Web Authentication (WebAuthn)
TOC
- Web Authentication API navigator.credentials
- WebAuthn 硬體
- WebAuthn 參考專案
- FIDO2/WebAuthn Resources
- TODO
Web Authentication API navigator.credentials
- navigator.credentials.create() - Web Authentication: An API for accessing Public Key Credentials Level 1
- navigator.credentials.get({publicKey:..., ...}) - Web Authentication: An API for accessing Public Key Credentials Level 1
- CBOR Object Signing and Encryption (COSE)
const publicKeyCredentialCreationOptions = {
challenge: Uint8Array.from(randomStringFromServer, c => c.charCodeAt(0)),
rp: {
name: "Duo Security",
id: "duosecurity.com",
},
user: {
id: Uint8Array.from("UZSL85T9AFC", c => c.charCodeAt(0)),
name: "lee@webauthn.guide",
displayName: "Lee",
},
pubKeyCredParams: [{alg: -7, type: "public-key"}],
authenticatorSelection: {
authenticatorAttachment: "cross-platform",
},
timeout: 60000,
attestation: "direct"
};
const credential = await navigator.credentials.create({
publicKey: publicKeyCredentialCreationOptions
});
WebAuthn 硬體
SoloKeys - The first open source FIDO2 security key.
- Solo – SoloKeys
- solokeys/solo: Solo: open security key supporting FIDO2 & U2F over USB + NFC
- FIDO2 Implementation - Solo Technical Documentation
- Somu | Crowd Supply
WebAuthn 參考專案
- google/webauthndemo: An example Java Relying Party implementation of the WebAuthn specification
- googlecodelabs/fido2-codelab
Pretix 票務
WebAuthn We ported our two-factor authentication to support hardware tokens via WebAuthn instead of U2F. All your keys are still working, but they now work in Microsoft Edge, many more Firefox versions, as well as most mobile browsers, too.
pretix/webauthn.js at master · pretix/pretix
Okta SignIn widget 身份識別
- Okta, Auth0, & the Goblet of Identity
- okta/okta-signin-widget: Okta SignIn widget that renders the new login/auth/recovery flows
- okta-signin-widget/EnrollWebauthnController.js at 3.2 · okta/okta-signin-widget
Cryptovote
cryptovote/webauthn.js at master · cryptovoting/cryptovote
FIDO2/WebAuthn Resources
- WebAuthn Web Authentication with YubiKey 5
- Building FIDO2 server in Go
- 一起來了解 Web Authentication
- WebAuthn Basic Web Client/Server
- StrongKey/fido2
- WebAuthn (FIDO2) server library written in Go
- Integrate YubiKey 5Ci into Metamask Mobile #1011
- Learning WebAuthn nerocrux/webauthn
TODO
201909
- 圖 username/password - public-key
- 圖 Introduction to Web Authentication: The New W3C Spec
- caniuse Web Authentication API 69% , WebAssembly is 87%