From 469deb04c7a08d4667cf7b59d5f823aaa0abc336 Mon Sep 17 00:00:00 2001
From: Omri Bornstein <omribor@gmail.com>
Date: Sun, 11 Feb 2024 11:12:56 +1100
Subject: [PATCH] webauthn sign-in client

Signed-off-by: Omri Bornstein <omribor@gmail.com>
---
 server/configuration/authentication.go |  4 +-
 templates/authentication.html          | 76 ++++++++++++++++++++------
 2 files changed, 61 insertions(+), 19 deletions(-)

diff --git a/server/configuration/authentication.go b/server/configuration/authentication.go
index 4c8e449..352e40b 100644
--- a/server/configuration/authentication.go
+++ b/server/configuration/authentication.go
@@ -104,7 +104,7 @@ func (server *RakerServer) InstagramSignUp(writer http.ResponseWriter, request *
 	server.InstagramSignIn(writer, request)
 }
 
-func (server *RakerServer) WebAuthnBeginRegistration(writer http.ResponseWriter, request *http.Request) {
+func (server *RakerServer) WebAuthnBeginSignUp(writer http.ResponseWriter, request *http.Request) {
 	user := request.Context().Value(authenticatedUserKey).(db.User)
 	options, session, err := server.WebAuthn.BeginRegistration(user)
 	if err != nil {
@@ -142,7 +142,7 @@ func (server *RakerServer) WebAuthnBeginRegistration(writer http.ResponseWriter,
 	writer.WriteHeader(http.StatusOK)
 }
 
-func (server *RakerServer) WebAuthnFinishRegistration(writer http.ResponseWriter, request *http.Request) {
+func (server *RakerServer) WebAuthnFinishSignUp(writer http.ResponseWriter, request *http.Request) {
 	user := request.Context().Value(authenticatedUserKey).(db.User)
 
 	credential, err := server.WebAuthn.FinishRegistration(user, user.Session, request)
diff --git a/templates/authentication.html b/templates/authentication.html
index 0ed4f3b..40a3115 100644
--- a/templates/authentication.html
+++ b/templates/authentication.html
@@ -40,32 +40,49 @@
 		</style>
 		{{if .Username}}
 			<script>
-				async function checkWebAuthn() {
-					if (window.PublicKeyCredential && PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable && PublicKeyCredential.​​isConditionalMediationAvailable) {
-						try {
-							const results = await Promise.all([
-								PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable(),
-								PublicKeyCredential.isConditionalMediationAvailable()
-							]);
-							return results.every(result => result === true);
-						} catch (err) {
-							console.error(err);
-							alert(err);
-							return false;
-						}
+				/**
+				 * @param {boolean} signUp
+				 */
+				async function checkWebAuthn(signUp) {
+					switch (signUp) {
+						case true:
+							if (window.PublicKeyCredential && PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable && PublicKeyCredential.isConditionalMediationAvailable) {
+								try {
+									const results = await Promise.all([
+										PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable(),
+										PublicKeyCredential.isConditionalMediationAvailable()
+									]);
+									return results.every(result => result === true);
+								} catch (err) {
+									console.error(err);
+									alert(err);
+									return false;
+								}
+							}
+							break;
+						default:
+							if (window.PublicKeyCredential && PublicKeyCredential.isConditionalMediationAvailable) {
+								return await PublicKeyCredential.isConditionalMediationAvailable();
+							}
+							break;
 					}
 					return false;
 				}
 
 				async function createWebAuthn() {
 					try {
-						if (!(await checkWebAuthn())) {
+						if (!(await checkWebAuthn(true))) {
+							alert("Platform doesn't support Passkeys...");
 							return;
 						}
 						/** @type {PublicKeyCredentialCreationOptions} */
-						const publicKey = await (await fetch("/auth/webauthn/register/start")).json();
-						const credential = await navigator.credentials.create({publicKey});
-						await fetch("/auth/webauthn/register/finish", {
+						const publicKey = await (await fetch("/auth/webauthn/sign_up/start")).json();
+						const abortController = new AbortController();
+						const credential = await navigator.credentials.create({
+							publicKey,
+							signal: abortController.signal
+						});
+						await fetch("/auth/webauthn/sign_up/finish", {
 							headers: {
 								"Content-Type": "application/json",
 							},
@@ -76,6 +93,31 @@
 						alert(err);
 					}
 				}
+
+				async function sendWebAuthn() {
+					try {
+						if (!(await checkWebAuthn(false))) {
+							alert("Platform doesn't support Passkeys...");
+							return;
+						}
+						const publicKey = await (await fetch("/auth/webauthn/sign_in/start")).json();
+						const abortController = new AbortController();
+						const credential = await navigator.credentials.get({
+							publicKey,
+							signal: abortController.signal,
+							mediation: "conditional"
+						});
+						await fetch("/auth/webauthn/sign_in/finish", {
+							headers: {
+								"Content-Type": "application/json",
+							},
+							body: JSON.stringify(credential)
+						});
+					} catch (error) {
+						console.error(err);
+						alert(err);
+					}
+				}
 			</script>
 		{{end}}
 	</head>