warden-webauthn 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -1
- data/Gemfile.lock +4 -3
- data/README.md +20 -7
- data/lib/warden/webauthn/error_key_finder.rb +2 -0
- data/lib/warden/webauthn/rack_helpers.rb +17 -0
- data/lib/warden/webauthn/registration_helpers.rb +5 -1
- data/lib/warden/webauthn/strategy_helpers.rb +1 -4
- data/lib/warden/webauthn/version.rb +1 -1
- data/lib/warden/webauthn.rb +1 -0
- data/warden-webauthn.gemspec +42 -0
- metadata +5 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 44ea9ceb0b37837c22232224ca50f7d69668f52585feeb9eadb2af9bb17d69ce
|
|
4
|
+
data.tar.gz: 86bcb44b985e20865e6711a3be9d4a0d0b9eebbf0c9aee4b112d35d963cfcf28
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c8e5ff575119edf0faa2c259685d22adaa4d12660a582b4b4b6a62cea9f302535f63812f39b51245310808b3330a17ea166ea555de58c74d4eb27dc6e7e90289
|
|
7
|
+
data.tar.gz: c4e6aad4b258ea4189275c981ed15e132ad84d69fb843e7a2b43666d76347ccdbd5ec023f4d8c603d9323fc9e235baa6e0156f338a5e752b4ddcabb83d0f37ea
|
data/CHANGELOG.md
CHANGED
|
@@ -1,4 +1,12 @@
|
|
|
1
|
-
## [
|
|
1
|
+
## [0.3.0]- 2023-07-24
|
|
2
|
+
|
|
3
|
+
- Add `RegistrationHelpers.authenticator_selection_options`
|
|
4
|
+
- https://github.com/ruby-passkeys/warden-webauthn/pull/8
|
|
5
|
+
|
|
6
|
+
## [0.2.1]- 2023-06-24
|
|
7
|
+
|
|
8
|
+
- Refactor `relying_party_key` into `Warden::WebAuthn::RackHelpers`
|
|
9
|
+
- https://github.com/ruby-passkeys/warden-webauthn/issues/4
|
|
2
10
|
|
|
3
11
|
## [0.1.0] - 2023-02-04
|
|
4
12
|
|
data/Gemfile.lock
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
warden-webauthn (0.1
|
|
4
|
+
warden-webauthn (0.2.1)
|
|
5
5
|
warden
|
|
6
|
-
webauthn (>= 3
|
|
6
|
+
webauthn (>= 3)
|
|
7
7
|
|
|
8
8
|
GEM
|
|
9
9
|
remote: https://rubygems.org/
|
|
@@ -36,7 +36,7 @@ GEM
|
|
|
36
36
|
parallel (1.22.1)
|
|
37
37
|
parser (3.2.1.0)
|
|
38
38
|
ast (~> 2.4.1)
|
|
39
|
-
rack (3.0.
|
|
39
|
+
rack (3.0.6.1)
|
|
40
40
|
rack-session (2.0.0)
|
|
41
41
|
rack (>= 3.0.0)
|
|
42
42
|
rack-test (2.0.2)
|
|
@@ -88,6 +88,7 @@ GEM
|
|
|
88
88
|
PLATFORMS
|
|
89
89
|
arm64-darwin-21
|
|
90
90
|
arm64-darwin-22
|
|
91
|
+
x86_64-linux
|
|
91
92
|
|
|
92
93
|
DEPENDENCIES
|
|
93
94
|
debug
|
data/README.md
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
# Warden::WebAuthn
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
This Warden strategy is a series of helper methods wrapping [webauthn-ruby](https://github.com/cedarcode/webauthn-ruby).
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
It can be used on its own to allow for webauthn registration/authentication, such as passkeys authentication.
