Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WebAuthn integration #22

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

WebAuthn integration #22

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
99f2ed8
added WebAuthn setup UI
apowers313 Oct 13, 2017
4507e8d
added WebAuthn to payment
apowers313 Oct 13, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions bobpay/public/index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -225,6 +225,14 @@ <h2 class="section-heading">Install BobPay</h2>
</p>
<input id="alipay" type="checkbox" value="">AliPay</label>
<p id="bobpayerror" class="error-message"></p>
<br>
<br>
<h2 class="section-heading">Setup FIDO / WebAuthn</h2>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's put the WebAuthn code into a <div id="webauthn"> and show it only if Web Authentication is enabled.

<div id="webauthn" style="display: none;">
  ...
</div>
<script>
  if (window.WebAuthnTransaction) {
    document.getElementById('webauthn').style.display = 'block';
  }
</script>

<span>
WebAuthn:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<a href="#webauthn-register" onclick="new WebAuthnTransaction().register()">Register <img src="https://www.gstatic.com/images/icons/material/system/1x/cloud_download_black_24dp.png"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<a href="#webauthn-register" onclick="new FidoLocalStorage().deleteAll()">Delete All <img src="https://www.gstatic.com/images/icons/material/system/1x/delete_black_24dp.png"></a>
</span>
</div>
</div>
</div>
Expand All @@ -248,6 +256,10 @@ <h2 class="section-heading">Install BobPay</h2>
<!-- Theme JavaScript -->
<script src="js/new-age.min.js"></script>

<!-- FIDO / WebAuthn Library -->
<!-- TODO: update URL when development is mature -->
<script src="https://rawgit.com/apowers313/fido-local-server/master/fido-local-server.js"></script>

</body>

</html>
29 changes: 20 additions & 9 deletions bobpay/public/pay/index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,15 +41,26 @@ <h1>You are paying with BobPay</h1>
function pay() {
if(!paymentRequestClient) return;

var paymentAppResponse = {
methodName: "https://emerald-eon.appspot.com/bobpay",
details: {
id: "123456"
}
};

paymentRequestClient.postMessage(paymentAppResponse);
window.close();
var authn = new WebAuthnTransaction();
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here we should feature-detect for web authentication functionality to avoid breaking the demo for those who don't have it turned on:

if (window.WebAuthnTransacttion) {
  var authn = new WebAuthnTransaction();
  // Web Authentication flow.
} else {
  var paymentAppResponse = {
  // The existing flow without Web Authentication.
}


authn.authenticate()
.then(() => {
var paymentAppResponse = {
methodName: "https://emerald-eon.appspot.com/bobpay",
details: {
id: "123456"
}
};

paymentRequestClient.postMessage(paymentAppResponse);
window.close();
})
.catch((e) => {
// TODO: need to think about the error path here: retry? fail payment?
console.log ("Authentication failed");
console.log (e);
throw e;
});
}

function cancel() {
Expand Down