Add option to manually checking transaction state

lib/errors/index.js

@@ -12,3 +12,5 @@ exports.NotEnrolledError = require('./not_enrolled_error');
 exports.AuthMethodDisabledError = require('./auth_method_disabled_error');
 exports.EnrollmentMethodDisabledError = require('./enrollment_method_disabled_error');
 exports.InvalidEnrollmentError = require('./invalid_enrollment_error');
+exports.InvalidStateError = require('./invalid_state_error');
+exports.UnexpectedInputError = require('./unexpected_input_error');

lib/errors/invalid_state_error.js

@@ -0,0 +1,16 @@
+'use strict';
+
+var object = require('../utils/object');
+var GuardianError = require('./guardian_error');
+
+function InvalidStateError(message) {
+  GuardianError.call(this, {
+    message: message,
+    errorCode: 'invalid_state'
+  });
+}
+
+InvalidStateError.prototype = object.create(GuardianError.prototype);
+InvalidStateError.prototype.contructor = InvalidStateError;
+
+module.exports = InvalidStateError;

lib/errors/unexpected_input_error.js

@@ -0,0 +1,16 @@
+'use strict';
+
+var object = require('../utils/object');
+var GuardianError = require('./guardian_error');
+
+function UnexpectedInputError(message) {
+  GuardianError.call(this, {
+    message: message,
+    errorCode: 'unexpected_input'
+  });
+}
+
+UnexpectedInputError.prototype = object.create(GuardianError.prototype);
+UnexpectedInputError.prototype.contructor = UnexpectedInputError;
+
+module.exports = UnexpectedInputError;

lib/index.js

@@ -9,6 +9,13 @@ var auth0Ticket = require('./utils/auth0_ticket');
 var httpClient = require('./utils/http_client');
 var transactionFactory = require('./transaction/factory');
 var clientFactory = require('./utils/client_factory');
+
+var apiTransport = {
+  polling: 'polling',
+  manual: 'polling',
+  socket: 'socket'
+};
+
 /**
  * @public
  *
@@ -26,7 +33,9 @@ var clientFactory = require('./utils/client_factory');
  * @param {string} [options.globalTrackingId] Id used to associate the request
  * in the transaction (that includes both Guardian and Auth0-server requests)
  * @param {string} options.accountLabel
- * @param {socket|polling} [options.transport]
+ *
+ * @deprecated @param {string} [options.transport] Use stateCheckingMechanism
+ * @param {string} [options.stateCheckingMechanism]
  *
  * @param {SocketClient} [options.dependencies.socketClient] Client factory for socket api
  * @param {function(serviceUrl)} [options.dependencies.httpClient] Client factory for http
@@ -44,7 +53,7 @@ function auth0GuardianJS(options) {
   self.httpClient = object.get(options, 'dependencies.httpClient',
     httpClient(self.serviceUrl, globalTrackingId));
 
-  self.transport = options.transport || 'socket';
+  self.transport = options.transport || options.state_checking_mechanism || 'socket';
 
   self.socketClient = clientFactory.create({
     serviceUrl: self.serviceUrl,
@@ -81,7 +90,9 @@ auth0GuardianJS.prototype.start = function start(callback) {
 
   self.httpClient.post('/api/start-flow',
     self.credentials,
-    { state_transport: self.transport },
+    // TODO: polling is not a good name for api state checking since
+    // it could be polling or manual checking
+    { state_transport: apiTransport[self.transport] },
     function startTransaction(err, txLegacyData) {
       if (err) {
         callback(err);
@@ -138,19 +149,27 @@ auth0GuardianJS.prototype.start = function start(callback) {
  *
  * @param {string} transactionState.baseUrl
 
- * @param {undefined|string} options.transport
+ * @deprecated @param {string} [options.transport] Use stateCheckingMechanism
+ * @param {string} [options.stateCheckingMechanism]
+ *
  * @param {SocketClient} [options.dependencies.socketClient] Client factory for socket api
  * @param {function(serviceUrl)} [options.dependencies.httpClient] Client factory for http
  */
 
 auth0GuardianJS.resume = function resume(options, transactionState, callback) {
-  var txId = jwtToken(transactionState.transactionToken).getDecoded().txid;
+  var transactionTokenObject = jwtToken(transactionState.transactionToken);
+  var txId = transactionTokenObject.getDecoded().txid;
 
   // create httpClient/socketClient
   var httpClientInstance = object.get(options, 'dependencies.httpClient',
     httpClient(transactionState.baseUrl, txId));
 
-  var transport = options.transport || 'socket';
+  var transport = options.transport || options.stateCheckingMechanism || 'socket';
+
+  if (transactionTokenObject.isExpired()) {
+    asyncHelpers.setImmediate(callback, new errors.CredentialsExpiredError());
+    return;
+  }
 
   var socketClient = clientFactory.create({
     serviceUrl: transactionState.baseUrl,

lib/transaction/auth_verification_step.js

@@ -4,6 +4,7 @@ var object = require('../utils/object');
 var asyncHelpers = require('../utils/async');
 var EventEmitter = require('events').EventEmitter;
 var helpers = require('./helpers');
+var events = require('../utils/events');
 
 function authVerificationStep(strategy, options) {
   var self = object.create(authVerificationStep.prototype);
@@ -28,7 +29,16 @@ authVerificationStep.prototype.getMethod = function getMethod() {
   return this.strategy.method;
 };
 
