1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107
//! An implementation of an Ephemeral (in-memory) webauthn configuration provider
//! This stores all challenges and credentials in memory - IE they are lost on
//! service restart. It's only really useful for demo-sites, testing and as an
//! example/reference implementation of the WebauthnConfig trait.
//!
//! IMPORTANT: DO NOT USE THIS IN PRODUCTION. YOU MUST IMPLEMENT YOUR OWN STRUCT
//! DERIVING `WebauthnConfig`!!! This structure WILL be removed in a future release!
//!
//! By default this implementation advertises support for all possible authenticators
//! EVEN if they are NOT supported. This to is aid in test vector collection.
use crate::proto::AttestationConveyancePreference;
use crate::proto::AuthenticatorAttachment;
use crate::proto::COSEAlgorithm;
use crate::WebauthnConfig;
/// An implementation of an Ephemeral (in-memory) webauthn configuration provider
/// This stores all challenges and credentials in memory - IE they are lost on
/// service restart. It's only really useful for demo-sites, testing and as an
/// example/reference implementation of the WebauthnConfig trait.
///
/// IMPORTANT: DO NOT USE THIS IN PRODUCTION. YOU MUST IMPLEMENT YOUR OWN STRUCT
/// DERIVING `WebauthnConfig`!!! This structure WILL be removed in a future release!
///
/// By default this implementation advertises support for all possible authenticators
/// EVEN if they are NOT supported. This is to aid in test vector collection.
pub struct WebauthnEphemeralConfig {
rp_name: String,
rp_id: String,
rp_origin: String,
attachment: Option<AuthenticatorAttachment>,
}
impl std::fmt::Debug for WebauthnEphemeralConfig {
fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
write!(
f,
"WebauthnEphemeralConfig{{ rp_name: {:?}, rp_id: {:?}, rp_origin: {:?} }}",
self.rp_name, self.rp_id, self.rp_origin
)
}
}
impl WebauthnConfig for WebauthnEphemeralConfig {
/// Returns the relying party name. See the trait documentation for more.
fn get_relying_party_name(&self) -> &str {
&self.rp_name
}
/// Returns the relying party id. See the trait documentation for more.
fn get_relying_party_id(&self) -> &str {
&self.rp_id
}
/// Retrieve the relying party origin. See the trait documentation for more.
fn get_origin(&self) -> &str {
self.rp_origin.as_str()
}
/// Retrieve the authenticator attachment hint. See the trait documentation for more.
fn get_authenticator_attachment(&self) -> Option<AuthenticatorAttachment> {
self.attachment
}
/// Retrieve the authenticator attestation preference. See the trait documentation for more.
fn get_attestation_preference(&self) -> AttestationConveyancePreference {
AttestationConveyancePreference::Direct
}
/// Retrieve the list of support algorithms.
///
/// WARNING: This returns *all* possible algorithms, not just SUPPORTED ones. This
/// is so that
fn get_credential_algorithms(&self) -> Vec<COSEAlgorithm> {
vec![
COSEAlgorithm::ES256,
COSEAlgorithm::ES384,
COSEAlgorithm::ES512,
COSEAlgorithm::RS256,
COSEAlgorithm::RS384,
COSEAlgorithm::RS512,
COSEAlgorithm::PS256,
COSEAlgorithm::PS384,
COSEAlgorithm::PS512,
COSEAlgorithm::EDDSA,
]
}
}
impl WebauthnEphemeralConfig {
/// Create a new Webauthn Ephemeral instance. This requires a provided relying party
/// name, origin and id. See the trait documentation for more detail on relying party
/// name, origin and id.
pub fn new(
rp_name: &str,
rp_origin: &str,
rp_id: &str,
attachment: Option<AuthenticatorAttachment>,
) -> Self {
WebauthnEphemeralConfig {
rp_name: rp_name.to_string(),
rp_id: rp_id.to_string(),
rp_origin: rp_origin.to_string(),
attachment,
}
}
}