Initial support of FIDO2 credential creation #2814
Conversation
sylvainpelissier
force-pushed
the
make_passkeys
branch
2 times, most recently
from
8ea451a to
641d3fc
Compare
|
This looks great, but I'll need a bit more time for a proper review. I have some knowledge gaps wrt. passkeys that I want to close first. |
sylvainpelissier
force-pushed
the
make_passkeys
branch
from
641d3fc to
dc4971b
Compare
|
This is a great start! As mentioned, I think you should tweak it a bit to satisfy Json interfaces instead of using the string type if the client responses and all are meant to be in Json. Also this is lacking parsing / marshalling / unmarshalling logic for the |
sylvainpelissier
force-pushed
the
make_passkeys
branch
2 times, most recently
from
0b0eccd to
5a6abaa
Compare
Signed-off-by: Sylvain Pelissier <sylvain.pelissier@gmail.com>
sylvainpelissier
force-pushed
the
make_passkeys
branch
from
5a6abaa to
ea78b1c
Compare
This may help: https://research.kudelskisecurity.com/2024/03/14/passkeys-under-the-hood/ |
|
So is it already available anyhow for end users? I guess no, because browser plugin does not look to support it right now, but may be I am missing something... |
|
@dluciv no, this now requires quite some work still: this is the ground work to satisfy requests, but we still need to implement the CTAP2 protocol to answer browsers' requests using the code added in this PR as I understand the flow for FIDO2 authenticators. |
Initial incomplete support of passkeys. The goal is to use the passkey package in gopass-jsonapi.