class WebAuthn::AuthenticatorAssertionResponse
Attributes
authenticator_data_bytes[R]
signature[R]
user_handle[R]
Public Class Methods
from_client(response)
click to toggle source
# File lib/webauthn/authenticator_assertion_response.rb, line 13 def self.from_client(response) encoder = WebAuthn.configuration.encoder user_handle = if response["userHandle"] encoder.decode(response["userHandle"]) end new( authenticator_data: encoder.decode(response["authenticatorData"]), client_data_json: encoder.decode(response["clientDataJSON"]), signature: encoder.decode(response["signature"]), user_handle: user_handle ) end
new(authenticator_data:, signature:, user_handle: nil, **options)
click to toggle source
Calls superclass method
# File lib/webauthn/authenticator_assertion_response.rb, line 31 def initialize(authenticator_data:, signature:, user_handle: nil, **options) super(**options) @authenticator_data_bytes = authenticator_data @signature = signature @user_handle = user_handle end
Public Instance Methods
authenticator_data()
click to toggle source
# File lib/webauthn/authenticator_assertion_response.rb, line 47 def authenticator_data @authenticator_data ||= WebAuthn::AuthenticatorData.deserialize(authenticator_data_bytes) end
verify(expected_challenge, expected_origin = nil, public_key:, sign_count:, user_verification: nil, rp_id: nil)
click to toggle source
Calls superclass method
# File lib/webauthn/authenticator_assertion_response.rb, line 39 def verify(expected_challenge, expected_origin = nil, public_key:, sign_count:, user_verification: nil, rp_id: nil) super(expected_challenge, expected_origin, user_verification: user_verification, rp_id: rp_id) verify_item(:signature, WebAuthn::PublicKey.deserialize(public_key)) verify_item(:sign_count, sign_count) true end
Private Instance Methods
type()
click to toggle source
# File lib/webauthn/authenticator_assertion_response.rb, line 68 def type WebAuthn::TYPES[:get] end
valid_sign_count?(stored_sign_count)
click to toggle source
# File lib/webauthn/authenticator_assertion_response.rb, line 59 def valid_sign_count?(stored_sign_count) normalized_sign_count = stored_sign_count || 0 if authenticator_data.sign_count.nonzero? || normalized_sign_count.nonzero? authenticator_data.sign_count > normalized_sign_count else true end end
valid_signature?(webauthn_public_key)
click to toggle source
# File lib/webauthn/authenticator_assertion_response.rb, line 55 def valid_signature?(webauthn_public_key) webauthn_public_key.verify(signature, authenticator_data_bytes + client_data.hash) end