raystack / frontier / 6516800596 / 1
38%
main: 38%

DEFAULT BRANCH: main
Ran
Files 92
Run time 1s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 50.389% (-0.3%) from 50.73%
6516800596.1

push

github

web-flow 
feat: support passkey as authentication method (#386)

* feat: support for passkey authentication

Passkey is a standard that enables passwordless authentication (aka login) in the browser. It essentially defines a common API for web applications to handle passwordless technologies via FIDO2 which includes things like public key cryptography, security keys (i.e. Yubikey), and biometrics (i.e. Touch ID/Face ID, Windows Hello).

In frontier config, under authentication we can add out Relaying Party details to use passkey.It takes 3 parameters, rpdisplayname, rpid, rporigins.

rpdisplayname: A string representing the name or display name of the Relying Party.
rpid: A string representing the ID of the Relying Party in the form of a web domain.
rporigins: An array of strings specifying the allowed origins (URLs) from which authentication requests are accepted by the Relying Party. This serves as a security measure to ensure that authentication requests originate only from trusted sources.

A concise explanation of the terms used:
Relying Party (RP): The RP is the web application or service that handles passkey issuance and authentication. It operates both a client-side component (website or app) for creating and authenticating passkeys and a server-side component for registering, storing, and verifying passkey credentials.

RP Displayname: This is the name or display name of the relying party, which is presented during the passkey authentication process.

RP ID: The RP ID is the identifier for the relying party, typically in the form of a web domain. It helps ensure that passkey authentication is directed to the correct RP.

RP Origins: These are the allowed origins (URLs) from which authentication requests are accepted by the RP. It's a security measure to ensure that authentication requests come from trusted sources.

User Registration:
In the StartFlow method, the application initially checks whether the user requires registration or... (continued)

5762 of 11435 relevant lines covered (50.39%)

18.13 hits per line

Source Files on job 6516800596.1