Identity

Identity

Provides Identity functionalty to a web page

Constructor

new Identity(options)

Source:
Parameters:
Name Type Description
options object
Properties
Name Type Attributes Default Description
clientId string

Example: "1234567890abcdef12345678"
sessionDomain string

Example: "https://id.site.com"
redirectUri string

Example: "https://site.com"
env string <optional>
 PRE

Schibsted account environment: PRE, PRO, PRO_NO, PRO_FI or PRO_DK
log function <optional>

A function that receives debug log information. If not set, no logging will be done
window object <optional>

window object
callbackBeforeRedirect function <optional>

callback triggered before session refresh redirect happen
Throws:
  • If any of options are invalid
Type
SDKError

Classes

Identity

Methods

enableVarnishCookie(optionsopt) → {void}

Source:

Set the Varnish cookie (SP_ID) when hasSession() is called. Note that most browsers require that you are on a "real domain" for this to work — so, not localhost

Parameters:
Name Type Attributes Description
options object <optional>
Properties
Name Type Attributes Description
expiresIn number <optional>

Override this to set number of seconds before the varnish cookie expires. The default is to use the same time that hasSession responses are cached for
domain string <optional>

Override cookie domain. E.g. «vg.no» instead of «www.vg.no»
Returns:
Type
void

logSettings() → {void}

Source:

Log used settings and version

Throws:
  • If log method is not provided
Type
SDKError
Returns:
Type
void

hasSession() → {Promise.<(HasSessionSuccessResponse|HasSessionFailureResponse)>}

Queries the hassession endpoint and returns information about the status of the user

Source:

When we send a request to this endpoint, cookies sent along with the request determines the status of the user.

Fires:
Throws:
  • If the call to the hasSession service fails in any way (this will happen if, say, the user is not logged in)
Type
SDKError
Returns:
Type
Promise.<(HasSessionSuccessResponse|HasSessionFailureResponse)>

(async) isLoggedIn() → {Promise.<boolean>}

Allows the client app to check if the user is logged in to Schibsted account

Source:

This function calls Identity#hasSession internally and thus has the side effect that it might perform an auto-login on the user

Returns:
Type
Promise.<boolean>

clearCachedUserSession() → {void}

Source:

Removes the cached user session.

Returns:
Type
void

(async) isConnected() → {Promise.<boolean>}

Check if the user is connected to the client_id

Source:

This function calls Identity#hasSession internally and thus has the side effect that it might perform an auto-login on the user

Returns:
Type
Promise.<boolean>

(async) getUser() → {Promise.<HasSessionSuccessResponse>}

Returns information about the user

Source:

This function calls Identity#hasSession internally and thus has the side effect that it might perform an auto-login on the user

Throws:

  • If the user isn't connected to the merchant

    Type
    SDKError

  • If we couldn't get the user

    Type
    SDKError
Returns:
Type
Promise.<HasSessionSuccessResponse>

(async) getUserId() → {Promise.<string>}

In Schibsted account, there are multiple ways of identifying a user; the userId, uuid and externalId used for identifying a user-merchant pair (see Identity#getExternalId). There are reasons for them all to exist. The userId is a numeric identifier, but since Schibsted account is deployed separately in Norway and Sweden, there are a lot of duplicates. The userId was introduced early, so many sites still need to use them for legacy reasons. The uuid is universally unique, and so — if we could disregard a lot of Schibsted components depending on the numeric userId — it would be a good identifier to use

Source:

This function calls Identity#hasSession internally and thus has the side effect that it might perform an auto-login on the user

Throws:

If the user isn't connected to the merchant

Type
SDKError
Returns:

The userId field (not to be confused with the uuid)

Type
Promise.<string>

(async) getExternalId(externalParty, optionalSuffix) → {Promise.<string>}

Retrieves the external identifier (externalId) for the authenticated user.

In Schibsted Account there are multiple ways of identifying users, however for integrations with third-parties it's recommended to use externalId as it does not disclose any critical data whilst allowing for user identification.

externalId is merchant-scoped using a pairwise identifier (pairId), meaning the same user's ID will differ between merchants. Additionally, this identifier is bound to the external party provided as argument.

Source:

This function calls Identity#hasSession internally and thus has the side effect that it might perform an auto-login on the user

Parameters:
Name Type Description
externalParty string
optionalSuffix string | null
Throws:

  • If the pairId is missing in user session.

    Type
    SDKError

  • If the externalParty is not defined

    Type
    SDKError
Returns:

The merchant- and 3rd-party-specific externalId

Type
Promise.<string>

(async) getUserSDRN() → {Promise.<string>}

Enables brands to programmatically get the current the SDRN based on the user's session.

Source:

This function calls Identity#hasSession internally and thus has the side effect that it might perform an auto-login on the user

Throws:

If the SDRN is missing in user session object.

