summaryrefslogtreecommitdiff
path: root/app/models/u2f_registration.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/models/u2f_registration.rb')
-rw-r--r--app/models/u2f_registration.rb22
1 files changed, 22 insertions, 0 deletions
diff --git a/app/models/u2f_registration.rb b/app/models/u2f_registration.rb
index 81415eb383b..1a389081913 100644
--- a/app/models/u2f_registration.rb
+++ b/app/models/u2f_registration.rb
@@ -4,6 +4,19 @@
class U2fRegistration < ApplicationRecord
belongs_to :user
+ after_commit :schedule_webauthn_migration, on: :create
+ after_commit :update_webauthn_registration, on: :update, if: :counter_changed?
+
+ def schedule_webauthn_migration
+ BackgroundMigrationWorker.perform_async('MigrateU2fWebauthn', [id, id])
+ end
+
+ def update_webauthn_registration
+ # When we update the sign count of this registration
+ # we need to update the sign count of the corresponding webauthn registration
+ # as well if it exists already
+ WebauthnRegistration.find_by_credential_xid(webauthn_credential_xid)&.update_attribute(:counter, counter)
+ end
def self.register(user, app_id, params, challenges)
u2f = U2F::U2F.new(app_id)
@@ -40,4 +53,13 @@ class U2fRegistration < ApplicationRecord
rescue JSON::ParserError, NoMethodError, ArgumentError, U2F::Error
false
end
+
+ private
+
+ def webauthn_credential_xid
+ # To find the corresponding webauthn registration, we use that
+ # the key handle of the u2f reg corresponds to the credential xid of the webauthn reg
+ # (with some base64 back and forth)
+ Base64.strict_encode64(Base64.urlsafe_decode64(key_handle))
+ end
end
View Lorry Controller Status