class Rack::U2f::RegistrationServer

Middleware allow registration of u2f devices

Public Class Methods

new(config) click to toggle source
# File lib/rack/u2f/registration_server.rb, line 10
def initialize(config)
  @config = config
  @store = config[:store]
  @registration_enabled = config[:enable_registration]
end

Public Instance Methods

call(env) click to toggle source
# File lib/rack/u2f/registration_server.rb, line 16
def call(env)
  return registration_disabled unless @registration_enabled
  request = Rack::Request.new(env)
  if request.get?
    generate_registration(request)
  else
    store_registration(request)
  end
end

Private Instance Methods

generate_registration(request) click to toggle source
# File lib/rack/u2f/registration_server.rb, line 47
def generate_registration(request)
  u2f = U2F::U2F.new(extract_app_id(request))
  registration_requests = u2f.registration_requests
  request.session['challenges'] = registration_requests.map(&:challenge)
  key_handles = @store.key_handles
  sign_requests = u2f.authentication_requests(key_handles)

  registration_page(u2f.app_id, registration_requests, sign_requests)
end
registration_disabled() click to toggle source
# File lib/rack/u2f/registration_server.rb, line 28
def registration_disabled
  Rack::Response.new('Registration Disabled', 403)
end
registration_page(app_id, registration_requests, sign_requests) click to toggle source
# File lib/rack/u2f/registration_server.rb, line 57
def registration_page(app_id, registration_requests, sign_requests)
  content = Mustache.render(
    REGISTRATION_TEMPLATE,
    app_id: app_id.to_json,
    registration_requests: registration_requests.to_json,
    sign_requests: sign_requests.to_json,
    u2fjs: U2FJS
  )
  Rack::Response.new(content)
end
store_registration(request) click to toggle source
# File lib/rack/u2f/registration_server.rb, line 32
def store_registration(request)
  u2f = U2F::U2F.new(extract_app_id(request))
  response = U2F::RegisterResponse.load_from_json(request.params['response'])
  u2f.register!(request.session['challenges'], response)
  @store.store_registration(
    certificate: reg.certificate, key_handle: reg.key_handle,
    public_key: reg.public_key, counter: reg.counter
  )
  Rack::Response.new('Registration Successful')
rescue U2F::Error
  return Rack::Response.new('Unable to register device', 422)
ensure
  request.session.delete('challenges')
end