{"id":50914164,"url":"https://github.com/rozd/passage-webauthn","last_synced_at":"2026-06-16T13:02:23.900Z","repository":{"id":352408026,"uuid":"1215037396","full_name":"rozd/passage-webauthn","owner":"rozd","description":"WebAuthn passkey implementation for Vapor Passage authentication framework.","archived":false,"fork":false,"pushed_at":"2026-05-03T19:29:40.000Z","size":48,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-03T21:22:03.569Z","etag":null,"topics":["authentication","passage","vapor","webauthn"],"latest_commit_sha":null,"homepage":"","language":"Swift","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rozd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-19T11:53:09.000Z","updated_at":"2026-05-03T19:24:15.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/rozd/passage-webauthn","commit_stats":null,"previous_names":["rozd/passage-webauthn"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/rozd/passage-webauthn","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rozd%2Fpassage-webauthn","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rozd%2Fpassage-webauthn/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rozd%2Fpassage-webauthn/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rozd%2Fpassage-webauthn/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rozd","download_url":"https://codeload.github.com/rozd/passage-webauthn/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rozd%2Fpassage-webauthn/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34406824,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-16T02:00:06.860Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","passage","vapor","webauthn"],"created_at":"2026-06-16T13:02:22.883Z","updated_at":"2026-06-16T13:02:23.895Z","avatar_url":"https://github.com/rozd.png","language":"Swift","funding_links":[],"categories":[],"sub_categories":[],"readme":"# passage-webauthn\n\n[![Release](https://img.shields.io/github/v/release/rozd/passage-webauthn)](https://github.com/rozd/passage-webauthn/releases)\n[![Swift 6.3](https://img.shields.io/badge/Swift-6.3-orange.svg)](https://swift.org)\n[![License](https://img.shields.io/github/license/rozd/passage-webauthn)](LICENSE)\n[![codecov](https://codecov.io/gh/rozd/passage-webauthn/branch/main/graph/badge.svg)](https://codecov.io/gh/rozd/passage-webauthn)\n\nWebAuthn passkey implementation for [Passage](https://github.com/vapor-community/passage) authentication framework.\n\nThis package provides a bridge between Passage and [webauthn-swift](https://github.com/swift-server/webauthn-swift), enabling passwordless passkey authentication (registration and assertion) backed by the W3C WebAuthn standard.\n\n\u003e **Note:** This package cannot be used standalone. It requires both [Passage](https://github.com/vapor-community/passage) and [webauthn-swift](https://github.com/swift-server/webauthn-swift) packages to function.\n\n## Installation\n\nAdd the package to your `Package.swift`:\n\n```swift\ndependencies: [\n .package(url: \"https://github.com/rozd/passage-webauthn.git\", from: \"0.0.1\"),\n]\n```\n\nThen add `PassageWebAuthn` to your target dependencies:\n\n```swift\n.target(\n name: \"App\",\n dependencies: [\n .product(name: \"PassageWebAuthn\", package: \"passage-webauthn\"),\n ]\n)\n```\n\n## Configuration\n\nConfigure `WebAuthnPasskeyService` with your relying-party details:\n\n```swift\nimport Passage\nimport PassageWebAuthn\nimport WebAuthn\n\nlet passkeyService = WebAuthnPasskeyService(\n configuration: .init(\n relyingPartyID: \"example.com\",\n relyingPartyName: \"My App\",\n relyingPartyOrigin: \"https://example.com\"\n )\n)\n```\n\nThen pass it to Passage during configuration:\n\n```swift\ntry await app.passage.configure(\n services: .init(\n store: store,\n emailDelivery: emailDelivery,\n phoneDelivery: phoneDelivery,\n passkey: passkeyService,\n // ... other services\n ),\n configuration: .init(\n passkey: .init(\n policy: .init(\n timeout: .seconds(60),\n attestation: .none,\n userVerification: .required,\n supportedAlgorithms: [.ES256, .RS256]\n )\n ),\n // ... other configuration\n )\n)\n```\n\n## How It Works\n\nPassageWebAuthn implements the four-step WebAuthn ceremony on behalf of Passage:\n\n| Step | Method | Description |\n|------|--------|-------------|\n| 1 | `beginRegistration` | Generates `PublicKeyCredentialCreationOptions` and a short-lived challenge |\n| 2 | `finishRegistration` | Verifies attestation, extracts the new credential, and maps it to a `PasskeyCredential` |\n| 3 | `beginAuthentication` | Generates `PublicKeyCredentialRequestOptions` and a short-lived challenge |\n| 4 | `finishAuthentication` | Verifies the assertion signature and returns updated sign-count and backup state |\n\nChallenges are managed by Passage core (stored and looked up via the `lookupChallenge` callback); this package only handles the cryptographic verification layer.\n\n## Relying Party Configuration\n\n| Parameter | Description |\n|-----------|-------------|\n| `relyingPartyID` | Your domain (e.g. `example.com`). Must match the origin without scheme or port. |\n| `relyingPartyName` | Human-readable app name shown by the authenticator UI. |\n| `relyingPartyOrigin` | Full origin of your app (e.g. `https://example.com`). |\n\n## Passkey Policy\n\nThe `Passage.Configuration.Passkey.Policy` passed to each method controls:\n\n| Option | Values | Description |\n|--------|--------|-------------|\n| `userVerification` | `.required`, `.preferred`, `.discouraged` | Whether PIN/biometric is required |\n| `attestation` | `.none`, `.indirect`, `.direct`, `.enterprise` | Attestation conveyance preference |\n| `timeout` | `Duration?` | Browser ceremony timeout (e.g. `.seconds(60)`) |\n| `supportedAlgorithms` | `[COSEAlgorithmIdentifier]` | Accepted public key algorithms (e.g. `.ES256`, `.RS256`). Algorithms unsupported by `swift-webauthn` (`.EdDSA`, `.ESP256`, `.ESP384`, `.ESP512`) are silently dropped. |\n\n## Requirements\n\n- Swift 6.3+\n- macOS 13+ / Linux\n- Passage 0.5.1+\n- Vapor 4.119+\n- webauthn-swift 1.0.0-beta.1+\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frozd%2Fpassage-webauthn","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frozd%2Fpassage-webauthn","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frozd%2Fpassage-webauthn/lists"}