From b7a40ac3d795e651231b8a81c4241b7f2a2852bf Mon Sep 17 00:00:00 2001 From: Prad Nukala Date: Sun, 8 Dec 2024 23:30:17 -0500 Subject: [PATCH] feat: remove username from passkey creation --- pkg/blocks/form/form.templ | 9 +- pkg/blocks/form/form_templ.go | 26 +++-- pkg/gateway/handlers/register_handler.go | 95 +------------------ pkg/gateway/internal/database/models.go | 13 ++- .../internal/pages/register/page.templ | 4 +- .../internal/pages/register/page_templ.go | 4 +- pkg/gateway/internal/session/db.go | 1 + 7 files changed, 31 insertions(+), 121 deletions(-) create mode 100644 pkg/gateway/internal/session/db.go diff --git a/pkg/blocks/form/form.templ b/pkg/blocks/form/form.templ index 8086d1290..7654ee1c0 100644 --- a/pkg/blocks/form/form.templ +++ b/pkg/blocks/form/form.templ @@ -51,7 +51,7 @@ templ CodeInput(id string) { } -script createPasskey(userId string, userHandle string, userName string, challenge string) { +script createPasskey(userId string, userHandle string, challenge string) { const publicKey = { challenge: Uint8Array.from(challenge, (c) => c.charCodeAt(0)), rp: { @@ -60,7 +60,7 @@ const publicKey = { user: { // Assuming that userId is ASCII-only id: Uint8Array.from(userId, (c) => c.charCodeAt(0)), - name: userName, + name: userId, displayName: userHandle, }, pubKeyCredParams: [ @@ -98,9 +98,8 @@ navigator.credentials } // Hidden input and button which calls a JavaScript function to generate a passkey -templ PasskeyInput(userId string, userHandle string, userName string, challenge string) { - @CredentialsScripts() - +templ PasskeyInput(userId string, userHandle string, challenge string) { + Create PassKey diff --git a/pkg/blocks/form/form_templ.go b/pkg/blocks/form/form_templ.go index 7b6ddc6e8..bd49fac95 100644 --- a/pkg/blocks/form/form_templ.go +++ b/pkg/blocks/form/form_templ.go @@ -215,10 +215,10 @@ func CodeInput(id string) templ.Component { }) } -func createPasskey(userId string, userHandle string, userName string, challenge string) templ.ComponentScript { +func createPasskey(userId string, userHandle string, challenge string) templ.ComponentScript { return templ.ComponentScript{ - Name: `__templ_createPasskey_9257`, - Function: `function __templ_createPasskey_9257(userId, userHandle, userName, challenge){const publicKey = { + Name: `__templ_createPasskey_9b69`, + Function: `function __templ_createPasskey_9b69(userId, userHandle, challenge){const publicKey = { challenge: Uint8Array.from(challenge, (c) => c.charCodeAt(0)), rp: { name: "Sonr.ID", @@ -226,7 +226,7 @@ func createPasskey(userId string, userHandle string, userName string, challenge user: { // Assuming that userId is ASCII-only id: Uint8Array.from(userId, (c) => c.charCodeAt(0)), - name: userName, + name: userId, displayName: userHandle, }, pubKeyCredParams: [ @@ -262,13 +262,13 @@ navigator.credentials // No acceptable authenticator or user refused consent. Handle appropriately. }); }`, - Call: templ.SafeScript(`__templ_createPasskey_9257`, userId, userHandle, userName, challenge), - CallInline: templ.SafeScriptInline(`__templ_createPasskey_9257`, userId, userHandle, userName, challenge), + Call: templ.SafeScript(`__templ_createPasskey_9b69`, userId, userHandle, challenge), + CallInline: templ.SafeScriptInline(`__templ_createPasskey_9b69`, userId, userHandle, challenge), } } // Hidden input and button which calls a JavaScript function to generate a passkey -func