2022-01-14 18:03:31 +03:00
// Copyright 2021 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2022-01-14 18:03:31 +03:00
package webauthn
import (
2024-11-26 19:04:17 +03:00
"context"
2022-01-14 18:03:31 +03:00
"encoding/binary"
"encoding/gob"
"code.gitea.io/gitea/models/auth"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/setting"
2024-11-26 19:04:17 +03:00
"code.gitea.io/gitea/modules/util"
2022-01-14 18:03:31 +03:00
2023-01-12 05:51:00 +03:00
"github.com/go-webauthn/webauthn/protocol"
"github.com/go-webauthn/webauthn/webauthn"
2022-01-14 18:03:31 +03:00
)
2022-01-20 20:46:10 +03:00
// WebAuthn represents the global WebAuthn instance
2022-01-14 18:03:31 +03:00
var WebAuthn * webauthn . WebAuthn
2022-01-20 20:46:10 +03:00
// Init initializes the WebAuthn instance from the config.
2022-01-14 18:03:31 +03:00
func Init ( ) {
gob . Register ( & webauthn . SessionData { } )
2023-01-12 05:51:00 +03:00
appURL , _ := protocol . FullyQualifiedOrigin ( setting . AppURL )
2022-01-14 18:03:31 +03:00
WebAuthn = & webauthn . WebAuthn {
Config : & webauthn . Config {
RPDisplayName : setting . AppName ,
RPID : setting . Domain ,
2023-02-01 10:24:10 +03:00
RPOrigins : [ ] string { appURL } ,
2022-01-14 18:03:31 +03:00
AuthenticatorSelection : protocol . AuthenticatorSelection {
2024-06-30 01:50:03 +03:00
UserVerification : protocol . VerificationDiscouraged ,
2022-01-14 18:03:31 +03:00
} ,
AttestationPreference : protocol . PreferDirectAttestation ,
} ,
}
}
2024-11-26 19:04:17 +03:00
// user represents an implementation of webauthn.User based on User model
type user struct {
ctx context . Context
User * user_model . User
defaultAuthFlags protocol . AuthenticatorFlags
}
var _ webauthn . User = ( * user ) ( nil )
func NewWebAuthnUser ( ctx context . Context , u * user_model . User , defaultAuthFlags ... protocol . AuthenticatorFlags ) webauthn . User {
return & user { ctx : ctx , User : u , defaultAuthFlags : util . OptionalArg ( defaultAuthFlags ) }
}
2022-01-14 18:03:31 +03:00
2022-01-20 20:46:10 +03:00
// WebAuthnID implements the webauthn.User interface
2024-11-26 19:04:17 +03:00
func ( u * user ) WebAuthnID ( ) [ ] byte {
2022-01-14 18:03:31 +03:00
id := make ( [ ] byte , 8 )
2024-11-26 19:04:17 +03:00
binary . PutVarint ( id , u . User . ID )
2022-01-14 18:03:31 +03:00
return id
}
2022-01-20 20:46:10 +03:00
// WebAuthnName implements the webauthn.User interface
2024-11-26 19:04:17 +03:00
func ( u * user ) WebAuthnName ( ) string {
return util . IfZero ( u . User . LoginName , u . User . Name )
2022-01-14 18:03:31 +03:00
}
2022-01-20 20:46:10 +03:00
// WebAuthnDisplayName implements the webauthn.User interface
2024-11-26 19:04:17 +03:00
func ( u * user ) WebAuthnDisplayName ( ) string {
return u . User . DisplayName ( )
2022-01-14 18:03:31 +03:00
}
2024-06-30 01:50:03 +03:00
// WebAuthnCredentials implements the webauthn.User interface
2024-11-26 19:04:17 +03:00
func ( u * user ) WebAuthnCredentials ( ) [ ] webauthn . Credential {
dbCreds , err := auth . GetWebAuthnCredentialsByUID ( u . ctx , u . User . ID )
2022-01-14 18:03:31 +03:00
if err != nil {
return nil
}
2024-11-26 19:04:17 +03:00
return dbCreds . ToCredentials ( u . defaultAuthFlags )
2022-01-14 18:03:31 +03:00
}