Comments (8)
Currently you can add a new pipe to the ceremony pipeline to capture the challenge and re-save it with your own Bytestream. Challenge validation shouldn't be affected.
Since the 3.x allows to have a custom Challenge Repository, you may modify the challenge byte stream with a document hash for the given user.
If you care about determinism, you can encrypt the document hash with the app key, which always returns a different encrypted, but large, string.
I personally think this scenario is very niche and not mainstream, so I'll leave that as-is. I honestly think most users will want to use a Passkey on their devices without without limitations.
Securer apps will want to create their own ceremony workflows, which escapes this library purpose, even if it can be used as a basis for such implementation.
from webauthn.
Buuuuuuuuuut... in 2.x this can be easily implemented in my end by just simply checking if the Challenge exist and not replace it if found.
from webauthn.
Ok thanks for the suggestion.
from webauthn.
In the end the solution I found most convenient (in v3.x) is to replace the Assertion\Creator\Pipes\CreateAssertionChallenge
pipe with a custom one by binding it to the provider and extending Assertion\Creator\AssertionCreation
class with custom data (in this way I avoid unnecessary push/pull on the challenge repository).
from webauthn.
I see... I'll make a PR there to use an existing challenge, and add data to the challenge in a separate line. This way you don't need override pipes since these can change between minor or patch versions.
from webauthn.
Ok I understand, thanks! If you don't find a comfortable or linear solution, don't worry.
from webauthn.
Try the latest commit to 3.x
from webauthn.
Perfect, it works and simplifies the objective of the topic, thanks again.
from webauthn.
Related Issues (20)
- E-Mail not really required for login HOT 1
- [1.2.1] Custom Relying Party Id does not pass CheckRelyingPartyIdContained pipe HOT 4
- [1.2.1] userHandle is null on webauthn.ts HOT 2
- [1.2] Configuration options for WebAuthn data properties HOT 5
- [1.2] SQLSTATE[01000]: Warning: 1265 Data truncated for column 'authenticatable_id' at row 1 HOT 2
- [1.2] Unable to Login HOT 1
- [1.2] Incompatibility with User ID that uses ULID. HOT 2
- Assertion Error: User ID is not owner of the stored credential. Login Error HOT 3
- [1.2] Attestation Error: ByteBuffer: Invalid offset or length.
- Head's up, I'm hands full
- [1.x] Fails to register yubikey (or platform authenticator) when using @simplewebauthn/browser HOT 2
- [2.x] Migration throws access violation: 1059 Identifier name is too long
- [3.x] Stateless behavior HOT 23
- Attestation Error: Challenge does not exist. HOT 4
- [3.x] Native Android and iOS implementation integration support HOT 2
- [3.x] iCloud (TouchID) userHandle is without dash HOT 1
- [3.x] Add support for CarbonImmutable
- [3.x] Set in the session which device is used for login HOT 1
- [2.x] Column not found: 1054 Unknown column 'rawId' in 'where clause' HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from webauthn.