warden-webauthn 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 36082b734ccb5b1748cdd966e199ee9b8860ba6c9ec98b8a930b41afbbb5df9f
-  data.tar.gz: a90dcd55aec7c3165d12e63bcf3cabd0b5cfbe114c1540b25cc2362fbe984c9b
+  metadata.gz: c0427adf432832eb3cb0782df157e0f76cc7b673f29bbc89f61bca921eadda03
+  data.tar.gz: 6409bbb807abdc11c147e67ddccdd9fdcbd37c3be200ee76fd3e1776d0b5c464
 SHA512:
-  metadata.gz: 5117c10ce7a6b1d33be4831d8979db4263c7031751b0696116ac98d3d5c4f8dea9aec2eccd47bfd9defac47bb0c025922da4b671c713f573087a1c913a6f5b03
-  data.tar.gz: 213ed13560b36c8b08963226ea99b02b0628fb35185389ba2a621919a3c0a05c7db0f2c8475397e140702da129aaf8e810a0b4522c51fdc04c3eac8d0037ad48
+  metadata.gz: 5205aef3ae71d897d7b013a7e83ea77c09c8e71676eaf89127ff364aaac57fa888a3b18b8c7184a97cb12a087afbdeaf2bfed626ae8ca80c0d324947f5945888
+  data.tar.gz: 1290ec462ed67970bddc391361c4876cd63251041a982723937d74bc47c6c6c6f57c53b2c9e5d475c0139b70f52f7a3155bc00c4bc1865ce19b6d5ac6aa0849d

data/CHANGELOG.md

@@ -1,4 +1,7 @@
-## [Unreleased]
+## [0.2.1]- 2023-06-24
+
+- Refactor `relying_party_key` into `Warden::WebAuthn::RackHelpers`
+  - https://github.com/ruby-passkeys/warden-webauthn/issues/4
 
 ## [0.1.0] - 2023-02-04
 

data/Gemfile.lock

@@ -1,9 +1,9 @@
 PATH
   remote: .
   specs:
-    warden-webauthn (0.1.0)
+    warden-webauthn (0.2.1)
       warden
-      webauthn (>= 3.0)
+      webauthn (>= 3)
 
 GEM
   remote: https://rubygems.org/
@@ -36,7 +36,7 @@ GEM
     parallel (1.22.1)
     parser (3.2.1.0)
       ast (~> 2.4.1)
-    rack (3.0.4.1)
+    rack (3.0.6.1)
     rack-session (2.0.0)
       rack (>= 3.0.0)
     rack-test (2.0.2)
@@ -88,6 +88,7 @@ GEM
 PLATFORMS
   arm64-darwin-21
   arm64-darwin-22
+  x86_64-linux
 
 DEPENDENCIES
   debug

data/README.md

@@ -1,8 +1,10 @@
 # Warden::WebAuthn
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/warden/webauthn`. To experiment with that code, run `bin/console` for an interactive prompt.
+This Warden strategy is a series of helper methods wrapping [webauthn-ruby](https://github.com/cedarcode/webauthn-ruby).
 
-TODO: Delete this and the text above, and describe your gem
+It can be used on its own to allow for webauthn registration/authentication, such as passkeys authentication.
+
+There is also a lightweight devise extension that uses `Warden::WebAuthn`; if you're using Devise: [devise-passkeys](https://github.com/ruby-passkeys/devise-passkeys)
 
 ## Installation
 
@@ -14,15 +16,26 @@ gem 'warden-webauthn'
 
 And then execute:
 
-    $ bundle install
+```sh
+$ bundle install
+```
 
 Or install it yourself as:
 
-    $ gem install warden-webauthn
+```sh
+$ gem install warden-webauthn
+```
+
 
 ## Usage
 
-TODO: Write usage instructions here
+`Warden::WebAuthn` is a series of modules that can be included wherever you need to implement WebAuthn calls. The primary modules/classes are:
+
+* `Warden::WebAuthn::Strategy`: A subclass of `Warden::Strategies::Base`, the core strategy for WebAuthn authentication in Warden. This is the strategy you'd include in your Warden configuration
+* `Warden::WebAuthn::StrategyHelpers`: Helpers that can be mixed in to any WebAuthn-related code, such as custom strategies or an app's authentication flow
+* `Warden::WebAuthn::RegistrationHelpers`: Helper methods to bootstrap registration challenges for implementors
+* `Warden::WebAuthn::AuthenticationInitiationHelpers`: Helper methods for generating & storing authentication challenges
+* `Warden::WebAuthn::ErrorKeyFinder.webauthn_error_key(exception:)`: Helper method for generating a symbol based on the WebAuthn::Error
 
 ## Development
 
@@ -32,7 +45,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/warden-webauthn. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/warden-webauthn/blob/main/CODE_OF_CONDUCT.md).
+Bug reports and pull requests are welcome on GitHub at https://github.com/delete_registration_challenge/warden-webauthn. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/delete_registration_challenge/warden-webauthn/blob/main/CODE_OF_CONDUCT.md).
 
