Table of Contents
Make available the fido2-net-lib (WebAuthn) types within the HotChocolate (GraphQL) library.
Since version 3 of fido2-net-lib
library is implemented only for the .net6
target,
this library also works only with this one.
dotnet add package HotChocolate.Extensions.Types.Fido2
Configure services to integrate all types defined by the fido2-net-lib
library.
builder.Services.AddFido2(options =>
{
// See the configuration example at https://github.com/passwordless-lib/fido2-net-lib/blob/v3.0.0/Demo/Startup.cs#L47
});
builder.Services
.AddGraphQLServer()
.AddFido2();
You can then use all types defined in fido2-net-lib
library with the difference that
error handling must be done within GraphQL mutations because it is not included in types
as it is the case in fido2-net-lib
library.
You can consult the schema via Banana Cake Pop
to directly see which type you can use
and deduce the relationships using the table below.
Here is the list of the different prototypes needed to implement the protocol.
You can refer to the examples
provided in the fido2-net-lib
library documentation to understand what
each of the following prototypes correspond to. Refer also to their implementation in
the example
provided in the project.
For more details concerning the implementation of controllers allowing the implementation
of FIDO2 / WebAuthn
refer to the example
provided by the fido2-net-lib
library.
public CredentialCreateOptions MakeCredentialOptions(
IFido2 fido2,
IHttpContextAccessor httpContextAccessor,
string? username,
string displayName,
AttestationConveyancePreference attType,
AuthenticatorAttachment? authType,
bool requireResidentKey,
UserVerificationRequirement userVerification)
{ }
public async Task<AttestationVerificationSuccess> MakeCredential(
IFido2 fido2,
IHttpContextAccessor httpContextAccessor,
AuthenticatorAttestationRawResponse attestationResponse,
CancellationToken cancellationToken)
{ }
public AssertionOptions MakeAssertionOptions(
IResolverContext context,
IFido2 fido2,
IHttpContextAccessor httpContextAccessor,
string? username,
UserVerificationRequirement userVerification = UserVerificationRequirement.Discouraged)
{ }
public async Task<AssertionVerificationResult> MakeAssertion(
IFido2 fido2,
IHttpContextAccessor httpContextAccessor,
AuthenticatorAssertionRawResponse clientResponse,
CancellationToken cancellationToken)
{ }
FIDO2 types | HotChocolate types | GraphQL types | Binding behavior1 |
---|---|---|---|
AssertionOptions |
PublicKeyCredentialRequestOptionsType |
PublicKeyCredentialRequestOptions |
Implicit2 |
AssertionVerificationResult |
AssertionVerificationResultType |
AssertionVerificationResult |
Implicit2 |
AttestationConveyancePreference |
AttestationConveyancePreferenceType |
AttestationConveyancePreference |
Implicit2 |
AttestationConveyancePreference |
EnumMemberType<AttestationConveyancePreference> |
AttestationConveyancePreferenceStringEnum |
Explicit3 |
AttestationVerificationSuccess |
AttestationVerificationSuccessType |
AttestationVerificationSuccess |
Implicit2 |
AuthenticationExtensionsClientInputs |
AuthenticationExtensionsClientInputsType |
AuthenticationExtensionsClientInputs |
Explicit3 |
AuthenticationExtensionsClientOutputs |
AuthenticationExtensionsClientOutputsType |
AuthenticationExtensionsClientOutputs |
Explicit3 |
AuthenticatorAssertionRawResponse |
PublicKeyCredentialAssertionInputType |
PublicKeyCredentialAssertionInput |
Implicit2 |
AuthenticatorAssertionRawResponse.AssertionResponse |
AuthenticatorAssertionResponseInputType |
AuthenticatorAssertionResponseInput |
Explicit3 |
AuthenticatorAttachment |
AuthenticatorAttachmentType |
AuthenticatorAttachment |
Implicit2 |
AuthenticatorAttachment |
EnumMemberType<AuthenticatorAttachment> |
AuthenticatorAttachmentStringEnum |
Explicit3 |
AuthenticatorAttestationRawResponse |
PublicKeyCredentialAttestationInputType |
PublicKeyCredentialAttestationInput |
Implicit2 |
AuthenticatorAttestationRawResponse.ResponseData |
AuthenticatorAttestationResponseInputType |
AuthenticatorAttestationResponseInput |
Explicit3 |
AuthenticatorSelection |
AuthenticatorSelectionCriteriaType |
AuthenticatorSelectionCriteria |
Explicit3 |
AuthenticatorTransport |
AuthenticatorTransportType |
AuthenticatorTransport |
Implicit2 |
AuthenticatorTransport |
EnumMemberType<AuthenticatorTransport> |
AuthenticatorTransportStringEnum |
Explicit3 |
CredentialCreateOptions |
PublicKeyCredentialCreationOptionsType |
PublicKeyCredentialCreationOptions |
Implicit2 |
Fido2User |
PublicKeyCredentialUserEntityType |
PublicKeyCredentialUserEntity |
Explicit3 |
PubKeyCredParam |
PublicKeyCredentialParametersType |
PublicKeyCredentialParameters |
Explicit3 |
PublicKeyCredentialDescriptor |
PublicKeyCredentialDescriptorType |
PublicKeyCredentialDescriptor |
Explicit3 |
PublicKeyCredentialRpEntity |
PublicKeyCredentialRpEntityType |
PublicKeyCredentialRpEntity |
Explicit3 |
PublicKeyCredentialType |
PublicKeyCredentialTypeType |
PublicKeyCredentialType |
Implicit2 |
PublicKeyCredentialType |
EnumMemberType<PublicKeyCredentialType> |
PublicKeyCredentialTypeStringEnum |
Explicit3 |
UserVerificationRequirement |
UserVerificationRequirementType |
UserVerificationRequirement |
Implicit2 |
UserVerificationRequirement |
EnumMemberType<UserVerificationRequirement> |
UserVerificationRequirementStringEnum |
Explicit3 |
Distributed under the MIT License. See LICENSE.txt
for more information.