devise_fido_usf 0.1.7 → 0.1.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +1 -2
- data/app/controllers/devise/fido_usf_registrations_controller.rb +53 -23
- data/app/views/devise/fido_usf_authentications/new.html.erb +6 -6
- data/app/views/devise/fido_usf_registrations/_device.html.erb +1 -1
- data/app/views/devise/fido_usf_registrations/new.html.erb +6 -6
- data/app/views/devise/fido_usf_registrations/show.html.erb +1 -1
- data/lib/devise_fido_usf/controllers/helpers.rb +9 -7
- data/lib/devise_fido_usf/models/fido_usf_registerable.rb +4 -1
- data/lib/devise_fido_usf/version.rb +1 -1
- metadata +9 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 4b79b1247c83ed16483f2e4469dfcaad10389f18acb37a6c78c36b9c8d4c6305
|
|
4
|
+
data.tar.gz: a86822ad6910a44dd71b5255a7a268f22a5c2d5e284303b23c87329cd552dab7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 36813cba698731cc2edb1d9ecf3486dada54a51868ccc6ff270fbb1d125e41efa73528ee5930ea9ecb8a99254b20b26bab9ffea91834db9a9a13e1335491ef07
|
|
7
|
+
data.tar.gz: 9fde5fec4806f8e731e81d5d65e39d0c05c4ac435abb62050d05ddd23dc2b9d66788a17c397d1f713fd10b4ffec9e98ebe477afe66f37b9d5daa3c45d4480d45
|
data/README.md
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
# FIDO U2F Authentication for Rails Devise
|
|
2
2
|
|
|
3
3
|
[](https://badge.fury.io/rb/devise_fido_usf)
|
|
4
|
-
[](https://gemnasium.com/github.com/CyberDeck/devise-fido-u2f)
|
|
5
4
|
[](https://travis-ci.org/CyberDeck/devise-fido-u2f)
|
|
6
5
|
[](https://codeclimate.com/github/CyberDeck/devise-fido-u2f)
|
|
7
6
|
[](https://coveralls.io/github/CyberDeck/devise-fido-u2f)
|
|
@@ -66,7 +65,7 @@ You can install the `devise_fido_usf` views by running
|
|
|
66
65
|
rails generate devise_fido_usf:views
|
|
67
66
|
```
|
|
68
67
|
|
|
69
|
-
After that, you need to adapt the views to your needs. Take a look at the
|
|
68
|
+
After that, you need to adapt the views to your needs. Take a look at the [Devise FIDO U2F example app](https://github.com/cyberdeck/devise-fido-u2f-example-app) how it could be integrated into a Rails 5.1 application running Bootstrap v4.
|
|
70
69
|
|
|
71
70
|
## Contributing
|
|
72
71
|
This is my first developed and published gem. If you find something unusual or uncommon within my code, please drop me a note how to fix it or make it better. Thank you!
|
|
@@ -1,10 +1,12 @@
|
|
|
1
1
|
class Devise::FidoUsfRegistrationsController < ApplicationController
|
|
2
|
-
before_action :
|
|
2
|
+
before_action :authenticate_resource!
