https://github.com/oasisprotocol/demo-authzn
WebAuthN implementation for Oasis Sapphire
https://github.com/oasisprotocol/demo-authzn
Last synced: about 1 year ago
JSON representation
WebAuthN implementation for Oasis Sapphire
- Host: GitHub
- URL: https://github.com/oasisprotocol/demo-authzn
- Owner: oasisprotocol
- Created: 2023-08-04T12:50:10.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2024-04-15T06:50:49.000Z (about 2 years ago)
- Last Synced: 2025-04-09T01:11:05.303Z (about 1 year ago)
- Language: TypeScript
- Size: 2.88 MB
- Stars: 7
- Watchers: 16
- Forks: 2
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Sapphire Auth[ZN] Demo
This project demonstrates how to use WebAuthN credentials with Oasis Sapphire.
This allows users to use strong device-level authentication, such as TouchID,
YubiKey, Android biometric, Windows Hello etc.
Currently it only supports SEC P256 R1 credentials, and additional work will be
needed to adapt it to your specific use-case.
I have also included code for TOTP authentication.
TODO:
* When verifying attestations in contract
* Verify `clientDataJSON`
* Use an application-specific protocol to determine the base64 encoded `challenge` parameter
* Verify `authenticatorData` (which includes `rpIdHash`)
* Support RSA and Ed25519?
## Building, Testing & Running
To build and test:
```shell
pnpm install
make
make -C backend test
```
Then to start a local Sapphire node, deploy the contracts and run web server:
```shell
make sapphire-dev &
make -C backend deploy-local
make -C frontend run
```
Steps to test:
* Fill in `username` input
* Click `Register` button
* Click `Login` button
Testing without a WebAuthN compatible hardware key or supported device:
* In Chrome DevTools, click the Kebab Menu button next to the cog (`⋮`)
* Click 'More Tools'
* Click 'WebAuthN'
* Click 'Add' under 'New authenticator' (ctap2, usb)