Module: Warden::WebAuthn::StrategyHelpers

Includes:
RackHelpers
Included in:
Strategy
Defined in:
lib/warden/webauthn/strategy_helpers.rb

Overview

Helpers that can be mixed in to any WebAuthn-related code, such as custom strategies or an app’s authentication flow

Defined Under Namespace

Classes: NoStoredCredentialFound

Instance Method Summary collapse

Methods included from RackHelpers

#relying_party_key, #set_relying_party_in_request_env

Instance Method Details

#authentication_challengeObject 



45
46
47
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 45

def authentication_challenge
  session[authentication_challenge_key]
end

#authentication_challenge_keyObject 



71
72
73
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 71

def authentication_challenge_key
  "current_webauthn_authentication_challenge"
end

#credential_finderObject 



41
42
43
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 41

def credential_finder
  env[credential_finder_key]
end

#credential_finder_keyObject 



75
76
77
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 75

def credential_finder_key
  "warden.webauthn.credential_finder"
end

#delete_authentication_challengeObject 



49
50
51
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 49

def delete_authentication_challenge
  session.delete(authentication_challenge_key)
end

#parsed_credentialObject 



57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 57

def parsed_credential
  if raw_credential.nil? || raw_credential.empty?
    errors.add(:credential, :missing)
    return nil
  end

  begin
    JSON.parse(raw_credential)
  rescue JSON::JSONError
    errors.add(:credential, :json_error)
    nil
  end
end

#raw_credentialObject 



53
54
55
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 53

def raw_credential
  params[raw_credential_key]
end

#raw_credential_keyObject 



79
80
81
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 79

def raw_credential_key
  "credential"
end

#relying_partyObject

rubocop:enable Metrics/MethodLength



37
38
39
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 37

def relying_party
  env[relying_party_key]
end

#verify_authentication_and_find_stored_credentialObject

rubocop:disable Metrics/MethodLength



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/warden/webauthn/strategy_helpers.rb', line 14

def verify_authentication_and_find_stored_credential
  _, stored_credential = relying_party.verify_authentication(
    parsed_credential, authentication_challenge, user_verification: true
  ) do |webauthn_credential|
    x = credential_finder.find_with_credential_id(Base64.strict_encode64(webauthn_credential.raw_id))
    raise NoStoredCredentialFound if x.nil?

    x
  end

  stored_credential
rescue ::WebAuthn::Error => e
  fail!(ErrorKeyFinder.webauthn_error_key(exception: e))
  nil
rescue NoStoredCredentialFound
  errors.add(:stored_credential, :not_found)
  fail!(:stored_credential_not_found)
  nil
ensure
  delete_authentication_challenge
end