Type
SDKError
Returns:
Type
Promise.<string>

(async) getUserUuid() → {Promise.<string>}

In Schibsted account, there are two ways of identifying a user; the userId and the uuid. There are reasons for them both existing. The userId is a numeric identifier, but since Schibsted account is deployed separately in Norway and Sweden, there are a lot of duplicates. The userId was introduced early, so many sites still need to use them for legacy reasons. The uuid is universally unique, and so — if we could disregard a lot of Schibsted components depending on the numeric userId — it would be a good identifier to use

Source:

This function calls Identity#hasSession internally and thus has the side effect that it might perform an auto-login on the user

Throws:

If the user isn't connected to the merchant

Type
SDKError
Returns:

The uuid field (not to be confused with the userId)

Type
Promise.<string>

(async) getUserContextData() → {Promise.<(SimplifiedLoginData|null)>}

Get basic information about any user currently logged-in to their Schibsted account in this browser. Can be used to provide context in a continue-as prompt.

Source:

This function relies on the global Schibsted account user session cookie, which is a third-party cookie and hence might be blocked by the browser (for example due to ITP in Safari). So there's no guarantee any data is returned, even though a user is logged-in in the current browser.

Returns:
Type
Promise.<(SimplifiedLoginData|null)>

login(options) → {Window|null}

Perform a login, either using a full-page redirect or a popup

Source:
See:

If a popup is desired, this function needs to be called in response to a user event (like click or tap) in order to work correctly. Otherwise the popup will be blocked by the browser's popup blockers and has to be explicitly authorized to be shown.

Parameters:
Name Type Description
options LoginOptions
Properties
Name Type Attributes Default Description
state string
acrValues string <optional>
scope string <optional>
 openid
redirectUri string <optional>
preferPopup boolean <optional>
 false
loginHint string <optional>
tag string <optional>
teaser string <optional>
maxAge number | string <optional>
locale string <optional>
oneStepLogin boolean <optional>
 false
prompt string <optional>
 select_account
Returns:
  • Reference to popup window if created (or null otherwise)
Type
Window | null

(async) getSpId() → {Promise.<(string|null)>}

Retrieve the sp_id (Varnish ID)

Source:

This function calls Identity#hasSession internally and thus has the side effect that it might perform an auto-login on the user

Returns:
  • The sp_id string or null (if the server didn't return it)
Type
Promise.<(string|null)>

logout(redirectUri) → {void}

Logs the user out from the Identity platform

Source:
Parameters:
Name Type Description
redirectUri string

Where to redirect the browser after logging out of Schibsted account
Returns:
Type
void

loginUrl(options) → {string}

Source:

Generates the link to the new login page that'll be used in the popup or redirect flow

Parameters:
Name Type Description
options LoginOptions
Properties
Name Type Attributes Default Description
state string
acrValues string <optional>
scope string <optional>
 openid
redirectUri string <optional>
loginHint string <optional>
tag string <optional>
teaser string <optional>
maxAge number | string <optional>
locale string <optional>
oneStepLogin boolean <optional>
 false
prompt string <optional>
 select_account
Returns:
  • The url
Type
string

logoutUrl(redirectUriopt) → {string}

Source:

The url for logging the user out

Parameters:
Name Type Attributes Default Description
redirectUri string <optional>
 this.redirectUri
Returns:

url

Type
string

accountUrl(redirectUriopt) → {string}

Source:

The account summary page url

Parameters:
Name Type Attributes Default Description
redirectUri string <optional>
 this.redirectUri
Returns:
Type
string

phonesUrl(redirectUriopt) → {string}

Source:

The phone editing page url

Parameters:
Name Type Attributes Default Description
redirectUri string <optional>
 this.redirectUri
Returns:
Type
string

(async) showSimplifiedLoginWidget(loginParams, optionsopt) → {Promise.<(boolean|SDKError)>}

Source:

Function responsible for loading and displaying simplified login widget. How often widget will be display is up to you. Preferred way would be to show it once per user, and store that info in localStorage. Widget will be display only if user is logged in to SSO.

Parameters:
Name Type Attributes Description
loginParams SimplifiedLoginWidgetLoginOptions

the same as options param for login function. Login will be called on user continue action. state might be string or async function.
options SimplifiedLoginWidgetOptions <optional>

additional configuration of Simplified Login Widget
Fires:
Returns:
  • will resolve to true if widget will be display. Otherwise, will throw SDKError
Type
Promise.<(boolean|SDKError)>

Events

error

Source:

Emitted when an error happens (useful for debugging)

login

Source:

Emitted when the user is logged in (This happens as a result of calling Identity#hasSession, so it is also emitted if the user was previously logged in)

logout

Source:

Emitted when the user logged out

userChange

Source:

Emitted when the user is changed. This happens as a result of calling Identity#hasSession, and is emitted if there was a user both before and after this invocation, and the userId has now changed

sessionChange

Source:

Emitted when the session is changed. More accurately, this event is emitted if there was a logged-in user either before or after Identity#hasSession was called. In practice, this means the event is emitted a lot

notLoggedin

Source:

Emitted when there is no logged-in user. More specifically, it means that there was no logged-in user neither before nor after Identity#hasSession was called

sessionInit

Source:

Emitted when the session is first created

statusChange

Source:

Emitted when the user status changes. This happens as a result of calling Identity#hasSession

simplifiedLoginOpened

Source:

Emitted when the simplified login widget is displayed on the screen

simplifiedLoginCancelled

Source:

Emitted when the user closes the simplified login widget