web_authn 0.6.2 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/FUNDING.yml +3 -0
- data/.github/workflows/spec.yml +30 -0
- data/README.md +0 -2
- data/VERSION +1 -1
- data/lib/web_authn/authenticator_data/flags.rb +9 -3
- data/lib/web_authn/context/registration.rb +2 -2
- data/spec/authenticator_data/flags_spec.rb +10 -0
- data/spec/context/authentication_spec.rb +1 -1
- data/spec/context/registration_spec.rb +1 -1
- metadata +8 -7
- data/.travis.yml +0 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2236077520d34560a16ab68335cd6d822dfe2d3353c42f0154f4c50baf5ae10a
|
|
4
|
+
data.tar.gz: 4312f7f14eb8602d89184440283206786bd7c37221fce59688c5ff19d29071ad
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 573dbf915dc1a6f4a8a0716182361d1a51bd6e40a85b4540d9fb67e7984c0ee353e3b8818deb21c809c8cd71eec520a0354a0733fbdf9b15f76585749d8c907d
|
|
7
|
+
data.tar.gz: e322c40e4146a679573772a8538ca83661346f06f386c3871d234b31161fb304c0faf597b3025e4ee83f1d22aeb6bb56e590e76d200a0a0d08fe4d89cd4b376d
|
data/.github/FUNDING.yml
ADDED
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
name: Spec
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
pull_request:
|
|
6
|
+
|
|
7
|
+
permissions:
|
|
8
|
+
contents: read
|
|
9
|
+
|
|
10
|
+
jobs:
|
|
11
|
+
spec:
|
|
12
|
+
strategy:
|
|
13
|
+
matrix:
|
|
14
|
+
os: ['ubuntu-20.04']
|
|
15
|
+
ruby-version: ['2.6', '2.7', '3.0', '3.1']
|
|
16
|
+
# ubuntu 22.04 only supports ssl 3 and thus only ruby 3.1
|
|
17
|
+
include:
|
|
18
|
+
- os: 'ubuntu-22.04'
|
|
19
|
+
ruby-version: '3.1'
|
|
20
|
+
runs-on: ${{ matrix.os }}
|
|
21
|
+
|
|
22
|
+
steps:
|
|
23
|
+
- uses: actions/checkout@v3
|
|
24
|
+
- name: Set up Ruby
|
|
25
|
+
uses: ruby/setup-ruby@v1
|
|
26
|
+
with:
|
|
27
|
+
ruby-version: ${{ matrix.ruby-version }}
|
|
28
|
+
bundler-cache: true
|
|
29
|
+
- name: Run Specs
|
|
30
|
+
run: bundle exec rake spec
|
data/README.md
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.7.0
|
|
@@ -1,15 +1,17 @@
|
|
|
1
1
|
module WebAuthn
|
|
2
2
|
class AuthenticatorData
|
|
3
3
|
class Flags
|
|
4
|
-
_flags_ = [:up, :uv, :at, :ex]
|
|
4
|
+
_flags_ = [:up, :uv, :be, :bs, :at, :ex]
|
|
5
5
|
attr_accessor *_flags_
|
|
6
6
|
_flags_.each do |flag|
|
|
7
7
|
alias_method :"#{flag}?", flag
|
|
8
8
|
end
|
|
9
9
|
|
|
10
|
-
def initialize(up:, uv:, at:, ex:)
|
|
10
|
+
def initialize(up:, uv:, be:, bs:, at:, ex:)
|
|
11
11
|
self.up = up
|
|
12
12
|
self.uv = uv
|
|
13
|
+
self.be = be
|
|
14
|
+
self.bs = bs
|
|
13
15
|
self.at = at
|
|
14
16
|
self.ex = ex
|
|
15
17
|
end
|
|
@@ -17,6 +19,8 @@ module WebAuthn
|
|
|
17
19
|
def ==(target)
|
|
18
20
|
up == target.up &&
|
|
19
21
|
uv == target.uv &&
|
|
22
|
+
be == target.be &&
|
|
23
|
+
bs == target.bs &&
|
|
20
24
|
at == target.at &&
|
|
21
25
|
ex == target.ex
|
|
22
26
|
end
|
|
@@ -27,8 +31,10 @@ module WebAuthn
|
|
|
27
31
|
new(
|
|
28
32
|
up: bit_array[0] == 1,
|
|
29
33
|
uv: bit_array[2] == 1,
|
|
34
|
+
be: bit_array[4] == 1,
|
|
35
|
+
bs: bit_array[5] == 1,
|
|
30
36
|
at: bit_array[6] == 1,
|
|
31
|
-
ex: bit_array[7] == 1
|
|
37
|
+
ex: bit_array[7] == 1,
|
|
32
38
|
)
|
|
33
39
|
end
|
|
34
40
|
end
|
|
@@ -13,11 +13,11 @@ module WebAuthn
|
|
|
13
13
|
true
|
|
14
14
|
end
|
|
15
15
|
|
|
16
|
-
def verify!(encoded_attestation_object)
|
|
16
|
+
def verify!(encoded_attestation_object, skip_flag_verification: false)
|
|
17
17
|
self.attestation_object = AttestationObject.decode(
|
|
18
18
|
encoded_attestation_object
|
|
19
19
|
)
|
|
20
|
-
verify_flags!
|
|
20
|
+
verify_flags! unless skip_flag_verification
|
|
21
21
|
verify_signature!
