raystack / frontier / 6516800596
38%

DEFAULT BRANCH: main
Ran
Jobs 1
Files 92
Run time 2s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 50.389% (-0.3%) from 50.73%
6516800596

push

github

web-flow 
feat: support passkey as authentication method (#386)

* feat: support for passkey authentication

Passkey is a standard that enables passwordless authentication (aka login) in the browser. It essentially defines a common API for web applications to handle passwordless technologies via FIDO2 which includes things like public key cryptography, security keys (i.e. Yubikey), and biometrics (i.e. Touch ID/Face ID, Windows Hello).

In frontier config, under authentication we can add out Relaying Party details to use passkey.It takes 3 parameters, rpdisplayname, rpid, rporigins.

rpdisplayname: A string representing the name or display name of the Relying Party.
rpid: A string representing the ID of the Relying Party in the form of a web domain.
rporigins: An array of strings specifying the allowed origins (URLs) from which authentication requests are accepted by the Relying Party. This serves as a security measure to ensure that authentication requests originate only from trusted sources.

A concise explanation of the terms used:
Relying Party (RP): The RP is the web application or service that handles passkey issuance and authentication. It operates both a client-side component (website or app) for creating and authenticating passkeys and a server-side component for registering, storing, and verifying passkey credentials.

RP Displayname: This is the name or display name of the relying party, which is presented during the passkey authentication process.

RP ID: The RP ID is the identifier for the relying party, typically in the form of a web domain. It helps ensure that passkey authentication is directed to the correct RP.

RP Origins: These are the allowed origins (URLs) from which authentication requests are accepted by the RP. It's a security measure to ensure that authentication requests come from trusted sources.

User Registration:
In the StartFlow method, the application initially checks whether the user requires registration or... (continued)

78 of 78 new or added lines in 3 files covered. (100.0%)

5762 of 11435 relevant lines covered (50.39%)

18.13 hits per line

New Missed Lines in Diff

Lines Coverage File
13
0.0
 0.0% cmd/serve.go
29
8.71
 -1.01% internal/api/v1beta1/authenticate.go
36
0.0
 core/authenticate/strategy/passkey.go
Jobs
ID Job ID Ran Files Coverage
1 6516800596.1 92
50.39
 GitHub Action Run
Source Files on build 6516800596