|
|
6
|
+
|
|
7
|
+
There is also a lightweight devise extension that uses `Warden::WebAuthn`; if you're using Devise: [devise-passkeys](https://github.com/ruby-passkeys/devise-passkeys)
|
|
6
8
|
|
|
7
9
|
## Installation
|
|
8
10
|
|
|
@@ -14,15 +16,26 @@ gem 'warden-webauthn'
|
|
|
14
16
|
|
|
15
17
|
And then execute:
|
|
16
18
|
|
|
17
|
-
|
|
19
|
+
```sh
|
|
20
|
+
$ bundle install
|
|
21
|
+
```
|
|
18
22
|
|
|
19
23
|
Or install it yourself as:
|
|
20
24
|
|
|
21
|
-
|
|
25
|
+
```sh
|
|
26
|
+
$ gem install warden-webauthn
|
|
27
|
+
```
|
|
28
|
+
|
|
22
29
|
|
|
23
30
|
## Usage
|
|
24
31
|
|
|
25
|
-
|
|
32
|
+
`Warden::WebAuthn` is a series of modules that can be included wherever you need to implement WebAuthn calls. The primary modules/classes are:
|
|
33
|
+
|
|
34
|
+
* `Warden::WebAuthn::Strategy`: A subclass of `Warden::Strategies::Base`, the core strategy for WebAuthn authentication in Warden. This is the strategy you'd include in your Warden configuration
|
|
35
|
+
* `Warden::WebAuthn::StrategyHelpers`: Helpers that can be mixed in to any WebAuthn-related code, such as custom strategies or an app's authentication flow
|
|
36
|
+
* `Warden::WebAuthn::RegistrationHelpers`: Helper methods to bootstrap registration challenges for implementors
|
|
37
|
+
* `Warden::WebAuthn::AuthenticationInitiationHelpers`: Helper methods for generating & storing authentication challenges
|
|
38
|
+
* `Warden::WebAuthn::ErrorKeyFinder.webauthn_error_key(exception:)`: Helper method for generating a symbol based on the WebAuthn::Error
|
|
26
39
|
|
|
27
40
|
## Development
|
|
28
41
|
|
|
@@ -32,7 +45,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
|
|
|
32
45
|
|
|
33
46
|
## Contributing
|
|
34
47
|
|
|
35
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/
|
|
48
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/delete_registration_challenge/warden-webauthn. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/delete_registration_challenge/warden-webauthn/blob/main/CODE_OF_CONDUCT.md).
|
|
36
49
|
|
|
37
50
|
## License
|
|
38
51
|
|
|
@@ -40,4 +53,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
|
|
|
40
53
|
|
|
41
54
|
## Code of Conduct
|
|
42
55
|
|
|
43
|
-
Everyone interacting in the Warden::WebAuthn project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/
|
|
56
|
+
Everyone interacting in the Warden::WebAuthn project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/delete_registration_challenge/warden-webauthn/blob/main/CODE_OF_CONDUCT.md).
|
|
@@ -16,6 +16,8 @@ module Warden
|
|
|
16
16
|
:webauthn_attestation_statement_unsupported_algorithm
|
|
17
17
|
when ::WebAuthn::UserVerifiedVerificationError
|
|
18
18
|
:webauthn_user_verified_verification_error
|
|
19
|
+
when ::WebAuthn::OriginVerificationError
|
|
20
|
+
:webauthn_origin_verification_error
|
|
19
21
|
when ::WebAuthn::ChallengeVerificationError
|
|
20
22
|
:webauthn_challenge_verification_error
|
|
21
23
|
when ::WebAuthn::SignCountVerificationError
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Warden
|
|
4
|
+
module WebAuthn
|
|
5
|
+
# Helpers that can be mixed in to any Rack middleware or application, in order
|
|
6
|
+
# to setup the environment for `Warden::WebAuthn`, such as the Relying Party
|
|
7
|
+
module RackHelpers
|
|
8
|
+
def relying_party_key
|
|
9
|
+
"warden.webauthn.relying_party"
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def set_relying_party_in_request_env
|
|
13
|
+
request.env[relying_party_key] = relying_party
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -8,7 +8,7 @@ module Warden
|
|
|
8
8
|
relying_party.options_for_registration(**{
|
|
9
9
|
user: user_details,
|
|
10
10
|
exclude: exclude,
|
|
11
|
-
authenticator_selection:
|
|
11
|
+
authenticator_selection: authenticator_selection_options
|
|
12
12
|
}.merge(options))
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -47,6 +47,10 @@ module Warden
|
|
|
47
47
|
def registration_challenge_key
|
|
48
48
|
"current_webauthn_registration_challenge"
|
|
49
49
|
end
|
|
50
|
+
|
|
51
|
+
def authenticator_selection_options
|
|
52
|
+
{ resident_key: "required", user_verification: "required" }
|
|
53
|
+
end
