You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The documentation on this project includes such examples as:
authenticator_data = "..." # As returned by `navigator.credentials.get`
This doesn't make sense on its own, because WebAuthn mostly uses ArrayBuffers to send/receive data, and those can't be sent over the wire and received in Ruby natively like a string or an array. Different applications handle this differently:
I think either an ASCII string or regular base 64 would be preferable, assuming the former has no compatibility issues with most JSON transports. In addition, it would be nice if there was a way to "directly" read a response from the client, like the load_from_json method in https://github.com/castle/ruby-u2f , since pretty much every client of the library is going to have to do something similar.
So:
Are you willing to stick with a particular encoding suggestion?
Would you be willing to add a convenience method for constructing the AuthenticatorResponse classes from JSON?
The text was updated successfully, but these errors were encountered:
The documentation on this project includes such examples as:
authenticator_data = "..." # As returned by `navigator.credentials.get`
This doesn't make sense on its own, because WebAuthn mostly uses ArrayBuffers to send/receive data, and those can't be sent over the wire and received in Ruby natively like a string or an array. Different applications handle this differently:
True. This is a bit confusing. Needs an update.
We should say something like those arguments are expected to be ruby strings with binary encoding, like ASCII-8BIT.
I think either an ASCII string or regular base 64 would be preferable, assuming the former has no compatibility issues with most JSON transports. In addition, it would be nice if there was a way to "directly" read a response from the client, like the load_from_json method in https://github.com/castle/ruby-u2f , since pretty much every client of the library is going to have to do something similar.
So:
Are you willing to stick with a particular encoding suggestion?
Would you be willing to add a convenience method for constructing the AuthenticatorResponse classes from JSON?
So, we had some of that baked into the main public API, but we removed it #48 to let the gem be user-agent agnostic.
Providing convenience methods instead of baking it in the main API should be definitely something to consider.
The documentation on this project includes such examples as:
This doesn't make sense on its own, because WebAuthn mostly uses
ArrayBuffer
s to send/receive data, and those can't be sent over the wire and received in Ruby natively like a string or an array. Different applications handle this differently:https://github.com/cedarcode/webauthn-rails-demo-app encodes from/to
ArrayBuffer
by mapping the bytes to 8-bit ASCII:https://github.com/cedarcode/webauthn-rails-demo-app/blob/3afc964edfd3efeb4ad161d4b08a434e8370fd7a/app/assets/javascripts/application.js#L37-L46
https://github.com/duo-labs/webauthn uses websafe/urlsafe base 64 (and hex):
https://github.com/duo-labs/webauthn/blob/fa6cd954884baf24fc5a51656ce21c1a1ef574bc/static/js/webauthn.js#L227-L231
I think either an ASCII string or regular base 64 would be preferable, assuming the former has no compatibility issues with most JSON transports. In addition, it would be nice if there was a way to "directly" read a response from the client, like the
load_from_json
method in https://github.com/castle/ruby-u2f , since pretty much every client of the library is going to have to do something similar.So:
AuthenticatorResponse
classes from JSON?The text was updated successfully, but these errors were encountered: