webauthn_rp

WebAuthn Level 3 RP library.
git clone https://git.philomathiclife.com/repos/webauthn_rp
Log | Files | Refs | README
commit 385433ad3d5255e8a8efdb90b2ccbb8befec3b2f
parent bb3d74891d8acff41a64501a29fd9e94ebf8a14b
Author: Zack Newman <zack@philomathiclife.com>
Date:   Thu,  3 Apr 2025 12:17:53 -0600

msrv

Diffstat:

MCargo.toml | 2+-


MREADME.md | 5+++++


Msrc/lib.rs | 6++++++


Msrc/request/auth.rs | 6+++---


4 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
@@ -9,7 +9,7 @@ license = "MIT OR Apache-2.0"
 name = "webauthn_rp"
 readme = "README.md"
 repository = "https://git.philomathiclife.com/repos/webauthn_rp/"
-rust-version = "1.85.0"
+rust-version = "1.86.0"
 version = "0.3.0"
 
 [package.metadata.docs.rs]
diff --git a/README.md b/README.md
@@ -140,6 +140,7 @@ fn finish_account_creation(
     insert_account(
         &account,
         reg_ceremonies
+            // `Registration::challenge_relaxed` is available iff `serde_relaxed` is enabled.
             .take(&account.registration.challenge_relaxed()?)
             .ok_or(AppErr::MissingWebAuthnCeremony)?
             .verify(
@@ -194,9 +195,11 @@ fn finish_cred_registration(
     reg_ceremonies: &mut FixedCapHashSet<RegistrationServerState<USER_HANDLE_MAX_LEN>>,
     client_data: Vec<u8>,
 ) -> Result<(), AppErr> {
+    // `Registration::from_json_custom` is available iff `serde_relaxed` is enabled.
     let registration = Registration::from_json_custom(client_data.as_slice())?;
     insert_credential(
         reg_ceremonies
+            // `Registration::challenge_relaxed` is available iff `serde_relaxed` is enabled.
             .take(&registration.challenge_relaxed()?)
             .ok_or(AppErr::MissingWebAuthnCeremony)?
             .verify(
@@ -238,6 +241,7 @@ fn finish_auth(
     auth_ceremonies: &mut FixedCapHashSet<DiscoverableAuthenticationServerState>,
     client_data: Vec<u8>,
 ) -> Result<(), AppErr> {
+    // `Authentication::from_json_custom` is available iff `serde_relaxed` is enabled.
     let authentication =
         DiscoverableAuthentication64::from_json_custom(client_data.as_slice())?;
     let mut cred = select_credential(
@@ -246,6 +250,7 @@ fn finish_auth(
     )?
     .ok_or_else(|| AppErr::NoCredential)?;
     if auth_ceremonies
+        // `Authentication::challenge_relaxed` is available iff `serde_relaxed` is enabled.
         .take(&authentication.challenge_relaxed()?)
         .ok_or(AppErr::MissingWebAuthnCeremony)?
         .verify(
diff --git a/src/lib.rs b/src/lib.rs
@@ -149,6 +149,7 @@
 //!     insert_account(
 //!         &account,
 //!         reg_ceremonies
+//!             // `Registration::challenge_relaxed` is available iff `serde_relaxed` is enabled.
 //!             .take(&account.registration.challenge_relaxed()?)
 //!             .ok_or(AppErr::MissingWebAuthnCeremony)?
 //!             .verify(
@@ -205,9 +206,11 @@
 //!     reg_ceremonies: &mut FixedCapHashSet<RegistrationServerState<USER_HANDLE_MAX_LEN>>,
 //!     client_data: Vec<u8>,
 //! ) -> Result<(), AppErr> {
+//!     // `Registration::from_json_custom` is available iff `serde_relaxed` is enabled.
 //!     let registration = Registration::from_json_custom(client_data.as_slice())?;
 //!     insert_credential(
 //!         reg_ceremonies
+//!             // `Registration::challenge_relaxed` is available iff `serde_relaxed` is enabled.
 //!             .take(&registration.challenge_relaxed()?)
 //!             .ok_or(AppErr::MissingWebAuthnCeremony)?
 //!             .verify(
@@ -251,6 +254,7 @@
 //!     auth_ceremonies: &mut FixedCapHashSet<DiscoverableAuthenticationServerState>,
 //!     client_data: Vec<u8>,
 //! ) -> Result<(), AppErr> {
+//!     // `Authentication::from_json_custom` is available iff `serde_relaxed` is enabled.
 //!     let authentication =
 //!         DiscoverableAuthentication64::from_json_custom(client_data.as_slice())?;
 //!     let mut cred = select_credential(
@@ -259,6 +263,7 @@
 //!     )?
 //!     .ok_or_else(|| AppErr::NoCredential)?;
 //!     if auth_ceremonies
+//!         // `Authentication::challenge_relaxed` is available iff `serde_relaxed` is enabled.
 //!         .take(&authentication.challenge_relaxed()?)
 //!         .ok_or(AppErr::MissingWebAuthnCeremony)?
 //!         .verify(
@@ -550,6 +555,7 @@
     clippy::pub_with_shorthand,
     clippy::pub_use,
     clippy::ref_patterns,
+    clippy::return_and_then,
     clippy::self_named_module_files,
     clippy::single_call_fn,
     clippy::single_char_lifetime_names,
diff --git a/src/request/auth.rs b/src/request/auth.rs
@@ -1140,7 +1140,7 @@ impl NonDiscoverableAuthenticationServerState {
             .and_then(|()| {
                 self.allow_credentials
                     .iter()
-                    // Step 6 item 1.
+                    // Step 5.
                     .find(|c| c.id == response.raw_id)
                     .ok_or(AuthCeremonyErr::NoMatchingAllowedCredential)
                     .and_then(|c| {
@@ -1232,8 +1232,8 @@ impl AuthenticationServerState {
         // 2. Client code and the construction of `resp` (hopefully via [`Authentication::deserialize`]).
         // 3. Client code and the construction of `resp` (hopefully via [`AuthenticatorAssertion::deserialize`]).
         // 4. Client code and the construction of `resp` (hopefully via [`ClientExtensionsOutputs::deserialize`]).
-        // 5. Below.
-        // 6. Below.
+        // 5. [`NonDiscoverableAuthenticationServerState::verify`].
+        // 6. [`DiscoverableAuthenticationServerState::verify`] and [`NonDiscoverableAuthenticationServerState::verify`].
         // 7. Informative only in that it defines variables.
         // 8. [`Self::partial_validate`].
         // 9. [`Self::partial_validate`].