Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* rm .idea * Upgrade dependencies to latest versions Updated versions for `tokio`, `axum-server`, `tower-sessions`, and `serde_json`. These changes aim to leverage the latest features, improvements, and bug fixes provided by the newer versions, ensuring better stability and performance. * Add EC signing key support and refactor session handling Implemented EC signing key loading and verification to enhance security. Refactored session key retrieval and error handling for better clarity and maintainability. Updated documentation and configurations to include key generation and usage instructions. * Add JWT authentication to finish_passkey_authentication Introduce JWT token generation and response upon successful authentication. Refactor the registration state key to a constant and improve error logging. Update dependencies and project version to accommodate new functionalities. * Add detailed error handling for JWT creation Refactor token generation to include improved error handling and logging. Introduce `InvalidPEM` and `TokenCreationError` variants for better error descriptions. Enhance debugging with additional `println!` statements and add `Debug` trait to `Claims` struct. * Switch to dedicated encoding key for JWTs Refactored code to use a separate encoding key for JWT creation instead of deriving it from the signing key PEM. Updated the configuration and documentation to reflect these changes, and improved error handling related to key loading. * Specify JWT algorithm explicitly and correct encoding key path Explicitly set the JWT algorithm to ES256 in the token creation for clarity and security. Additionally, correct the path for the encoding key in the README to ensure proper configuration. * Add JWT handling and validation Introduced JWT creation and validation within the authentication flow to enhance security. Added necessary decoding key configuration and handling of token-based errors. Updated README with steps for creating and validating the new decoding key. * Add MissingToken WebauthnError variant and handle HeaderValue Introduced a new `MissingToken` variant to the `WebauthnError` enum to handle cases where JWT parsing into a `HeaderValue` fails. Updated the registration flow to return an error if the token cannot be converted appropriately. * Fix response return and remove debug print Ensure the response is returned correctly after setting the 'X-Auth-Token' header. Remove the unnecessary debug print statement to clean up the code. * updated Algorithm::ES256 for decoding token Updated error handling for token creation and decoding, renaming the TokenCreationError and enhancing TokenDecodingError to include detailed messages. This improves clarity and debugging capabilities in authentication processes. * Disable JWT nbf and exp validation Updated the JWT decode function to disable validation for `nbf` (not before) and `exp` (expiration) claims. This should prevent token decoding errors related to time-based validations. * Add JWT fields to AttestationEntity Introduce 'sub' and 'exp' fields to AttestationEntity struct to support JWT generation. This change includes setting these fields with user unique ID and an expiration timestamp. * Refactor authentication token handling to use AccountToken Replaced AttestationEntity with AccountToken to include passkey in the token structure. Updated all token-related logic to handle the new structure and added debug prints for improved traceability. * Refactor credential counter update Simplify the update of credential counters by replacing a map statement with an if let statement. Additionally, add a FIXME comment to integrate blockchain recording and replay attack checks in the future. * Remove debug print statements in authentication module Commented out various println! statements used for debugging in `src/authn.rs`. This cleanup enhances code readability and reduces potential information leaks.
- Loading branch information
1 parent
805757a
commit fac54de