-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor Controller concerns to not use Warden::WebAuthn::StrategyHelpers
#29
Refactor Controller concerns to not use Warden::WebAuthn::StrategyHelpers
#29
Commits on Jun 24, 2023
-
Sessions/ReauthenticationControllerConcern
: useWebAuthn::RackHelper
* In order to prevent a bleed-through between `warden-webauthn` and `devise-passkeys`, we need to use the new `Warden::WebAuthn::RackHelper` in order to get the `relying_party_key` that it defines * This prevents confusion & accidental over-inclusion that was caused by including the entire `Warden::WebAuthn::StrategyHelpers` module
Configuration menu - View commit details
-
Copy full SHA for b89d7a7 - Browse repository at this point
Copy the full SHA b89d7a7View commit details -
Refactor
PasskeysControllerConcern
to handle badparsed_credential
* In order to prevent a bleed-through between `warden-webauthn` and `devise-passkeys`, we need to add error-handling inside of `verify_passkey_challenge` instead of including the entire `Warden::WebAuthn::StrategyHelpers` * This prevents confusion & accidental over-inclusion that was caused by including the entire `Warden::WebAuthn::StrategyHelpers` module
Configuration menu - View commit details
-
Copy full SHA for bc2d4c7 - Browse repository at this point
Copy the full SHA bc2d4c7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 258a40c - Browse repository at this point
Copy the full SHA 258a40cView commit details -
Use
Warden::WebAuthn::RackHelper.set_relying_party_in_request_env
* The definitions from the README were added directly to `warden-webauthn`'s `Warden::WebAuthn::RackHelper` * see: ruby-passkeys/warden-webauthn@80d2101 * Therefore, we can remove this code and rely on the `RackHelper` to define the method for us
Configuration menu - View commit details
-
Copy full SHA for 7b7d501 - Browse repository at this point
Copy the full SHA 7b7d501View commit details -
Configuration menu - View commit details
-
Copy full SHA for d825ffd - Browse repository at this point
Copy the full SHA d825ffdView commit details -
Refactor
PasskeysControllerConcern
to have clearer credential verify* Moving the preamble checks that the `parsed_credential` is valid into its own `verify_credential_integrity` `before_action` helps keep the `verify_passkey_challenge` focused, since verifying the credential's integrity is a separate step (making sure it's not blank and is parseable JSON)
Configuration menu - View commit details
-
Copy full SHA for f1400cb - Browse repository at this point
Copy the full SHA f1400cbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 64e0b85 - Browse repository at this point
Copy the full SHA 64e0b85View commit details -
Configuration menu - View commit details
-
Copy full SHA for a64f3ba - Browse repository at this point
Copy the full SHA a64f3baView commit details