Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add JSON struct tags to Credential #197

Merged
merged 1 commit into from
Dec 20, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions webauthn/authenticator.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,22 +7,22 @@ import (
type Authenticator struct {
// The AAGUID of the authenticator. An AAGUID is defined as an array containing the globally unique
// identifier of the authenticator model being sought.
AAGUID []byte
AAGUID []byte `json:"AAGUID"`

// SignCount -Upon a new login operation, the Relying Party compares the stored signature counter value
// with the new signCount value returned in the assertion’s authenticator data. If this new
// signCount value is less than or equal to the stored value, a cloned authenticator may
// exist, or the authenticator may be malfunctioning.
SignCount uint32
SignCount uint32 `json:"signCount"`

// CloneWarning - This is a signal that the authenticator may be cloned, i.e. at least two copies of the
// credential private key may exist and are being used in parallel. Relying Parties should incorporate
// this information into their risk scoring. Whether the Relying Party updates the stored signature
// counter value in this case, or not, or fails the authentication ceremony or not, is Relying Party-specific.
CloneWarning bool
CloneWarning bool `json:"cloneWarning"`

// Attachment is the authenticatorAttachment value returned by the request.
Attachment protocol.AuthenticatorAttachment
Attachment protocol.AuthenticatorAttachment `json:"attachment"`
}

// SelectAuthenticator allow for easy marshaling of authenticator options that are provided to the user.
Expand Down
20 changes: 10 additions & 10 deletions webauthn/credential.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,40 +7,40 @@ import (
// Credential contains all needed information about a WebAuthn credential for storage.
type Credential struct {
// A probabilistically-unique byte sequence identifying a public key credential source and its authentication assertions.
ID []byte
ID []byte `json:"id"`

// The public key portion of a Relying Party-specific credential key pair, generated by an authenticator and returned to
// a Relying Party at registration time (see also public key credential). The private key portion of the credential key
// pair is known as the credential private key. Note that in the case of self attestation, the credential key pair is also
// used as the attestation key pair, see self attestation for details.
PublicKey []byte
PublicKey []byte `json:"publicKey"`

// The attestation format used (if any) by the authenticator when creating the credential.
AttestationType string
AttestationType string `json:"attestationType"`

// The transport types the authenticator supports.
Transport []protocol.AuthenticatorTransport
Transport []protocol.AuthenticatorTransport `json:"transport"`

// The commonly stored flags.
Flags CredentialFlags
Flags CredentialFlags `json:"flags"`

// The Authenticator information for a given certificate.
Authenticator Authenticator
Authenticator Authenticator `json:"authenticator"`
}

type CredentialFlags struct {
// Flag UP indicates the users presence.
UserPresent bool
UserPresent bool `json:"userPresent"`

// Flag UV indicates the user performed verification.
UserVerified bool
UserVerified bool `json:"userVerified"`

// Flag BE indicates the credential is able to be backed up and/or sync'd between devices. This should NEVER change.
BackupEligible bool
BackupEligible bool `json:"backupEligible"`

// Flag BS indicates the credential has been backed up and/or sync'd. This value can change but it's recommended
// that RP's keep track of this value.
BackupState bool
BackupState bool `json:"backupState"`
}

// Descriptor converts a Credential into a protocol.CredentialDescriptor.
Expand Down