passkey_authenticator/
ctap2.rs

1//! Ctap 2.0 Authenticator API
2//!
3//! This module defines the [`Ctap2Api`] trait which is sealed to the [`Authenticator`] type and a
4//! future `RemoteAuthenticator` type wich will implement the different transports.
5//!
6//! <https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#authenticator-api>
7
8use passkey_types::ctap2::{StatusCode, get_assertion, get_info, make_credential};
9
10use crate::{Authenticator, CredentialStore, UserValidationMethod};
11
12mod sealed {
13    use crate::{Authenticator, CredentialStore, UserValidationMethod};
14
15    pub trait Sealed {}
16
17    impl<S: CredentialStore, U: UserValidationMethod> Sealed for Authenticator<S, U> {}
18}
19
20/// Methods defined as being required for a [CTAP 2.0] compliant authenticator to implement.
21///
22/// This trait is sealed to prevent missuse and to prevent incorrect implementations in the wild.
23/// If you need to define an authenticator please use the [`Authenticator`] struct which provides
24/// the necessary generics to customize storage and UI interactions.
25///
26/// These methods are provided as traits in order to have a remotely connected authenticators through
27/// the different transports defined in [CTAP 2.0].
28///
29/// [CTAP 2.0]: https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html
30#[async_trait::async_trait]
31pub trait Ctap2Api: sealed::Sealed {
32    /// Request to get the information of the authenticator and see what it supports.
33    async fn get_info(&self) -> Box<get_info::Response>;
34
35    /// Request to create and save a new credential in the authenticator.
36    async fn make_credential(
37        &mut self,
38        request: make_credential::Request,
39    ) -> Result<make_credential::Response, StatusCode>;
40
41    /// Request to assert a user's existing credential that might exist in the authenticator.
42    async fn get_assertion(
43        &mut self,
44        request: get_assertion::Request,
45    ) -> Result<get_assertion::Response, StatusCode>;
46}
47
48#[async_trait::async_trait]
49impl<S, U> Ctap2Api for Authenticator<S, U>
50where
51    S: CredentialStore + Sync + Send,
52    U: UserValidationMethod<PasskeyItem = <S as CredentialStore>::PasskeyItem> + Sync + Send,
53{
54    async fn get_info(&self) -> Box<get_info::Response> {
55        Authenticator::get_info(self).await
56    }
57
58    async fn make_credential(
59        &mut self,
60        request: make_credential::Request,
61    ) -> Result<make_credential::Response, StatusCode> {
62        Authenticator::make_credential(self, request).await
63    }
64
65    async fn get_assertion(
66        &mut self,
67        request: get_assertion::Request,
68    ) -> Result<get_assertion::Response, StatusCode> {
69        Authenticator::get_assertion(self, request).await
70    }
71}