Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/nov/web_authn
W3C Web Authentication API (a.k.a. WebAuthN / FIDO 2.0) RP library in Ruby
https://github.com/nov/web_authn
fido fido2 web-authentication webauth webauthn
Last synced: 1 day ago
JSON representation
W3C Web Authentication API (a.k.a. WebAuthN / FIDO 2.0) RP library in Ruby
- Host: GitHub
- URL: https://github.com/nov/web_authn
- Owner: nov
- License: mit
- Created: 2018-08-29T05:01:57.000Z (about 6 years ago)
- Default Branch: main
- Last Pushed: 2024-06-13T14:09:26.000Z (5 months ago)
- Last Synced: 2024-10-31T12:50:53.177Z (8 days ago)
- Topics: fido, fido2, web-authentication, webauth, webauthn
- Language: Ruby
- Homepage:
- Size: 72.3 KB
- Stars: 20
- Watchers: 4
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE.txt
Awesome Lists containing this project
- awesome-webauthn - Nov Matake: Ruby WebAuthn Lib - W3C Web Authentication API (a.k.a. WebAuthn / FIDO2) RP library in Ruby. (Server Libraries)
README
# WebAuthn
W3C Web Authentication API (a.k.a. WebAuthN / FIDO 2.0) RP library in Ruby
## Installation
Add this line to your application's Gemfile:
```ruby
gem 'web_authn'
```And then execute:
```sh
$ bundle
```Or install it yourself as:
```sh
$ gem install web_authn
```## Usage
```ruby
context = WebAuthn.context_for(
client_data_json, # NOTE: URL-safe Base64 encoded
origin: request.base_url,
challenge: session[:challenge],
)if context.registration?
context.verify!(
attestation_object # URL-safe Base64 encoded
)
context.credential_id
context.public_key # => `OpenSSL::PKey::RSA` or `OpenSSL::PKey::EC`
context.public_cose_key # => `COSE::Key::RSA` or `COSE::Key::EC2` ref.) https://github.com/nov/cose-key
context.sign_count # => `Integer`
elsif context.authentication?
context.verify!(
authenticator_data, # URL-safe Base64 encoded# NOTE:
# either 'public_key' or 'public_cose_key' is required.
# if `public_key` is given, you can also specify `digest` (default: `OpenSSL::Digest::SHA256.new`).
# if `public_cose_key` is given, it includes digest size information, so no `digest` is required.# public_key: public_key, # `OpenSSL::PKey::RSA` or `OpenSSL::PKey::EC`
# digest: OpenSSL::Digest::SHA256.new, # `OpenSSL::Digest::SHA(1|256|384|512)`` (default: `OpenSSL::Digest::SHA256`)
public_cose_key: public_cose_key, # `COSE::Key::RSA` or `COSE::Key::EC` ref.) https://github.com/nov/cose-keysign_count: previously_stored_sign_count,
signature: signature # URL-safe Base64 encoded
)
context.sign_count # => Integer
else
# should never happen.
end
```See sample code in this repository, or [working sample site](https://web-authn.herokuapp.com/).
Currently, there are several restrictions.
* only `none` attestation format is supported.
* only EC key w/ `P-(256|384|521)` public key is supported.
* authenticator data w/ extensions aren't supported.## Development
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `VERSION`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
## Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/nov/web_authn.
## License
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).