Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Propagate transports #111

Merged
merged 5 commits into from
Jan 21, 2022
Merged

Propagate transports #111

merged 5 commits into from
Jan 21, 2022

Conversation

infinisil
Copy link
Member

@infinisil infinisil commented Jan 20, 2022
edited
Loading

Since github/webauthn-json#44 the getTransports result is propagated to the JSON registration responses, which we should pass along in the library and store in the database of the demo server. See individual commits for more info. Resolves #108

I tested to make sure that the demo server correctly passes this information along by:

  • Using chromium as a browser, since firefox or any iOS browser doesn't seem to support getTransports() (yet?)
  • Registering with a Yubikey with NFC and USB support, ensuring that these two transport types are returned when registered and inserted into the database.
  • Checking that my iPhone with NFC support can also use this yubikey to log into the same account
  • Verifying that when I change the stored transports to USB only (sqlite3 users.sqlite3 'update credential_entries set transports = 2;'), the iPhone can no longer use the security key through NFC
  • Verifying that when I change it to NFC only (sqlite3 users.sqlite3 'update credential_entries set transports = 8;'), the desktop browser can no longer be used to log in

@infinisil
Update server js dependencies, including webauthn-json
c6c3c2c 
Includes github/webauthn-json#44, which passes
through transports information

Also updates parcel and adds some fixes for that
@infinisil
server: Show the raw JSON structures being received
6adf5c9 
As generated by webauthn-json. This allows running the demo server and
copy pasting its logs to create new test cases
@infinisil
Add transports information to registration response types
138dd7c 
This is only possible since webauthn-json has recently implemented
support for [passing this value](github/webauthn-json#44)
@infinisil
Return transports from registration verification
1b8d541 
In the server, this result is stored in the database so that it can be
passed to future logins via CredentialEntry's
@infinisil infinisil merged commit d10e51f into master Jan 21, 2022
@infinisil infinisil deleted the transports branch January 21, 2022 11:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ErinvanderVeen ErinvanderVeen ErinvanderVeen approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement transports
2 participants
@infinisil @ErinvanderVeen