Struct kanidm::credential::webauthn::WebauthnDomainConfig[][src]

pub struct WebauthnDomainConfig {
    pub rp_name: String,
    pub origin: Url,
    pub rp_id: String,
}

Fields

rp_name: Stringorigin: Urlrp_id: String

Trait Implementations

Returns a reference to your relying parties name. This is generally any text identifier you wish, but should rarely if ever change. Changes to the relying party name may confuse authenticators and will cause their credentials to be lost. Read more

Returns a reference to your sites origin. The origin is the URL to your site with protocol and port. This should rarely, if ever change. In production usage this value must always be https://, however http://localhost is acceptable for testing only. We may add warnings or errors for non-https:// urls in the future. Changing this may cause associated authenticators to lose credentials. Read more

Returns the relying party id. This should never change, and is used as an id in cryptographic operations and credential scoping. This is defined as the domain name of the service, minus all protocol, port and location data. For example: https://name:port/path -> name Read more

Allow subdomains of origin to be valid to use credentils from the parent origin. This exists due to a subtle confusion in the webauthn specification. In https://www.w3.org/TR/webauthn-2/#scope we see that the relying party ID is intended to allow effective domains to be validated by the client for the origin that we are using, however in https://www.w3.org/TR/webauthn-2/#sctn-registering-a-new-credential step 9 it is requested that origin equality is performed. This would disallow subdomains of the effective domain from being use. Read more

Get the list of valid credential algorithms that this service can accept. Unless you have speific requirements around this, we advise you leave this function to the default implementation. Read more

Return a timeout on how long the authenticator has to respond to a challenge. This value defaults to 60000 milliseconds. You likely won’t need to implement this function, and should rely on the defaults. Read more

Returns the default attestation type. Options are None, Direct and Indirect. Defaults to None. Read more

Get the preferred policy on authenticator attachment hint. Defaults to None (use any attachment method). Read more

Get the site policy on if the registration should use a resident key so that username and other details can be embedded into the authenticator to allow bypassing that part of the interaction flow. Read more

Enforce that the UV bit as set at registration is the same during authentication. This applies to certain classes of authenticators that if registered with userVerification::Discouraged, will still perform and enforce that userVerification is true. Read more

If the attestation format is not supported, should we ignore verifying the attestation

Decides the verifier must error on invalid counter values

A callback to allow trust decisions to be made over the attestation of the credential. It’s important for your implementation of this callback to follow the advice of the w3c standard, notably: Read more

Get the site policy on whether cross origin credentials are allowed. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Performs the conversion.

The alignment of pointer.

The type for initializers.

Initializes a with the given initializer. Read more

Dereferences the given pointer. Read more

Mutably dereferences the given pointer. Read more

Drops the object pointed to by the given pointer. Read more

Should always be Self

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more