New Upstream Release - golang-github-duo-labs-webauthn
Ready changes
Summary
Merged new upstream version: 0.0~git20221205.ebaf9b7 (was: 0.0~git20220815.00c9fb5).
Resulting package
Built on 2023-05-23T08:05 (took 5m8s)
The resulting binary packages can be installed (if you have the apt repository enabled) by running one of:
apt install -t fresh-releases golang-github-duo-labs-webauthn-dev
Lintian Result
- golang-github-duo-labs-webauthn-dev_0.0~git20221205.ebaf9b7-1~jan+nur1_all.deb
- golang-github-duo-labs-webauthn_0.0~git20221205.ebaf9b7-1~jan+nur1.dsc
- golang-github-duo-labs-webauthn_0.0~git20221205.ebaf9b7-1~jan+nur1_amd64.buildinfo
- golang-github-duo-labs-webauthn_0.0~git20221205.ebaf9b7-1~jan+nur1_amd64.changes
Diff
diff --git a/README.md b/README.md
index 41af078..8100de0 100644
--- a/README.md
+++ b/README.md
@@ -1,11 +1,17 @@
-WebAuthn Library
+# THIS LIBRARY IS DEPRECATED
+
+Projects using this library should consider migrating to the community-maintained fork over at [github.com/go-webauthn/webauthn](https://github.com/go-webauthn/webauthn). See the [Migration Guide](https://github.com/go-webauthn/webauthn/blob/master/MIGRATION.md) for more information.
+
+The original README continues below.
+
+# WebAuthn Library
=============
[![GoDoc](https://godoc.org/github.com/duo-labs/webauthn?status.svg)](https://godoc.org/github.com/duo-labs/webauthn)
![Build Status](https://github.com/duo-labs/webauthn/workflows/Go/badge.svg)
[![Go Report Card](https://goreportcard.com/badge/github.com/duo-labs/webauthn)](https://goreportcard.com/report/github.com/duo-labs/webauthn)
-This library is meant to handle [Web Authentication](https://w3c.github.io/webauthn) for Go apps that wish to implement a passwordless solution for users. While the specification is currently in Candidate Recommendation, this library conforms as much as possible to
+This library is meant to handle [Web Authentication](https://w3c.github.io/webauthn) for Go apps that wish to implement a passwordless solution for users. While the specification is currently in Candidate Recommendation, this library conforms as much as possible to
the guidelines and implementation procedures outlined by the document.
### Demo at webauthn.io
@@ -16,7 +22,7 @@ A simplified demonstration of this library can be found [here](https://github.co
Quickstart
----------
-`go get github.com/duo-labs/webauthn` and initialize it in your application with basic configuration values.
+`go get github.com/duo-labs/webauthn` and initialize it in your application with basic configuration values.
Make sure your `user` model is able to handle the interface functions laid out in `webauthn/user.go`. This means also supporting the storage and retrieval of the credential and authenticator structs in `webauthn/credential.go` and `webauthn/authenticator.go`, respectively.
@@ -48,16 +54,16 @@ func main() {
```golang
func BeginRegistration(w http.ResponseWriter, r *http.Request) {
- user := datastore.GetUser() // Find or create the new user
+ user := datastore.GetUser() // Find or create the new user
options, sessionData, err := web.BeginRegistration(&user)
// handle errors if present
- // store the sessionData values
+ // store the sessionData values
JSONResponse(w, options, http.StatusOK) // return the options generated
// options.publicKey contain our registration options
}
func FinishRegistration(w http.ResponseWriter, r *http.Request) {
- user := datastore.GetUser() // Get the user
+ user := datastore.GetUser() // Get the user
// Get the session data stored from the function above
// using gorilla/sessions it could look like this
sessionData := store.Get(r, "registration-session")
@@ -81,7 +87,7 @@ func BeginLogin(w http.ResponseWriter, r *http.Request) {
}
func FinishLogin(w http.ResponseWriter, r *http.Request) {
- user := datastore.GetUser() // Get the user
+ user := datastore.GetUser() // Get the user
// Get the session data stored from the function above
// using gorilla/sessions it could look like this
sessionData := store.Get(r, "login-session")
@@ -95,7 +101,7 @@ func FinishLogin(w http.ResponseWriter, r *http.Request) {
Modifying Credential Options
----------------------------
-You can modify the default credential creation options for registration and login by providing optional structs to the `BeginRegistration` and `BeginLogin` functions.
+You can modify the default credential creation options for registration and login by providing optional structs to the `BeginRegistration` and `BeginLogin` functions.
### Registration modifiers
You can modify the registration options in the following ways:
@@ -107,19 +113,19 @@ import "github.com/duo-labs/webauthn/webauthn"
var webAuthnHandler webauthn.WebAuthn // init this in your init function
func beginRegistration() {
- // Updating the AuthenticatorSelection options.
+ // Updating the AuthenticatorSelection options.
// See the struct declarations for values
- authSelect := protocol.AuthenticatorSelection{
+ authSelect := protocol.AuthenticatorSelection{
AuthenticatorAttachment: protocol.AuthenticatorAttachment("platform"),
RequireResidentKey: protocol.ResidentKeyUnrequired(),
UserVerification: protocol.VerificationRequired
}
- // Updating the ConveyencePreference options.
+ // Updating the ConveyencePreference options.
// See the struct declarations for values
conveyancePref := protocol.ConveyancePreference(protocol.PreferNoAttestation)
- user := datastore.GetUser() // Get the user
+ user := datastore.GetUser() // Get the user
opts, sessionData, err webAuthnHandler.BeginRegistration(&user, webauthn.WithAuthenticatorSelection(authSelect), webauthn.WithConveyancePreference(conveyancePref))
// Handle next steps
@@ -137,7 +143,7 @@ import "github.com/duo-labs/webauthn/webauthn"
var webAuthnHandler webauthn.WebAuthn // init this in your init function
func beginLogin() {
- // Updating the AuthenticatorSelection options.
+ // Updating the AuthenticatorSelection options.
// See the struct declarations for values
allowList := make([]protocol.CredentialDescriptor, 1)
allowList[0] = protocol.CredentialDescriptor{
@@ -145,7 +151,7 @@ func beginLogin() {
Type: protocol.CredentialType("public-key"),
}
- user := datastore.GetUser() // Get the user
+ user := datastore.GetUser() // Get the user
opts, sessionData, err := webAuthnHandler.BeginLogin(&user, webauthn.wat.WithAllowedCredentials(allowList))
diff --git a/debian/changelog b/debian/changelog
index 5e03514..e467f51 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+golang-github-duo-labs-webauthn (0.0~git20221205.ebaf9b7-1) UNRELEASED; urgency=low
+
+ * New upstream snapshot.
+
+ -- Debian Janitor <janitor@jelmer.uk> Tue, 23 May 2023 08:01:13 -0000
+
golang-github-duo-labs-webauthn (0.0~git20220815.00c9fb5-1) unstable; urgency=medium
* New upstream snapshot
diff --git a/debian/patches/000-disable-metadata-tests.patch b/debian/patches/000-disable-metadata-tests.patch
index c781612..dfc012f 100644
--- a/debian/patches/000-disable-metadata-tests.patch
+++ b/debian/patches/000-disable-metadata-tests.patch
@@ -1,10 +1,10 @@
From: Mathias Gibbens <mathias@calenhad.com>
Description: Disable the metadata tests, as they try to reach out to the Internet to fetch a SSL certificate
Forwarded: https://github.com/duo-labs/webauthn/issues/91
-diff --git a/metadata/metadata_test.go b/metadata/metadata_test.go
-index 42042e3..d51576f 100644
---- a/metadata/metadata_test.go
-+++ b/metadata/metadata_test.go
+Index: golang-github-duo-labs-webauthn.git/metadata/metadata_test.go
+===================================================================
+--- golang-github-duo-labs-webauthn.git.orig/metadata/metadata_test.go
++++ golang-github-duo-labs-webauthn.git/metadata/metadata_test.go
@@ -1,3 +1,5 @@
+//go:build ignore
+
diff --git a/go.mod b/go.mod
index 8e21bf0..1a61366 100644
--- a/go.mod
+++ b/go.mod
@@ -1,3 +1,4 @@
+// Deprecated: use github.com/go-webauthn/webauthn instead.
module github.com/duo-labs/webauthn
go 1.18