mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 997 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
73906 Commits
365 Branches
Tree: 7eec3b5a72
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7eec3b5a72'
${ noResults }
nextcloud/core/src/services/WebAuthnAuthenticationServi...

WebAuthnAuthenticationService.ts 2.1KB
Raw Blame History

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. /**

  2.  * @copyright 2020, Roeland Jago Douma <roeland@famdouma.nl>

  3.  *

  4.  * @author Roeland Jago Douma <roeland@famdouma.nl>

  5.  *

  6.  * @license AGPL-3.0-or-later

  7.  *

  8.  * This program is free software: you can redistribute it and/or modify

  9.  * it under the terms of the GNU Affero General Public License as

  10.  * published by the Free Software Foundation, either version 3 of the

  11.  * License, or (at your option) any later version.

  12.  *

  13.  * This program is distributed in the hope that it will be useful,

  14.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  15.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  16.  * GNU Affero General Public License for more details.

  17.  *

  18.  * You should have received a copy of the GNU Affero General Public License

  19.  * along with this program. If not, see <http://www.gnu.org/licenses/>.

  20.  *

  21.  */

  22. 

  23. import type { AuthenticationResponseJSON, PublicKeyCredentialRequestOptionsJSON } from '@simplewebauthn/types'

  24. 

  25. import { startAuthentication as startWebauthnAuthentication } from '@simplewebauthn/browser'

  26. import { generateUrl } from '@nextcloud/router'

  27. 

  28. import Axios from '@nextcloud/axios'

  29. import logger from '../logger'

  30. 

  31. export class NoValidCredentials extends Error {}

  32. 

  33. /**

  34.  * Start webautn authentication

  35.  * This loads the challenge, connects to the authenticator and returns the repose that needs to be sent to the server.

  36.  *

  37.  * @param loginName Name to login

  38.  */

  39. export async function startAuthentication(loginName: string) {

  40. 	const url = generateUrl('/login/webauthn/start')

  41. 

  42. 	const { data } = await Axios.post<PublicKeyCredentialRequestOptionsJSON>(url, { loginName })

  43. 	if (!data.allowCredentials || data.allowCredentials.length === 0) {

  44. 		logger.error('No valid credentials returned for webauthn')

  45. 		throw new NoValidCredentials()

  46. 	}

  47. 	return await startWebauthnAuthentication(data)

  48. }

  49. 

  50. /**

  51.  * Verify webauthn authentication

  52.  * @param authData The authentication data to sent to the server

  53.  */

  54. export async function finishAuthentication(authData: AuthenticationResponseJSON) {

  55. 	const url = generateUrl('/login/webauthn/finish')

  56. 

  57. 	const { data } = await Axios.post(url, { data: JSON.stringify(authData) })

  58. 	return data

  59. }