File: credential_creation_options.rb

package info (click to toggle)
ruby-webauthn 2.5.2-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 384 kB
  • sloc: ruby: 2,138; sh: 4; makefile: 4
file content (97 lines) | stat: -rw-r--r-- 2,552 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
# frozen_string_literal: true

require "cose/algorithm"
require "webauthn/credential_options"
require "webauthn/credential_rp_entity"
require "webauthn/credential_user_entity"

module WebAuthn
  def self.credential_creation_options(rp_name: nil, user_name: "web-user", display_name: "web-user", user_id: "1")
    warn(
      "DEPRECATION WARNING: `WebAuthn.credential_creation_options` is deprecated."\
      " Please use `WebAuthn::Credential.options_for_create` instead."
    )

    CredentialCreationOptions.new(
      rp_name: rp_name, user_id: user_id, user_name: user_name, user_display_name: display_name
    ).to_h
  end

  class CredentialCreationOptions < CredentialOptions
    DEFAULT_RP_NAME = "web-server"

    attr_accessor :attestation, :authenticator_selection, :exclude_credentials, :extensions

    def initialize(
      attestation: nil,
      authenticator_selection: nil,
      exclude_credentials: nil,
      extensions: nil,
      user_id:,
      user_name:,
      user_display_name: nil,
      rp_name: nil
    )
      super()

      @attestation = attestation
      @authenticator_selection = authenticator_selection
      @exclude_credentials = exclude_credentials
      @extensions = extensions
      @user_id = user_id
      @user_name = user_name
      @user_display_name = user_display_name
      @rp_name = rp_name
    end

    def to_h
      options = {
        challenge: challenge,
        pubKeyCredParams: pub_key_cred_params,
        timeout: timeout,
        user: { id: user.id, name: user.name, displayName: user.display_name },
        rp: { name: rp.name }
      }

      if attestation
        options[:attestation] = attestation
      end

      if authenticator_selection
        options[:authenticatorSelection] = authenticator_selection
      end

      if exclude_credentials
        options[:excludeCredentials] = exclude_credentials
      end

      if extensions
        options[:extensions] = extensions
      end

      options
    end

    def pub_key_cred_params
      configuration.algorithms.map do |alg_name|
        { type: "public-key", alg: COSE::Algorithm.by_name(alg_name).id }
      end
    end

    def rp
      @rp ||= CredentialRPEntity.new(name: rp_name || configuration.rp_name || DEFAULT_RP_NAME)
    end

    def user
      @user ||= CredentialUserEntity.new(id: user_id, name: user_name, display_name: user_display_name)
    end

    private

    attr_reader :user_id, :user_name, :user_display_name, :rp_name

    def configuration
      WebAuthn.configuration
    end
  end
end