Created
May 15, 2014 20:25
-
-
Save onlyangel/3b395a942ead738ee843 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var domain = ""; | |
| //var domain = "http://secure.tok3n.com"; | |
| /* | |
| Tok3n Core | |
| */ | |
| //Get a session/transaction ID for this atempt of ussage of the API. Very important for security reasons. | |
| function getSessionId(publicKey,userKey){ | |
| return $.ajax(domain+"/api/v1/getSession?publicKey="+publicKey+"&kind=access&userKey="+userKey); | |
| } | |
| /* | |
| Tok3n SQRL | |
| */ | |
| // Get the url of the QR image. When the QR is downloaded we add some secure crypto session cookies that identified part of the QR transaction as an adendum of the session ID | |
| function getQR_URL(public, sessionId){ | |
| return domain+"/api/v1_5/getQR?publicKey="+publicKey+"&session="+sessionId; | |
| } | |
| // Ask if the QR has been validated | |
| function is_QR_Valid(){ | |
| return $.ajax(domain+"/api/v1_5/sqrl.loginIsValid"); | |
| //In the response if "{'Valid':'YES',...}" there is a valid login so continue with the flow. | |
| } | |
| // Ask if the OTP is valid | |
| function is_OTP_Valid(publicKey,UserKey,otp,session){ | |
| return $.ajax(domain+"/api/v1_5/otp.validate?publicKey="+publicKey+"&UserKey="+UserKey+"&otp="+otp+"&session="+session); | |
| //the response is pretty much the same as the "is_QR_Valid" method but with extra stuff | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment