koesie10 / webauthn Goto Github PK
View Code? Open in Web Editor NEWGo package for easy WebAuthn integration
License: MIT License
Go package for easy WebAuthn integration
License: MIT License
When I was trying to register with Windows Hello, I got the following error:
then I added these code:
{
Type: protocol.PublicKeyCredentialTypePublicKey,
Algorithm: protocol.RS256,
},
in PubKeyCredParams
:
webauthn/webauthn/registration.go
Lines 38 to 43 in 8626f96
Then the error disappeared, but I got an error while finishing the registration (running WebAuthn.ParseAndFinishRegistration()
) at line 132:
webauthn/protocol/attestation.go
Lines 122 to 148 in 8626f96
the a.Fmt
was none
.
When I added the code after line 131, in the if statement:
fmt.Println(a)
I got:
{none {[73 150 13 229 136 14 140 104 116 52 23 15 100 118 96 91 143 228 174 185 162 134 50 199 153 92 243 186 131 29 151 99] 69 0 {[8 152 112 88 202 220 75 129 182 225 48 222 80 220 190 150] [128 130 138 131 9 189 56 216 26 246 190 158 248 45 191 164 84 166 213 131 62 181 18 46 113 12 28 137 121 0 109 91] 0xc000591f20} [73 150 13 229 136 14 140 104 116 52 23 15 100 118 96 91 143 228 174 185 162 134 50 199 153 92 243 186 131 29 151 99 69 0 0 0 0 8 152 112 88 202 220 75 129 182 225 48 222 80 220 190 150 0 32 128 130 138 131 9 189 56 216 26 246 190 158 248 45 191 164 84 166 213 131 62 181 18 46 113 12 28 137 121 0 109 91 165 1 2 3 38 32 1 33 88 32 217 145 48 116 108 253 35 25 94 92 211 105 11 171 14 210 166 187 234 244 11 98 139 121 164 113 221 85 67 162 231 185 34 88 32 247 33 217 249 92 143 250 186 2 86 77 210 126 150 173 2 255 141 59 201 39 82 166 104 190 125 179 18 199 101 148 97]} map[]}
Chrome 121.0.6167.86.
Update: Same problem on Firefox 116.0.3 (64 bit)
I have a question about the definition of id
in GetAuthenticator (
Line 28 in 8626f96
Should this not state WebAuthCredentialID
is the reference ID ? Since (I assume) Authenticator.WebAuthID
is inherently the same as User.WebAuthID
and thus by definition using WebAuthID
be expected to return multiple authenticators (i.e. behavior of GetAuthenticators(user User)
and the only way to retrieve one authenticator would be using WebAuthCredentialID
.
Hi,
This issue was previously submitted on webauthn-demo repo. i think it is more relevant to be issued here
When trying this demo via touch id on macbook, I got this error:
Failed to register: Error: Bad Request
Debugging on registration.go: line 128
showing:
unsupported format self attestation
I believe it requires packed + self (surrogate) attestation
for this. There's article for the implementation by Ackermann Yuriy here
what's missing?
Hi! Thanks for making github.com/koesie10/webauthn
.
Currently, the only reason to depend on gopkg.in/square/go-jose.v2
is to support Android SafetyNet Attestation Statements. Since some folks don't care about attestation, would you be open to moving the code for attestation formats (attestation_android_safetynet.go
, attestation_fido.go
, and attestation_packed.go
) to a separate package? People who want attestation support could import this package from package main
with a blank identifier (similar to how SQL drivers are registered). Then the people who don't want attestation wouldn't need dependencies like gopkg.in/square/go-jose.v2
.
webauthn/protocol/assertion.go
Lines 111 to 114 in 0adb1b7
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.