WIP: Passport strategy for FIDO 2.0
JavaScript
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib
.gitignore
LICENSE.txt
README.md
package.json

README.md

Passport-FIDO2

THIS IS BETA

Passport strategy for authenticating with FIDO 2.0.

Install

$ npm install passport-fido2

Usage

Configure Strategy

passport.use(new Fido2Strategy({
  readProfile: (id, callback) => {
    fs.readFile(`./keys/${id}.profile`, (err, data) => {
      if(err) return callback(err, null, null);
      try { data = JSON.parse(data); } catch(e) { return callback(e, null, null); }
      callback(null, data.key, data.profile);
    });
  }
},
function(id, profile, done){
  process.nextTick(function(){
    return done(null, profile);
  });
});

Authenticate Requests

app.get('/auth/fido2',
  passport.authenticate('fido2'));

app.get('/auth/line/callback',
  passport.authenticate('fido2', { failureRedirect: '/login', successRedirect: '/' }));

Generate challenge

app.get('/auth/fido2/challenge',
  (req, res) => res.send(Fido2Strategy.challenge('hmac-secret')));

Options

  • passReqToCallback (optional): Pass req object to callback
  • readProfile (required): function(id, callback(err, pubKey, profile)). you need load public key from your storage.

Note

Web service must send these authentication parameters via Query String.

  • id
  • clientData
  • authenticatorData
  • signature

And you may send these params (server generated challenges).

  • c
  • cs

License

The MIT License