go/sonr
go/sonr
1
1
Fork 0
mirror of https://github.com/onsonr/sonr.git synced 2025-03-10 21:09:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
sonr/x/did/builder/service.go

104 lines
3.2 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package builder
import (
"crypto/rand"
"strings"
"github.com/onsonr/sonr/x/did/types"
)
// ChallengeLength - Length of bytes to generate for a challenge.
const ChallengeLength = 32
// CreateChallenge creates a new challenge that should be signed and returned by the authenticator. The spec recommends
// using at least 16 bytes with 100 bits of entropy. We use 32 bytes.
func CreateChallenge() (challenge URLEncodedBase64, err error) {
challenge = make([]byte, ChallengeLength)
if _, err = rand.Read(challenge); err != nil {
return nil, err
}
return challenge, nil
}
type CredentialEntity struct {
// A human-palatable name for the entity. Its function depends on what the PublicKeyCredentialEntity represents:
//
// When inherited by PublicKeyCredentialRpEntity it is a human-palatable identifier for the Relying Party,
// intended only for display. For example, "ACME Corporation", "Wonderful Widgets, Inc." or "ОАО Примертех".
//
// When inherited by PublicKeyCredentialUserEntity, it is a human-palatable identifier for a user account. It is
// intended only for display, i.e., aiding the user in determining the difference between user accounts with similar
// displayNames. For example, "alexm", "alex.p.mueller@example.com" or "+14255551234".
Name string `json:"name"`
}
func NewCredentialEntity(name string) CredentialEntity {
return CredentialEntity{
Name: name,
}
}
type CredentialParameter struct {
Type CredentialType `json:"type"`
Algorithm types.COSEAlgorithmIdentifier `json:"alg"`
}
func NewCredentialParameter(ki *types.KeyInfo) CredentialParameter {
return CredentialParameter{
Type: CredentialTypePublicKeyCredential,
Algorithm: ki.Algorithm.CoseIdentifier(),
}
}
func ExtractCredentialParameters(p *types.Params) []CredentialParameter {
var keys []*types.KeyInfo
for k, v := range p.AllowedPublicKeys {
if strings.Contains(k, "webauthn") {
keys = append(keys, v)
}
}
var cparams []CredentialParameter
for _, ki := range keys {
cparams = append(cparams, NewCredentialParameter(ki))
}
return cparams
}
type RelyingPartyEntity struct {
CredentialEntity
// A unique identifier for the Relying Party entity, which sets the RP ID.
ID string `json:"id"`
}
func NewRelayingParty(name string, origin string) RelyingPartyEntity {
return RelyingPartyEntity{
CredentialEntity: NewCredentialEntity(origin),
ID: origin,
}
}
type UserEntity struct {
CredentialEntity
// A human-palatable name for the user account, intended only for display.
// For example, "Alex P. Müller" or "田中 倫". The Relying Party SHOULD let
// the user choose this, and SHOULD NOT restrict the choice more than necessary.
DisplayName string `json:"displayName"`
// ID is the user handle of the user account entity. To ensure secure operation,
// authentication and authorization decisions MUST be made on the basis of this id
// member, not the displayName nor name members. See Section 6.1 of
// [RFC8266](https://www.w3.org/TR/webauthn/#biblio-rfc8266).
ID any `json:"id"`
}
func NewUserEntity(name string, subject string, cid string) UserEntity {
return UserEntity{
CredentialEntity: NewCredentialEntity(name),
DisplayName: subject,
ID: cid,
}
}
Reference in New Issue View Git Blame Copy Permalink