0.15.0Single sign on and authentication without third parties or remote servers.
Generates an authentication request and redirects the user to the Blockstack browser to approve the sign in request.
Please note that this requires that the web browser properly handles the
blockstack: URL protocol handler.
Most applications should use this
method for sign in unless they require more fine grained control over how the
authentication request is generated. If your app falls into this category,
use generateAndStoreTransitKey, makeAuthRequest,
and redirectToSignInWithAuthRequest to build your own sign in process.
(String
= `${window.location.origin}/`)
The location to which the identity provider will redirect the user after
the user approves sign in.
(String
= `${window.location.origin}/manifest.json`)
Location of the manifest file.
(Array
= DEFAULT_SCOPE)
Defaults to requesting write access to
this app's data store.
An array of strings indicating which permissions this app is requesting.
void:
Check if there is a authentication request that hasn't been handled.
Boolean:
true
if there is a pending sign in, otherwise
false
Try to process any pending sign in request by returning a Promise that resolves
to the user data object if the sign in succeeds.
(String
= 'https://core.blockstack.org/v1/names/')
the endpoint against which to verify public
keys match claimed username
Promise:
that resolves to the user data object if successful and rejects
if handling the sign in request fails or there was no pending sign in request.
Retrieves the user data object. The user's profile is stored in the key profile.
Object:
User data object.
Check if a user is currently signed in.
Boolean:
true
if the user is signed in,
false
if not.
Sign the user out and optionally redirect to given location.
(String
= null)
Location to redirect user to after sign out.
void:
Generates an authentication request that can be sent to the Blockstack browser for the user to approve sign in.
(String
= generateAndStoreTransitKey())
hex encoded transit
private key
(String
= `${window.location.origin}/`)
location to redirect user to after sign in approval
(String
= `${window.location.origin}/manifest.json`)
location of this app's manifest file
(String
= window.location.origin)
the origin of this app
(Number
= nextHour().getTime())
the time at which this request is no longer valid
String:
the authentication request
Redirects the user to the Blockstack browser to approve the sign in request given.
The user is redirected to the blockstackIDHost if the blockstack:
protocol handler is not detected. Please note that the protocol handler detection
does not work on all browsers.
(String
= DEFAULT_BLOCKSTACK_HOST)
the URL to redirect the user to if the blockstack
protocol handler is not detected
void:
Retrieve the authentication token from the URL query
String:
the authentication token if it exists otherwise
null
Identity you own and control.
Extracts a profile from an encoded token and optionally verifies it,
if publicKeyOrAddress is provided.
(String)
the token to be extracted
(String
= null)
the public key or address of the
keypair that is thought to have signed the token
Object:
the profile extracted from the encoded token
publicKeyOrAddress
Wraps a token for a profile token file
(String)
the token to be wrapped
Object:
including
token
and
decodedToken
Signs a profile token
(Object)
the JSON of the profile to be signed
(String)
the signing private key
(Object
= null)
the entity that the information is about
(Object
= null)
the entity that is issuing the token
(String
= 'ES256K')
the signing algorithm to use
(Date
= new Date())
the time of issuance of the token
(Date
= nextYear())
the time of expiration of the token
Object:
the signed profile token
Verifies a profile token
(String)
the token to be verified
(String)
the public key or address of the
keypair that is thought to have signed the token
Object:
the verified, decoded profile token
Validates the social proofs in a user's profile. Currently supports validation of Facebook, Twitter, GitHub, Instagram, LinkedIn and HackerNews accounts.
(Object)
The JSON of the profile to be validated
(string)
The owner bitcoin address to be validated
(string
= null)
The Blockstack name to be validated
Promise:
that resolves to an array of validated proof objects
Look up a user profile by blockstack ID
(string)
The Blockstack ID of the profile to look up
(string
= http://localhost:6270/v1/names/)
The URL
to use for zonefile lookup
Promise:
that resolves to a profile object
Store your app's data without servers in storage your user controls.
Note: Blockstack Gaia Storage APIs and on-disk format will change in upcoming pre-releases breaking backward compatibility. File encryption is currently opt-in on a file by file basis.
Certain storage features such as and collections are not implemented in the current version. These features will be rolled out in future updates.
Retrieves the specified file from the app's data store.
(String)
the path to the file to read
(Object
= null)
options object
| Name | Description |
|---|---|
options.decrypt Boolean
(default false)
|
try to decrypt the data with the app private key |
options.username String
|
the Blockstack ID to lookup for multi-player storage |
options.app String
|
the app to lookup for multi-player storage - defaults to current origin |
options.zoneFileLookupURL String
(default http://localhost:6270/v1/names/)
|
the Blockstack core endpoint URL to use for zonefile lookup |
Promise:
that resolves to the raw data in the file
or rejects with an error
Stores the data provided in the app's data store to to the file specified.
(String)
the path to store the data in
Promise:
that resolves if the operation succeed and rejects
if it failed
Get the app storage bucket URL
(String)
the gaia hub URL
(String)
the app private key used to generate the app address
Promise:
That resolves to the URL of the app index file
or rejects if it fails
Fetch the public read URL of a user file for the specified app.
(String)
the path to the file to read
(String)
The Blockstack ID of the user to look up
(String)
The app origin
(string
= http://localhost:6270/v1/names/)
The URL
to use for zonefile lookup
Promise:
that resolves to the public read URL of the file
or rejects with an error
Verify the authentication response is valid
(String)
the authentication response token
(String)
the url use to verify owner of a username
Promise:
that resolves to true if auth response
is valid and false if it does not
Encrypt content to elliptic curve publicKey using ECIES
Object:
Object containing (hex encoded):
iv (initialization vector), cipherText (cipher text),
mac (message authentication code), ephemeral public key
wasString (boolean indicating with or not to return a buffer or string on decrypt)
Decrypt content encrypted using ECIES
(String)
secp256k1 private key hex string
(Object)
object to decrypt, should contain:
iv (initialization vector), cipherText (cipher text),
mac (message authentication code), ephemeralPublicKey
wasString (boolean indicating with or not to return a buffer or string on decrypt)
Buffer:
plaintext, or false if error
These two functions are app-specific connections to gaia hub, they read the user data object for information on setting up a hub connection, and store the hub config to localstorage
Promise:
that resolves to the new gaia hub connection
Deletes the specified file from the app's data store.
(String)
the path to the file to delete
Promise:
that resolves when the file has been removed
or rejects with an error
Versioning
(string)
the left half of the version inequality
(string)
right half of the version inequality
bool:
iff v1 >= v2