Commit graph

41 commits

Author SHA1 Message Date
20d47d5c21 add maintenance intent 2024-12-17 16:40:33 +01:00
ea5fc357da
Merge pull request #5 from robur-coop/rc-script
Freebsd rc script (and release)
2024-10-02 11:57:36 +02:00
ded3830ec6
Pretty printing of certificate exts (#6)
This exposes some X.509 extension details so we can pretty print certificates with Universal 2nd Factor (U2F) certificate transports extensions

Co-authored-by: Hannes Mehnert <hannes@mehnert.org>
2024-10-02 11:42:20 +02:00
1e79dea71a Refactor rc script 2024-09-18 16:26:15 +02:00
ead3b41dff Add FreeBSD rc script for running the demo 2024-09-17 11:36:54 +02:00
317ab54220 Prepare release 0.2.0 2024-09-13 17:22:12 +02:00
9dfc4e61e9
Merge pull request #4 from robur-coop/update-churn
Update to newer dependencies
2024-09-13 17:16:18 +02:00
af83fa8c2e
Update webauthn.opam
Co-authored-by: Hannes Mehnert <hannes@mehnert.org>
2024-09-13 14:30:22 +02:00
e2ed1efe9f Update to newer dependencies
Mirage-crypto>= 1.0.0, dream.1.0.0~alpha7 and get rid of cstruct.
2024-09-13 11:30:02 +02:00
71e9fe4ed2
Merge pull request #3 from sam-huckaby/readme-spellcheck
Update README.md
2023-10-02 10:48:13 +01:00
Sam Huckaby
28ec63374f
Update README.md
Fix a typo and add an indefinite pronoun "a".
2023-10-01 22:53:37 -04:00
d0006f6857 roburio -> robur-coop 2023-09-09 11:59:02 +02:00
9c2e24365d Merge pull request 'Update to dream.1.0.0~alpha4 and cmdliner>=1.1.0' (#5) from update-example into main
Reviewed-on: https://git.robur.io/robur/webauthn/pulls/5
2023-02-22 13:52:09 +00:00
2c2a7a9038 Update to dream.1.0.0~alpha4 and cmdliner>=1.1.0 2023-02-17 09:47:26 +01:00
18e5babfde Merge pull request #2 from herrjemand/patch-1 2021-11-22 09:59:23 +01:00
Ackermann Yuriy
3b2b437b51
Updated terms, and added additional description. 2021-11-20 21:39:15 +02:00
d5c387cfa5 Upstream changes from opam-repository 2021-11-19 11:33:39 +01:00
f58d2cfb51 Prepare for v0.1.0 release 2021-11-18 15:06:58 +01:00
40437c3aed Add BSD 2-clause license in LICENSE.md 2021-11-18 15:01:45 +01:00
6770bc4300 Merge pull request 'Unvendor ocaml-cbor' (#3) from unvendor-cbor into main
Reviewed-on: https://git.robur.io/robur/webauthn/pulls/3
2021-11-18 13:55:22 +00:00
5920e0f58b Unvendor ocaml-cbor
Upstream supports `decode_partial` now.
2021-11-18 13:40:45 +01:00
ec499c2e68 Add version constraint on Dream 2021-10-14 13:45:20 +02:00
c825a21b19 Error: Authenticator has already been registered 2021-10-13 12:59:33 +02:00
Robur
00c1b4cf93 dune-project: disable formatting 2021-10-07 10:02:03 +00:00
Robur
44efdb1bae support U2F transport extension extraction from certificate
webauthn-demo: use base64js for decoding
display certificate pretty printed, and the transports
2021-10-07 09:57:51 +00:00
89703fe795 Show device certificate on successful register 2021-10-07 08:45:06 +00:00
55067c6741 Merge branch 'clientExtensions-optional' into main 2021-10-06 15:27:50 +00:00
defc231491 Do not require clientExtensions in clientDataJSON
It is not included in the output from Firefox 92.1.1 on Android. It *is*
included when using the same key on Firefox 78.14.0esr on Linux.
2021-10-06 17:13:41 +02:00
Robur
78be1d42df documentation 2021-10-06 11:57:42 +00:00
Robur
d926cf90b2 create may fail, validates origin 2021-10-06 10:12:47 +00:00
Robur
f1f0fe3229 Better errors 2021-10-06 09:48:19 +00:00
Robur
b6f99bfb16 provide a webauthn.mli, adapt the demo application 2021-10-05 15:56:20 +00:00
Robur
8bf98cf42b demo-app: use userid instead of username as keys into hashtables
pass challenge as output of Webauthn instead of input (to support multiple challenges)
2021-10-05 13:09:35 +00:00
Robur
ddebe8b804 Attestation type, rework session variables
* Allow the user to select attestation type
* Rework session variables and challenge tracking
2021-10-04 15:19:34 +00:00
Robur
a5af696428 error: remove unused constructor '`None' 2021-10-04 14:36:32 +00:00
Robur
3436722505 cleanup authentication flow, similar to registration flow 2021-10-04 14:36:00 +00:00
1587e76169 Rework registration flow
The registration page comes with a form where the user selects a
username. When the user clicks "register" a javascript function is
called that reads the user form input value and makes a GET request to
/challenge/:user where it receives a challenge and a user object as
JSON. The WebAuthn registration process continues using those challenge
parameters.

The user then receives an alert() with a string explaining the
registration status and is then redirected to the front page where a
flash message is displayed as well.
2021-10-04 10:43:32 +02:00
4eb1298af7 Display credential IDs as base64 2021-10-04 10:42:04 +02:00
aa65c0546b Adapt terminology to WebAuthn
It is not called application id in WebAuthn
2021-10-01 13:48:47 +02:00
Robur
9837815a5a works as initial version 2021-09-29 14:34:09 +00:00
Robur
55bb364b72 WIP 2021-09-28 11:30:14 +00:00