package command import ( "context" "github.com/zitadel/zitadel/internal/api/authz" "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/repository/user" ) func (c *Commands) RegisterUserU2F(ctx context.Context, userID, resourceOwner string) (*domain.WebAuthNRegistrationDetails, error) { if err := authz.UserIDInCTX(ctx, userID); err != nil { return nil, err } return c.registerUserU2F(ctx, userID, resourceOwner) } func (c *Commands) registerUserU2F(ctx context.Context, userID, resourceOwner string) (*domain.WebAuthNRegistrationDetails, error) { wm, userAgg, webAuthN, err := c.createUserU2F(ctx, userID, resourceOwner) if err != nil { return nil, err } return c.pushUserU2F(ctx, wm, userAgg, webAuthN) } func (c *Commands) createUserU2F(ctx context.Context, userID, resourceOwner string) (*HumanWebAuthNWriteModel, *eventstore.Aggregate, *domain.WebAuthNToken, error) { tokens, err := c.getHumanU2FTokens(ctx, userID, resourceOwner) if err != nil { return nil, nil, nil, err } return c.addHumanWebAuthN(ctx, userID, resourceOwner, false, tokens, domain.AuthenticatorAttachmentUnspecified, domain.UserVerificationRequirementRequired) } func (c *Commands) pushUserU2F(ctx context.Context, wm *HumanWebAuthNWriteModel, userAgg *eventstore.Aggregate, webAuthN *domain.WebAuthNToken) (*domain.WebAuthNRegistrationDetails, error) { cmd := user.NewHumanU2FAddedEvent(ctx, userAgg, wm.WebauthNTokenID, webAuthN.Challenge) err := c.pushAppendAndReduce(ctx, wm, cmd) if err != nil { return nil, err } return &domain.WebAuthNRegistrationDetails{ ObjectDetails: writeModelToObjectDetails(&wm.WriteModel), ID: wm.WebauthNTokenID, PublicKeyCredentialCreationOptions: webAuthN.CredentialCreationData, }, nil }