Class: Booth::Userland::Sessions::Transitions::Destroy::WebauthAuthenticationVerification

Inherits:

Object

• Object
• Booth::Userland::Sessions::Transitions::Destroy::WebauthAuthenticationVerification

Includes:

Concerns::Transition

Defined in:

lib/booth/userland/sessions/transitions/destroy/webauth_authentication_verification.rb

Class Method Summary

• .applicable?(params:) ⇒ Boolean

Instance Method Summary

• #call ⇒ Object
• #do_check_webauth ⇒ Object
• #do_find_challenge ⇒ Object

  Helpers.

• #session_id_param ⇒ Object

Class Method Details

.applicable?(params:) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/booth/userland/sessions/transitions/destroy/webauth_authentication_verification.rb', line 11

def self.applicable?(params:)
  params[:webauth] && params[:handshake]&.key?(:type)
end

Instance Method Details

#call ⇒ Object

# File 'lib/booth/userland/sessions/transitions/destroy/webauth_authentication_verification.rb', line 15

def call
  do_find_challenge
    .on_success { do_check_webauth }
end

#do_check_webauth ⇒ Object

# File 'lib/booth/userland/sessions/transitions/destroy/webauth_authentication_verification.rb', line 29

def do_check_webauth
  verification = ::Booth::Core::Webauth::AuthenticationVerification.call(
    request:,
    credential_id: authentication.credential_id,
    challenge: sudo.webauthn_challenge
  )
  return verification if verification.failure?

  if session_id_param
    ::Booth::Core::Sessions::Revoke.call credential_id: authentication.credential_id,
                                   session_id: session_id_param
  else
    ::Booth::Core::Sessions::RevokeAllOthers.call credential_id: authentication.credential_id,
                                            surviving_session_id: authentication.session_id
  end

  Tron.success :session_revocation_successful, public_json: {},
                                               http_status: :created
end

#do_find_challenge ⇒ Object

Helpers

# File 'lib/booth/userland/sessions/transitions/destroy/webauth_authentication_verification.rb', line 22

def do_find_challenge
  return Tron.success :challenge_ongoing if sudo.webauthn_challenge.present?

  log { 'There is no corresponding challenge in the session' }
  Tron.failure :no_session_challenge, public_json: {}, http_status: :unprocessable_entity
end

#session_id_param ⇒ Object

# File 'lib/booth/userland/sessions/transitions/destroy/webauth_authentication_verification.rb', line 49

def session_id_param
  # If params[:id] is a UUID, then it's an ID for a `Booth::Models::Session` in the DB.
  # If params[:id] is something else, then it's just a WebAuth Ceremony argument.
  ::Booth::Syntaxes::Uuid.call(request.params[:id], raise_if_invalid: false).uuid
end