 ## License
 
@@ -40,4 +53,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
 
 ## Code of Conduct
 
-Everyone interacting in the Warden::WebAuthn project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/warden-webauthn/blob/main/CODE_OF_CONDUCT.md).
+Everyone interacting in the Warden::WebAuthn project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/delete_registration_challenge/warden-webauthn/blob/main/CODE_OF_CONDUCT.md).

data/lib/warden/webauthn/error_key_finder.rb

@@ -16,6 +16,8 @@ module Warden
           :webauthn_attestation_statement_unsupported_algorithm
         when ::WebAuthn::UserVerifiedVerificationError
           :webauthn_user_verified_verification_error
+        when ::WebAuthn::OriginVerificationError
+          :webauthn_origin_verification_error
         when ::WebAuthn::ChallengeVerificationError
           :webauthn_challenge_verification_error
         when ::WebAuthn::SignCountVerificationError

data/lib/warden/webauthn/rack_helpers.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Warden
+  module WebAuthn
+    # Helpers that can be mixed in to any Rack middleware or application, in order
+    # to setup the environment for `Warden::WebAuthn`, such as the Relying Party
+    module RackHelpers
+      def relying_party_key
+        "warden.webauthn.relying_party"
+      end
+
+      def set_relying_party_in_request_env
+        request.env[relying_party_key] = relying_party
+      end
+    end
+  end
+end

data/lib/warden/webauthn/strategy_helpers.rb

@@ -7,6 +7,7 @@ module Warden
     # Helpers that can be mixed in to any WebAuthn-related code, such as custom strategies or
     # an app's authentication flow
     module StrategyHelpers
+      prepend RackHelpers
       class NoStoredCredentialFound < StandardError; end
 
       # rubocop:disable Metrics/MethodLength

data/lib/warden/webauthn/version.rb

@@ -2,6 +2,6 @@
 
 module Warden
   module WebAuthn
-    VERSION = "0.2.0"
+    VERSION = "0.2.1"
   end
 end

data/lib/warden/webauthn.rb

@@ -2,6 +2,7 @@
 
 require_relative "webauthn/version"
 require_relative "webauthn/error_key_finder"
+require_relative "webauthn/rack_helpers"
 require_relative "webauthn/strategy_helpers"
 require_relative "webauthn/strategy"
 require_relative "webauthn/authentication_initiation_helpers"

data/warden-webauthn.gemspec

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require_relative "lib/warden/webauthn/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "warden-webauthn"
+  spec.version = Warden::WebAuthn::VERSION
+  spec.authors = ["Thomas Cannon"]
+  spec.email = ["tcannon00@gmail.com"]
+
+  spec.summary = "A Warden Strategy for WebAuthn"
+  spec.description = "A Warden Strategy for WebAuthn"
+  spec.homepage = "https://github.com/ruby-passkeys/warden-webauthn"
+  spec.license = "MIT"
+  spec.required_ruby_version = ">= 2.6.0"
+
+  spec.metadata["allowed_push_host"] = "https://rubygems.org"
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = "https://github.com/ruby-passkeys/warden-webauthn"
+  spec.metadata["changelog_uri"] = "https://github.com/ruby-passkeys/warden-webauthn/blob/main/CHANGELOG.md"
+
+  spec.metadata["rubygems_mfa_required"] = "true"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
+    end
+  end
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  # Uncomment to register a new dependency of your gem
+  spec.add_dependency "warden"
+  spec.add_dependency "webauthn", ">= 3"
+
+  # For more information and examples about making a new gem, check out our
+  # guide at: https://bundler.io/guides/creating_gem.html
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: warden-webauthn
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Thomas Cannon
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-02-19 00:00:00.000000000 Z
+date: 2023-06-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: warden
@@ -57,15 +57,18 @@ files:
 - lib/warden/webauthn.rb
 - lib/warden/webauthn/authentication_initiation_helpers.rb
 - lib/warden/webauthn/error_key_finder.rb
+- lib/warden/webauthn/rack_helpers.rb
 - lib/warden/webauthn/registration_helpers.rb
 - lib/warden/webauthn/strategy.rb
 - lib/warden/webauthn/strategy_helpers.rb
 - lib/warden/webauthn/version.rb
 - sig/warden/webauthn.rbs
+- warden-webauthn.gemspec
 homepage: https://github.com/ruby-passkeys/warden-webauthn
 licenses:
 - MIT
 metadata:
+  allowed_push_host: https://rubygems.org
   homepage_uri: https://github.com/ruby-passkeys/warden-webauthn
   source_code_uri: https://github.com/ruby-passkeys/warden-webauthn
   changelog_uri: https://github.com/ruby-passkeys/warden-webauthn/blob/main/CHANGELOG.md