Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: supporting android and ios rp origins #121

Conversation

TomerDavid-Transmit
Copy link
Contributor

@TomerDavid-Transmit TomerDavid-Transmit commented Apr 3, 2023

While using the lib, I noticed that the rpOrigin, as returned by the android native fido2 client attestation response, is considered invalid.
Made this change for the lib to support android FacetIDs as origins.
In depth explanation: https://fidoalliance.org/specs/uaf-v1.0-id-20141122/fido-appid-and-facets-v1.0-id-20141122.html#the-appid-and-facetid-assertions
Also added support for the iOS FacetID prefix, as specified in the fido2 docs above.
Empirically, our experiments with native iOS clients resulted with https rp origins - so the docs might be outdated, but I added the FacetID support just in case.

@codecov-commenter
Copy link

codecov-commenter commented Apr 3, 2023

Codecov Report

Patch coverage: 100.00% and project coverage change: +0.01 🎉

Comparison is base (aef3754) 92.95% compared to head (f4af93d) 92.97%.

❗ Current head f4af93d differs from pull request most recent head 6497d56. Consider uploading reports for the commit 6497d56 to get more accurate results

📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

Additional details and impacted files
@@            Coverage Diff             @@
##           master     #121      +/-   ##
==========================================
+ Coverage   92.95%   92.97%   +0.01%     
==========================================
  Files          16       16              
  Lines        5992     6007      +15     
==========================================
+ Hits         5570     5585      +15     
  Misses        422      422              
Impacted Files Coverage Δ
lib/toolbox.js 90.46% <100.00%> (+0.40%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@JamesCullum
Copy link
Member

Hey @TomerDavid-Transmit thanks for the contribution! Are you trying to achieve the same thing as in #122 ?

@TomerDavid-Transmit
Copy link
Contributor Author

Hey @TomerDavid-Transmit thanks for the contribution! Are you trying to achieve the same thing as in #122 ?

@JamesCullum yes, except for the prefix I think we should look for. #122 searches android: and ios: as prefixes, and I think we should search for android:apk-key-hash: and ios:bundle-id: for specificity.
was just working on adding the iOS support + tests to this PR

@TomerDavid-Transmit TomerDavid-Transmit changed the title feat: supporting android rp origins feat: supporting android and ios rp origins Apr 9, 2023
@Rimmassukhovsky
Copy link

Very much needed addition!

Copy link
Contributor

@gaizeror gaizeror left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this contribution, was waiting for it for a long time!

@HananArgov
Copy link

looks like an encompassing code.
good one :)

@Hexagon
Copy link
Member

Hexagon commented Apr 10, 2023

LGTM 👍 This one is slightly more complete than #122

@JamesCullum 3.3.6 or 3.4.0? I think i vote for 3.3.6.

@Hexagon Hexagon self-requested a review April 10, 2023 19:38
@amoskle
Copy link

amoskle commented Apr 13, 2023

Nice change!

@JamesCullum
Copy link
Member

@Hexagon I think 3.4.0 would make more sense as new feature, as previously we didn't support it.

Will merge and do it - thanks!

@JamesCullum JamesCullum merged commit 8cca2de into webauthn-open-source:master Apr 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants