Struct webauthn_rs::ephemeral::WebauthnEphemeralConfig

pub struct WebauthnEphemeralConfig { /* fields omitted */ }

An implementation of an Ephemeral (in-memory) webauthn configuration provider This stores all challenges and credentials in memory - IE they are lost on service restart. It's only really useful for demo-sites, testing and as an example/reference implementation of the WebauthnConfig trait.

IMPORTANT: DO NOT USE THIS IN PRODUCTION. YOU MUST IMPLEMENT YOUR OWN STRUCT DERIVING WebauthnConfig!!! This structure WILL be removed in a future release!

By default this implementation advertises support for all possible authenticators EVEN if they are NOT supported. This to is aid in test vector collection.

Implementations

impl WebauthnEphemeralConfig

pub fn new(
    rp_name: &str,
    rp_origin: &str,
    rp_id: &str,
    attachment: Option<AuthenticatorAttachment>
) -> Self

Create a new Webauthn Ephemeral instance. This requires a provided relying party name, origin and id. See the trait documentation for more detail on relying party name, origin and id.

Trait Implementations

impl Debug for WebauthnEphemeralConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl WebauthnConfig for WebauthnEphemeralConfig

fn get_relying_party_name(&self) -> String

Returns the relying party name. See the trait documentation for more.

fn get_relying_party_id(&self) -> String

Returns the relying party id. See the trait documentation for more.

fn get_origin(&self) -> &String

Retrieve the relying party origin. See the trait documentation for more.

fn get_authenticator_attachment(&self) -> Option<AuthenticatorAttachment>

Retrieve the authenticator attachment hint. See the trait documentation for more.

fn get_attestation_preference(&self) -> AttestationConveyancePreference

Retrieve the authenticator attestation preference. See the trait documentation for more.

fn get_credential_algorithms(&self) -> Vec<COSEContentType>

Retrieve the list of support algorithms.

WARNING: This returns all possible algorithms, not just SUPPORTED ones. This is so that

fn get_authenticator_timeout(&self) -> u32

Return a timeout on how long the authenticator has to respond to a challenge. This value defaults to 6000 milliseconds. You likely won't need to implement this function, and should rely on the defaults.

fn get_require_resident_key(&self) -> bool

Get the site policy on if the registration should use a resident key so that username and other details can be embedded into the authenticator to allow bypassing that part of the interaction flow.

fn get_extensions(&self) -> Option<BTreeMap<String, String>>

Return a list of site-requested extensions to be sent to Authenticators during registration and authentication. Currently this is not implemented. Please see: https://github.com/Firstyear/webauthn-rs/issues/8 https://w3c.github.io/webauthn/#extensions

fn policy_verify_trust(&self, at: AttestationType) -> Result<Credential, ()>

A callback to allow trust decisions to be made over the attestation of the credential. It's important for your implementation of this callback to follow the advice of the w3c standard, notably: