feat(v2): register user u2f (#6020)

2025-08-11 20:57:31 +00:00 · 2023-06-15 07:32:40 +02:00
parent 5b3f04e4d9
commit 2e323e8044
12 changed files with 605 additions and 27 deletions
--- a/internal/command/user_v2_passkey.go
+++ b/internal/command/user_v2_passkey.go
@@ -16,7 +16,7 @@ import (

 // RegisterUserPasskey creates a passkey registration for the current authenticated user.
 // UserID, ussualy taken from the request is compaired against the user ID in the context.
-func (c *Commands) RegisterUserPasskey(ctx context.Context, userID, resourceOwner string, authenticator domain.AuthenticatorAttachment) (*domain.PasskeyRegistrationDetails, error) {
+func (c *Commands) RegisterUserPasskey(ctx context.Context, userID, resourceOwner string, authenticator domain.AuthenticatorAttachment) (*domain.WebAuthNRegistrationDetails, error) {
 	if err := authz.UserIDInCTX(ctx, userID); err != nil {
 		return nil, err
 	}
@@ -25,7 +25,7 @@ func (c *Commands) RegisterUserPasskey(ctx context.Context, userID, resourceOwne

 // RegisterUserPasskeyWithCode registers a new passkey for a unauthenticated user id.
 // The resource is protected by the code, identified by the codeID.
-func (c *Commands) RegisterUserPasskeyWithCode(ctx context.Context, userID, resourceOwner string, authenticator domain.AuthenticatorAttachment, codeID, code string, alg crypto.EncryptionAlgorithm) (*domain.PasskeyRegistrationDetails, error) {
+func (c *Commands) RegisterUserPasskeyWithCode(ctx context.Context, userID, resourceOwner string, authenticator domain.AuthenticatorAttachment, codeID, code string, alg crypto.EncryptionAlgorithm) (*domain.WebAuthNRegistrationDetails, error) {
 	event, err := c.verifyUserPasskeyCode(ctx, userID, resourceOwner, codeID, code, alg)
 	if err != nil {
 		return nil, err
@@ -63,7 +63,7 @@ func (c *Commands) verifyUserPasskeyCodeFailed(ctx context.Context, wm *HumanPas
 	logging.WithFields("userID", userAgg.ID).OnError(err).Error("RegisterUserPasskeyWithCode push failed")
 }

-func (c *Commands) registerUserPasskey(ctx context.Context, userID, resourceOwner string, authenticator domain.AuthenticatorAttachment, events ...eventCallback) (*domain.PasskeyRegistrationDetails, error) {
+func (c *Commands) registerUserPasskey(ctx context.Context, userID, resourceOwner string, authenticator domain.AuthenticatorAttachment, events ...eventCallback) (*domain.WebAuthNRegistrationDetails, error) {
 	wm, userAgg, webAuthN, err := c.createUserPasskey(ctx, userID, resourceOwner, authenticator)
 	if err != nil {
 		return nil, err
@@ -79,7 +79,7 @@ func (c *Commands) createUserPasskey(ctx context.Context, userID, resourceOwner
 	return c.addHumanWebAuthN(ctx, userID, resourceOwner, false, passwordlessTokens, authenticator, domain.UserVerificationRequirementRequired)
 }

-func (c *Commands) pushUserPasskey(ctx context.Context, wm *HumanWebAuthNWriteModel, userAgg *eventstore.Aggregate, webAuthN *domain.WebAuthNToken, events ...eventCallback) (*domain.PasskeyRegistrationDetails, error) {
+func (c *Commands) pushUserPasskey(ctx context.Context, wm *HumanWebAuthNWriteModel, userAgg *eventstore.Aggregate, webAuthN *domain.WebAuthNToken, events ...eventCallback) (*domain.WebAuthNRegistrationDetails, error) {
 	cmds := make([]eventstore.Command, len(events)+1)
 	cmds[0] = user.NewHumanPasswordlessAddedEvent(ctx, userAgg, wm.WebauthNTokenID, webAuthN.Challenge)
 	for i, event := range events {
@@ -90,9 +90,9 @@ func (c *Commands) pushUserPasskey(ctx context.Context, wm *HumanWebAuthNWriteMo
 	if err != nil {
 		return nil, err
 	}
-	return &domain.PasskeyRegistrationDetails{
+	return &domain.WebAuthNRegistrationDetails{
 		ObjectDetails:                      writeModelToObjectDetails(&wm.WriteModel),
-		PasskeyID:                          wm.WebauthNTokenID,
+		ID:                                 wm.WebauthNTokenID,
 		PublicKeyCredentialCreationOptions: webAuthN.CredentialCreationData,
 	}, nil
 }