class WebAuthn::AuthenticatorResponse
Attributes
client_data_json[R]
Public Class Methods
new(client_data_json:)
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 23 def initialize(client_data_json:) @client_data_json = client_data_json end
Public Instance Methods
client_data()
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 55 def client_data @client_data ||= WebAuthn::ClientData.new(client_data_json) end
valid?(*args, **keyword_arguments)
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 49 def valid?(*args, **keyword_arguments) verify(*args, **keyword_arguments) rescue WebAuthn::VerificationError false end
verify(expected_challenge, expected_origin = nil, user_verification: nil, rp_id: nil)
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 27 def verify(expected_challenge, expected_origin = nil, user_verification: nil, rp_id: nil) expected_origin ||= WebAuthn.configuration.origin || raise("Unspecified expected origin") rp_id ||= WebAuthn.configuration.rp_id verify_item(:type) verify_item(:token_binding) verify_item(:challenge, expected_challenge) verify_item(:origin, expected_origin) verify_item(:authenticator_data) verify_item(:rp_id, rp_id || rp_id_from_origin(expected_origin)) if !WebAuthn.configuration.silent_authentication verify_item(:user_presence) end if user_verification verify_item(:user_verified) end true end
Private Instance Methods
rp_id_from_origin(expected_origin)
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 107 def rp_id_from_origin(expected_origin) URI.parse(expected_origin).host end
type()
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 111 def type raise NotImplementedError, "Please define #type method in subclass" end
valid_authenticator_data?()
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 93 def valid_authenticator_data? authenticator_data.valid? rescue WebAuthn::AuthenticatorDataFormatError false end
valid_challenge?(expected_challenge)
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 81 def valid_challenge?(expected_challenge) WebAuthn::SecurityUtils.secure_compare(client_data.challenge, expected_challenge) end
valid_origin?(expected_origin)
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 85 def valid_origin?(expected_origin) expected_origin && (client_data.origin == expected_origin) end
valid_rp_id?(rp_id)
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 89 def valid_rp_id?(rp_id) OpenSSL::Digest::SHA256.digest(rp_id) == authenticator_data.rp_id_hash end
valid_token_binding?()
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 77 def valid_token_binding? client_data.valid_token_binding_format? end
valid_type?()
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 73 def valid_type? client_data.type == type end
valid_user_presence?()
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 99 def valid_user_presence? authenticator_data.user_flagged? end
valid_user_verified?()
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 103 def valid_user_verified? authenticator_data.user_verified? end
verify_item(item, *args)
click to toggle source
# File lib/webauthn/authenticator_response.rb, line 63 def verify_item(item, *args) if send("valid_#{item}?", *args) true else camelized_item = item.to_s.split('_').map { |w| w.capitalize }.join error_const_name = "WebAuthn::#{camelized_item}VerificationError" raise Object.const_get(error_const_name) end end