warden-webauthn 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 36082b734ccb5b1748cdd966e199ee9b8860ba6c9ec98b8a930b41afbbb5df9f
|
4
|
+
data.tar.gz: a90dcd55aec7c3165d12e63bcf3cabd0b5cfbe114c1540b25cc2362fbe984c9b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5117c10ce7a6b1d33be4831d8979db4263c7031751b0696116ac98d3d5c4f8dea9aec2eccd47bfd9defac47bb0c025922da4b671c713f573087a1c913a6f5b03
|
7
|
+
data.tar.gz: 213ed13560b36c8b08963226ea99b02b0628fb35185389ba2a621919a3c0a05c7db0f2c8475397e140702da129aaf8e810a0b4522c51fdc04c3eac8d0037ad48
|
@@ -0,0 +1,43 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Warden
|
4
|
+
module WebAuthn
|
5
|
+
# Helper method for generating a symbol based on the WebAuthn::Error
|
6
|
+
class ErrorKeyFinder
|
7
|
+
# rubocop:disable Metrics/CyclomaticComplexity
|
8
|
+
# rubocop:disable Metrics/MethodLength
|
9
|
+
def self.webauthn_error_key(exception:)
|
10
|
+
case exception
|
11
|
+
when ::WebAuthn::AttestationStatement::FormatNotSupportedError
|
12
|
+
:webauthn_attestation_statement_format_not_supported
|
13
|
+
when ::WebAuthn::PublicKey::UnsupportedAlgorithm
|
14
|
+
:webauthn_public_key_unsupported_algorithm
|
15
|
+
when ::WebAuthn::AttestationStatement::UnsupportedAlgorithm
|
16
|
+
:webauthn_attestation_statement_unsupported_algorithm
|
17
|
+
when ::WebAuthn::UserVerifiedVerificationError
|
18
|
+
:webauthn_user_verified_verification_error
|
19
|
+
when ::WebAuthn::ChallengeVerificationError
|
20
|
+
:webauthn_challenge_verification_error
|
21
|
+
when ::WebAuthn::SignCountVerificationError
|
22
|
+
:webauthn_sign_count_verification_error
|
23
|
+
when ::WebAuthn::VerificationError
|
24
|
+
:webauthn_verification_error
|
25
|
+
when ::WebAuthn::ClientDataMissingError
|
26
|
+
:webauthn_client_data_missing
|
27
|
+
when ::WebAuthn::AuthenticatorDataFormatError
|
28
|
+
:webauthn_authenticator_data_format
|
29
|
+
when ::WebAuthn::AttestedCredentialDataFormatError
|
30
|
+
:webauthn_attested_credential_data_format
|
31
|
+
when ::WebAuthn::RootCertificateFinderNotSupportedError
|
32
|
+
:webauthn_root_certificate_finder_not_supported
|
33
|
+
when ::WebAuthn::Error
|
34
|
+
:webauthn_generic_error
|
35
|
+
else
|
36
|
+
raise RuntimeError
|
37
|
+
end
|
38
|
+
end
|
39
|
+
# rubocop:enable Metrics/CyclomaticComplexity
|
40
|
+
# rubocop:enable Metrics/MethodLength
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -16,6 +16,34 @@ module Warden
|
|
16
16
|
session[registration_challenge_key] = options_for_registration.challenge
|
17
17
|
end
|
18
18
|
|
19
|
+
def verify_registration(relying_party:)
|
20
|
+
relying_party.verify_registration(
|
21
|
+
parsed_credential, registration_challenge, user_verification: true
|
22
|
+
)
|
23
|
+
ensure
|
24
|
+
delete_registration_challenge
|
25
|
+
end
|
26
|
+
|
27
|
+
def registration_challenge
|
28
|
+
session[registration_challenge_key]
|
29
|
+
end
|
30
|
+
|
31
|
+
def delete_registration_challenge
|
32
|
+
session.delete(registration_challenge_key)
|
33
|
+
end
|
34
|
+
|
35
|
+
def parsed_credential
|
36
|
