summaryrefslogtreecommitdiffstats
path: root/modules/auth/webauthn
diff options
context:
space:
mode:
Diffstat (limited to 'modules/auth/webauthn')
-rw-r--r--modules/auth/webauthn/webauthn.go77
-rw-r--r--modules/auth/webauthn/webauthn_test.go25
2 files changed, 102 insertions, 0 deletions
diff --git a/modules/auth/webauthn/webauthn.go b/modules/auth/webauthn/webauthn.go
new file mode 100644
index 0000000..189d197
--- /dev/null
+++ b/modules/auth/webauthn/webauthn.go
@@ -0,0 +1,77 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package webauthn
+
+import (
+ "encoding/binary"
+ "encoding/gob"
+
+ "code.gitea.io/gitea/models/auth"
+ "code.gitea.io/gitea/models/db"
+ user_model "code.gitea.io/gitea/models/user"
+ "code.gitea.io/gitea/modules/setting"
+
+ "github.com/go-webauthn/webauthn/protocol"
+ "github.com/go-webauthn/webauthn/webauthn"
+)
+
+// WebAuthn represents the global WebAuthn instance
+var WebAuthn *webauthn.WebAuthn
+
+// Init initializes the WebAuthn instance from the config.
+func Init() {
+ gob.Register(&webauthn.SessionData{})
+
+ appURL, _ := protocol.FullyQualifiedOrigin(setting.AppURL)
+
+ WebAuthn = &webauthn.WebAuthn{
+ Config: &webauthn.Config{
+ RPDisplayName: setting.AppName,
+ RPID: setting.Domain,
+ RPOrigins: []string{appURL},
+ AuthenticatorSelection: protocol.AuthenticatorSelection{
+ UserVerification: "discouraged",
+ },
+ AttestationPreference: protocol.PreferDirectAttestation,
+ },
+ }
+}
+
+// User represents an implementation of webauthn.User based on User model
+type User user_model.User
+
+// WebAuthnID implements the webauthn.User interface
+func (u *User) WebAuthnID() []byte {
+ id := make([]byte, 8)
+ binary.PutVarint(id, u.ID)
+ return id
+}
+
+// WebAuthnName implements the webauthn.User interface
+func (u *User) WebAuthnName() string {
+ if u.LoginName == "" {
+ return u.Name
+ }
+ return u.LoginName
+}
+
+// WebAuthnDisplayName implements the webauthn.User interface
+func (u *User) WebAuthnDisplayName() string {
+ return (*user_model.User)(u).DisplayName()
+}
+
+// WebAuthnIcon implements the webauthn.User interface
+func (u *User) WebAuthnIcon() string {
+ return (*user_model.User)(u).AvatarLink(db.DefaultContext)
+}
+
+// WebAuthnCredentials implementns the webauthn.User interface
+func (u *User) WebAuthnCredentials() []webauthn.Credential {
+ dbCreds, err := auth.GetWebAuthnCredentialsByUID(db.DefaultContext, u.ID)
+ if err != nil {
+ return nil
+ }
+
+ return dbCreds.ToCredentials()
+}
diff --git a/modules/auth/webauthn/webauthn_test.go b/modules/auth/webauthn/webauthn_test.go
new file mode 100644
index 0000000..15a8d71
--- /dev/null
+++ b/modules/auth/webauthn/webauthn_test.go
@@ -0,0 +1,25 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package webauthn
+
+import (
+ "testing"
+
+ "code.gitea.io/gitea/modules/setting"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func TestInit(t *testing.T) {
+ setting.Domain = "domain"
+ setting.AppName = "AppName"
+ setting.AppURL = "https://domain/"
+ rpOrigin := []string{"https://domain"}
+
+ Init()
+
+ assert.Equal(t, setting.Domain, WebAuthn.Config.RPID)
+ assert.Equal(t, setting.AppName, WebAuthn.Config.RPDisplayName)
+ assert.Equal(t, rpOrigin, WebAuthn.Config.RPOrigins)
+}