Class: Unmagic::Passkeys::WebAuthn::Authenticator::AssertionResponse

Inherits:

Response

• Object
• Response
• Unmagic::Passkeys::WebAuthn::Authenticator::AssertionResponse

Defined in:

lib/unmagic/passkeys/web_authn/authenticator/assertion_response.rb

Overview

Action Pack WebAuthn Assertion Response

Handles the authenticator response from a WebAuthn authentication ceremony. When a user authenticates with an existing credential, the authenticator returns an assertion response containing a signature that proves possession of the private key.

Usage

# Look up the credential by ID
credential = user.credentials.find_by!(
  credential_id: params[:id]
)

response = Unmagic::Passkeys::WebAuthn::Authenticator::AssertionResponse.new(
  client_data_json: params[:response][:clientDataJSON],
  authenticator_data: params[:response][:authenticatorData],
  signature: params[:response][:signature],
  credential: credential.to_public_key_credential,
  origin: "https://example.com"
)

response.validate!

Validation

In addition to the base Response validations, this class verifies:

• The client data type is “webauthn.get”

• The signature is valid for the credential’s public key

Instance Attribute Summary

• #authenticator_data ⇒ Object readonly

  Returns the value of attribute authenticator_data.

• #credential ⇒ Object readonly

  Returns the value of attribute credential.

• #signature ⇒ Object readonly

  Returns the value of attribute signature.

Attributes inherited from Response

#client_data_json, #origin, #user_verification

Instance Method Summary

• #initialize(credential:, authenticator_data:, signature:, **attributes) ⇒ AssertionResponse constructor

  A new instance of AssertionResponse.

Methods inherited from Response

#client_data, #relying_party, #validate!

Constructor Details

#initialize(credential:, authenticator_data:, signature:, **attributes) ⇒ AssertionResponse

Returns a new instance of AssertionResponse.

# File 'lib/unmagic/passkeys/web_authn/authenticator/assertion_response.rb', line 39

def initialize(credential:, authenticator_data:, signature:, **attributes)
  super(**attributes)
  @credential = credential
  @signature = signature
  @signature = Base64.urlsafe_decode64(@signature) unless @signature.encoding == Encoding::BINARY
  @authenticator_data = Unmagic::Passkeys::WebAuthn::Authenticator::Data.wrap(authenticator_data)
rescue ArgumentError
  raise Unmagic::Passkeys::WebAuthn::InvalidResponseError, "Invalid base64 encoding in signature"
end

Instance Attribute Details

#authenticator_data ⇒ Object (readonly)

Returns the value of attribute authenticator_data.

# File 'lib/unmagic/passkeys/web_authn/authenticator/assertion_response.rb', line 33

def authenticator_data
  @authenticator_data
end

#credential ⇒ Object (readonly)

Returns the value of attribute credential.

# File 'lib/unmagic/passkeys/web_authn/authenticator/assertion_response.rb', line 33

def credential
  @credential
end

#signature ⇒ Object (readonly)

Returns the value of attribute signature.

# File 'lib/unmagic/passkeys/web_authn/authenticator/assertion_response.rb', line 33

def signature
  @signature
end