go/sonr
go/sonr
1
1
Fork 0
mirror of https://github.com/onsonr/sonr.git synced 2025-03-10 21:09:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
sonr/x/did/builder/service.go

104 lines
3.2 KiB
Go
Raw Normal View History

Squash merge develop into master
2024-09-14 14:27:45 -04:00
package builder
import (
"crypto/rand"
"strings"
"github.com/onsonr/sonr/x/did/types"
)
// ChallengeLength - Length of bytes to generate for a challenge.
const ChallengeLength = 32
// CreateChallenge creates a new challenge that should be signed and returned by the authenticator. The spec recommends
// using at least 16 bytes with 100 bits of entropy. We use 32 bytes.
func CreateChallenge() (challenge URLEncodedBase64, err error) {
challenge = make([]byte, ChallengeLength)
if _, err = rand.Read(challenge); err != nil {
return nil, err
}
return challenge, nil
}
type CredentialEntity struct {
// A human-palatable name for the entity. Its function depends on what the PublicKeyCredentialEntity represents:
//
// When inherited by PublicKeyCredentialRpEntity it is a human-palatable identifier for the Relying Party,
// intended only for display. For example, "ACME Corporation", "Wonderful Widgets, Inc." or "ОАО Примертех".
//
// When inherited by PublicKeyCredentialUserEntity, it is a human-palatable identifier for a user account. It is
// intended only for display, i.e., aiding the user in determining the difference between user accounts with similar
// displayNames. For example, "alexm", "alex.p.mueller@example.com" or "+14255551234".
Name string `json:"name"`
}
func NewCredentialEntity(name string) CredentialEntity {
return CredentialEntity{
Name: name,
}
}
type CredentialParameter struct {
Type CredentialType `json:"type"`
Algorithm types.COSEAlgorithmIdentifier `json:"alg"`
}
func NewCredentialParameter(ki *types.KeyInfo) CredentialParameter {
return CredentialParameter{
Type: CredentialTypePublicKeyCredential,
Algorithm: ki.Algorithm.CoseIdentifier(),
}
}
func ExtractCredentialParameters(p *types.Params) []CredentialParameter {
var keys []*types.KeyInfo
for k, v := range p.AllowedPublicKeys {
if strings.Contains(k, "webauthn") {
keys = append(keys, v)
}
}
var cparams []CredentialParameter
for _, ki := range keys {
cparams = append(cparams, NewCredentialParameter(ki))
}
return cparams
}
type RelyingPartyEntity struct {
CredentialEntity
// A unique identifier for the Relying Party entity, which sets the RP ID.
ID string `json:"id"`
}
func NewRelayingParty(name string, origin string) RelyingPartyEntity {
return RelyingPartyEntity{
CredentialEntity: NewCredentialEntity(origin),
ID: origin,
}
}
type UserEntity struct {
CredentialEntity
// A human-palatable name for the user account, intended only for display.
// For example, "Alex P. Müller" or "田中 倫". The Relying Party SHOULD let
// the user choose this, and SHOULD NOT restrict the choice more than necessary.
DisplayName string `json:"displayName"`
// ID is the user handle of the user account entity. To ensure secure operation,
// authentication and authorization decisions MUST be made on the basis of this id
// member, not the displayName nor name members. See Section 6.1 of
// [RFC8266](https://www.w3.org/TR/webauthn/#biblio-rfc8266).
ID any `json:"id"`
}
func NewUserEntity(name string, subject string, cid string) UserEntity {
return UserEntity{
CredentialEntity: NewCredentialEntity(name),
DisplayName: subject,
ID: cid,
}
}
Reference in New Issue Copy Permalink