|
|
3
|
+
|
|
4
|
+
respond_to :html
|
|
3
5
|
|
|
4
6
|
def new
|
|
5
7
|
@registration_requests = u2f.registration_requests
|
|
6
8
|
session[:challenges] = @registration_requests.map(&:challenge)
|
|
7
|
-
key_handles =
|
|
9
|
+
key_handles = resource.fido_usf_devices.map(&:key_handle)
|
|
8
10
|
@sign_requests = u2f.authentication_requests(key_handles)
|
|
9
11
|
@app_id = u2f.app_id
|
|
10
12
|
render :new
|
|
@@ -12,19 +14,21 @@ class Devise::FidoUsfRegistrationsController < ApplicationController
|
|
|
12
14
|
|
|
13
15
|
# Show a list of all registered devices
|
|
14
16
|
def show
|
|
15
|
-
@devices =
|
|
17
|
+
@devices = resource.fido_usf_devices.all
|
|
16
18
|
render :show
|
|
17
19
|
end
|
|
18
20
|
|
|
19
21
|
def destroy
|
|
20
|
-
device =
|
|
21
|
-
@fade_out_id = device.id
|
|
22
|
+
device = resource.fido_usf_devices.find(params[:id])
|
|
23
|
+
@fade_out_id = device.id unless params[:on_success_redirect_to]
|
|
22
24
|
device.destroy
|
|
23
|
-
|
|
25
|
+
unless params[:on_success_redirect_to]
|
|
26
|
+
@devices = resource.fido_usf_devices.all
|
|
27
|
+
end
|
|
24
28
|
flash[:success] = I18n.t('fido_usf.flashs.device.removed')
|
|
25
29
|
respond_to do |format|
|
|
26
30
|
format.js
|
|
27
|
-
format.html { redirect_to
|
|
31
|
+
format.html { redirect_to fido_usf_registration_url }
|
|
28
32
|
end
|
|
29
33
|
end
|
|
30
34
|
|
|
@@ -34,39 +38,52 @@ class Devise::FidoUsfRegistrationsController < ApplicationController
|
|
|
34
38
|
reg = u2f.register!(session[:challenges], response)
|
|
35
39
|
|
|
36
40
|
pubkey = reg.public_key
|
|
37
|
-
pubkey = Base64.decode64(reg.public_key) unless pubkey.bytesize == 65 && pubkey.byteslice(0) != "\x04"
|
|
38
|
-
|
|
41
|
+
pubkey = Base64.decode64(reg.public_key) unless pubkey.bytesize == 65 && pubkey.byteslice(0) != "\x04"
|
|
42
|
+
|
|
39
43
|
@device = FidoUsf::FidoUsfDevice.create!(
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
44
|
+
user: resource,
|
|
45
|
+
name: "Token ##{resource.fido_usf_devices.count + 1}",
|
|
46
|
+
certificate: reg.certificate,
|
|
47
|
+
key_handle: reg.key_handle,
|
|
48
|
+
public_key: pubkey,
|
|
49
|
+
counter: reg.counter,
|
|
50
|
+
last_authenticated_at: Time.now
|
|
51
|
+
)
|
|
47
52
|
flash[:success] = I18n.t('fido_usf.flashs.device.registered')
|
|
48
53
|
rescue U2F::Error => e
|
|
49
54
|
@error_message = "Unable to register: #{e.class.name}"
|
|
50
|
-
flash[:error] = @error_message
|
|
55
|
+
flash[:error] = @error_message
|
|
51
56
|
ensure
|
|
52
57
|
session.delete(:challenges)
|
|
53
58
|
end
|
|
54
59
|
|
|
55
|
-
|
|
56
|
-
format.js
|
|
57
|
-
format.html { redirect_to user_fido_usf_registration_url }
|
|
58
|
-
end
|
|
60
|
+
respond_with resource, location: after_sign_in_path_for(resource)
|
|
59
61
|
end
|
|
60
62
|
|
|
61
63
|
def update
|
|
62
|
-
device =
|
|
64
|
+
device = resource.fido_usf_devices.find(params[:id])
|
|
63
65
|
device.update!(fido_usf_params)
|
|
64
66
|
respond_to do |format|
|
|
65
67
|
format.js
|
|
66
|
-
format.html { redirect_to
|
|
68
|
+
format.html { redirect_to fido_usf_registration_url }
|
|
67
69
|
end
|
|
68
70
|
end
|
|
69
71
|
|
|
72
|
+
if respond_to?(:helper_method)
|
|
73
|
+
helpers = %w[resource_name]
|
|
74
|
+
helper_method(*helpers)
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
protected
|
|
78
|
+
|
|
79
|
+
def resource_name
|
|
80
|
+
devise_mapping.name
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
def devise_mapping
|
|
84
|
+
@devise_mapping ||= request.env['devise.mapping']
|
|
85
|
+
end
|
|
86
|
+
|
|
70
87
|
private
|
|
71
88
|
|
|
72
89
|
def fido_usf_params
|
|
@@ -78,4 +95,17 @@ class Devise::FidoUsfRegistrationsController < ApplicationController
|
|
|
78
95
|
# use base_url as app_id, e.g. 'http://localhost:3000'
|
|
79
96
|
@u2f ||= U2F::U2F.new(request.base_url)
|
|
80
97
|
end
|
|
98
|
+
|
|
99
|
+
def resource
|
|
100
|
+
send("current_#{resource_name}")
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
def authenticate_resource!
