feature: add u2f registration to profile api

greenpau · Mar 20, 2024 · 68df1f9 · 68df1f9
1 parent bca8dda
commit 68df1f9
Show file tree

Hide file tree

Showing 2 changed files with 58 additions and 0 deletions.
diff --git a/pkg/authn/api_fetch_user_uni_sec_factor_reg_params.go b/pkg/authn/api_fetch_user_uni_sec_factor_reg_params.go
@@ -0,0 +1,55 @@
+// Copyright 2024 Paul Greenberg [email protected]
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package authn
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/greenpau/go-authcrunch/pkg/ids"
+	"github.com/greenpau/go-authcrunch/pkg/requests"
+	"github.com/greenpau/go-authcrunch/pkg/user"
+	"github.com/greenpau/go-authcrunch/pkg/util"
+)
+
+// FetchUserUniSecFactorRegParams fetches U2F authenticator registration parameters.
+func (p *Portal) FetchUserUniSecFactorRegParams(
+	ctx context.Context,
+	w http.ResponseWriter,
+	r *http.Request,
+	rr *requests.Request,
+	parsedUser *user.User,
+	resp map[string]interface{},
+	usr *user.User,
+	backend ids.IdentityStore,
+	bodyData map[string]interface{}) error {
+
+	params := make(map[string]interface{})
+	params["challenge"] = util.GetRandomStringFromRange(64, 92)
+	params["rp_name"] = "AuthCrunch"
+	// params["rp_id"] = "auth.authcrunch.com"
+	params["user_id"] = usr.Claims.ID
+	params["user_name"] = usr.Claims.Email
+	params["user_verification"] = "discouraged"
+	params["attestation"] = "direct"
+	if usr.Claims.Name == "" {
+		params["user_display_name"] = usr.Claims.Subject
+	} else {
+		params["user_display_name"] = usr.Claims.Name
+	}
+
+	resp["entry"] = params
+	return handleAPIProfileResponse(w, rr, http.StatusOK, resp)
+}
diff --git a/pkg/authn/handle_api_profile.go b/pkg/authn/handle_api_profile.go
@@ -115,6 +115,7 @@ func (p *Portal) handleAPIProfile(ctx context.Context, w http.ResponseWriter, r
 	case "delete_user_gpg_key":
 	case "test_user_gpg_key":
 	case "add_user_gpg_key":
+	case "fetch_user_u2f_reg_params":
 	default:
 		resp["message"] = "Profile API received unsupported request type"
 		return handleAPIProfileResponse(w, rr, http.StatusBadRequest, resp)
@@ -174,6 +175,8 @@ func (p *Portal) handleAPIProfile(ctx context.Context, w http.ResponseWriter, r
 		return p.TestUserAppMultiFactorVerifier(ctx, w, r, rr, parsedUser, resp, usr, backend, bodyData)
 	case "add_user_app_multi_factor_authenticator":
 		return p.AddUserAppMultiFactorVerifier(ctx, w, r, rr, parsedUser, resp, usr, backend, bodyData)
+	case "fetch_user_u2f_reg_params":
+		return p.FetchUserUniSecFactorRegParams(ctx, w, r, rr, parsedUser, resp, usr, backend, bodyData)
 	case "fetch_user_api_keys":
 		return p.FetchUserAPIKeys(ctx, w, r, rr, parsedUser, resp, usr, backend)
 	case "fetch_user_api_key":