Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor Controller concerns to not use Warden::WebAuthn::StrategyHelpers #29

Merged
merged 8 commits into from
Jun 24, 2023
Merged

Refactor Controller concerns to not use Warden::WebAuthn::StrategyHelpers #29

merged 8 commits into from
Jun 24, 2023

Commits on Jun 24, 2023

  1. Sessions/ReauthenticationControllerConcern: use WebAuthn::RackHelper 

    * In order to prevent a bleed-through between `warden-webauthn` and
	`devise-passkeys`, we need to use the new
	`Warden::WebAuthn::RackHelper` in order to get the `relying_party_key`
	that it defines
	* This prevents confusion & accidental over-inclusion that was caused
		by including the entire `Warden::WebAuthn::StrategyHelpers` module
    @tcannonfodder
    tcannonfodder committed Jun 24, 2023
    Configuration menu
    Copy the full SHA
    b89d7a7 View commit details
    Browse the repository at this point in the history

  2. Refactor PasskeysControllerConcern to handle bad parsed_credential 

    * In order to prevent a bleed-through between `warden-webauthn` and
	`devise-passkeys`, we need to add error-handling inside of
	`verify_passkey_challenge` instead of including the entire
	`Warden::WebAuthn::StrategyHelpers`
	* This prevents confusion & accidental over-inclusion that was caused
		by including the entire `Warden::WebAuthn::StrategyHelpers` module
    @tcannonfodder
    tcannonfodder committed Jun 24, 2023
    Configuration menu
    Copy the full SHA
    bc2d4c7 View commit details
    Browse the repository at this point in the history

  3. Update CHANGELOG.md

    @tcannonfodder
    tcannonfodder committed Jun 24, 2023
    Configuration menu
    Copy the full SHA
    258a40c View commit details
    Browse the repository at this point in the history

  4. Use Warden::WebAuthn::RackHelper.set_relying_party_in_request_env 

    * The definitions from the README were added directly to
	`warden-webauthn`'s `Warden::WebAuthn::RackHelper`
	* see: ruby-passkeys/warden-webauthn@80d2101
* Therefore, we can remove this code and rely on the `RackHelper`
	to define the method for us
    @tcannonfodder
    tcannonfodder committed Jun 24, 2023
    Configuration menu
    Copy the full SHA
    7b7d501 View commit details
    Browse the repository at this point in the history

  5. Bump to warden-webauthn 0.2.1

    @tcannonfodder
    tcannonfodder committed Jun 24, 2023
    Configuration menu
    Copy the full SHA
    d825ffd View commit details
    Browse the repository at this point in the history

  6. Refactor PasskeysControllerConcern to have clearer credential verify 

    * Moving the preamble checks that the `parsed_credential` is valid into
	its own `verify_credential_integrity` `before_action` helps keep the
	`verify_passkey_challenge` focused, since verifying the credential's
	integrity is a separate step (making sure it's not blank and is
	parseable JSON)
    @tcannonfodder
    tcannonfodder committed Jun 24, 2023
    Configuration menu
    Copy the full SHA
    f1400cb View commit details
    Browse the repository at this point in the history

  7. Update CHANGELOG

    @tcannonfodder
    tcannonfodder committed Jun 24, 2023
    Configuration menu
    Copy the full SHA
    64e0b85 View commit details
    Browse the repository at this point in the history

  8. Add missing change in CHANGELOG

    @tcannonfodder
    tcannonfodder committed Jun 24, 2023
    Configuration menu
    Copy the full SHA
    a64f3ba View commit details
    Browse the repository at this point in the history