Skip to content

Starter Kit Version 2.2.0 #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
csalas-yubico wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Starter Kit Version 2.2.0 #21

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
2ec5f4d
passkey autofill demo
csalas-yubico Aug 18, 2022
74f0485
Added nav links and formatting changes to passkey page
csalas-yubico Sep 20, 2022
d134970
Added autofill / conditional mediation to home page flow - removed fl…
csalas-yubico Sep 21, 2022
26a9e00
Added 2.1.0 (RC version used for testing)
csalas-yubico Sep 22, 2022
ae4fbd4
Removed workaround for Windows TPM, now handled by java-webauthn-server
csalas-yubico Sep 23, 2022
eb7f9a3
Merge branch 'v2.2.0/rc-update' into v2.2.0/main
csalas-yubico Sep 28, 2022
5e7b396
Upgraded Lambda to Node 16. Issues with AWS CLI in docker required ch…
csalas-yubico Sep 30, 2022
021f69e
npm dependency updates
csalas-yubico Oct 3, 2022
73f3638
Updated last java-webauthn-server dependency, updated Lambda java ver…
csalas-yubico Oct 13, 2022
0b55e31
Added passkey wording to initial login page
csalas-yubico Oct 14, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion backend/lambda-functions/CreateAuth/CreateAuthChallengeFIDO2.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@ async function getCreateCredentialsOptions(event, creds) {
let startRegisterPayload = JSON.parse(JSON.parse(response.Payload));
console.log("response payload jsonparse2: "+startRegisterPayload);

const coseLookup = {"ES256": -7, "EdDSA": -8, "RS256": -257};
const coseLookup = {"ES256": -7, "EdDSA": -8, "ES384": -35, "ES512": -36, "RS256": -257};

startRegisterPayload.requestId = startRegisterPayload.requestId.base64url;
startRegisterPayload.publicKeyCredentialCreationOptions.user.id = startRegisterPayload.publicKeyCredentialCreationOptions.user.id.base64url;
Expand Down
2 changes: 1 addition & 1 deletion backend/lambda-functions/FIDO2KitAPI/FIDO2KitAPI.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -313,7 +313,7 @@ async function startRegisterFIDO2Credential(profile, body, uid) {

let startRegisterPayload = JSON.parse(JSON.parse(response.Payload));

const coseLookup = {"ES256": -7, "EdDSA": -8, "RS256": -257};
const coseLookup = {"ES256": -7, "EdDSA": -8, "ES384": -35, "ES512": -36, "RS256": -257};

startRegisterPayload.requestId = startRegisterPayload.requestId.base64url;
startRegisterPayload.publicKeyCredentialCreationOptions.user.id = startRegisterPayload.publicKeyCredentialCreationOptions.user.id.base64url;
Expand Down
14 changes: 10 additions & 4 deletions backend/lambda-functions/JavaWebAuthnLib/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.13.1</version>
<version>2.13.2.2</version>
</dependency>

<dependency>
Expand All @@ -88,6 +88,12 @@
<version>2.13.2</version>
</dependency>

<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-cbor</artifactId>
<version>2.13.2</version>
</dependency>

<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>url-connection-client</artifactId>
Expand Down Expand Up @@ -148,19 +154,19 @@
<dependency>
<groupId>com.yubico</groupId>
<artifactId>webauthn-server-core</artifactId>
<version>2.0.0</version>
<version>2.1.0</version>
</dependency>

<dependency>
<groupId>com.yubico</groupId>
<artifactId>webauthn-server-attestation</artifactId>
<version>2.0.0</version>
<version>2.1.0</version>
</dependency>

<dependency>
<groupId>com.yubico</groupId>
<artifactId>yubico-util</artifactId>
<version>2.0.0</version>
<version>2.1.0</version>
</dependency>


Expand Down
9 changes: 0 additions & 9 deletions backend/lambda-functions/JavaWebAuthnLib/src/main/java/com/yubicolabs/App.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -542,15 +542,6 @@ private Optional<AttestationRegistration> buildAttestationResult(RegistrationRes
log.debug("buildAttestationResult() number of entries found in entries: {}", entries.size());
log.debug("buildAttestationResult() entries found in entries: {}", gson.toJson(entries));

// If entries is empty, try through only the AAGUID, this allows Windows Hello
// to work
if (entries.size() == 0) {
log.debug("buildAttestationResult() No entries found, attempting by AAGUID only");
entries = mds.findEntries(new AAGUID(result.getAaguid()));
log.debug("buildAttestationResult() number of entries found in entries AAGUID: {}", entries.size());
log.debug("buildAttestationResult() entries found in entries AAGUID: {}", gson.toJson(entries));
}

List<MetadataBLOBPayloadEntry> entriesAaguid = entries.stream()
.filter(ent -> ent.getAaguid().isPresent()
&& ent.getAaguid().get().asHexString().equals(result.getAaguid().getHex()))
Expand Down
16 changes: 8 additions & 8 deletions backend/template.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -389,7 +389,7 @@ Resources:
Ref: DefineAuthChallengeFuncName
CodeUri: lambda-functions/DefineAuth/
Handler: DefineAuthChallengeFIDO2.handler
Runtime: nodejs12.x
Runtime: nodejs16.x
# Create Auth Challenge
CreateAuthChallenge:
Type: AWS::Serverless::Function
Expand All @@ -398,7 +398,7 @@ Resources:
Ref: CreateAuthChallengeFuncName
CodeUri: lambda-functions/CreateAuth/
Handler: CreateAuthChallengeFIDO2.handler
Runtime: nodejs12.x
Runtime: nodejs16.x
# Environment variables for connecting to RDS
Environment:
Variables:
Expand All @@ -421,7 +421,7 @@ Resources:
Ref: VerifyAuthChallengeFuncName
CodeUri: lambda-functions/VerifyAuth/
Handler: VerifyAuthChallengeFIDO2.handler
Runtime: nodejs12.x
Runtime: nodejs16.x
# Environment variables for connecting to RDS
Environment:
Variables:
Expand All @@ -445,7 +445,7 @@ Resources:
Ref: PreSignUpFuncName
CodeUri: lambda-functions/PreSignUp/
Handler: PreSignUpFIDO2.handler
Runtime: nodejs12.x
Runtime: nodejs16.x

# WebAuthn Starter Kit - API Lambda Function
WebAuthnKitAPIFunction:
Expand All @@ -455,7 +455,7 @@ Resources:
Ref: WebAuthnKitAPIFuncName
CodeUri: lambda-functions/FIDO2KitAPI/
Handler: FIDO2KitAPI.handler
Runtime: nodejs12.x
Runtime: nodejs16.x
# Environment variables for connecting to RDS
Environment:
Variables:
Expand All @@ -479,7 +479,7 @@ Resources:
Ref: CreateDBSchemaFuncName
CodeUri: lambda-functions/CreateDBSchema/
Handler: CreateDBSchema.handler
Runtime: nodejs12.x
Runtime: nodejs16.x
# Environment variables for connecting to RDS
Environment:
Variables:
Expand Down Expand Up @@ -593,7 +593,7 @@ Resources:
FunctionName:
Ref: JavaWebAuthnFuncName
CodeUri: lambda-functions/JavaWebAuthnLib/
Runtime: java8.al2
Runtime: java11
Handler: com.yubicolabs.App::handleRequest
Timeout: 30
MemorySize: 1408
Expand Down Expand Up @@ -657,7 +657,7 @@ Resources:
});
};
Handler: index.handler
Runtime: nodejs12.x
Runtime: nodejs16.x
Description: Invokes the database schema creation function.
MemorySize: 128
Timeout: 20
Expand Down
Loading