PasskeyInput(userId string, userHandle string, userName string, challenge string) templ.Component { +func PasskeyInput(userId string, userHandle string, challenge string) templ.Component { return templruntime.GeneratedTemplate(func(templ_7745c5c3_Input templruntime.GeneratedComponentInput) (templ_7745c5c3_Err error) { templ_7745c5c3_W, ctx := templ_7745c5c3_Input.Writer, templ_7745c5c3_Input.Context if templ_7745c5c3_CtxErr := ctx.Err(); templ_7745c5c3_CtxErr != nil { @@ -289,11 +289,7 @@ func PasskeyInput(userId string, userHandle string, userName string, challenge s templ_7745c5c3_Var10 = templ.NopComponent } ctx = templ.ClearChildren(ctx) - templ_7745c5c3_Err = CredentialsScripts().Render(ctx, templ_7745c5c3_Buffer) - if templ_7745c5c3_Err != nil { - return templ_7745c5c3_Err - } - templ_7745c5c3_Err = templ.RenderScriptItems(ctx, templ_7745c5c3_Buffer, createPasskey(userId, userHandle, userName, challenge)) + templ_7745c5c3_Err = templ.RenderScriptItems(ctx, templ_7745c5c3_Buffer, createPasskey(userId, userHandle, challenge)) if templ_7745c5c3_Err != nil { return templ_7745c5c3_Err } @@ -301,7 +297,7 @@ func PasskeyInput(userId string, userHandle string, userName string, challenge s if templ_7745c5c3_Err != nil { return templ_7745c5c3_Err } - var templ_7745c5c3_Var11 templ.ComponentScript = createPasskey(userId, userHandle, userName, challenge) + var templ_7745c5c3_Var11 templ.ComponentScript = createPasskey(userId, userHandle, challenge) _, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ_7745c5c3_Var11.Call) if templ_7745c5c3_Err != nil { return templ_7745c5c3_Err @@ -343,7 +339,7 @@ func TurnstileWidget(sitekey string) templ.Component { var templ_7745c5c3_Var13 string templ_7745c5c3_Var13, templ_7745c5c3_Err = templ.JoinStringErrs(sitekey) if templ_7745c5c3_Err != nil { - return templ.Error{Err: templ_7745c5c3_Err, FileName: `pkg/blocks/form/form.templ`, Line: 113, Col: 50} + return templ.Error{Err: templ_7745c5c3_Err, FileName: `pkg/blocks/form/form.templ`, Line: 112, Col: 50} } _, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var13)) if templ_7745c5c3_Err != nil { @@ -386,7 +382,7 @@ func Submit(text string) templ.Component { var templ_7745c5c3_Var15 string templ_7745c5c3_Var15, templ_7745c5c3_Err = templ.JoinStringErrs(text) if templ_7745c5c3_Err != nil { - return templ.Error{Err: templ_7745c5c3_Err, FileName: `pkg/blocks/form/form.templ`, Line: 119, Col: 8} + return templ.Error{Err: templ_7745c5c3_Err, FileName: `pkg/blocks/form/form.templ`, Line: 118, Col: 8} } _, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var15)) if templ_7745c5c3_Err != nil { diff --git a/pkg/gateway/handlers/register_handler.go b/pkg/gateway/handlers/register_handler.go index 5f5fad6a0..502622616 100644 --- a/pkg/gateway/handlers/register_handler.go +++ b/pkg/gateway/handlers/register_handler.go @@ -1,18 +1,14 @@ package handlers import ( - "fmt" "net/http" "github.com/go-webauthn/webauthn/protocol" - "github.com/go-webauthn/webauthn/protocol/webauthncose" "github.com/labstack/echo/v4" "github.com/onsonr/sonr/crypto/mpc" - "github.com/onsonr/sonr/pkg/common" "github.com/onsonr/sonr/pkg/common/response" "github.com/onsonr/sonr/pkg/gateway/config" "github.com/onsonr/sonr/pkg/gateway/internal/pages/register" - "github.com/onsonr/sonr/pkg/gateway/internal/session" ) func HandleRegisterView(env config.Env) echo.HandlerFunc { @@ -24,101 +20,16 @@ func HandleRegisterView(env