New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DEV: Refactor webauthn to support passkeys (1/3) #23586
Conversation
This is part 1 of 3, split up of PR #23529. This PR refactors the webauthn code to support passkey authentication/registration. Passkeys aren't used yet, that is coming in PRs 2 and 3.
# bit 6 - attested credential data | ||
# bit 7 - extension data | ||
|
||
def validate_user_presence |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Previously, we were checking for the user presence flag only but the validation was using the wrong name. The change here adds the correct error message for user presence and adds the correct flow for user verification. (Note that in the registration/authentication services, verification is only used for first-factor keys.)
This pull request has been mentioned on Discourse Meta. There might be relevant details there: https://meta.discourse.org/t/support-for-apples-passkeys-system/229259/32 |
Marked this as ready for review just now, if you have a chance to review please @tgxworld @davidtaylorhq. |
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some more small comments that needs to be resolved but I think the changes look great to me 👍
This is part 1 of 3, split up of PR #23529. This PR refactors the webauthn code to support passkey authentication/registration.
Passkeys aren't used yet, that is coming in PRs 2 and 3.
Changes in this PR include:
rp_id
andorigin
properties (this also simplifies local testing)