-authVerificationStep.prototype.verify = function verify(data) {
+/**
+ * @param {object} data
+ * @param {function} [acceptedCallback] Triggered once the data has been
+ * accepted by the service provider, the first arguments indicates if it
+ * was valid
+ */
+authVerificationStep.prototype.verify = function verify(data, acceptedCallback) {
+  // eslint-disable-next-line no-param-reassign
+  acceptedCallback = acceptedCallback || function noop() {};
+
   var self = this;
 
   // TODO Move this to the transaction
@@ -57,14 +67,27 @@ authVerificationStep.prototype.verify = function verify(data) {
       verificationPayload = verificationPayload || {};
 
       if (err) {
+        if (acceptedCallback) {
+          events.ignoreError(self, err);
+
+          acceptedCallback(err);
+        }
+
         done(err);
         return;
       }
 
-      done(null, {
+      var payload = {
         // New recovery code if needed (recover)
         recoveryCode: verificationPayload.recoveryCode
-      });
+      };
+
+      // On the one hand we trigger the callback since the data has been
+      // accepted by the service provider, on the other hand
+      // we still need to wait for (loginOrRejectTask) to trigger the event.
+      // loginOrRejectTask might never be triggered in case of transport=manual
+      acceptedCallback(null, payload);
+      done(null, payload);
     });
   };
 
@@ -88,4 +111,10 @@ authVerificationStep.prototype.verify = function verify(data) {
   });
 };
 
+authVerificationStep.prototype.serialize = function serialize() {
+  var self = this;
+
+  return { method: self.getMethod() };
+};
+
 module.exports = authVerificationStep;

lib/transaction/enrollment_confirmation_step.js

@@ -1,5 +1,6 @@
 var object = require('../utils/object');
 var asyncHelpers = require('../utils/async');
+var events = require('../utils/events');
 var EventEmitter = require('events').EventEmitter;
 var enrollmentBuilder = require('../entities/enrollment');
 var helpers = require('./helpers');
@@ -31,7 +32,18 @@ enrollmentConfirmationStep.prototype.getData = function getData() {
   return this.strategy.getData();
 };
 
-enrollmentConfirmationStep.prototype.confirm = function confirm(data) {
+enrollmentConfirmationStep.prototype.getMethod = function getMethod() {
+  return this.strategy.method;
+};
+
+/**
+ * @param {object} data
+ * @param {function} [acceptedCallback] Triggered once the data has been accepted by
+ * the service provider, the first argument indicates if it was valid
+ */
+enrollmentConfirmationStep.prototype.confirm = function confirm(data, acceptedCallback) {
+  // eslint-disable-next-line no-param-reassign
+  acceptedCallback = acceptedCallback || function noop() {};
   var self = this;
 
   // TODO Move this to the transaction
@@ -44,7 +56,21 @@ enrollmentConfirmationStep.prototype.confirm = function confirm(data) {
   };
 
   var confirmTask = function confirmTask(done) {
-    self.strategy.confirm(data, done);
+    self.strategy.confirm(data, function confirmationDataAccepted(err, result) {
+      if (err) {
+        if (acceptedCallback) {
+          events.ignoreError(self, err);
+
+          acceptedCallback(err);
+        }
+
+        done(err);
+        return;
+      }
+
+      acceptedCallback(err, { recoveryCode: self.enrollmentAttempt.getRecoveryCode() });
+      done(err, result);
+    });
   };
 
   asyncHelpers.all([
@@ -73,4 +99,10 @@ enrollmentConfirmationStep.prototype.confirm = function confirm(data) {
   });
 };
 
+enrollmentConfirmationStep.prototype.serialize = function serialize() {
+  var self = this;
+
+  return { method: self.getMethod() };
+};
+
 module.exports = enrollmentConfirmationStep;

lib/transaction/factory.js

@@ -54,6 +54,12 @@ exports.fromStartFlow = function buildTransactionFromStartFlow(data, options) {
  * @param {EventEmitter} options.transactionEventsReceiver
  * Receiver for transaction events; it will receive  backend related transaction events
  *
+ * @param {object} transactionState.authVerificationStep
+ * @param {otp|push|sms} transactionState.authVerificationStep.method
+ *
+ * @param {object} transactionState.enrollmentConfirmationStep
+ * @param {otp|push|sms} transactionState.enrollmentConfirmationStep.method
+ *
  * @param {HttpClient} options.HttpClient
  *
  * @returns {Transaction}
@@ -63,7 +69,9 @@ exports.fromTransactionState = function fromTransactionState(transactionState, o
     transactionToken: jwtToken(transactionState.transactionToken),
     enrollments: object.map(transactionState.enrollments, enrollment),
     availableEnrollmentMethods: transactionState.availableEnrollmentMethods,
-    availableAuthenticationMethods: transactionState.availableAuthenticationMethods
+    availableAuthenticationMethods: transactionState.availableAuthenticationMethods,
+    authVerificationStep: transactionState.authVerificationStep,
+    enrollmentConfirmationStep: transactionState.enrollmentConfirmationStep
   };
 
   if (transactionState.enrollmentAttempt) {