{"id":17250272,"url":"https://github.com/sorah/clarion","last_synced_at":"2025-07-23T16:10:15.251Z","repository":{"id":47583344,"uuid":"113322746","full_name":"sorah/clarion","owner":"sorah","description":"WebAuthn (U2F) helper for CLI operations (e.g. SSH Log in)","archived":false,"fork":false,"pushed_at":"2022-05-26T07:00:26.000Z","size":83,"stargazers_count":85,"open_issues_count":0,"forks_count":5,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-07-16T09:55:58.147Z","etag":null,"topics":["fido-u2f","fido2","pam","u2f","webauthn","yubikey"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sorah.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-12-06T13:53:08.000Z","updated_at":"2025-01-16T19:58:19.000Z","dependencies_parsed_at":"2022-08-30T21:10:42.807Z","dependency_job_id":null,"html_url":"https://github.com/sorah/clarion","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/sorah/clarion","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sorah%2Fclarion","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sorah%2Fclarion/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sorah%2Fclarion/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sorah%2Fclarion/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sorah","download_url":"https://codeload.github.com/sorah/clarion/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sorah%2Fclarion/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266708514,"owners_count":23971946,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-23T02:00:09.312Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fido-u2f","fido2","pam","u2f","webauthn","yubikey"],"created_at":"2024-10-15T06:46:43.543Z","updated_at":"2025-07-23T16:10:15.222Z","avatar_url":"https://github.com/sorah.png","language":"Ruby","readme":"# Clarion: WebAuthn helper for CLI operations (e.g. SSH Log in)\n\n![](https://img.sorah.jp/s/ssh-u2f.gif)\n\nClarion is a web-based frontend to allow remote,non-browser operations (CLI) to perform 2FA on their users.\n\n## How it works\n\nAny software/scripts want to perform 2FA _(app)_ creates _a request_ on Clarion. Then _app_ requests user to visit a request specific path on Clarion.\nClarion then performs 2FA on behalf of _app,_ and finally returns an authentication result to _app._\n\nClarion also provides a way to retrieve user's key handle and public key.\n\nNote that Clarion itself doesn't manage users' key handle and public key. User information should be provided every time when requesting authentication.\n\n## Set up\n\nClarion is a Rack application. Docker image is also available.\n\nSee [config.ru](./config.ru) for detailed configuration. The following environment variable is supported by the bundled config.ru.\n\n- `SECRET_KEY_BASE` (required)\n- `CLARION_REGISTRATION_ALLOWED_URL` (required): Regexp that matches against URLs. Only matched URLs are allowed for key registration callback.\n- `CLARION_AUTHN_DEFAULT_EXPIRES_IN` (default: `300`): authn lifetime in seconds.\n- `CLARION_STORE` (required, default: `s3`): See [docs/stores.md](./docs/stores.md)\n- S3 store:\n  - `CLARION_STORE_S3_BUCKET`\n  - `CLARION_STORE_S3_REGION`\n  - `CLARION_STORE_S3_PREFIX` (optional, recommended to end with `/`)\n- `CLARION_COUNTER` (optional, default: `dynamodb`): See [docs/counters.md](./docs/counters.md)\n  - `CLARION_COUNTER_DYNAMODB_TABLE`\n  - `CLARION_COUNTER_DYNAMODB_REGION`\n\n\n## Usage\n\n### Real world example: SSH log in\n\nSee [./examples/pam-u2f](./examples/pam-u2f)\n\n### Test implementation\n\nVisit `/test` exists in your application. This endpoint doesn't work for multi-process/multi-threaded deployment.\n\nSee [app/views/test.erb](./app/views/test.erb), [app/views/test_callback.erb](./app/views/test_callback.erb), [app/public/test.js](./app/public/test.js) for implementation.\n\n### API\n\nSee [docs/api.md](./docs/api.md)\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.\n\nTo install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).\n\n## To-dos\n\n- [ ] Write an integration test\n- [ ] Write a unit test\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/sorah/clarion.\n\n## License\n\nThe gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsorah%2Fclarion","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsorah%2Fclarion","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsorah%2Fclarion/lists"}