+
JSON.parse(raw_credential)
|
37
|
+
end
|
38
|
+
|
39
|
+
def raw_credential
|
40
|
+
params[raw_credential_key]
|
41
|
+
end
|
42
|
+
|
43
|
+
def raw_credential_key
|
44
|
+
"credential"
|
45
|
+
end
|
46
|
+
|
19
47
|
def registration_challenge_key
|
20
48
|
"current_webauthn_registration_challenge"
|
21
49
|
end
|
@@ -22,7 +22,7 @@ module Warden
|
|
22
22
|
|
23
23
|
stored_credential
|
24
24
|
rescue ::WebAuthn::Error => e
|
25
|
-
fail!(webauthn_error_key(exception: e))
|
25
|
+
fail!(ErrorKeyFinder.webauthn_error_key(exception: e))
|
26
26
|
nil
|
27
27
|
rescue NoStoredCredentialFound
|
28
28
|
errors.add(:stored_credential, :not_found)
|
@@ -33,39 +33,6 @@ module Warden
|
|
33
33
|
end
|
34
34
|
# rubocop:enable Metrics/MethodLength
|
35
35
|
|
36
|
-
# rubocop:disable Metrics/CyclomaticComplexity
|
37
|
-
# rubocop:disable Metrics/MethodLength
|
38
|
-
def webauthn_error_key(exception:)
|
39
|
-
case exception
|
40
|
-
when ::WebAuthn::AttestationStatement::FormatNotSupportedError
|
41
|
-
:webauthn_attestation_statement_format_not_supported
|
42
|
-
when ::WebAuthn::PublicKey::UnsupportedAlgorithm
|
43
|
-
:webauthn_public_key_unsupported_algorithm
|
44
|
-
when ::WebAuthn::AttestationStatement::UnsupportedAlgorithm
|
45
|
-
:webauthn_attestation_statement_unsupported_algorithm
|
46
|
-
when ::WebAuthn::UserVerifiedVerificationError
|
47
|
-
:webauthn_user_verified_verification_error
|
48
|
-
when ::WebAuthn::ChallengeVerificationError
|
49
|
-
:webauthn_challenge_verification_error
|
50
|
-
when ::WebAuthn::SignCountVerificationError
|
51
|
-
:webauthn_sign_count_verification_error
|
52
|
-
when ::WebAuthn::VerificationError
|
53
|
-
:webauthn_verification_error
|
54
|
-
when ::WebAuthn::ClientDataMissingError
|
55
|
-
:webauthn_client_data_missing
|
56
|
-
when ::WebAuthn::AuthenticatorDataFormatError
|
57
|
-
:webauthn_authenticator_data_format
|
58
|
-
when ::WebAuthn::AttestedCredentialDataFormatError
|
59
|
-
:webauthn_attested_credential_data_format
|
60
|
-
when ::WebAuthn::RootCertificateFinderNotSupportedError
|
61
|
-
:webauthn_root_certificate_finder_not_supported
|
62
|
-
when ::WebAuthn::Error
|
63
|
-
:webauthn_generic_error
|
64
|
-
end
|
65
|
-
end
|
66
|
-
# rubocop:enable Metrics/CyclomaticComplexity
|
67
|
-
# rubocop:enable Metrics/MethodLength
|
68
|
-
|
69
36
|
def relying_party
|
70
37
|
env[relying_party_key]
|
71
38
|
end
|
data/lib/warden/webauthn.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warden-webauthn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Thomas Cannon
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-02-
|
11
|
+
date: 2023-02-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: warden
|
@@ -56,6 +56,7 @@ files:
|
|
56
56
|
- Rakefile
|
57
57
|
- lib/warden/webauthn.rb
|
58
58
|
- lib/warden/webauthn/authentication_initiation_helpers.rb
|
59
|
+
- lib/warden/webauthn/error_key_finder.rb
|
59
60
|
- lib/warden/webauthn/registration_helpers.rb
|
60
61
|
- lib/warden/webauthn/strategy.rb
|
61
62
|
- lib/warden/webauthn/strategy_helpers.rb
|