|
|
104
|
+
send("authenticate_#{resource_name}!")
|
|
105
|
+
end
|
|
106
|
+
|
|
107
|
+
def fido_usf_registration_url
|
|
108
|
+
params[:on_success_redirect_to].presence ||
|
|
109
|
+
send("#{resource_name}_fido_usf_registration_url")
|
|
110
|
+
end
|
|
81
111
|
end
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
<h2>Authenticate key</h2>
|
|
2
2
|
<p>Please insert one of your registered keys and press the button within 15 seconds</p>
|
|
3
3
|
<p id="waiting">Waiting...</p>
|
|
4
|
-
<p id="error"
|
|
5
|
-
<%= form_tag
|
|
4
|
+
<p id="error" class="d-none"></p>
|
|
5
|
+
<%= form_tag send("#{resource_name}_fido_usf_authentication_path"), method: 'post' do %>
|
|
6
6
|
<%= hidden_field_tag :response %>
|
|
7
7
|
<% end %>
|
|
8
|
-
|
|
8
|
+
<%= javascript_tag nonce: true do -%>
|
|
9
9
|
var appId = <%= @app_id.to_json.html_safe %>;
|
|
10
10
|
var signRequests = <%= @sign_requests.to_json.html_safe %>;
|
|
11
11
|
var challenge = <%= @challenge.to_json.html_safe %>;
|
|
@@ -19,8 +19,8 @@
|
|
|
19
19
|
5: 'Authentication timed out. Please reload to try again.'
|
|
20
20
|
};
|
|
21
21
|
var setError = function(code) {
|
|
22
|
-
$waiting.
|
|
23
|
-
$error.
|
|
22
|
+
$waiting.className += ' d-none';
|
|
23
|
+
$error.className = $error.className.replace(/\bd-none\b/g, '');
|
|
24
24
|
$error.innerHTML = errorMap[code];
|
|
25
25
|
};
|
|
26
26
|
|
|
@@ -38,4 +38,4 @@
|
|
|
38
38
|
|
|
39
39
|
form.submit();
|
|
40
40
|
}, 15);
|
|
41
|
-
|
|
41
|
+
<% end -%>
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<tr id="device_<%= device.id %>">
|
|
2
2
|
<td><%= device.name %></td>
|
|
3
3
|
<td><%= l(device.last_authenticated_at, format: :long) %></td>
|
|
4
|
-
<td><%= link_to 'Delete',
|
|
4
|
+
<td><%= link_to 'Delete', send("#{resource_name}_fido_usf_registration_path", id: device.id), remote: true, method: :delete, data: { confirm: "Should device #{device.name} be deleted?" } %></td>
|
|
5
5
|
</tr>
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
<h2>Register key</h2>
|
|
2
2
|
<p>Please insert the key and press the button within 15 seconds</p>
|
|
3
3
|
<p id="waiting">Waiting...</p>
|
|
4
|
-
<p id="error"
|
|
4
|
+
<p id="error" class="d-none"></p>
|
|
5
5
|
|
|
6
|
-
<%= form_tag
|
|
6
|
+
<%= form_tag send("#{resource_name}_fido_usf_registration_path"), method: 'post' do %>
|
|
7
7
|
<%= hidden_field_tag :response %>
|
|
8
8
|
<% end %>
|
|
9
9
|
|
|
10
|
-
|
|
10
|
+
<%= javascript_tag nonce: true do -%>
|
|
11
11
|
var appId = <%= @app_id.to_json.html_safe %>;
|
|
12
12
|
var registerRequests = <%= @registration_requests.to_json.html_safe %>;
|
|
13
13
|
var signRequests = <%= @sign_requests.to_json.html_safe %>;
|
|
@@ -21,8 +21,8 @@
|
|
|
21
21
|
5: 'Authentication timed out. Please reload to try again.'
|
|
22
22
|
};
|
|
23
23
|
var setError = function(code) {
|
|
24
|
-
$waiting.
|
|
25
|
-
$error.
