Module: Unmagic::Passkeys::WebAuthn

Defined in:: lib/unmagic/passkeys/web_authn.rb

Overview

Action Pack WebAuthn

Provides a pure-Ruby implementation of the WebAuthn (Web Authentication) specification for passkey registration and authentication. This module is the top-level namespace for all WebAuthn components and provides shared utilities used across ceremonies.

Components

Unmagic::Passkeys::WebAuthn::RelyingParty: Identifies your application to authenticators.
Unmagic::Passkeys::WebAuthn::PublicKeyCredential: Orchestrates registration and authentication ceremonies.
Unmagic::Passkeys::WebAuthn::Authenticator: Parses and validates authenticator responses.
Unmagic::Passkeys::WebAuthn::CborDecoder: Decodes CBOR-encoded data from authenticators.
Unmagic::Passkeys::WebAuthn::CoseKey: Parses COSE public keys into OpenSSL key objects.

Extending Attestation Formats

By default only the “none” attestation format is supported. Register additional verifiers with:

Unmagic::Passkeys::WebAuthn.register_attestation_verifier("packed", MyPackedVerifier.new)

Defined Under Namespace

Modules: Authenticator Classes: CborDecoder, CoseKey, Current, InvalidCborError, InvalidKeyError, InvalidOptionsError, InvalidResponseError, PublicKeyCredential, RelyingParty, UnsupportedKeyTypeError

Class Method Summary collapse

.attestation_verifiers ⇒ Object

Returns the registry of attestation format verifiers, keyed by format string (e.g., “none”, “packed”).
.challenge_verifier ⇒ Object

Returns the MessageVerifier used to sign and verify WebAuthn challenges.
.register_attestation_verifier(format, verifier) ⇒ Object

Registers a custom attestation verifier for the given format.
.relying_party ⇒ Object

Returns a new RelyingParty configured from the current request context.

Class Method Details

.attestation_verifiers ⇒ `Object`

Returns the registry of attestation format verifiers, keyed by format string (e.g., “none”, “packed”). Only “none” is registered by default.

# File 'lib/unmagic/passkeys/web_authn.rb', line 52

def attestation_verifiers
  @attestation_verifiers ||= {
    "none" => Authenticator::AttestationVerifiers::None.new
  }
end

.challenge_verifier ⇒ `Object`

Returns the MessageVerifier used to sign and verify WebAuthn challenges.



46
47
48

# File 'lib/unmagic/passkeys/web_authn.rb', line 46

def challenge_verifier
  Rails.application.message_verifier("action_pack.webauthn.challenge")
end

.register_attestation_verifier(format, verifier) ⇒ `Object`

Registers a custom attestation verifier for the given format. The verifier must respond to verify!(attestation, client_data_json:).



60
61
62

# File 'lib/unmagic/passkeys/web_authn.rb', line 60

def register_attestation_verifier(format, verifier)
  attestation_verifiers[format.to_s] = verifier
end

.relying_party ⇒ `Object`

Returns a new RelyingParty configured from the current request context.



41
42
43

# File 'lib/unmagic/passkeys/web_authn.rb', line 41

def relying_party
  RelyingParty.new
end