This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <samlp:Response | |
| ID="_a2aec7e7-1843-443c-9af3-da94e69d5113" | |
| Version="2.0" | |
| IssueInstant="2020-01-21T06:59:36.653Z" | |
| Destination="https://localhost:4447/acs" | |
| InResponseTo="_9ecd6234ec0396a49a33a8a2ae0a9f8d2acc1b2a" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> | |
| <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">https://sts.windows.net/xxxx-xxxx-xxxx/ | |
| </Issuer> | |
| <samlp:Status> | |
| <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var atomicinz uint64 | |
| // type global | |
| type singleton map[string]string | |
| var ( | |
| instance singleton | |
| ) | |
| func NewClass() singleton { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def callback | |
| webauthn_credential = WebAuthn::Credential.from_get(params) | |
| user = User.find_by(username: session["current_authentication"]["username"]) | |
| raise "user #{session["current_authentication"]["username"]} never initiated sign up" unless user | |
| credential = user.credentials.find_by(external_id: Base64.strict_encode64(webauthn_credential.raw_id)) | |
| begin | |
| webauthn_credential.verify( | |
| session["current_authentication"]["challenge"], |
truongnmt
/ AuthenticatorAttestationResponse.json
Last active
January 9, 2022 22:56
AuthenticatorAttestationResponse.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "type": "public-key", | |
| "id": "Abn91boMsByBbqE9lxpBfGEJWMq0GM6_LZ6ToIIehjzxWO-F1li2KvPmKRy-J_CkG7MJWadYzmcSahO0CcNyN2SjWnTaMalxZlP1xlFKEOiG5TVO_u5ANQBGxhOuISTpBJfJF5vsutAknQhDew", | |
| "rawId": "Abn91boMsByBbqE9lxpBfGEJWMq0GM6_LZ6ToIIehjzxWO-F1li2KvPmKRy-J_CkG7MJWadYzmcSahO0CcNyN2SjWnTaMalxZlP1xlFKEOiG5TVO_u5ANQBGxhOuISTpBJfJF5vsutAknQhDew", | |
| "response": { | |
| "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoia0liNDc2Y2liQ2NWWDg3NU9PaXhjQ0g1N2JFRkRNSkY1WFhpekVaTnFyOCIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6NDQ0NyIsImNyb3NzT3JpZ2luIjpmYWxzZX0", | |
| "attestationObject": "o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVjrSZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2NFYO_muK3OAAI1vMYKZIsLJfHwVQMAZwFdfvtoAi1yxff-Wxlg8GZ-hT_zqgFnymO-JnJGrVjIDeuaOTlvKtpPV1W2JfJAKj7aRKAZTNKKShI8A6mEQQyGGwJdOfDvGUFkvq9DNC_vYpHLt7SrjMXxZ0WfYFOrZwx-kKs2MFKlAQIDJiABIVggWjsfxY309TGcZh9BHpQEQnmVBeBRn817wQm5QOUldaIiWCAwED0ApsiRecCzp5TrwmdtGLZ9WS1EHNxSy0ofb5OsZg" | |
| }, | |
| "clientExtensionResults": {}, | |
| "credential_nickname": "mbp" |
truongnmt
/ AuthenticatorAssertionResponse.json
Created
January 9, 2022 22:53
AuthenticatorAssertionResponse.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "clientExtensionResults": {}, | |
| "id": "Abn91boMsByBbqE9lxpBfGEJWMq0GM6_LZ6ToIIehjzxWO-F1li2KvPmKRy-J_CkG7MJWadYzmcSahO0CcNyN2SjWnTaMalxZlP1xlFKEOiG5TVO_u5ANQBGxhOuISTpBJfJF5vsutAknQhDew", | |
| "rawId": "Abn91boMsByBbqE9lxpBfGEJWMq0GM6_LZ6ToIIehjzxWO-F1li2KvPmKRy-J_CkG7MJWadYzmcSahO0CcNyN2SjWnTaMalxZlP1xlFKEOiG5TVO_u5ANQBGxhOuISTpBJfJF5vsutAknQhDew", | |
| "response": { | |
| "authenticatorData": "SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFYPEyFg", | |
| "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiYkpwMzBIMUZYNEVTY3h4YndleUhUUTJ4aG9zZ2xYSTZsQlJpNWoyWGZuVSIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6NDQ0NyIsImNyb3NzT3JpZ2luIjpmYWxzZX0", | |
| "signature": "MEUCIQCtTUYcAAz5KFmBodTMpt8bMAUWkzOCzxIf-NghNCaLRwIgJ-2o41-AhWl1ZERB2EDEFQ2vEgEx8WrZR5Ad-5mvld8", | |
| "userHandle": "OXtCbb6VcBaLFC5GBOjIfpKYCMxJom04VPw9c-WRvhJ5uAHWhBkQZk_-0NGOmNnK4Yx2G5Pw9nyLLRKZkkCndA" | |
| }, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function get(credentialOptions) { | |
| WebAuthnJSON.get({ "publicKey": credentialOptions }).then(function(credential) { | |
| callback("/session/callback", credential); | |
| }).catch(function(error) { | |
| showMessage(error); | |
| }); | |
| console.log("Getting public key credential..."); | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| create(event) { | |
| var [data, status, xhr] = event.detail; | |
| console.log(data); | |
| var credentialOptions = data; | |
| Credential.get(credentialOptions); | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "challenge": "pW3wrtt7b65n5ehxWbVpb8vGml9EGn9yXXTcuBzXI7E", | |
| "timeout": 120000, | |
| "allowCredentials": [ | |
| { | |
| "type": "public-key", | |
| "id": "Abn91boMsByBbqE9lxpBfGEJWMq0GM6/LZ6ToIIehjzxWO+F1li2KvPmKRy+J/CkG7MJWadYzmcSahO0CcNyN2SjWnTaMalxZlP1xlFKEOiG5TVO/u5ANQBGxhOuISTpBJfJF5vsutAknQhDew==" | |
| } | |
| ] | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class SessionsController < ApplicationController | |
| def create | |
| user = User.find_by(username: session_params[:username]) | |
| if user | |
| get_options = WebAuthn::Credential.options_for_get(allow: user.credentials.pluck(:external_id)) | |
| session[:current_authentication] = { challenge: get_options.challenge, username: session_params[:username] } | |
| respond_to do |format| |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class CredentialsController < ApplicationController | |
| def create | |
| create_options = WebAuthn::Credential.options_for_create( | |
| user: { | |
| id: current_user.webauthn_id, | |
| name: current_user.username, | |
| }, | |
| exclude: current_user.credentials.pluck(:external_id) | |
| ) |
NewerOlder