Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add prf extension #65

Open
lgarron opened this issue Jul 18, 2022 · 6 comments
Open

Add prf extension #65

lgarron opened this issue Jul 18, 2022 · 6 comments
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@lgarron
Copy link
Contributor

lgarron commented Jul 18, 2022

w3c/webauthn#1732 re-added this: https://w3c.github.io/webauthn/#prf-extension

We need to add support here:

webauthn-json/src/webauthn-json/extended/schema.ts

Lines 12 to 34 in 5206e71

const authenticationExtensionsClientInputsSchema: Schema = {
appid: optional(copyValue),
appidExclude: optional(copyValue),
uvm: optional(copyValue),
credProps: optional(copyValue),
largeBlob: optional({
support: optional(copyValue),
read: optional(copyValue),
write: optional(convertValue),
}),
};
const authenticationExtensionsClientOutputsSchema: Schema = {
appid: optional(copyValue),
appidExclude: optional(copyValue),
uvm: optional(copyValue),
credProps: optional(copyValue),
largeBlob: optional({
supported: optional(copyValue),
blob: optional(convertValue),
written: optional(copyValue),
}),
};

webauthn-json/src/webauthn-json/extended/json.ts

Lines 12 to 36 in 5206e71

interface ExtendedExtensionsClientInputsJSON {
appid?: string;
appidExclude?: string;
uvm?: boolean;
credProps?: boolean;
largeBlob?: {
support?: "required" | "preferred";
read?: boolean;
write?: Base64urlString;
};
}
interface ExtendedAuthenticationExtensionsClientOutputsJSON {
appid?: boolean;
appidExclude?: boolean;
uvm?: Array<[number, number, number]>;
credProps?: {
rk: boolean;
};
largeBlob?: {
supported?: boolean;
blob?: Base64urlString;
written?: boolean;
};
}

@lgarron lgarron added enhancement New feature or request help wanted Extra attention is needed good first issue Good for newcomers labels Jul 18, 2022
@imrishabh18
Copy link

imrishabh18 commented Jul 18, 2022
edited

Hey @lgarron, I am new to this codebase. But would like to take up this issue.

@lgarron
Copy link
Contributor Author

lgarron commented Aug 11, 2022

Hey @lgarron, I am new to this codebase. But would like to take up this issue.

Feel free to tackle a PR. Do you need any help beyond the links above?

lgarron added a commit that referenced this issue Sep 19, 2022
@lgarron
Start work on prf support. Addresses #65.
f2d5d60 
We need a way for the schema to specify that all the *values* of an object need to be translated for arbitrary keys.
@fcorneli
Copy link

The following is working for me:

webauthnJSON.schema.credentialCreationOptions.publicKey.schema.extensions.schema.prf = {
            required: false,
            schema: {
                eval: {
                    required: false,
                    schema: {
                        first: {
                            required: true,
                            schema: "convert"
                        }
                    }
                },
                evalByCredential: {
                    required: false,
                    schema: "copy",
                    derive: function (input) {
                        console.log("derive");
                        console.log(input);
                        let evalByCredentialObject = input.evalByCredential;
                        if (!(evalByCredentialObject instanceof Object)) {
                            return;
                        }
                        for (const [key, value] of Object.entries(evalByCredentialObject)) {
                            console.log("first: " + value.first);
                            value.first = $this.base64urlToBuffer(value.first);
                        }
                        return evalByCredentialObject;
                    }
                }
            }
        };
        webauthnJSON.schema.credentialCreationOptions.publicKey.schema.extensions.schema.uvm = {
            required: false,
            schema: "copy"
        };
        webauthnJSON.schema.publicKeyCredentialWithAttestation.clientExtensionResults.schema.prf = {
            required: false,
            schema: {
                enabled: {
                    required: false,
                    schema: "copy"
                },
                results: {
                    required: false,
                    schema: {
                        first: {
                            required: true,
                            schema: "convert"
                        }
                    }
                }
            }
        };
        webauthnJSON.schema.publicKeyCredentialWithAttestation.clientExtensionResults.schema.uvm = {
            required: false,
            schema: "copy"
        };

Only getting evalByCredential right was a bit tricky.

@fcorneli
Copy link

fcorneli commented Nov 1, 2023

See also:
https://github.com/e-Contract/enterprise-jsf/blob/master/ejsf-taglib/src/main/resources/META-INF/resources/ejsf/webauthn.js#L18

@raashidanwar
Copy link

Hey @lgarron 👋 ,

I want to take this up.

@lgarron
Copy link
Contributor Author

lgarron commented Jan 1, 2024

@raashidanwar As I no longer work at GitHub, I can't maintain this project. Perhaps @KyFaSt or @fletchto99 can tell you if this project is open to contributions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@lgarron @fcorneli @raashidanwar @imrishabh18