Class: WebAuthn::FakeClient

Inherits:

Object

• Object
• WebAuthn::FakeClient

Defined in:

lib/webauthn/fake_client.rb

Constant Summary

TYPES =

{ create: "webauthn.create", get: "webauthn.get" }.freeze

Instance Attribute Summary

• #encoding ⇒ Object readonly

  Returns the value of attribute encoding.

• #origin ⇒ Object readonly

  Returns the value of attribute origin.

• #token_binding ⇒ Object readonly

  Returns the value of attribute token_binding.

Instance Method Summary

• #create(challenge: fake_challenge, rp_id: nil, user_present: true, user_verified: false, backup_eligibility: false, backup_state: false, attested_credential_data: true, extensions: nil) ⇒ Object
• #get(challenge: fake_challenge, rp_id: nil, user_present: true, user_verified: false, backup_eligibility: false, backup_state: true, sign_count: nil, extensions: nil, user_handle: nil, allow_credentials: nil) ⇒ Object
• #initialize(origin = fake_origin, token_binding: nil, authenticator: WebAuthn::FakeAuthenticator.new, encoding: WebAuthn.configuration.encoding) ⇒ FakeClient constructor

  A new instance of FakeClient.

Constructor Details

#initialize(origin = fake_origin, token_binding: nil, authenticator: WebAuthn::FakeAuthenticator.new, encoding: WebAuthn.configuration.encoding) ⇒ FakeClient

Returns a new instance of FakeClient.

# File 'lib/webauthn/fake_client.rb', line 15

def initialize(
  origin = fake_origin,
  token_binding: nil,
  authenticator: WebAuthn::FakeAuthenticator.new,
  encoding: WebAuthn.configuration.encoding
)
  @origin = origin
  @token_binding = token_binding
  @authenticator = authenticator
  @encoding = encoding
end

Instance Attribute Details

#encoding ⇒ Object (readonly)

Returns the value of attribute encoding.

# File 'lib/webauthn/fake_client.rb', line 13

def encoding
  @encoding
end

#origin ⇒ Object (readonly)

Returns the value of attribute origin.

# File 'lib/webauthn/fake_client.rb', line 13

def origin
  @origin
end

#token_binding ⇒ Object (readonly)

Returns the value of attribute token_binding.

# File 'lib/webauthn/fake_client.rb', line 13

def token_binding
  @token_binding
end

Instance Method Details

#create(challenge: fake_challenge, rp_id: nil, user_present: true, user_verified: false, backup_eligibility: false, backup_state: false, attested_credential_data: true, extensions: nil) ⇒ Object

# File 'lib/webauthn/fake_client.rb', line 27

def create(
  challenge: fake_challenge,
  rp_id: nil,
  user_present: true,
  user_verified: false,
  backup_eligibility: false,
  backup_state: false,
  attested_credential_data: true,
  extensions: nil
)
  rp_id ||= URI.parse(origin).host

  client_data_json = data_json_for(:create, encoder.decode(challenge))
  client_data_hash = hashed(client_data_json)

  attestation_object = authenticator.make_credential(
    rp_id: rp_id,
    client_data_hash: client_data_hash,
    user_present: user_present,
    user_verified: user_verified,
    backup_eligibility: backup_eligibility,
    backup_state: backup_state,
    attested_credential_data: attested_credential_data,
    extensions: extensions
  )

  id =
    if attested_credential_data
      WebAuthn::AuthenticatorData
        .deserialize(CBOR.decode(attestation_object)["authData"])
        .attested_credential_data
        .id
    else
      "id-for-pk-without-attested-credential-data"
    end

  {
    "type" => "public-key",
    "id" => internal_encoder.encode(id),
    "rawId" => encoder.encode(id),
    "authenticatorAttachment" => 'platform',
    "clientExtensionResults" => extensions,
    "response" => {
      "attestationObject" => encoder.encode(attestation_object),
      "clientDataJSON" => encoder.encode(client_data_json)
    }
  }
end

#get(challenge: fake_challenge, rp_id: nil, user_present: true, user_verified: false, backup_eligibility: false, backup_state: true, sign_count: nil, extensions: nil, user_handle: nil, allow_credentials: nil) ⇒ Object

# File 'lib/webauthn/fake_client.rb', line 76

def get(challenge: fake_challenge,
        rp_id: nil,
        user_present: true,
        user_verified: false,
        backup_eligibility: false,
        backup_state: true,
        sign_count: nil,
        extensions: nil,
        user_handle: nil,
        allow_credentials: nil)
  rp_id ||= URI.parse(origin).host

  client_data_json = data_json_for(:get, encoder.decode(challenge))
  client_data_hash = hashed(client_data_json)

  if allow_credentials
    allow_credentials = allow_credentials.map { |credential| encoder.decode(credential) }
  end

  assertion = authenticator.get_assertion(
    rp_id: rp_id,
    client_data_hash: client_data_hash,
    user_present: user_present,
    user_verified: user_verified,
    backup_eligibility: backup_eligibility,
    backup_state: backup_state,
    sign_count: sign_count,
    extensions: extensions,
    allow_credentials: allow_credentials
  )

  {
    "type" => "public-key",
    "id" => internal_encoder.encode(assertion[:credential_id]),
    "rawId" => encoder.encode(assertion[:credential_id]),
    "clientExtensionResults" => extensions,
    "authenticatorAttachment" => 'platform',
    "response" => {
      "clientDataJSON" => encoder.encode(client_data_json),
      "authenticatorData" => encoder.encode(assertion[:authenticator_data]),
      "signature" => encoder.encode(assertion[:signature]),
      "userHandle" => user_handle ? encoder.encode(user_handle) : nil
    }
  }
end