ScramAuthentication class

This class enables SCRAM authentication process with PBKDF2 as key derivation function

Inheritance

• Object
• AbstractAuthentication
• ScramAuthentication

Constructors

ScramAuthentication(String secret, {Duration? challengeTimeout, bool reuseClientKey = false})

Initialized the instance with the secret and an optional challengeTimeout which will cause the authentication process to fail if the server response took too long. The reuseClientKey option will compute the client key only for the first time. The second time stored client key is used

ScramAuthentication.fromClientKey(Uint8List clientKey, {Duration? challengeTimeout})

If the client key was stored, use this named constructor with the stored clientKey instead. This will save computation time. The optional challengeTimeout will cause the authentication process to fail if the server response took too long.

Properties

authid → String?

no setter

challengeTimeout → Duration

no setter

clientKey → Future<Uint8List>

no setter

hashCode → int

The hash code for this object.

no setter, inherited

helloNonce → String?

no setter

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

secret → String?

no setter

Methods

challenge(Extra extra) → Future<Authenticate>

This method accepts the servers challenge and responds with the according authentication method, that is to be sent to the server to authenticate the session. It calculates the client proof according to the WAMP-SCRAM specs where authId is the username that has already been saslpreped with Saslprep.saslprep(input) and helloNonce is a randomly generated nonce according to the WAMP-SCRAM specs. The keylength is 32 according to the WAMP-SCRAM specs

override

createSignature(String authId, String helloNonce, Extra extra, HashMap<String, Object?> authExtra) → String

Calculates the client proof according to the WAMP-SCRAM specs where authId is the username that has already been saslpreped with Saslprep.saslprep(input) and helloNonce is a randomly generated nonce according to the WAMP-SCRAM specs. The keylength is 32 according to the WAMP-SCRAM specs

getName() → String

The official name of the authentication method used in the opening handshake of wamp

override

hello(String? realm, Details details) → Future<void>

This method is called by the session to modify the hello details for a given realm. This method generates the authExtra 'nonce' value and starts the timeout to cancel the challenge if it took exceptionally long to receive

override

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

toString() → String

A string representation of this object.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited

Static Properties

defaultKeyLength → int

final

kdfArgon → String

final

kdfPbkdf2 → String

final

Static Methods

createAuthMessage(String authId, String helloNonce, HashMap authExtra, Extra challengeExtra) → String

This creates the SCRAM authmessage according to the WAMP-SCRAM specs

verifyClientProof(List<int> clientProof, Uint8List storedKey, String authMessage) → bool

this is a scrum authentication verifier that will used to run the integration test for scrum authentication. This method is used on the router side to validate the challenge result.