web_authn 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ae734c58dcaf2aec7da75436de6611077577ddedf5b5321377892c1d5c50e928
|
|
4
|
+
data.tar.gz: 2a4084397e852119fcc22f3d3c8491f2fa520d8ceed71de56bf7e07af162c77c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 15e45bc2f3da9bc91409cb9db0bb9151144f223ec1d880802588a0cf6a7cb882f4aae9830db6465882ebeb2469a7ef88fa2e532208448f629b2c47b32734ee81
|
|
7
|
+
data.tar.gz: 05d6c10d89ba105db10dc83dec3b61465fd26d1328a01039c682bfd42c536d5206cb95b06afac40a4ddebb3e68c485dbebc29db2bce4369c8d924ec116437206
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.0.
|
|
1
|
+
0.0.3
|
|
@@ -12,11 +12,13 @@ module WebAuthn
|
|
|
12
12
|
class << self
|
|
13
13
|
def decode(encoded_client_data_json)
|
|
14
14
|
raw_client_data_json = Base64.urlsafe_decode64 encoded_client_data_json
|
|
15
|
-
|
|
15
|
+
attrs = JSON.parse(
|
|
16
16
|
raw_client_data_json
|
|
17
17
|
).merge(
|
|
18
18
|
raw: raw_client_data_json
|
|
19
19
|
).with_indifferent_access
|
|
20
|
+
attrs[:challenge] = Base64.urlsafe_decode64 attrs[:challenge]
|
|
21
|
+
new attrs
|
|
20
22
|
end
|
|
21
23
|
end
|
|
22
24
|
end
|
|
@@ -8,7 +8,7 @@ sign_count = 73
|
|
|
8
8
|
client_data_json = 'eyJjaGFsbGVuZ2UiOiJjbUZ1Wkc5dExYTjBjbWx1WnkxblpXNWxjbUYwWldRdFlua3RjbkF0YzJWeWRtVnkiLCJvcmlnaW4iOiJodHRwczovL3dlYi1hdXRobi5zZWxmLWlzc3VlZC5hcHAiLCJ0eXBlIjoid2ViYXV0aG4uZ2V0In0'
|
|
9
9
|
|
|
10
10
|
origin = 'https://web-authn.self-issued.app'
|
|
11
|
-
challenge = '
|
|
11
|
+
challenge = 'random-string-generated-by-rp-server'
|
|
12
12
|
|
|
13
13
|
public_key = OpenSSL::PKey::EC.new <<-PEM
|
|
14
14
|
-----BEGIN PUBLIC KEY-----
|
|
@@ -5,7 +5,7 @@ attestation_object = 'o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVjEMsuA3KzDw1JGLLAfO_
|
|
|
5
5
|
client_data_json = 'eyJjaGFsbGVuZ2UiOiJjbUZ1Wkc5dExYTjBjbWx1WnkxblpXNWxjbUYwWldRdFlua3RjbkF0YzJWeWRtVnkiLCJvcmlnaW4iOiJodHRwczovL3dlYi1hdXRobi5zZWxmLWlzc3VlZC5hcHAiLCJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIn0'
|
|
6
6
|
|
|
7
7
|
origin = 'https://web-authn.self-issued.app'
|
|
8
|
-
challenge = '
|
|
8
|
+
challenge = 'random-string-generated-by-rp-server'
|
|
9
9
|
|
|
10
10
|
context = WebAuthn.context_for(
|
|
11
11
|
client_data_json,
|
|
@@ -12,7 +12,7 @@ RSpec.describe WebAuthn::Context::Authentication do
|
|
|
12
12
|
'eyJjaGFsbGVuZ2UiOiJjbUZ1Wkc5dExYTjBjbWx1WnkxblpXNWxjbUYwWldRdFlua3RjbkF0YzJWeWRtVnkiLCJvcmlnaW4iOiJodHRwczovL3dlYi1hdXRobi5zZWxmLWlzc3VlZC5hcHAiLCJ0eXBlIjoid2ViYXV0aG4uZ2V0In0'
|
|
13
13
|
end
|
|
14
14
|
let(:origin) { 'https://web-authn.self-issued.app' }
|
|
15
|
-
let(:challenge) { '
|
|
15
|
+
let(:challenge) { 'random-string-generated-by-rp-server' }
|
|
16
16
|
let(:rp_id_hash) do
|
|
17
17
|
'MsuA3KzDw1JGLLAfO_4wLebzcS8w_SDs0Zw7pbhYlJU'
|
|
18
18
|
end
|
|
@@ -17,7 +17,9 @@ module ContextFactory
|
|
|
17
17
|
base_context
|
|
18
18
|
end
|
|
19
19
|
let(:client_data_json) do
|
|
20
|
-
|
|
20
|
+
_context_ = context.dup
|
|
21
|
+
_context_[:challenge] = Base64.urlsafe_encode64(_context_[:challenge], padding: false)
|
|
22
|
+
Base64.urlsafe_encode64(_context_.to_json, padding: false)
|
|
21
23
|
end
|
|
22
24
|
end
|
|
23
25
|
|