webauthn

package

v0.0.0-...-a92fb97 Latest Latest Go to latest Published: Dec 7, 2020 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jrockway/jsso2

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrNoCredentials          = errors.New("no credentials; try enrolling an authenticator")
	ErrNotPublicKey           = errors.New("the authentication material is not of type 'public-key'")
	ErrNotAttestationResponse = errors.New("AuthenticatorResponse is not an AuthenticatorAttestationResponse")
	ErrNotAssertionResponse   = errors.New("AuthenticatorResponse is not an AuthenticatorAssertionResponse")
)

Functions ¶

This section is empty.

Types ¶

type ClientData ¶

type ClientData struct {
	Challenge   string `json:"challenge"`
	CrossOrigin bool   `json:"crossOrigin"`
	Origin      string `json:"origin"`
	Type        string `json:"type"`
}

type Config ¶

type Config struct {
	RelyingPartyID   string
	RelyingPartyName string
	Origin           string
}

func (*Config) BeginEnrollment ¶

func (c *Config) BeginEnrollment(session *types.Session, existingCreds []*types.Credential) (*webauthnpb.PublicKeyCredentialCreationOptions, error)

BeginEnrollment starts the enrollment process, returning a PublicKeyCredentialCreationOptions for the browser.

func (*Config) BeginLogin ¶

func (c *Config) BeginLogin(s *types.Session, creds []*types.Credential) (*jssopb.StartLoginReply, error)

BeginLogin fills out a StartLoginReply so that login can begin.

func (*Config) FinishEnrollment ¶

func (c *Config) FinishEnrollment(session *types.Session, req *jssopb.FinishEnrollmentRequest) (*types.Credential, error)

Verify the authenticator response generated by the client. Because we use a slightly different RPC format than Duo's webauthn library, we do the non-crypto things here, and delegate to that library to verify signations. The steps below are from: https://www.w3.org/TR/webauthn/#registering-a-new-credential

func (*Config) FinishLogin ¶

func (c *Config) FinishLogin(s *types.Session, creds []*types.Credential, req *jssopb.FinishLoginRequest) (*types.Credential, error)

FinishLogin validates a signature against of allowed credentials.

Source Files ¶

View all Source files

webauthn.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL