EMCasClient

Objective-C


@interface EMCasClient : NSObject

Swift

class EMCasClient : NSObject

A class that constructs CasClient to communicate with CAS Server. This class helps to implement the E2EE password encryption, supports the creation of encrypted payload for the users when they perform operations such as setting or changing the user password, or authenticating with the user password.

Since

6.1.0
  • Unavailable

    Undocumented

    Declaration

    Objective-C

    - (instancetype)init NS_UNAVAILABLE;
  • Initialize an instance of the CasClient. By default, this instance uses the EMCPasswordEncodingHashed encoding type.

    Since

    6.1.0

    Declaration

    Objective-C

    - (nonnull instancetype)initWithEncryptionVersion:
                                (EMCEncryptionVersion)encryptionVersion
                                            publicKey:(nonnull NSString *)publicKey;

    Swift

    convenience init(encryptionVersion: EMCEncryptionVersion, publicKey: String)

    Parameters

    encryptionVersion

    The CAS encryption version that is based on the CAS specifications.

    publicKey

    The RSA public key to be used for encryption. This key is provided by the CAS Server. @Note: Multiple instances can be constructed.

  • Initialize an instance of the CasClient.

    Since

    6.3.0

    Declaration

    Objective-C

    - (nonnull instancetype)
        initWithPasswordEncoding:(EMCPasswordEncoding)passwordEncoding
               encryptionVersion:(EMCEncryptionVersion)encryptionVersion
                       publicKey:(nonnull NSString *)publicKey;

    Swift

    init(passwordEncoding: EMCPasswordEncoding, encryptionVersion: EMCEncryptionVersion, publicKey: String)

    Parameters

    passwordEncoding

    The password encoding used by the CAS Server.

    encryptionVersion

    The CAS encryption version that is based on the CAS specifications.

    publicKey

    The RSA public key to be used for encryption. This key is provided by the CAS Server. @Note: Multiple instances can be constructed.

  • Generates the encrypted data to set the user’s password. The password provided will be hashed and then encrypted with the RSA public key. Prerequisites on CAS server: The user’s status must be active and the user must not have an existing password set. The user must be linked to a token that is in the active state.

    Since

    6.1.0

    Declaration

    Objective-C

    - (NSString *_Nullable)setUserPassword:(nonnull NSString *)userId
                                  password:(nonnull NSData *)password
                                      salt:(nonnull NSData *)salt
                                     error:(NSError *_Nullable *_Nullable)error;

    Swift

    func setUserPassword(_ userId: String, password: Data, salt: Data) throws -> String

    Parameters

    userId

    User ID.

    password

    The password to be set that is encoded in UTF-8 format.

    salt

    A salt value that is encoded in UTF-8 format. The salt should be a valid Hex string of even-length.

    error

    An error of type EMCCasError.

  • Generates the encrypted data to authenticate the current user. The password provided will be hashed and then encrypted with the RSA public key. Prerequisites on CAS server: The user’s status must be active and the user must already have a password set.

    Since

    6.1.0

    Declaration

    Objective-C

    - (NSString *_Nullable)authenticate:(nonnull NSString *)userId
                               password:(nonnull NSData *)password
                                   salt:(nonnull NSData *)salt
                                  error:(NSError *_Nullable *_Nullable)error;

    Swift

    func authenticate(_ userId: String, password: Data, salt: Data) throws -> String

    Parameters

    userId

    User ID.

    password

    The user’s password that is encoded in UTF-8 format.

    salt

    A salt value that is encoded in UTF-8 format. The salt should be a valid Hex string of even-length.

    error

    An error of type EMCCasError.

  • Generates the encrypted data to change the user’s password. The password provided will be hashed and then encrypted with the RSA public key. Prerequisites on CAS server: The user’s status must be active and the user must already have a password set.

    Note

    The salt for old password and new password can be the same.

    Since

    6.3.0

    Declaration

    Objective-C

    - (NSString *_Nullable)changeUserPassword:(nonnull NSString *)userId
                                  oldPassword:(nonnull NSData *)oldPassword
                                  newPassword:(nonnull NSData *)newPassword
                              oldPasswordSalt:(nonnull NSData *)oldPasswordSalt
                              newPasswordSalt:(nonnull NSData *)newPasswordSalt
                                        error:(NSError *_Nullable *_Nullable)error;

    Swift

    func changeUserPassword(_ userId: String, oldPassword: Data, newPassword: Data, oldPasswordSalt: Data, newPasswordSalt: Data) throws -> String

    Parameters

    userId

    User ID.

    oldPassword

    The user’s existing password that is encoded in UTF-8 format.

    newPassword

    The new password that is encoded in UTF-8 format.

    oldPasswordSalt

    A salt value that is encoded in UTF-8 format. The salt should be a valid Hex string of even-length.

    newPasswordSalt

    A salt value that is encoded in UTF-8 format. The salt should be a valid Hex string of even-length.

    error

    An error of type EMCCasError.

  • Migrates the existing password to a new password using the encoding format specified in the EMCCasClient instance. The password provided will be hashed and then encrypted with the RSA public key. Prerequisites on CAS server: The user’s status must be active and the user must already have a password set.

    Note

    The salt for old password and new password can be the same. If the old password is already of the EMCPasswordEncodingHashed format, this API would simply change the password to the intended type.

    Since

    6.3.0

    Declaration

    Objective-C

    - (NSString *_Nullable)migrateUserPassword:(nonnull NSString *)userId
                                   oldPassword:(nonnull NSData *)oldPassword
                           oldPasswordEncoding:
                               (EMCPasswordEncoding)oldPasswordEncoding
                                   newPassword:(nonnull NSData *)newPassword
                               oldPasswordSalt:(nonnull NSData *)oldPasswordSalt
                               newPasswordSalt:(nonnull NSData *)newPasswordSalt
                                         error:(NSError *_Nullable *_Nullable)error;

    Swift

    func migrateUserPassword(_ userId: String, oldPassword: Data, oldPasswordEncoding: EMCPasswordEncoding, newPassword: Data, oldPasswordSalt: Data, newPasswordSalt: Data) throws -> String

    Parameters

    userId

    User ID.

    oldPassword

    The user’s existing password that is encoded in UTF-8 format.

    oldPasswordEncoding

    The encoding format of the user’s existing password.

    newPassword

    The new password that is encoded in UTF-8 format.

    oldPasswordSalt

    A salt value that is encoded in UTF-8 format. The salt should be a valid Hex string of even-length.

    newPasswordSalt

    A salt value that is encoded in UTF-8 format. The salt should be a valid Hex string of even-length.

    error

    An error of type EMCCasError.