`	string	Required: the Authorization Bearer token passed in the Header of the request

Listens to Events:

event:HTTP GET /rest-api/corporateacademy-mediator/validate-jwt-token

Returns:

True if no errors were thrown during the execution

Type: boolean

(static) validatePasswordRecoveryToken(userId, validationToken) → {boolean}

Service that validates the redis key-value pair used to recover the user's password.

Parameters:

Name	Type	Description
`userId`	string	Required: UserId of the user who's asking to recover the password
`validationToken`	string	Required: Token used to validate the operation (checks the corrispondence with the value stored in redis)

Listens to Events:

event:HTTP POST /rest-api/corporateacademy-mediator/validate-password-recovery-token

Returns:

True if everything is ok, false otherwise

Type: boolean

corporateacademy-auth

Methods

(static) confirmUserEmail(userId, validationToken) → {boolean}

Parameters:

Listens to Events:

Returns:

(static) getJwtToken(token) → {string}

Parameters:

Listens to Events:

Returns:

(static) initPasswordRecovery(email) → {boolean}

Parameters:

Listens to Events:

Returns:

(static) loginLocalPassword(email, password, deviceType, userAgent, createPersistentUserAuth) → {token}

Parameters:

Listens to Events:

Returns:

(static) loginRemoteTokenWithCheck(tenant, remoteToken, remoteCheck, deviceType, userAgent, createPersistentUserAuth) → {token}

Parameters:

Listens to Events:

Returns:

(static) loginSupplierPerson(username, password, tenant, deviceType, userAgent) → {token}

Parameters:

Listens to Events:

Returns:

(static) logout(token)

Parameters:

Listens to Events:

Returns:

(static) recoverUserPassword(userId, newPassword, validationToken) → {boolean}

Parameters:

Listens to Events:

Returns:

(static) renewToken(token) → {token}

Parameters:

Listens to Events:

Returns:

(static) retrieveTokenAfterLogin(retrieveKey) → {string}

Parameters:

Listens to Events:

Returns:

(static) sendConfirmationEmail(userAgent, deviceType, forename, surname, email, password, photoUrl, token) → {UserGroup}

Parameters:

Listens to Events:

Returns:

(static) setNewPassword(userId, oldPassword, newPassword, deviceType, userAgent, token) → {string}

Parameters:

Listens to Events:

Returns:

(static) updateUserPassword(newPassword, oldPassword, token) → {boolean}

Parameters:

Listens to Events:

Returns:

(static) validateJwtToken(token, createLoginEngagement, deviceType, userAgent, token) → {boolean}

Parameters:

Listens to Events:

Returns:

(static) validatePasswordRecoveryToken(userId, validationToken) → {boolean}

Parameters:

Listens to Events:

Returns: