Class: Clarion::Registrator

Inherits:

Object

• Object
• Clarion::Registrator

Defined in:

lib/clarion/registrator.rb

Defined Under Namespace

Classes: Error, InvalidAttestation

Instance Attribute Summary

• #counter ⇒ Object readonly

  Returns the value of attribute counter.

• #display_name ⇒ Object readonly

  Returns the value of attribute display_name.

• #rp_id ⇒ Object readonly

  Returns the value of attribute rp_id.

• #rp_name ⇒ Object readonly

  Returns the value of attribute rp_name.

• #user_handle ⇒ Object readonly

  Returns the value of attribute user_handle.

• #user_name ⇒ Object readonly

  Returns the value of attribute user_name.

Instance Method Summary

• #challenge ⇒ Object
• #credential_creation_options ⇒ Object
• #initialize(counter, rp_name: 'clarion', rp_id:, user_handle: SecureRandom.base64(64), user_name: 'clarion user', display_name: user_name) ⇒ Registrator constructor

  A new instance of Registrator.

• #register!(challenge: self.challenge(), origin:, attestation_object:, client_data_json:) ⇒ Object

Constructor Details

#initialize(counter, rp_name: 'clarion', rp_id:, user_handle: SecureRandom.base64(64), user_name: 'clarion user', display_name: user_name) ⇒ Registrator

Returns a new instance of Registrator.

# File 'lib/clarion/registrator.rb', line 11

def initialize(counter, rp_name: 'clarion', rp_id:, user_handle: SecureRandom.base64(64), user_name: 'clarion user', display_name: user_name)
  @counter = counter
  @rp_id = rp_id
  @rp_name = rp_name
  @user_handle = user_handle
  @user_name = user_name
  @display_name = display_name
end

Instance Attribute Details

#counter ⇒ Object (readonly)

Returns the value of attribute counter.

# File 'lib/clarion/registrator.rb', line 20

def counter
  @counter
end

#display_name ⇒ Object (readonly)

Returns the value of attribute display_name.

# File 'lib/clarion/registrator.rb', line 20

def display_name
  @display_name
end

#rp_id ⇒ Object (readonly)

Returns the value of attribute rp_id.

# File 'lib/clarion/registrator.rb', line 20

def rp_id
  @rp_id
end

#rp_name ⇒ Object (readonly)

Returns the value of attribute rp_name.

# File 'lib/clarion/registrator.rb', line 20

def rp_name
  @rp_name
end

#user_handle ⇒ Object (readonly)

Returns the value of attribute user_handle.

# File 'lib/clarion/registrator.rb', line 20

def user_handle
  @user_handle
end

#user_name ⇒ Object (readonly)

Returns the value of attribute user_name.

# File 'lib/clarion/registrator.rb', line 20

def user_name
  @user_name
end

Instance Method Details

#challenge ⇒ Object

# File 'lib/clarion/registrator.rb', line 22

def challenge
  @challenge ||= SecureRandom.random_bytes(32)
end

#credential_creation_options ⇒ Object

# File 'lib/clarion/registrator.rb', line 26

def credential_creation_options
  {
    publicKey: {
      timeout: 60000,
      # Convert to ArrayBuffer in register.js
      challenge: challenge.each_byte.map(&:ord),
      attestation: 'none',
      pubKeyCredParams: [WebAuthn::CRED_PARAM_ES256],
      rp: {
        name: rp_name,
      },
      user: {
        id: Base64.decode64(user_handle).each_byte.map(&:ord),
        displayName: display_name,
        name: user_name,
      },
    },
  }
end

#register!(challenge: self.challenge(), origin:, attestation_object:, client_data_json:) ⇒ Object

# File 'lib/clarion/registrator.rb', line 47

def register!(challenge: self.challenge(), origin:, attestation_object:, client_data_json:)
  attestation = WebAuthn::AuthenticatorAttestationResponse.new(
    attestation_object: attestation_object,
    client_data_json: client_data_json
  )

  unless attestation.valid?(challenge, origin, rp_id: rp_id)
    raise InvalidAttestation, "invalid attestation"
  end

  key = Key.new(
    type: 'webauthn',
    handle: Base64.urlsafe_encode64(attestation.credential.id).gsub(/\r?\n|=+/,''),
    user_handle: user_handle,
    public_key: Base64.encode64(attestation.credential.public_key).gsub(/\r?\n/,''),
    counter: attestation.authenticator_data.sign_count,
  )
  if counter
    counter.store(key)
  end
  key
end