Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Windows 10 WebAuthn API #204

Merged
merged 2 commits into from
Oct 11, 2022
Merged

Add support for Windows 10 WebAuthn API #204

merged 2 commits into from
Oct 11, 2022

Conversation

micolous
Copy link
Collaborator

@micolous micolous commented Sep 25, 2022
edited
Loading

This adds support for Windows 10's WebAuthn API. This is effectively mandatory on Windows 10 Build 1903 and later, as it blocks direct access to FIDO authenticators for non-Administrator users.

webauthn2.mp4

This also adds a new authenticate example, pulled from SoftToken's unit tests.

Tasks remaining:

  • Finish populating WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS
  • Implement perform_auth
  • Come up with a reliable way to get/pass the HWND for the application window
  • Find a way to pass in application info
  • There's probably lifetime issues here, lots of raw pointers... Microsoft's windows crate has a very unsafe API
  • Make new test program for making test credentials (rather than stomping nfc_token_info...
  • Remove println! debugging
  • Set up CI on Windows (Run CI on windows #212)
  • Split all the non-Windows changes out of this PR (Add common fields from win10 branch #211 Remove support for credBlob, per #206 #210)

Fixes #

  • cargo fmt has been run
  • cargo test has been run and passes
  • documentation has been updated with relevant examples (if relevant)

@Firstyear
Copy link
Member

What else would you want before we merge this?

@micolous micolous force-pushed the windows10 branch 3 times, most recently from f33e8ee to aa3b9d0 Compare October 7, 2022 02:25
@micolous micolous mentioned this pull request Oct 7, 2022
Merged
@micolous micolous force-pushed the windows10 branch 4 times, most recently from 3def045 to 741ef76 Compare October 7, 2022 04:41
@micolous micolous changed the title WIP: Windows 10 webauthn API Windows 10 webauthn API Oct 7, 2022
@micolous micolous changed the title Windows 10 webauthn API Add support for Windows 10 WebAuthn API Oct 7, 2022
@micolous
Copy link
Collaborator Author

micolous commented Oct 7, 2022

What else would you want before we merge this?

Once #212 is in, I'll need to rebase this and it should be good to go.

@micolous micolous marked this pull request as ready for review October 10, 2022 22:13
@micolous micolous mentioned this pull request Oct 11, 2022
Merged
51 tasks
@Firstyear Firstyear merged commit 6588c45 into kanidm:master Oct 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yaleman yaleman yaleman left review comments

@Firstyear Firstyear Firstyear approved these changes

@agrinman agrinman Awaiting requested review from agrinman agrinman is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@micolous @Firstyear @yaleman