|
|
22
22
|
self
|
|
23
23
|
end
|
|
@@ -6,6 +6,8 @@ RSpec.describe WebAuthn::AuthenticatorData::Flags do
|
|
|
6
6
|
let(:bits) { '00000000' }
|
|
7
7
|
its(:up?) { should == false }
|
|
8
8
|
its(:uv?) { should == false }
|
|
9
|
+
its(:be?) { should == false }
|
|
10
|
+
its(:bs?) { should == false }
|
|
9
11
|
its(:at?) { should == false }
|
|
10
12
|
its(:ex?) { should == false }
|
|
11
13
|
end
|
|
@@ -14,6 +16,8 @@ RSpec.describe WebAuthn::AuthenticatorData::Flags do
|
|
|
14
16
|
let(:bits) { '10000000' }
|
|
15
17
|
its(:up?) { should == true }
|
|
16
18
|
its(:uv?) { should == false }
|
|
19
|
+
its(:be?) { should == false }
|
|
20
|
+
its(:bs?) { should == false }
|
|
17
21
|
its(:at?) { should == false }
|
|
18
22
|
its(:ex?) { should == false }
|
|
19
23
|
end
|
|
@@ -22,6 +26,8 @@ RSpec.describe WebAuthn::AuthenticatorData::Flags do
|
|
|
22
26
|
let(:bits) { '00100000' }
|
|
23
27
|
its(:up?) { should == false }
|
|
24
28
|
its(:uv?) { should == true }
|
|
29
|
+
its(:be?) { should == false }
|
|
30
|
+
its(:bs?) { should == false }
|
|
25
31
|
its(:at?) { should == false }
|
|
26
32
|
its(:ex?) { should == false }
|
|
27
33
|
end
|
|
@@ -30,6 +36,8 @@ RSpec.describe WebAuthn::AuthenticatorData::Flags do
|
|
|
30
36
|
let(:bits) { '00000010' }
|
|
31
37
|
its(:up?) { should == false }
|
|
32
38
|
its(:uv?) { should == false }
|
|
39
|
+
its(:be?) { should == false }
|
|
40
|
+
its(:bs?) { should == false }
|
|
33
41
|
its(:at?) { should == true }
|
|
34
42
|
its(:ex?) { should == false }
|
|
35
43
|
end
|
|
@@ -38,6 +46,8 @@ RSpec.describe WebAuthn::AuthenticatorData::Flags do
|
|
|
38
46
|
let(:bits) { '00000001' }
|
|
39
47
|
its(:up?) { should == false }
|
|
40
48
|
its(:uv?) { should == false }
|
|
49
|
+
its(:be?) { should == false }
|
|
50
|
+
its(:bs?) { should == false }
|
|
41
51
|
its(:at?) { should == false }
|
|
42
52
|
its(:ex?) { should == true }
|
|
43
53
|
end
|
|
@@ -18,7 +18,7 @@ RSpec.describe WebAuthn::Context::Authentication do
|
|
|
18
18
|
end
|
|
19
19
|
let(:flags) do
|
|
20
20
|
WebAuthn::AuthenticatorData::Flags.new(
|
|
21
|
-
up: true, uv: false, at: false, ex: false
|
|
21
|
+
up: true, uv: false, be: false, bs: false, at: false, ex: false
|
|
22
22
|
)
|
|
23
23
|
end
|
|
24
24
|
let(:public_key) do
|
|
@@ -17,7 +17,7 @@ RSpec.describe WebAuthn::Context::Registration do
|
|
|
17
17
|
end
|
|
18
18
|
let(:flags) do
|
|
19
19
|
WebAuthn::AuthenticatorData::Flags.new(
|
|
20
|
-
up: true, uv: false, at: true, ex: false
|
|
20
|
+
up: true, uv: false, be: false, bs: false, at: true, ex: false
|
|
21
21
|
)
|
|
22
22
|
end
|
|
23
23
|
let(:public_key_pem) do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: web_authn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-06-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: openssl
|
|
@@ -144,9 +144,10 @@ executables: []
|
|
|
144
144
|
extensions: []
|
|
145
145
|
extra_rdoc_files: []
|
|
146
146
|
files:
|
|
147
|
+
- ".github/FUNDING.yml"
|
|
148
|
+
- ".github/workflows/spec.yml"
|
|
147
149
|
- ".gitignore"
|
|
148
150
|
- ".rspec"
|
|
149
|
-
- ".travis.yml"
|
|
150
151
|
- Gemfile
|
|
151
152
|
- LICENSE.txt
|
|
152
153
|
- README.md
|
|
@@ -181,7 +182,7 @@ homepage: https://github.com/nov/web_authn
|
|
|
181
182
|
licenses:
|
|
182
183
|
- MIT
|
|
183
184
|
metadata: {}
|
|
184
|
-
post_install_message:
|
|
185
|
+
post_install_message:
|
|
185
186
|
rdoc_options: []
|
|
186
187
|
require_paths:
|
|
187
188
|
- lib
|
|
@@ -196,8 +197,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
196
197
|
- !ruby/object:Gem::Version
|
|
197
198
|
version: '0'
|
|
198
199
|
requirements: []
|
|
199
|
-
rubygems_version: 3.
|
|
200
|
-
signing_key:
|
|
200
|
+
rubygems_version: 3.3.3
|
|
201
|
+
signing_key:
|
|
201
202
|
specification_version: 4
|
|
202
203
|
summary: WebAuthn RP library
|
|
203
204
|
test_files:
|