Commit graph

21 commits

Author SHA1 Message Date
5920e0f58b Unvendor ocaml-cbor
Upstream supports `decode_partial` now.
2021-11-18 13:40:45 +01:00
ec499c2e68 Add version constraint on Dream 2021-10-14 13:45:20 +02:00
c825a21b19 Error: Authenticator has already been registered 2021-10-13 12:59:33 +02:00
Robur
00c1b4cf93 dune-project: disable formatting 2021-10-07 10:02:03 +00:00
Robur
44efdb1bae support U2F transport extension extraction from certificate
webauthn-demo: use base64js for decoding
display certificate pretty printed, and the transports
2021-10-07 09:57:51 +00:00
89703fe795 Show device certificate on successful register 2021-10-07 08:45:06 +00:00
55067c6741 Merge branch 'clientExtensions-optional' into main 2021-10-06 15:27:50 +00:00
defc231491 Do not require clientExtensions in clientDataJSON
It is not included in the output from Firefox 92.1.1 on Android. It *is*
included when using the same key on Firefox 78.14.0esr on Linux.
2021-10-06 17:13:41 +02:00
Robur
78be1d42df documentation 2021-10-06 11:57:42 +00:00
Robur
d926cf90b2 create may fail, validates origin 2021-10-06 10:12:47 +00:00
Robur
f1f0fe3229 Better errors 2021-10-06 09:48:19 +00:00
Robur
b6f99bfb16 provide a webauthn.mli, adapt the demo application 2021-10-05 15:56:20 +00:00
Robur
8bf98cf42b demo-app: use userid instead of username as keys into hashtables
pass challenge as output of Webauthn instead of input (to support multiple challenges)
2021-10-05 13:09:35 +00:00
Robur
ddebe8b804 Attestation type, rework session variables
* Allow the user to select attestation type
* Rework session variables and challenge tracking
2021-10-04 15:19:34 +00:00
Robur
a5af696428 error: remove unused constructor '`None' 2021-10-04 14:36:32 +00:00
Robur
3436722505 cleanup authentication flow, similar to registration flow 2021-10-04 14:36:00 +00:00
1587e76169 Rework registration flow
The registration page comes with a form where the user selects a
username. When the user clicks "register" a javascript function is
called that reads the user form input value and makes a GET request to
/challenge/:user where it receives a challenge and a user object as
JSON. The WebAuthn registration process continues using those challenge
parameters.

The user then receives an alert() with a string explaining the
registration status and is then redirected to the front page where a
flash message is displayed as well.
2021-10-04 10:43:32 +02:00
4eb1298af7 Display credential IDs as base64 2021-10-04 10:42:04 +02:00
aa65c0546b Adapt terminology to WebAuthn
It is not called application id in WebAuthn
2021-10-01 13:48:47 +02:00
Robur
9837815a5a works as initial version 2021-09-29 14:34:09 +00:00
Robur
55bb364b72 WIP 2021-09-28 11:30:14 +00:00