From dd136858f1ea40ad3c94191d647487fa4f31926c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 18 Oct 2024 20:33:49 +0200 Subject: Adding upstream version 9.0.0. Signed-off-by: Daniel Baumann --- modules/auth/webauthn/webauthn.go | 77 ++++++++++++++++++++++++++++++++++ modules/auth/webauthn/webauthn_test.go | 25 +++++++++++ 2 files changed, 102 insertions(+) create mode 100644 modules/auth/webauthn/webauthn.go create mode 100644 modules/auth/webauthn/webauthn_test.go (limited to 'modules/auth/webauthn') diff --git a/modules/auth/webauthn/webauthn.go b/modules/auth/webauthn/webauthn.go new file mode 100644 index 0000000..189d197 --- /dev/null +++ b/modules/auth/webauthn/webauthn.go @@ -0,0 +1,77 @@ +// Copyright 2021 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package webauthn + +import ( + "encoding/binary" + "encoding/gob" + + "code.gitea.io/gitea/models/auth" + "code.gitea.io/gitea/models/db" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/setting" + + "github.com/go-webauthn/webauthn/protocol" + "github.com/go-webauthn/webauthn/webauthn" +) + +// WebAuthn represents the global WebAuthn instance +var WebAuthn *webauthn.WebAuthn + +// Init initializes the WebAuthn instance from the config. +func Init() { + gob.Register(&webauthn.SessionData{}) + + appURL, _ := protocol.FullyQualifiedOrigin(setting.AppURL) + + WebAuthn = &webauthn.WebAuthn{ + Config: &webauthn.Config{ + RPDisplayName: setting.AppName, + RPID: setting.Domain, + RPOrigins: []string{appURL}, + AuthenticatorSelection: protocol.AuthenticatorSelection{ + UserVerification: "discouraged", + }, + AttestationPreference: protocol.PreferDirectAttestation, + }, + } +} + +// User represents an implementation of webauthn.User based on User model +type User user_model.User + +// WebAuthnID implements the webauthn.User interface +func (u *User) WebAuthnID() []byte { + id := make([]byte, 8) + binary.PutVarint(id, u.ID) + return id +} + +// WebAuthnName implements the webauthn.User interface +func (u *User) WebAuthnName() string { + if u.LoginName == "" { + return u.Name + } + return u.LoginName +} + +// WebAuthnDisplayName implements the webauthn.User interface +func (u *User) WebAuthnDisplayName() string { + return (*user_model.User)(u).DisplayName() +} + +// WebAuthnIcon implements the webauthn.User interface +func (u *User) WebAuthnIcon() string { + return (*user_model.User)(u).AvatarLink(db.DefaultContext) +} + +// WebAuthnCredentials implementns the webauthn.User interface +func (u *User) WebAuthnCredentials() []webauthn.Credential { + dbCreds, err := auth.GetWebAuthnCredentialsByUID(db.DefaultContext, u.ID) + if err != nil { + return nil + } + + return dbCreds.ToCredentials() +} diff --git a/modules/auth/webauthn/webauthn_test.go b/modules/auth/webauthn/webauthn_test.go new file mode 100644 index 0000000..15a8d71 --- /dev/null +++ b/modules/auth/webauthn/webauthn_test.go @@ -0,0 +1,25 @@ +// Copyright 2021 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package webauthn + +import ( + "testing" + + "code.gitea.io/gitea/modules/setting" + + "github.com/stretchr/testify/assert" +) + +func TestInit(t *testing.T) { + setting.Domain = "domain" + setting.AppName = "AppName" + setting.AppURL = "https://domain/" + rpOrigin := []string{"https://domain"} + + Init() + + assert.Equal(t, setting.Domain, WebAuthn.Config.RPID) + assert.Equal(t, setting.AppName, WebAuthn.Config.RPDisplayName) + assert.Equal(t, rpOrigin, WebAuthn.Config.RPOrigins) +} -- cgit v1.2.3