|
|
50
54
|
end
|
|
51
55
|
end
|
|
52
56
|
end
|
|
@@ -7,6 +7,7 @@ module Warden
|
|
|
7
7
|
# Helpers that can be mixed in to any WebAuthn-related code, such as custom strategies or
|
|
8
8
|
# an app's authentication flow
|
|
9
9
|
module StrategyHelpers
|
|
10
|
+
prepend RackHelpers
|
|
10
11
|
class NoStoredCredentialFound < StandardError; end
|
|
11
12
|
|
|
12
13
|
# rubocop:disable Metrics/MethodLength
|
|
@@ -75,10 +76,6 @@ module Warden
|
|
|
75
76
|
"warden.webauthn.credential_finder"
|
|
76
77
|
end
|
|
77
78
|
|
|
78
|
-
def relying_party_key
|
|
79
|
-
"warden.webauthn.relying_party"
|
|
80
|
-
end
|
|
81
|
-
|
|
82
79
|
def raw_credential_key
|
|
83
80
|
"credential"
|
|
84
81
|
end
|
data/lib/warden/webauthn.rb
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require_relative "webauthn/version"
|
|
4
4
|
require_relative "webauthn/error_key_finder"
|
|
5
|
+
require_relative "webauthn/rack_helpers"
|
|
5
6
|
require_relative "webauthn/strategy_helpers"
|
|
6
7
|
require_relative "webauthn/strategy"
|
|
7
8
|
require_relative "webauthn/authentication_initiation_helpers"
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require_relative "lib/warden/webauthn/version"
|
|
4
|
+
|
|
5
|
+
Gem::Specification.new do |spec|
|
|
6
|
+
spec.name = "warden-webauthn"
|
|
7
|
+
spec.version = Warden::WebAuthn::VERSION
|
|
8
|
+
spec.authors = ["Thomas Cannon"]
|
|
9
|
+
spec.email = ["tcannon00@gmail.com"]
|
|
10
|
+
|
|
11
|
+
spec.summary = "A Warden Strategy for WebAuthn"
|
|
12
|
+
spec.description = "A Warden Strategy for WebAuthn"
|
|
13
|
+
spec.homepage = "https://github.com/ruby-passkeys/warden-webauthn"
|
|
14
|
+
spec.license = "MIT"
|
|
15
|
+
spec.required_ruby_version = ">= 2.6.0"
|
|
16
|
+
|
|
17
|
+
spec.metadata["allowed_push_host"] = "https://rubygems.org"
|
|
18
|
+
|
|
19
|
+
spec.metadata["homepage_uri"] = spec.homepage
|
|
20
|
+
spec.metadata["source_code_uri"] = "https://github.com/ruby-passkeys/warden-webauthn"
|
|
21
|
+
spec.metadata["changelog_uri"] = "https://github.com/ruby-passkeys/warden-webauthn/blob/main/CHANGELOG.md"
|
|
22
|
+
|
|
23
|
+
spec.metadata["rubygems_mfa_required"] = "true"
|
|
24
|
+
|
|
25
|
+
# Specify which files should be added to the gem when it is released.
|
|
26
|
+
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
|
27
|
+
spec.files = Dir.chdir(File.expand_path(__dir__)) do
|
|
28
|
+
`git ls-files -z`.split("\x0").reject do |f|
|
|
29
|
+
(f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
spec.bindir = "exe"
|
|
33
|
+
spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
|
|
34
|
+
spec.require_paths = ["lib"]
|
|
35
|
+
|
|
36
|
+
# Uncomment to register a new dependency of your gem
|
|
37
|
+
spec.add_dependency "warden"
|
|
38
|
+
spec.add_dependency "webauthn", ">= 3"
|
|
39
|
+
|
|
40
|
+
# For more information and examples about making a new gem, check out our
|
|
41
|
+
# guide at: https://bundler.io/guides/creating_gem.html
|
|
42
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: warden-webauthn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Thomas Cannon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-07-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: warden
|
|
@@ -57,15 +57,18 @@ files:
|
|
|
57
57
|
- lib/warden/webauthn.rb
|
|
58
58
|
- lib/warden/webauthn/authentication_initiation_helpers.rb
|
|
59
59
|
- lib/warden/webauthn/error_key_finder.rb
|
|
60
|
+
- lib/warden/webauthn/rack_helpers.rb
|
|
60
61
|
- lib/warden/webauthn/registration_helpers.rb
|
|
61
62
|
- lib/warden/webauthn/strategy.rb
|
|
62
63
|
- lib/warden/webauthn/strategy_helpers.rb
|
|
63
64
|
- lib/warden/webauthn/version.rb
|
|
64
65
|
- sig/warden/webauthn.rbs
|
|
66
|
+
- warden-webauthn.gemspec
|
|
65
67
|
homepage: https://github.com/ruby-passkeys/warden-webauthn
|
|
66
68
|
licenses:
|
|
67
69
|
- MIT
|
|
68
70
|
metadata:
|
|
71
|
+
allowed_push_host: https://rubygems.org
|
|
69
72
|
homepage_uri: https://github.com/ruby-passkeys/warden-webauthn
|
|
70
73
|
source_code_uri: https://github.com/ruby-passkeys/warden-webauthn
|
|
71
74
|
changelog_uri: https://github.com/ruby-passkeys/warden-webauthn/blob/main/CHANGELOG.md
|