Class: Clarion::Authenticator

Inherits:

Object

• Object
• Clarion::Authenticator

Defined in:

lib/clarion/authenticator.rb

Defined Under Namespace

Classes: Error, InvalidKey

Instance Attribute Summary

• #authn ⇒ Object readonly

  Returns the value of attribute authn.

• #counter ⇒ Object readonly

  Returns the value of attribute counter.

• #store ⇒ Object readonly

  Returns the value of attribute store.

• #u2f ⇒ Object readonly

  Returns the value of attribute u2f.

Instance Method Summary

• #initialize(authn, u2f, counter, store) ⇒ Authenticator constructor

  A new instance of Authenticator.

• #request ⇒ Object
• #verify!(challenge, response_json) ⇒ Object

Constructor Details

#initialize(authn, u2f, counter, store) ⇒ Authenticator

Returns a new instance of Authenticator.

# File 'lib/clarion/authenticator.rb', line 9

def initialize(authn, u2f, counter, store)
  @authn = authn
  @u2f = u2f
  @counter = counter
  @store = store
end

Instance Attribute Details

#authn ⇒ Object (readonly)

Returns the value of attribute authn.

# File 'lib/clarion/authenticator.rb', line 16

def authn
  @authn
end

#counter ⇒ Object (readonly)

Returns the value of attribute counter.

# File 'lib/clarion/authenticator.rb', line 16

def counter
  @counter
end

#store ⇒ Object (readonly)

Returns the value of attribute store.

# File 'lib/clarion/authenticator.rb', line 16

def store
  @store
end

#u2f ⇒ Object (readonly)

Returns the value of attribute u2f.

# File 'lib/clarion/authenticator.rb', line 16

def u2f
  @u2f
end

Instance Method Details

#request ⇒ Object

# File 'lib/clarion/authenticator.rb', line 18

def request
  [u2f.app_id, u2f.authentication_requests(authn.keys.map(&:handle)), u2f.challenge]
end

#verify!(challenge, response_json) ⇒ Object

# File 'lib/clarion/authenticator.rb', line 22

def verify!(challenge, response_json)
  response = U2F::SignResponse.load_from_json(response_json)
  key = authn.key_for_handle(response.key_handle)
  unless key
    raise InvalidKey, "#{response.key_handle.inspect} is invalid token for authn #{authn.id}"
  end
  count = counter ? counter.get(key) : 0

  u2f.authenticate!(
    challenge,
    response,
    Base64.decode64(key.public_key),
    count,
  )

  unless authn.verify(key)
    raise Authenticator::InvalidKey
  end

  key.counter = response.counter
  if counter
    counter.store(key)
  end

  store.store_authn(authn)

  true
end