access method
Performs device attestation and retrieves an access token.
This method coordinates the complete device verification process:
- Obtains a challenge token (if not provided)
- Performs platform-specific device attestation
- Exchanges the attestation for an access token
- Stores the access token securely for future use
Parameters
challengeToken: Optional challenge token (will be generated if not provided)
Returns
A Future that resolves to a record containing the access token
Throws
HttpExceptionif there's a network errorCalljmpExceptionif attestation is rejected by the serverAttestationExceptionif device attestation fails
Example
try {
final result = await calljmp.integrity.access();
print('Access granted: ${result.accessToken}');
} catch (e) {
print('Integrity verification failed: $e');
}
Note
In debug mode, attestation failures are logged but do not prevent access token generation. In production, attestation failures will cause the method to throw an exception.
Implementation
Future<({String accessToken})> access({String? challengeToken}) async {
if (challengeToken == null) {
final result = await challenge();
challengeToken = result.challengeToken;
}
final attest = await _attestation
.attest({"token": challengeToken})
.catchError((error) {
developer.log(
"Failed to attest, this is fatal error unless it is in debug mode",
name: "calljmp",
error: error,
);
return Null;
});
final attestationToken = base64.encode(utf8.encode(jsonEncode(attest)));
final result = await http
.request("${_config.serviceUrl}/integrity/access")
.use(http.context(_config))
.post({"token": challengeToken, "attestationToken": attestationToken})
.json((json) => (accessToken: json["accessToken"] as String));
await CalljmpStore.instance.put(
CalljmpStoreKey.accessToken,
result.accessToken,
);
return result;
}