config.Env) echo.HandlerFunc { func HandleRegisterStart(c echo.Context) error { challenge, _ := protocol.CreateChallenge() handle := c.FormValue("handle") - firstName := c.FormValue("first_name") - lastName := c.FormValue("last_name") - fullName := fmt.Sprintf("%s %s", firstName, lastName) + // firstName := c.FormValue("first_name") + // lastName := c.FormValue("last_name") ks, err := mpc.NewKeyset() if err != nil { return echo.NewHTTPError(http.StatusInternalServerError, err.Error()) } - return response.TemplEcho(c, register.LinkCredentialView(ks.Address(), handle, fullName, challenge.String())) + return response.TemplEcho(c, register.LinkCredentialView(ks.Address(), handle, challenge.String())) } func HandleRegisterFinish(c echo.Context) error { // cred := c.FormValue("credential") return response.TemplEcho(c, register.LoadingVaultView()) } - -// ╭───────────────────────────────────────────────────────────╮ -// │ Registration Components │ -// ╰───────────────────────────────────────────────────────────╯ - -func getLinkCredentialRequest(c echo.Context, addr string, handle string, userKSJSON string) register.LinkCredentialRequest { - cc, err := session.Get(c) - if err != nil { - return register.LinkCredentialRequest{ - Handle: handle, - Address: addr, - RegisterOptions: buildRegisterOptions(buildUserEntity(addr, handle), buildLargeBlob(userKSJSON), buildServiceEntity(c)), - } - } - data := cc.Session() - usr := buildUserEntity(addr, handle) - blob := buildLargeBlob(userKSJSON) - service := buildServiceEntity(c) - - return register.LinkCredentialRequest{ - Platform: data.BrowserName, - Handle: data.UserHandle, - DeviceModel: data.BrowserVersion, - Address: addr, - RegisterOptions: buildRegisterOptions(usr, blob, service), - } -} - -func buildRegisterOptions(user protocol.UserEntity, blob common.LargeBlob, service protocol.RelyingPartyEntity) protocol.PublicKeyCredentialCreationOptions { - return protocol.PublicKeyCredentialCreationOptions{ - Timeout: 10000, - Attestation: protocol.PreferDirectAttestation, - AuthenticatorSelection: protocol.AuthenticatorSelection{ - AuthenticatorAttachment: "platform", - ResidentKey: protocol.ResidentKeyRequirementPreferred, - UserVerification: "preferred", - }, - RelyingParty: service, - User: user, - Extensions: protocol.AuthenticationExtensions{ - "largeBlob": blob, - }, - Parameters: []protocol.CredentialParameter{ - { - Type: "public-key", - Algorithm: webauthncose.AlgES256, - }, - { - Type: "public-key", - Algorithm: webauthncose.AlgES256K, - }, - { - Type: "public-key", - Algorithm: webauthncose.AlgEdDSA, - }, - }, - } -} - -func buildLargeBlob(userKeyshareJSON string) common.LargeBlob { - return common.LargeBlob{ - Support: "required", - Write: userKeyshareJSON, - } -} - -func buildUserEntity(userAddress string, userHandle string) protocol.UserEntity { - return protocol.UserEntity{ - ID: userAddress, - DisplayName: userHandle, - CredentialEntity: protocol.CredentialEntity{ - Name: userAddress, - }, - } -} - -func buildServiceEntity(c echo.Context) protocol.RelyingPartyEntity { - return protocol.RelyingPartyEntity{ - CredentialEntity: protocol.CredentialEntity{ - Name: "Sonr.ID", - }, - ID: c.Request().Host, - } -} diff --git a/pkg/gateway/internal/database/models.go b/pkg/gateway/internal/database/models.go index 372934e98..22e837708 100644 --- a/pkg/gateway/internal/database/models.go +++ b/pkg/gateway/internal/database/models.go @@ -3,6 +3,7 @@ package database import ( "net/http" + "github.com/go-webauthn/webauthn/protocol" "github.com/labstack/echo/v4" "gorm.io/gorm" ) @@ -18,11 +19,11 @@ var ( type User struct { gorm.Model - Address string `json:"address"` - Handle string `json:"handle"` - FirstName string `json:"firstName"` - LastInitial string `json:"lastInitial"` - VaultCID string `json:"vaultCID"` + Address string `json:"address"` + Handle string `json:"handle"` + Name string `json:"name"` + CID string `json:"cid"` + Credentials []*protocol.CredentialDescriptor `json:"credentials"` } type Session struct { @@ -38,4 +39,6 @@ type Session struct { FirstName string `json:"firstName"` LastInitial string `json:"lastInitial"` VaultAddress string `json:"vaultAddress"` + HumanSum int `json:"humanSum"` + Challenge string `json:"challenge"` } diff --git a/pkg/gateway/internal/pages/register/page.templ b/pkg/gateway/internal/pages/register/page.templ index 08fbf8475..1a140fe7b 100644 --- a/pkg/gateway/internal/pages/register/page.templ +++ b/pkg/gateway/internal/pages/register/page.templ @@ -21,11 +21,11 @@ templ ProfileFormView(turnstileSiteKey string) { } } -templ LinkCredentialView(addr string, handle string, name string, challenge string) { +templ LinkCredentialView(addr string, handle string, challenge string) { @layout.Root("Register | Sonr.ID") { @layout.Container() { @text.Header("Link a PassKey", "This will be used to login to your vault.") - @form.Form("/register/finish", "POST", form.PasskeyInput(addr, handle, name, challenge), "65", false) { + @form.Form("/register/finish", "POST", form.PasskeyInput(addr, handle, challenge), "65", false) { @details.PropertyList() { @details.Property("Address", addr, "wallet") @details.Property("Handle", handle, "at-sign") diff --git a/pkg/gateway/internal/pages/register/page_templ.go b/pkg/gateway/internal/pages/register/page_templ.go index 9c0341477..a76a2397b 100644 --- a/pkg/gateway/internal/pages/register/page_templ.go +++ b/pkg/gateway/internal/pages/register/page_templ.go @@ -122,7 +122,7 @@ func ProfileFormView(turnstileSiteKey string) templ.Component { }) } -func LinkCredentialView(addr string, handle string, name string, challenge string) templ.Component { +func LinkCredentialView(addr string, handle string, challenge string) templ.Component { return templruntime.GeneratedTemplate(func(templ_7745c5c3_Input templruntime.GeneratedComponentInput) (templ_7745c5c3_Err error) { templ_7745c5c3_W, ctx := templ_7745c5c3_Input.Writer, templ_7745c5c3_Input.Context if templ_7745c5c3_CtxErr := ctx.Err(); templ_7745c5c3_CtxErr != nil { @@ -219,7 +219,7 @@ func LinkCredentialView(addr string, handle string, name string, challenge strin } return templ_7745c5c3_Err }) - templ_7745c5c3_Err = form.Form("/register/finish", "POST", form.PasskeyInput(addr, handle, name, challenge), "65", false).Render(templ.WithChildren(ctx, templ_7745c5c3_Var8), templ_7745c5c3_Buffer) + templ_7745c5c3_Err = form.Form("/register/finish", "POST", form.PasskeyInput(addr, handle, challenge), "65", false).Render(templ.WithChildren(ctx, templ_7745c5c3_Var8), templ_7745c5c3_Buffer) if templ_7745c5c3_Err != nil { return templ_7745c5c3_Err } diff --git a/pkg/gateway/internal/session/db.go b/pkg/gateway/internal/session/db.go new file mode 100644 index 000000000..ab876163d --- /dev/null +++ b/pkg/gateway/internal/session/db.go @@ -0,0 +1 @@ +package session