authelia/internal/handlers/webauthn.go

65 lines
1.9 KiB
Go
Raw Normal View History

package handlers
import (
"net/url"
"strings"
"github.com/go-webauthn/webauthn/protocol"
"github.com/go-webauthn/webauthn/webauthn"
"github.com/authelia/authelia/v4/internal/middlewares"
"github.com/authelia/authelia/v4/internal/model"
"github.com/authelia/authelia/v4/internal/session"
)
2023-02-11 15:47:03 +00:00
func getWebauthnUser(ctx *middlewares.AutheliaCtx, userSession session.UserSession) (user *model.WebauthnUser, err error) {
2023-02-14 02:53:57 +00:00
return getWebauthnUserByRPID(ctx, userSession.Username, userSession.DisplayName, "")
2023-02-11 15:47:03 +00:00
}
2023-02-14 02:53:57 +00:00
func getWebauthnUserByRPID(ctx *middlewares.AutheliaCtx, username, displayname string, rpid string) (user *model.WebauthnUser, err error) {
user = &model.WebauthnUser{
2023-02-14 02:53:57 +00:00
Username: username,
DisplayName: displayname,
}
if user.DisplayName == "" {
user.DisplayName = user.Username
}
2023-02-14 02:53:57 +00:00
if user.Devices, err = ctx.Providers.StorageProvider.LoadWebauthnDevicesByUsername(ctx, rpid, user.Username); err != nil {
return nil, err
}
return user, nil
}
func newWebauthn(ctx *middlewares.AutheliaCtx) (w *webauthn.WebAuthn, err error) {
var (
2023-02-11 15:47:03 +00:00
origin *url.URL
)
2023-02-11 15:47:03 +00:00
if origin, err = ctx.GetOrigin(); err != nil {
return nil, err
}
config := &webauthn.Config{
RPDisplayName: ctx.Configuration.Webauthn.DisplayName,
2023-02-11 15:47:03 +00:00
RPID: origin.Hostname(),
RPOrigins: []string{origin.String()},
RPIcon: "",
AttestationPreference: ctx.Configuration.Webauthn.ConveyancePreference,
AuthenticatorSelection: protocol.AuthenticatorSelection{
AuthenticatorAttachment: protocol.CrossPlatform,
UserVerification: ctx.Configuration.Webauthn.UserVerification,
RequireResidentKey: protocol.ResidentKeyNotRequired(),
},
Timeout: int(ctx.Configuration.Webauthn.Timeout.Milliseconds()),
}
ctx.Logger.Tracef("Creating new Webauthn RP instance with ID %s and Origins %s", config.RPID, strings.Join(config.RPOrigins, ", "))
return webauthn.New(config)
}