|
|
24
|
+
$waiting.className += ' d-none';
|
|
25
|
+
$error.className = $error.className.replace(/\bd-none\b/g, '');
|
|
26
26
|
$error.innerHTML = errorMap[code];
|
|
27
27
|
};
|
|
28
28
|
|
|
@@ -40,4 +40,4 @@
|
|
|
40
40
|
|
|
41
41
|
form.submit();
|
|
42
42
|
}, 15);
|
|
43
|
-
|
|
43
|
+
<% end -%>
|
|
@@ -2,4 +2,4 @@
|
|
|
2
2
|
<p>List of registered devices:</p>
|
|
3
3
|
<%= render 'devise/fido_usf_registrations/devices' %>
|
|
4
4
|
<p><%= link_to 'Back', root_path %></p>
|
|
5
|
-
<p><%= link_to 'Add',
|
|
5
|
+
<p><%= link_to 'Add', send("new_#{resource_name}_fido_usf_registration_path") %></p>
|
|
@@ -7,22 +7,24 @@ module DeviseFidoUsf
|
|
|
7
7
|
|
|
8
8
|
included do
|
|
9
9
|
before_action :check_request_and_redirect_to_verify_fido_usf,
|
|
10
|
-
if: :
|
|
10
|
+
if: :user_signing_in?
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
private
|
|
14
|
-
|
|
15
|
-
|
|
14
|
+
|
|
15
|
+
def devise_sessions_controller?
|
|
16
|
+
self.class == Devise::SessionsController ||
|
|
17
|
+
self.class.ancestors.include?(Devise::SessionsController)
|
|
16
18
|
end
|
|
17
19
|
|
|
18
|
-
def
|
|
20
|
+
def user_signing_in?
|
|
19
21
|
if devise_controller? && signed_in?(resource_name) &&
|
|
20
|
-
|
|
21
|
-
|
|
22
|
+
devise_sessions_controller? &&
|
|
23
|
+
action_name == 'create'
|
|
22
24
|
return true
|
|
23
25
|
end
|
|
24
26
|
|
|
25
|
-
|
|
27
|
+
false
|
|
26
28
|
end
|
|
27
29
|
|
|
28
30
|
def check_request_and_redirect_to_verify_fido_usf
|
|
@@ -4,7 +4,10 @@ module Devise
|
|
|
4
4
|
extend ActiveSupport::Concern
|
|
5
5
|
|
|
6
6
|
included do
|
|
7
|
-
has_many :fido_usf_devices,
|
|
7
|
+
has_many :fido_usf_devices,
|
|
8
|
+
as: :user,
|
|
9
|
+
class_name: 'FidoUsf::FidoUsfDevice',
|
|
10
|
+
dependent: :destroy
|
|
8
11
|
end
|
|
9
12
|
end
|
|
10
13
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_fido_usf
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.12
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- H. Gregor Molter
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-03-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: devise
|
|
@@ -242,10 +242,14 @@ files:
|
|
|
242
242
|
- lib/generators/templates/README
|
|
243
243
|
- lib/generators/templates/migration.rb
|
|
244
244
|
- lib/tasks/devise_fido_usf_tasks.rake
|
|
245
|
-
homepage: https://github.com/CyberDeck/devise-fido-u2f
|
|
245
|
+
homepage: https://github.com/CyberDeck/devise-fido-u2f
|
|
246
246
|
licenses:
|
|
247
247
|
- MIT
|
|
248
|
-
metadata:
|
|
248
|
+
metadata:
|
|
249
|
+
homepage_uri: https://github.com/cyberdeck/devise-fido-u2f
|
|
250
|
+
changelog_uri: https://github.com/cyberdeck/devise-fido-u2f/blob/master/CHANGELOG.md
|
|
251
|
+
source_code_uri: https://github.com/cyberdeck/devise-fido-u2f/
|
|
252
|
+
bug_tracker_uri: https://github.com/cyberdeck/devise-fido-u2f/issues
|
|
249
253
|
post_install_message:
|
|
250
254
|
rdoc_options: []
|
|
251
255
|
require_paths:
|
|
@@ -261,8 +265,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
261
265
|
- !ruby/object:Gem::Version
|
|
262
266
|
version: '0'
|
|
263
267
|
requirements: []
|
|
264
|
-
|
|
265
|
-
rubygems_version: 2.5.2
|
|
268
|
+
rubygems_version: 3.0.3
|
|
266
269
|
signing_key:
|
|
267
270
|
specification_version: 4
|
|
268
271
|
summary: A Devise module to allow FIDO U2F authentication.
|